[plug] delete sections of posts (HOWTO fix this with PostFix)

Leon Brooks leon at cyberknights.com.au
Fri Sep 23 08:55:27 WST 2005 

On Friday 23 September 2005 01:10, Phillip Kilby wrote:
> Hey is it possible to delete sections that contain my email address
> in the plug forum? I'm reffering to the web based ones. Just that I'm
> starting to get spammed in gmail, kinda annoying.

This is how I block those at the door in PostFix, I presume QMail has a 
similar mechanism, and I presume that QMail's message-IDs will require 
a slightly different regexp:

/etc/postfixc/main.cf:
smtpd_recipient_restrictions =
    reject_non_fqdn_sender,
    reject_unknown_recipient_domain,
    reject_unauth_pipelining,
    reject_non_fqdn_recipient,
    check_recipient_access pcre:/etc/postfix/recipient_access,
    permit_mynetworks,
    reject_unauth_destination,
    permit

/etc/postfix/recipient_access:
/[0-9]+\.[0-9]+\.[a-z0-9]+@/   550 That's a message ID not an address

However, you'll knock more actual spam on the head at the door with 
these rules:

/etc/postfix/main.cf:
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_helo_restrictions =
    reject_invalid_hostname,
    check_helo_access regexp:/etc/postfix/misnamed_hosts,
    reject_unknown_hostname,
    reject_non_fqdn_hostname,
    permit

/etc/postfix/misnamed_hosts:
/^ss$/                        REJECT this HELO often used by spammers
/^my\.host\.name$/            REJECT HELO claiming to be me
/^1\.2\.3\.4$/                REJECT HELO claiming to be me
/^127\.0\.0\.1$/              REJECT HELO claiming to be localhost
/^localhost$/                 REJECT HELO claiming to be localhost
/^localhost\.localdomain$/    REJECT HELO claiming to be localhost

You'll find that "reject_unknown_hostname" blocks many misconfigured 
MS-Exchange servers and the last rule blocks the occasional 
misconfigured SendMail. Replace 1.2.3.4 witjh your own external address 
and my.host.name with whatever that address resolves to.

Another thing which I have my outbound SMTP server do is generate 
messageIDs in the "spamtrap.cyberknights.com.au" domain, and guess what 
happens to mail sent there? (-:

Cheers; Leon

--
http://cyberknights.com.au/     Modern tools; traditional dedication
http://plug.linux.org.au/       Member, Perth Linux User Group
http://slpwa.asn.au/            Member, Linux Professionals WA
http://osia.net.au/             Member, Open Source Industry Australia
http://linux.org.au/            Member, Linux Australia

More information about the plug mailing list