Question about spamassassin using MySQL

Paul Lussier p.lussier at comcast.net
Wed Jan 18 13:59:00 EST 2006


(I'm finally getting to a bunch of interesting threads which I lacked
time for when they were current :)

Bruce Dawson <jbd at codemeta.com> writes:

> Hmmm. So milters actually won't be much good for reducing the amount of
> bandwidth occupied by spam - most of the message comes through before a
> decision is made.
>
> My observation has been that some spammers don't wait for the 250 reply,
> and will just cut the connection after sending the "dot" command.

I'm not sure about sendmail, but I know Postfix has a bunch of
"connection restrictions" it can apply to the incoming connection and
just drop it if whatever criteria you've selected aren't met.

For example:

  * reject_non_fqdn_recipient
  * reject_non_fqdn_sender
  * reject_unknown_sender_domain
  * check_recipient_access
  * reject_unknown_recipient_domain
  * reject_unauth_destination
  * reject_multi_recipient_bounce
  * reject_non_fqdn_hostname
  * reject_invalid_hostname
  * check_helo_access
  * check_sender_mx_access
  * check_sender_access
  * reject_unverified_sender

Additionally, you can do things like verify valid senders and
recipients by requirning the sender to:

  * conform to the SMTP RFC 
  * Have a valid hostname
  * Provide proper SMTP helo/ehlo statements
  * Provide an FQDN in the SMTP helo/ehlo statements
  * Provide an FQDN for the envelope sender
  * Have no invalid characters in the hostname
  * Have a valid destination domain (i.e. no open relaying)
  * Provide a valid recipient domain
  * Provide a valid recipient user name
  * Have a valid nameserver record
  * Have a non-empty envelope sender if there are multiple recipients
  * Be from a a valid sender address (possibly selective verification)

There are more restrictions you can place on a connection as well, but
these are the main ones.  Assuming you required all these
restrictions, violation of any one of them would result in a
dropped/terminated connection.

-- 

Seeya,
Paul



More information about the gnhlug-discuss mailing list