whitelisting

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

whitelisting

Zane C. B-H.
Any suggestions on how to whitelist a email sender address that is
occasionally getting blocked due to a RBL hit for the sending
servers IP?

I have tried below, but I keep finding that it does not work and I
keep having to comment out the last two RBLs.

smtpd_sender_restrictions =
    check_recipient_access hash:/usr/local/etc/postfix/access.smtpd_sender_restrictions,
    reject_rbl_client bl.spamcop.net,
    reject_rhsbl_sender rhsbl.sorbs.net,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client smtp.dnsbl.sorbs.net,
    reject_rbl_client virbl.dnsbl.bit.nl,
    reject_rbl_client virus.rbl.msrbl.net,
    reject_rbl_client web.dnsbl.sorbs.net,
    reject_rbl_client spam.dnsbl.sorbs.net,
    reject_rbl_client dnsbl-2.uceprotect.net,
    reject_rbl_client dnsbl-3.uceprotect.net
Reply | Threaded
Open this post in threaded view
|

Re: whitelisting

Leonardo Rodrigues Magalhães


Zane C.B. escreveu:

> I have tried below, but I keep finding that it does not work and I
> keep having to comment out the last two RBLs.
>
> smtpd_sender_restrictions =
>     check_recipient_access hash:/usr/local/etc/postfix/access.smtpd_sender_restrictions,
>     reject_rbl_client bl.spamcop.net,
>     reject_rhsbl_sender rhsbl.sorbs.net,
>     reject_rbl_client sbl-xbl.spamhaus.org,
>     reject_rbl_client smtp.dnsbl.sorbs.net,
>     reject_rbl_client virbl.dnsbl.bit.nl,
>     reject_rbl_client virus.rbl.msrbl.net,
>     reject_rbl_client web.dnsbl.sorbs.net,
>     reject_rbl_client spam.dnsbl.sorbs.net,
>     reject_rbl_client dnsbl-2.uceprotect.net,
>     reject_rbl_client dnsbl-3.uceprotect.net
>
>  

    i had bad experiences with uceprotect.net .... their RBLs seems to
have high false positive rates, which makes me stop using them. Anyway,
sometimes some of my customers get flagged on their RBL, which causes me
some problems with not sending message to some servers who use them.

    i would recommend you to definitely stop using them or any other RBL
that lists network blocks instead of individual addresses.

    and change sbl-xbl.spamhaus.org by zen.spamhaus.org, which is
sbl-xbl plus pbl.

http://www.spamhaus.org/ZEN/


--


        Atenciosamente / Sincerily,
        Leonardo Rodrigues
        Solutti Tecnologia
        http://www.solutti.com.br

        Minha armadilha de SPAM, NÃO mandem email
        [hidden email]
        My SPAMTRAP, do not email it




Reply | Threaded
Open this post in threaded view
|

Re: whitelisting

Ralf Hildebrandt
In reply to this post by Zane C. B-H.
* Zane C.B. <[hidden email]>:
> Any suggestions on how to whitelist a email sender address that is
> occasionally getting blocked due to a RBL hit for the sending
> servers IP?

Yes, by using check_sender_access

> smtpd_sender_restrictions =
>     check_recipient_access hash:/usr/local/etc/postfix/access.smtpd_sender_restrictions,
            ^^^^^^^^^
            whut?

>     reject_rbl_client bl.spamcop.net,
>     reject_rhsbl_sender rhsbl.sorbs.net,
>     reject_rbl_client sbl-xbl.spamhaus.org,
>     reject_rbl_client smtp.dnsbl.sorbs.net,
>     reject_rbl_client virbl.dnsbl.bit.nl,
>     reject_rbl_client virus.rbl.msrbl.net,
>     reject_rbl_client web.dnsbl.sorbs.net,
>     reject_rbl_client spam.dnsbl.sorbs.net,
>     reject_rbl_client dnsbl-2.uceprotect.net,
>     reject_rbl_client dnsbl-3.uceprotect.net

--
Ralf Hildebrandt ([hidden email])          [hidden email]
Postfix - Einrichtung, Betrieb und Wartung       Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
The FUD is that GNU/Linux is too hard and so migration would prove
expensive, due to a lack of appropriate computer skills and the need
for training. But now, thanks to SP2, all those Microsoft users will
have to figure out how to open/close ports and things you normally
don't expect them to even notice, let alone fix.  -- found on groklaw
Reply | Threaded
Open this post in threaded view
|

Re: whitelisting

Brian Evans - Postfix List
In reply to this post by Zane C. B-H.
Zane C.B. wrote:
> Any suggestions on how to whitelist a email sender address that is
>  
OK sender.
> occasionally getting blocked due to a RBL hit for the sending
> servers IP?
>
> I have tried below, but I keep finding that it does not work and I
> keep having to comment out the last two RBLs.
>
> smtpd_sender_restrictions =
>     check_recipient_access hash:/usr/local/etc/postfix/access.smtpd_sender_restrictions,
>  
Hmm, recipient? I thought you wanted to list a sender going to your MX
(MAIL FROM)? Shouldn't it be check_sender_access?

If this is not correct, please clarify.

Brian
Reply | Threaded
Open this post in threaded view
|

Re: whitelisting

Zane C. B-H.
In reply to this post by Leonardo Rodrigues Magalhães
On Wed, 14 May 2008 17:05:18 -0300
Leonardo Rodrigues Magalhães <[hidden email]> wrote:

>
>
> Zane C.B. escreveu:
> > I have tried below, but I keep finding that it does not work and I
> > keep having to comment out the last two RBLs.
> >
> > smtpd_sender_restrictions =
> >     check_recipient_access
> > hash:/usr/local/etc/postfix/access.smtpd_sender_restrictions,
> > reject_rbl_client bl.spamcop.net, reject_rhsbl_sender
> > rhsbl.sorbs.net, reject_rbl_client sbl-xbl.spamhaus.org,
> >     reject_rbl_client smtp.dnsbl.sorbs.net,
> >     reject_rbl_client virbl.dnsbl.bit.nl,
> >     reject_rbl_client virus.rbl.msrbl.net,
> >     reject_rbl_client web.dnsbl.sorbs.net,
> >     reject_rbl_client spam.dnsbl.sorbs.net,
> >     reject_rbl_client dnsbl-2.uceprotect.net,
> >     reject_rbl_client dnsbl-3.uceprotect.net
> >
> >  
>
>     i had bad experiences with uceprotect.net .... their RBLs seems
> to have high false positive rates, which makes me stop using them.
> Anyway, sometimes some of my customers get flagged on their RBL,
> which causes me some problems with not sending message to some
> servers who use them.
>
>     i would recommend you to definitely stop using them or any
> other RBL that lists network blocks instead of individual addresses.
>
>     and change sbl-xbl.spamhaus.org by zen.spamhaus.org, which is
> sbl-xbl plus pbl.
>
> http://www.spamhaus.org/ZEN/

Cool. I will look into that.

I have found the cause of the problem. It turned out
check_recipient_access was being used instead of check_sender_access.
Reply | Threaded
Open this post in threaded view
|

Re: whitelisting

mouss-2
Zane C.B. wrote:
> [snip]
> Cool. I will look into that.
>
> I have found the cause of the problem. It turned out
> check_recipient_access was being used instead of check_sender_access.
>  

note that if the client has a static IP, you'd better whitelist the
client IP instead of sender (sender may be forged).

BTW. you can use dnswl (you can rsync it and use it with a
check_client_access) to mitigate DNSBLs blocking...