Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: piran on December 10, 2006, 05:57:14 PM
-
I've been effectively managing with...
pico /var/service/qpsmtpd/config/whitelisthosts
signal-event email-update
...does the same functionality hold switching the colours? ie pico /var/service/qpsmtpd/config/blacklisthosts
signal-event email-update
I've tried this but it doesn't 'seem' to be working.
My site does not (yet have to) use SpamAssassin (SA).
-
I don't think there is a blacklisthosts. Although qpsmtpd is very plugable and I don't see why you couldn't create one (or sponsor one if it's out of reach).
At the same time, SME has a ip block per service as per the FAQ:
db configuration setprop smtpd DenyHosts xxx.xxx.xxx.xxx,xxx.xxx.xxx.xxx
signal-event remoteaccess-update
-
I don't think there is one either after scouting around the white one.
The facility you mentioned would be impractical in my situation, there
is already a highly effective 4000 line masq iptables file doing suchlike.
In any case I wanted to specify a domain (earthlink.net) not an IP.
Was investigating other options and defensive vectors before anything
might escalate unduly. The incoming intensity has inexplicably deepened
but is under SME7's perfect control;~) I'm just a careful sort and wanted
to know if there was a 'black' flavoured listing I might bring into the mix.
-
"In any case I wanted to specify a domain (earthlink.net) not an IP."
Then you need to use the:
/var/qmail/control/badmailfrom
just add: @earthlink.net
no need to signal-event (expand or restart)
-
This is how I do it so you don't lose the changes on reboot.
create you own template
/etc/e-smith/templates-custom/var/qmail/control/badmailfrom
Add the domains that you want to block in the form of spammer@spam.com or a whole domain @spam.com
Then finish off with a
signal-event email-update
-
byte---- done
kruhm---- Nice idea but hasn't seemed to have done the job.
Strange but I DID expect it to work! Here is some of the log...2006-12-11 17:20:13.399393500 26167 trying to get config for badmailfrom
2006-12-11 17:20:13.399857500 26167 Plugin check_badmailfrom, hook mail returned DECLINED,
2006-12-11 17:20:13.400013500 26167 getting mail from <brandon05sh@earthlink.net>
2006-12-11 17:20:13.400153500 26167 250 <brandon05sh@earthlink.net>, sender OK - how exciting to get mail from you!...however the various RBLs caught the attempt. Contents of the badmailfrom file...
#spamer@spamdomain.com
#@spamdomain.com
# pico /etc/e-smith/templates-custom/var/qmail/control/badmailfrom/10RiffRaff
# /sbin/e-smith/expand-template /var/qmail/control/badmailfrom
# service qmail restart
# signal-event email-update
# mindspring
@earthlink.net
# wandering persistent spammers
@mirajpartnership.co.uk
-
2006-12-12 01:21:18.335916500 31453 running plugin (mail): check_badmailfrom
2006-12-12 01:21:18.336113500 31453 trying to get config for badmailfrom
2006-12-12 01:21:18.350063500 31453 Plugin check_badmailfrom, hook mail returned DECLINED,
2006-12-12 01:21:18.350243500 31453 getting mail from <brandon6gob@earthlink.net>
2006-12-12 01:21:18.350403500 31453 250 <brandon6gob@earthlink.net>, sender OK - how exciting to get mail from you!
The contents of badmailfrom are as indicated in my previous post.
Have I not formatted or activated the badmailfrom template properly?
Am I reading the sense of the log inappropriately?
Or is this bugzilla fodder?