Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: MSmith on August 09, 2011, 10:15:29 PM
-
So email trouble continues. A large portion of what I get purports to come from ".info" domains, and NONE of my legit email does.
How to block an entire top-level domain? This will become more relevant once .xxx comes online, I think ...
-
So email trouble continues. A large portion of what I get purports to come from ".info" domains, and NONE of my legit email does. How to block an entire top-level domain?
One simple option would be to do it at the router,
my old Billion does URL blocking in its firewall options.
*.info would be just another entry... if you wanted
a somewhat brutish level of blocking.
-
Take a look at the E-mail WBL contrib.
The last panel in the Black list section.
qmail badmailfrom
If they are honestly from .info this might
do what you appear to want to do. The
contrib always used to say that it was
beta but hasn't misbehaved in my use.
http://wiki.contribs.org/Email_Whitelist-Blacklist_Control
PostEdit: URL
-
You'd have to test whether it takes a *
as I've only ever used the WBL contrib
with specified domains ie without * .
-
I should have mentioned that I'm using the "WBL" contrib already, with success. I don't know what the syntax will be to effectively block ".info" senders but I will experiment.
-
MSmith, could you please post the result of
config show qpsmtpd
thank you
-
qpsmtpd=service
Bcc=enabled
BccMode=bcc
BccUser=maillog
DNSBL=enabled
LogLevel=6
MaxScannerSize=25000000
RBLList=zen.spamhaus.org:whois.rfc-ignorant.org:dnsbl.njabl.org
RHSBL=enabled
RequireResolvableFromHost=yes
SBLList=dsn.rfc-ignorant.org:dnsbl.sorbs.net:rhsbl.sorbs.net:ex.dnsbl.org:multi.surbl.org
TlsBeforeAuth=1
access=public
qplogsumm=disabled
status=enabled
-
MSmith
From the contrib screen:
"Check envelope sender addresses. Reject any that appear (@host or user@host) in badmailfrom during the 'mail' stage."
So you will probably have to enter each individual domain as they are identified as "spammers" ie
@thisdomain.info
@anotherdomain.info
@domain3.info
etc etc
-
This qpsmtpd plugin allows a badmailpatterns file to be used for "wildmat format" sender addresses:
ftp://ftp.canl.nc/Sharewares/Linux/Network/courrier/anti-spam/qpsmtpd/check_badpatterns..txt
-
RBLList=zen.spamhaus.org:whois.rfc-ignorant.org:dnsbl.njabl.org
SBLList=dsn.rfc-ignorant.org:dnsbl.sorbs.net:rhsbl.sorbs.net:ex.dnsbl.org:multi.surbl.org
I would work on RBLList and SBLList
RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:list.dsbl.org:multihop.dsbl.org:zen.spamhaus.org
SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org
maybe you could add one list at time and see if something changes
-
Stefano: I thought some of those were deprecated, but what the heck, we have lots of bandwidth so I've enabled them all. We'll see what happens. I'll also look into the earlytalker issue. Thanks.