From 57fc712048a1d4a95076081c4d4087a0993bb76e Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Sat, 7 Dec 2002 20:19:47 +0000 Subject: Support comments and one-per-line RBL file syntax. Rewrite documentation, and add http://www.antispews.org/ note. Strictly use the RBLs listed by antispews for now. --- postfix/anti-uce.sh | 14 +++++++++----- postfix/rbl_lookup_hosts | 10 +++++++++- 2 files changed, 18 insertions(+), 6 deletions(-) (limited to 'postfix') diff --git a/postfix/anti-uce.sh b/postfix/anti-uce.sh index b4a4859..6458e25 100755 --- a/postfix/anti-uce.sh +++ b/postfix/anti-uce.sh @@ -1,15 +1,19 @@ #!/bin/sh + +mapsfile="/etc/local-COMMON/postfix/rbl_lookup_hosts" +maps=`cat $mapsfile | grep -v '^#' | sed 's/#.*//' | tr "\n" "," | sed -e 's/[, ]\+/,/g' -e 's/,$//'` + postconf -e "smtpd_helo_required = yes" postconf -e "permit_mx_backup_networks = /etc/local-COMMON/postfix/mx_networks" -postconf -e "maps_rbl_domains = "`cat /etc/local-COMMON/postfix/rbl_lookup_hosts` +postconf -e "maps_rbl_domains = $maps" postconf -e "smtpd_recipient_restrictions = reject_invalid_hostname,reject_non_fqdn_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_pipelining,permit_mynetworks,permit_mx_backup,reject_unauth_destination,reject_maps_rbl,reject" /etc/init.d/postfix reload -# The above is based on this: -# http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt -# with the addition of MX backup networks and the PCRE stuff avoided -# (PCRE is optional on newest Debian packages) +# Based on this: http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt +# Support fortrusted MX backup networks added +# PCRE stuff avoided,as PCRE is only optional on newest Debian packages +# RBLs replaced with those recommended by http://www.antispews.org/ # Here's a convenient overview of different blackholes: # http://rbls.org/ diff --git a/postfix/rbl_lookup_hosts b/postfix/rbl_lookup_hosts index bf7d121..53ded7c 100644 --- a/postfix/rbl_lookup_hosts +++ b/postfix/rbl_lookup_hosts @@ -1 +1,9 @@ -relays.visi.com,relays.ordb.org,inputs.relays.osirusoft.com,dialups.relays.osirusoft.com,spews.relays.osirusoft.com +#relays.visi.com +bl.spamcop.net +list.dsbl.org +multihop.dsbl.org +relays.ordb.org +spam.dnsrbl.net +#inputs.relays.osirusoft.com +#dialups.relays.osirusoft.com +#spews.relays.osirusoft.com # spews is bad: http://www.antispews.org/ -- cgit v1.2.3