From ccfb980c522345e877db9980b104a8156c0a108f Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Tue, 11 Dec 2007 14:44:16 +0000 Subject: Implement RBL reply exceptions, and add RHSBL dob.sibl.support-intelligence.net with 4xx errorcode. --- postfix/postfix.sh | 10 +++++++++- postfix/rbl_reply_map | 2 ++ postfix/reject_rhsbl_sender | 3 ++- 3 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 postfix/rbl_reply_map (limited to 'postfix') diff --git a/postfix/postfix.sh b/postfix/postfix.sh index e3f8e0d..4a67e28 100755 --- a/postfix/postfix.sh +++ b/postfix/postfix.sh @@ -3,7 +3,7 @@ # /etc/local-COMMON/postfix/postfix.sh # Copyright 2002-2007 Jonas Smedegaard # -# $Id: postfix.sh,v 1.63 2007-12-11 14:29:54 jonas Exp $ +# $Id: postfix.sh,v 1.64 2007-12-11 14:44:16 jonas Exp $ # # Auto-tweak plain installed postfix Debian package # @@ -142,6 +142,14 @@ $postconf -c "$tempdir" -e "`getlinesfromfile smtpd_sender_restrictions reject_r $postconf -c "$tempdir" -e "`getlinesfromfile smtpd_recipient_restrictions reject_maps_rbl=reject_rbl_client=maps_rbl_domains`" $postconf -c "$tempdir" -e "`getlinesfromfile smtpd_data_restrictions`" +# Support exceptions to default response +# (Day Old Bread (dob) lists need to reject only temporarily) +$postconf -c "$tempdir" -e "rbl_reply_maps = hash:$confdir/rbl_reply_map" +cat /etc/local-COMMON/postfix/rbl_reply_map \ + | sed 's/#.*//' \ + > "$tempdir/rbl_reply_map" +postmapfiles="$postmapfiles rbl_reply_map" + # Verify senders of common suspicious and known verifiable domains # (exclude verification of postmaster@ to not verify verification probes) # (add own domains before peers for (rare) cases of duplicates) diff --git a/postfix/rbl_reply_map b/postfix/rbl_reply_map new file mode 100644 index 0000000..5f19d37 --- /dev/null +++ b/postfix/rbl_reply_map @@ -0,0 +1,2 @@ +# Only postpone (error 4xx) Day Old Bread (dob) lists +dob.sibl.support-intelligence.net 450 4.7.1 Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} diff --git a/postfix/reject_rhsbl_sender b/postfix/reject_rhsbl_sender index eb52619..6b24244 100644 --- a/postfix/reject_rhsbl_sender +++ b/postfix/reject_rhsbl_sender @@ -7,9 +7,10 @@ # # smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org # -# $Id: reject_rhsbl_sender,v 1.3 2007-12-07 01:04:13 jonas Exp $ +# $Id: reject_rhsbl_sender,v 1.4 2007-12-11 14:44:16 jonas Exp $ # #bogusmx.rfc-ignorant.org # Disable for now - claims redpill domains "has demonstrably bogus MX record" dsn.rfc-ignorant.org blackhole.securitysage.com +dob.sibl.support-intelligence.net -- cgit v1.2.3