This is an old revision of the document!
= DNS “greylisting”=
IN MX 5 spamvoid.aufbix.org. IN MX 10 your.real.mx.server IN MX 15 spamvoid.aufbix.org.
Most spam/viruses will hit primary and backup MX server with lower priority. Spamvoid.aufbix.org points to a VALID IP, but connections on port 25/tcp (smtp) will (and must) timeout.
[http://www.faqs.org/rfcs/rfc2821]
5. Address Resolution and Mail Handling
…
When the lookup succeeds, the mapping can result in a list of
alternative delivery addresses rather than a single address, because
of multiple MX records, multihoming, or both. To provide reliable
mail transmission, the SMTP client MUST be able to try (and retry)
each of the relevant addresses in this list in order, until a
delivery attempt succeeds.
- greylisting ==
- sender address verification =
- RFC2820/2821 rules =
- helo checks =
- policyd-weight
p0f
#! /bin/sh # # start p0f case "$1" in start) /usr/sbin/p0f -i eth2 -l 'tcp dst port 25' 2>&1 | /usr/sbin/p0f-analyzer 2345 & ;; stop) ps aux | grep p0 | grep -v grep | grep -v stop echo "You will have to kill p0f and p0f-analyzer manually" ;; *) N=/etc/init.d/$NAME echo "Usage: $N {start|stop}" >&2 exit 1 ;; esac exit 0
p0f spamassassin
local.cf:
header L_P0F_WXP X-Amavis-OS-Fingerprint =~ /^Windows XP/ score L_P0F_WXP 3.5 header L_P0F_W X-Amavis-OS-Fingerprint =~ /^Windows(?! XP)/ score L_P0F_W 1.7 header L_P0F_UNKN X-Amavis-OS-Fingerprint =~ /^UNKNOWN/ score L_P0F_UNKN 0.8 header L_P0F_Unix X-Amavis-OS-Fingerprint =~ /^((Free|Open|Net)BSD)|Solaris|HP-UX|Tru64/ score L_P0F_Unix -1.0