This is an old revision of the document!


= DNS “greylisting”=

http://wiki.apache.org/spamassassin/OtherTricks

IN MX 5  spamvoid.aufbix.org.
IN MX 10 your.real.mx.server
IN MX 15 spamvoid.aufbix.org.

Most spam/viruses will hit primary and backup MX server with lower priority. Spamvoid.aufbix.org points to a VALID IP, but connections on port 25/tcp (smtp) will (and must) timeout.

[http://www.faqs.org/rfcs/rfc2821]

5. Address Resolution and Mail Handling

When the lookup succeeds, the mapping can result in a list of
alternative delivery addresses rather than a single address, because
of multiple MX records, multihoming, or both. To provide reliable
mail transmission, the SMTP client MUST be able to try (and retry)
each of the relevant addresses in this list in order, until a
delivery attempt succeeds.

  • greylisting ==
  • sender address verification =
  • RFC2820/2821 rules =
  • helo checks =
  • policyd-weight

p0f

#! /bin/sh
#
# start p0f

case "$1" in
        start)
        /usr/sbin/p0f -i eth2 -l 'tcp dst port 25' 2>&1 | /usr/sbin/p0f-analyzer 2345 &
         ;;

        stop)  ps aux | grep p0 | grep -v grep | grep -v stop
        #killall -9 /usr/sbin/p0f
        echo "You will have to kill p0f and p0f-analyzer manually"
         ;;

        *) N=/etc/init.d/$NAME
        echo "Usage: $N {start|stop}" >&2
        exit 1
         ;;
esac
exit 0

p0f spamassassin

/etc/spamassassin/local.cf:

header L_P0F_WXP X-Amavis-OS-Fingerprint =~ /^Windows XP/
score L_P0F_WXP 3.5
header L_P0F_W X-Amavis-OS-Fingerprint =~ /^Windows(?! XP)/
score L_P0F_W 1.7
header L_P0F_UNKN X-Amavis-OS-Fingerprint =~ /^UNKNOWN/
score L_P0F_UNKN 0.8
header L_P0F_Unix X-Amavis-OS-Fingerprint =~ /^((Free|Open|Net)BSD)|Solaris|HP-UX|Tru64/
score L_P0F_Unix -1.0

/etc/amavis/conf.d/50-user.cfg


# Use passive OS fingerprinting
$os_fingerprint_method = 'p0f:127.0.0.1:2345';

#$log_level = 1;


$policy_bank{'MYNETS'}{os_fingerprint_method} = undef;

clam

add clamav to amavis group

/etc/amavis/conf.d/05-domain_id

chomp($mydomain = `hostname -d`); @local_domains_acl = qw (.);

20-debian-defaults
$virus_quarantine_method = undef;
$spam_quarantine_method = undef;
$banned_files_quarantine_method = undef;
$bad_header_quarantine_method = undef;

$final_spam_destiny = D_PASS;

$X_HEADER_LINE = “$myproduct_name at $mydomain”;

30-template-localization
$hdr_encoding = 'utf-8';
$bdy_encoding = 'utf-8';

spam.1243204502.txt.gz · Last modified: 2009/08/17 15:15 (external edit)
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready