1

Тема: PostFix фильтрация по ИП

Имеется почтовик PostFix.
Вчера перешел с сендмыла в внем был файл в котором банились ИП как его теперь перенести под PostFix и возможно этот список организовать в мускуле??

2

Re: PostFix фильтрация по ИП

в main.cf должна быть строка

smtpd_sender_restrictions = hash:/usr/local/etc/postfix/access

файл access содерижт например

%cat access
bellatlantic.net        REJECT
[email protected]      REJECT
[email protected]       REJECT
[email protected]    REJECT
[email protected]          REJECT
[email protected]          REJECT
india.com               REJECT
hongkong.com            REJECT
china.com               REJECT
el-nacional.com         RECECT
james@  550 james you are ignored
cnnic.net.cn    550 SPAM not supported
aol.com 550 SPAM from this domain not supported
invertigo.com.au 550 SPAM from this domain not supported

потом
postmap access
postfix reload
пути конечно можно указать свои)

3

Re: PostFix фильтрация по ИП

Не фильтрует почемуто, нормально глотает так как и должно быть

4

Re: PostFix фильтрация по ИП

header_checks = regexp:/usr/local/etc/postfix/regexp/idiots

там в файле:

/^Received.*217\.15\.19\.86.*/  REJECT  SPAM!
/^Received.*cinci\.res\.rr\.com.*/i     REJECT  SPAM!
/^Received.*213\.226\.134\.10.*/i       REJECT  SPAM!
/^Received.*ns2\.tts\.lt.*/i    REJECT  SPAM!
/^Received.*mie\.mesh\.ad\.jp.*/i       REJECT  SPAM!
/^Received.*westolympian\.com.*/i       REJECT  SPAM!
/^Received.*elisa-laajakaista\.fi.*/i   REJECT  SPAM!
/^Received.*211\.33\.34\.252.*/i        REJECT  SPAM!
/^Received.*zaq\.ne\.jp.*/i     REJECT  SPAM!
/^Received.*adsl\.iam\.net\.ma.*/i      REJECT SPAM!

5

Re: PostFix фильтрация по ИП

Таким образом все заработало
Псиб.
А есть у кого идеи чтобы все это прикрутить к мускулу??

6

Re: PostFix фильтрация по ИП

M_Maniac пишет:

Не фильтрует почемуто, нормально глотает так как и должно быть

там надо было табы ставить, оно помоему привередливо к этому.. по крайней мере у меня пашет)

7

Re: PostFix фильтрация по ИП

crash пишет:

в main.cf должна быть строка

smtpd_sender_restrictions = hash:/usr/local/etc/postfix/access

файл access содерижт например

smtpd_client_restrictions = check_client_access hash:/usr/local/etc/postfix/access

Немного по другому и у меня все заработало

8

Re: PostFix фильтрация по ИП

вот sender - Это отправитель - Это имя [email protected] .

client - тот кто шлет - а именно машина(ИП или хост).

Вот и смотрим, кого надо отшвырнуть - клиента или отправителя.
Все просто.

9

Re: PostFix фильтрация по ИП

M_Maniac ну у меня и вторая строка стоит, просто забыл написать))

10

Re: PostFix фильтрация по ИП

M_Maniac
к мускулу я делал, но бросил, файл самое оптимально... по крайней мере быстрее работает, но если интересует как то могу расказать принцип

11

Re: PostFix фильтрация по ИП

Может кому полезно будет или, может, мне на какие-то ошибки укажите - мой список фильтров:


#
# Reject
#
/^From: <>/    REJECT Please, specify your return-adress.
/^Subject: .*       /    REJECT Too many spaces in subject, it's looks like spam.
/^Date: .* 19[0-9][0-9]/    REJECT Your letter has an old date. Fix your system clock and try again.
/^Date: .* 200[0-4]/    REJECT Your letter has an old date. Fix your system clock and try again.
#
# Block by ID
#
/^Message-ID: .*@daddario.com/    DISCARD
/^Message-ID: .*@lovemail.co.uk/    DISCARD
/^Message-ID: .*@codec.ru/    DISCARD
/^Message-ID: .*@redom.edu.do/    DISCARD
/^Message-ID: .*@tardy/    DISCARD
/^Message-ID: .*@peru.com/    DISCARD
/^Message-ID: .*0$0f0e0d0c/    REJECT Your letter look's like spam.
/^Message-ID: *0$0f0e0d0c*/    REJECT Your letter look's like spam.
/^Message-ID: .*01c59d[0-9]/    REJECT Your letter look's like spam.
/^Message-ID: *01c59d[0-9]/    REJECT Your letter look's like spam.
/^Message-ID: *01c59d[0-9]*/    REJECT Your letter look's like spam.
/^Message-ID: .*1828d953@*/    REJECT Your letter look's like spam.
/^Message-ID: *1828d953@/    REJECT Your letter look's like spam.
/^Message-ID: *1828d953@*/    REJECT Your letter look's like spam.
/^Message-ID: .*cb7b77d4@*/    REJECT Your letter look's like spam.
/^Message-ID: *cb7b77d4@/    REJECT Your letter look's like spam.
/^Message-ID: *cb7b77d4@*/    REJECT Your letter look's like spam.
/^Message-ID: .*167b77d4@*/    REJECT Your letter look's like spam.
/^Message-ID: *167b77d4@/    REJECT Your letter look's like spam.
/^Message-ID: *167b77d4@*/    REJECT Your letter look's like spam.
/^Message-ID: <000601c59d52$be55a490$0f0e0d0c@admin>/    DISCARD
/^Message-ID: <001d01c59d51$5242f9c0$0f0e0d0c@von>/    DISCARD
/^Message-ID: <[email protected]>/    DISCARD
/^Message-ID: <000d01c59d21$b2f5ec30$0f0e0d0c@vovan>/    DISCARD
#
# Block by RECEIVED
#
/^Received: from 127.0.0.1/    REJECT Your letter look's like spam.
/^Received: from 200.106.102.227/    DISCARD
/^Received: from 200.178.110.246/    DISCARD
/^Received: from 200.65.191.15/    DISCARD
/^Received: from 202.107.243.144/    DISCARD
/^Received: from 202.175.18.237/    DISCARD
/^Received: from 202.177.185.245/    DISCARD
/^Received: from 202.95.70.152/    DISCARD
/^Received: from 211.109.134.206/    DISCARD
/^Received: from 211.215.116.193/    DISCARD
/^Received: from 211.201.220.135/    DISCARD
/^Received: from 211.33.41.208/    DISCARD
/^Received: from [217.106.232.210]/    DISCARD
/^Received: from 217.172.251.109/    DISCARD
/^Received: from 219.130.235.147/    DISCARD
/^Received: from 220.120.232.245/    DISCARD
/^Received: from 220.86.183.227/    DISCARD
/^Received: from 220.93.158.74/    DISCARD
/^Received: from 221.150.192.66/    DISCARD
/^Received: from 221.153.60.217/    DISCARD
/^Received: from 221.166.133.157/    DISCARD
/^Received: from 61.150.115.245/    DISCARD
/^Received: from 60.160.224.151/    DISCARD
/^Received: from 65.27.79.39/    DISCARD
/^Received: from 66.249.61.194/    DISCARD
/^Received: from 80.191.182.165/    DISCARD
/^Received: from 80.70.147.165/    DISCARD
/^Received: from 84.174.231.252/    DISCARD
/^Received: from 142-222-113-200.fibertel.com.ar/    DISCARD
/^Received: from 72-125.dsl.bbtel.com/    DISCARD
/^Received: from 80-219-199-91.dclient.hispeed.ch/    DISCARD
/^Received: from 80.178.137.99.adsl1.012net.il/    DISCARD
/^Received: from 82-36-33-252.cable.ubr03.smal.blueyonder.co.uk/    DISCARD
/^Received: from 82-35-139-252.cable.ubr03.enfi.blueyonder.co.uk/    DISCARD
/^Received: from 82-42-99-214.cable.ubr04.live.blueyonder.co.uk/    DISCARD
/^Received: from cable87-134.avrupa.kablonet.com.tr/    DISCARD
/^Received: from sub211-79.elpos.net/    DISCARD
/^Received: from pcp09611483pcs.chrstn01.pa.comcast.net/    DISCAR
/^Received: from pcp06586196pcs.nrockv01.md.comcast.net/    DISCARD
/^Received: from pcp0010303030pcs.avenel01.nj.comcast.net/    DISCARD
/^Received: from pcp0012201454pcs.bartow.fl.westfl.comcast.net/    DISCARD
/^Received: from pcp08425565pcs.clbrtn01.fl.comcast.net/    DISCARD
/^Received: from pcp08752982pcs.berlin01.md.comcast.net/    DISCARD
/^Received: from pcp087257090cs.towson01.md.comcast.net/    DISCARD
/^Received: from pcp461913pcs.lvylok01.ar.comcast.net/    DISCARD
/^Received: from c-67-184-209-163.hsd1.il.comcast.net/    DISCARD
/^Received: from c-67-191-98.hsd1.fl.comcast.net/    DISCARD
/^Received: from c-67-192-161.hsd1.tx.comcast.net/    DISCARD
/^Received: from c-67-191-18-98.hsd1.fl.comcast.net/    DISCARD
/^Received: from c-67-182-90-53.hsd1.ca.comcast.net/    DISCARD
/^Received: from c-24-3-249-66.hsd1.pa.comcast.net/    DISCARD
/^Received: from c-24-2-209-148.hsd1.ct.comcast.net/    DISCARD
/^Received: from c-24-23-6-242.hsd1.ca.comcast.net/    DISCARD
/^Received: from cm61-15-188-132.hkcable.com.hk/    DISCARD
/^Received: from cpe-12-181-25-153.oppcatv.com/    DISCARD
/^Received: from cpe-24-59-222-58.twcny.res.rr.com/    DISCARD
/^Received: from cpe-66-108-220-111.nyc.res.rr.com/    DISCARD
/^Received: from cpe-70-114-198-181.houston.res.rr.com/    DISCARD
/^Received: from i220-220-19-24.s02.a001.ap.plata.or.jp/    DISCARD
/^Received: from pc-200-74-36-119.apoquindo2.pc.metropolis-inter.com/    DISCARD
/^Received: from pool-68-239-26-69.bos.east.verizon.net/    DISCARD
/^Received: from host-24-225-220-94.patmedia.net/    DISCARD
/^Received: from host-80-80-142-210.ntcw.net/    DISCARD
/^Received: from host-84-222-22-19.cust-adsl.tiscali.it/    DISCARD
/^Received: from user-0c9heid.cable.mindspring.com/    DISCARD
/^Received: from c915387c.virtua.com.br/    DISCARD
/^Received: from c9112cf6.rjo.virtua.com.br/    DISCARD
/^Received: from d199211.upc-d.chello.nl/    DISCARD
/^Received: from chello080108122180.6.11.vie.surfer.at/    DISCARD
/^Received: from ottawa-hs-64-26-148-136.d-ip.magma.ca/    DISCARD
/^Received: from 58x5x82x18.ap58.ftth.ucom.ne.jp/    DISCARD
/^Received: from -1211238608/    DISCARD
/^Received: from -1218377928/    DISCARD
/^Received: from *com.br*/    DISCARD
/^Received: from *comcast.net*/    DISCARD
/^Received: from *customer.algx.net*/    DISCARD
/^Received: from *dsl.bbtel.com*/    DISCARD
/^Received: from *blueyonder.co.uk*/    DISCARD
/^Received: from *kablonet.com.tr*/    DISCARD
/^Received: from *res.rr.com*/    DISCARD
/^Received: from *verizon.net*/    DISCARD
/^Received: from *elpos.net*/    DISCARD
/^Received: from *telesp.net.br*/    DISCARD
/^Received: from *abo.wanadoo.fr*/    DISCARD
/^Received: from *adelphia.net*/    DISCARD
/^Received: from *net.il*/    DISCARD
/^Received: from *bigpond.net.au*/    DISCARD
/^Received: from *lodz.mm.pl*/    DISCARD
/^Received: from *mindspring.com*/    DISCARD
/^Received: from *silesianet.pl*/    DISCARD
/^Received: from *tn.charter.com*/    DISCARD
/^Received: from *touchtelindia.net*/    DISCARD
/^Received: from CPQ77327122737*/    DISCARD
/^Received: from compuserve.com*/    DISCARD
/^Received: from gateway.acfor.ru*/    DISCARD
/^Received: from kadytv.com*/    DISCARD
/^Received: from keystonehelicopter.*/    DISCARD
/^Received: from komp*/    DISCARD
/^Received: from walla.com*/    DISCARD
/^Received: from c9065cba.virtua.com.br*/    DISCARD
/^Received: from covet2.baden.ell.za*/    DISCARD
/^Received: from FR-CHA-C3-21-213245085239.chello.fr/    DISCARD

12

Re: PostFix фильтрация по ИП

SDTux , все списки как бы у всех разные, у меня одни, у моего товарища другие, еще кого то вообще другие - тут дело такое тонкое, запретиш кого то в ИД, и потом почта с того домена вообще не придет. Или запретиш например вполне не опенрелей, а его в  Message-ID: какой то спаммер указал, так пострадают в первую очередь клиенты, которые не дополучат письма. я считаю что "Всех не перебьеш" - тут надо терпеть. Раз спам идет, он и будет идти. Сегодня они указали одо ИД, завтра второе.. их тысячи и на всех не хватит просто времени.

13

Re: PostFix фильтрация по ИП

Message-ID я брал по маске, ну и Reject соответственно, чтобы не просто отбрасывало.
А по доменным именам, это, конечно, разное, но с того, что у меня указано сыпется только спам, причем сыпется активно.

14

Re: PostFix фильтрация по ИП

SDTux, какойто у тебя маленький список, у меня наверно раз в пять больше smile

15

Re: PostFix фильтрация по ИП

На самом деле, список больше, только не по всем правилам почему-то фильтрация идет sad
Может поделишься своим?

16

Re: PostFix фильтрация по ИП

например так блокирую какие либо адреса в письме

/^.*\.cnyoungunba\.com.*/i      REJECT
/^.*soft-heaven\.com.*/i        REJECT
/^.*\.upknitciead\.com.*/i      REJECT
/^.*\.dazenbilm\.com.*/i        REJECT
/^.*\.antidnibm\.com.*/i        REJECT
/^.*\.upknitciead\.com.*/i      REJECT

так письма где предлагают купить какой либо продукт

/^.*Macromedia Dreamwaver MX 2004.*(for as low as|for only|only).*$.*/i REJECT SPAM forbidden 8
/^.*Flash MX 2004.*(for as low as|for only|only).*$.*/i REJECT SPAM forbidden 9
/^.*Adobe Photoshop 7.*(for as low as|for only|only).*$.*/i     REJECT SPAM forbidden 10
/^.*Adobe Photoshop CS with ImageReady CS.*(for as low as|for only|only).*$.*/i REJECT SPAM forbidden 11

вот так запрещаю в нело представляться моими адресами и ипишниками

/^Received.*from.*(111\.111\.111\.111|my\.com\.ru).*(unknown|adsl|ip).*/i     REJECT forbidden 003 ehlo error

вот так блокирую ипишники
/^Received.*12\.156\.128\.80.*/i        REJECT
/^Received.*12\.172\.209\.54.*/i        REJECT host-12-172-209-54.nctv.com
/^Received.*12\.214\.169\.214.*/i       REJECT 12-214-169-214.client.mchsi.com
/^Received.*24\.22\.19\.107.*/i REJECT c-24-22-19-107.client.comcast.net
/^Received.*24\.58\.126\.123.*/i        REJECT cpe-24-58-126-123.twcny.res.rr.com

вот так аттачменты

/^((Content-(Disposition: attachment;|Type:).*|\ +)| *)(file)?name\ *=\ *"?.*\.(lnk|asd|ocx|reg|bat|com|cmd|exe|js|jsp|dll|vxd|pif|pps|scr|jse?|sh[mbs]|vb[esx]|hta)"?\ *$/      REJECT  Attachment type not allowed

17

Re: PostFix фильтрация по ИП

А я ip-шники вот так фильтрую и срабатывает:
/^Received: from 84.174.231.252/    REJECT Your letter look's like spam (bad IP)

18

Re: PostFix фильтрация по ИП

недолжно работать или будет неправильно работать, там регулярное выражение, а в нем надо точку экранировать слешем...

19

Re: PostFix фильтрация по ИП

Вот как раз по ip нормально срабатывает neutral
Проблема с фильтрацией по полю Subject. Задаю так:

/^Subject.*B\?9fDy4ffs5e7p5SDpIPLh\+vfp9OnlIO*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*spam*/    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*Rlc6IPfJ2tkg\+8XOx8x8XOLCDC0s*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*CDP1MXMxcosINDSycfMwdvFzg*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*ViAGRRA*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*VIAGRA*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*VIAGGRA*/i     REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*VI*GGR*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*VI*GRR*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*ze7i5en46OUg4eDn\+yDoIPHv8ODi7vft6O*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*Rlc6IOzV3tvJxSDLz87EycPJ*/i    REJECT Your letter look's like spam (bad SUBJECT)
/^Subject.*\&\#1055\;\&\#1086\;\&\#1088\;\&\#1085\;\&\#1086; &#1092\;\&\#1086\;\&\#1090\;\&\#1086; &#1080; &#1074\;\&\#1080\;\&\#1076\;\&\#1077\;\&\#1086\;\&\#1045;.&#1041\;\&\#1077\;\&\#1088\;\&\#1082\;\&\#1086\;\&\#1074\;\&\#1086\;\&\#1081\;*/i     REJECT Your letter look's like spam (bad SUBJECT)

20

Re: PostFix фильтрация по ИП

Мазохизм какой то... smile

21

Re: PostFix фильтрация по ИП

/^Subject.*VIAGGRA*/i 

не * а .*