From 4569cae57f127afd093794310ccd290d2d9fdf36 Mon Sep 17 00:00:00 2001 From: Marius Burkard <m.burkard@pixcept.de> Date: Wed, 20 Apr 2016 10:58:46 -0400 Subject: [PATCH] Merge branch 'stable-3.1' --- docs/examples/blacklist_helo.master | 74 +++++++++++++++++++++++++++++++++++++ 1 files changed, 74 insertions(+), 0 deletions(-) diff --git a/docs/examples/blacklist_helo.master b/docs/examples/blacklist_helo.master new file mode 100644 index 0000000..5d696d4 --- /dev/null +++ b/docs/examples/blacklist_helo.master @@ -0,0 +1,74 @@ +# blacklist_helo - after permit_sasl, used to stop common spammers/misconfigurations +# +# This file can be used to block hostnames used in smtp HELO command which are known bad. +# Occasionally you will run into legitimate mail servers which are misconfigured and end +# up blocked here, so this is not enabled by default, but it is useful if you are prepared +# to address those cases. .local is particularly problematic, and commented out by default. +# +# Note that any server hitting this check is misconfigured, all of the names below are bogus +# and not allowed per RFC 2821. +# +# If your own users are blocked by this, they are not authenticating to your server when +# sending (this check is after permit_sasl, which permits authenticated senders). +# +# Instructions: +# +# Copy this file to /usr/local/ispconfig/server/conf-custom/install/blacklist_helo.master, +# as well as /etc/postfix/blacklist_helo, so your changes are not overwritten with ispconfig +# updates. + +# probably just put REJECT lines in here, +# as OK lines will bypass a lot of other checks you may want done +# (use DUNNO instead of OK) +# + +# common for spammers (check https://data.iana.org/TLD/tlds-alpha-by-domain.txt and remove valid tld's occasionally) +/.*\.administrator$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.admin$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.adsl$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.arpa$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.bac$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.coma$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.dhcp$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.dlink$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.dns$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.domain$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.dynamic$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.dyndns\.org$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.dyn$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.firewall$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.gateway$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.home$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.internal$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.intern$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.janak$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.kornet$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.lab$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.lan$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.localdomain$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.localhost$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. + +# .local is used by spammers a lot, but too many otherwise legit servers hit it +# (instead of REJECT, should send to greylisting) +#/.*\.local$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. + +/.*\.loc$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.lokal$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.mail$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.nat$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.netzwerk$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.pc$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.privat$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.private$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.router$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.setup$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. + +/.*\.119$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.beeline$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.cici$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.gt_3g$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.gt-3g$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.hananet$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.skbroadband$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. +/.*\.tbroad$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6. + -- Gitblit v1.9.1