tags:

views:

201

answers:

2
Q: 

how Postfix anti spam configuration works with DNS-based Blackhole List providers

Hello,

I have setup a Postfix mail server for incoming mails that is required to never reply to external enviornment i.e it will accept all incoming mails and never reply anything that can be used as a trace to locate and verify it's existence.

I have implemented the Postfix anti-UCE configuration by using the following settings in postfix main.cf for countering spam generating mail servers:

'smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net'

Now i have certain doubts/questions:

  1. How Postfix is able to communicate with Black hole list providers i.e How this whole process works?, e.g here they are zen.spamhaus.org, bl.spamcop.net, so that i can test the performance of whole process.

  2. Can a header be added in the received mail regarding the status of the results of the above verification process, since i will not reply any traces from my incoming mail receiving Postfix server, so i need this feature?

Please post relevant links for reference.

Thanks in advance!!!

Ashish

A: 

Unable to know how postfix actually does this but got an idea of the process from this wiki link.

Ashish  2009-11-02 11:51:23
+1  A: 

Ashish, it'll be a little difficult to answer this question without further clarification. You'd like Postfix to "accept all incoming mails and never reply anything that can be used as a trace to locate and verify it's existence." The process of accepting mail inherently verifies the existence of the server. SMTP is a protocol which requires affirmative responses from the mail server to complete mail delivery.

As far as how the Blackhole List process works, each provider identifies spamming IP addresses and adds them to their list. To determine if an IP address is in the list, your mail server performs a DNS query (as defined in the Wikipedia article you referenced above). If the DNS record exists, your server knows that the IP address is suspect and rejects the mail. These DNS queries are ultimately answered by DNS servers provided by the Blackhole List providers.

In a properly configured Postfix server, only messages that do not appear in the Blackhole Lists will be accepted. So, I don't understand how adding a header to the message would be helpful. Every message that Postfix accepts would have exactly the same header; i.e., that the sender was not on a Blackhole List.

BungeeCraft Technologies  2010-04-03 20:46:35

related questions

How to differentiate (when overloading) between prefix and postfix forms of operator++? (C++)
"Evaluating Postfix Expressions" Program in Ruby
Recommended safeguards to prevent accidentally spamming customers
I want to connect the reception of the email and applications
Postfix / Spamassassin: Undelivered Mail Returned to Sender
want email from my server (postfix) to an email address on my domain to be delivered to google apps
Postfix Mail Server - Local accounts and external accounts - Forwarding
postfix: How to send emails to users
Linux postfix won't send to local domain
postfix: send a copy of every email to a given email address
How do I get the email in a script running from my .forward-file?
are you supposed to use both NICs on a linux server?
Integrate postfix mail into my (python)webapp
How to receive all emails pertaining to a domain, on my production machine?
Procmail Forward script to forward emails from one domain to the other
How do I read/retrieve emails received by local postfix, through python
Defining a "messagle handler" in Postfix
Any reason I couldn't create a language supporting infix, postfix, and prefix functions, and more?
Configuring Postfix to not use a daemon
Defining different types of numbers in C#
How to monitor Postfix MTA Status
How do I set up my Ubuntu VPS to send outgoing mail?
Must an SMTP client provide the MTA a globally resolvable hostname in the HELO?
How does Highrise handle e-mail addresses like: [email protected]?
postfix and sending mail to an external server