Dec 282009
 

The idea is selectively probe valid email sender for certain domain that frequently forged by spammer, we should use sender access verification carefully. Much better if we noticing postmaster/admin that we conducting SAv/probing their server for valid user, or otherwise we’ll end up in backscatterer.org list hehehe…

Create smtpd_restriction_class call verify_sender

smtpd_restriction_classes = verify_sender

Define verify_sender so it should reject all unverified email sender, verified one will be permit/pass

verify_sender = reject_unverified_sender, permit

Create has table called frequently_forged_senders to define sender domain that going to be in verification list

check_sender_access hash:/etc/postfix/frequently_forged_senders

frequently_forged_senders contains

domain1.tld		verify_sender
domain2.tld		verify_sender
domain3.tld		verify_sender

For caching sender address that already verified, create table verify

address_verify_sender = postmaster@domain.tld
address_verify_map = btree:/var/lib/postfix/verify

By default, the information is kept in volatile memory, and is lost after “postfix reload” or “postfix stop”

done

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.