Current time: 11-26-2024, 12:30 AM Hello There, Guest! (LoginRegister)


Post Reply 
[HowTo] Block bogus sender mx in postfix...
Author Message
rbtux Offline
Moderator
*****
Moderators

Posts: 1,847
Joined: Feb 2007
Reputation: 33
Post: #1
[HowTo] Block bogus sender mx in postfix...
Some Spamservers use mx records pointing to IANA reserved address ranges or wildcard addresses

This servers can be blocked by postfix with the following steps:

1. Create /etc/postfix/bogus_mx.cidr with the following content:
Quote:# Reserved Ranges
0.0.0.0/8 REJECT IP address of MX is IANA reserved range
10.0.0.0/8 REJECT IP address of MX is a RFC1918 address
127.0.0.0/8 REJECT IP address of MX is IANA reserved range
169.254.0.0/16 REJECT IP address of MX is a APIPA address
172.16.0.0/12 REJECT IP address of MX is a RFC1918 address
192.0.2.0/24 REJECT IP address of MX is IANA reserved range
192.168.0.0/16 REJECT IP address of MX is a RFC1918 address
198.18.0.0/15 REJECT IP address of MX is IANA reserved range
224.0.0.0/3 REJECT IP address of MX is IANA reserved range
240.0.0.0/12 REJECT IP address of MX is IANA reserved range


# WILDCARDS
62.4.64.119 REJECT IP address of MX host is a wild-card NU.
64.18.138.88 REJECT IP address of MX host is a wild-card CG.&RW.
64.70.19.33 REJECT IP address of MX host is a wild-card WS.
69.25.75.72 REJECT IP address of MX host is a wild-card NU.
72.51.27.58 REJECT IP address of MX host is a wild-card CM.
75.101.130.205 REJECT IP address of MX host is a wild-card MP.
193.33.61.2 REJECT IP address of MX host is a wild-card TK.
195.178.186.40 REJECT IP address of MX host is a wild-card ST.
195.20.32.103 REJECT IP address of MX host is a wild-card TK.
203.119.4.28 REJECT IP address of MX host is a wild-card PH.
208.87.149.250 REJECT IP address of MX host is a wild-card pjn.qsrch.net.
209.172.59.196 REJECT IP address of MX host is a wild-card TK.
212.181.91.6 REJECT IP address of MX host is a wild-card NU.
217.119.57.22 REJECT IP address of MX host is a wild-card TK.
222.231.8.226 REJECT IP address of MX host is a wild-card KR.


2. Configure Postfix:
Add the following before permit_mynetworks to smtpd_sender_restrictions of your /etc/postfix/main.cf:
Quote:check_sender_mx_access cidr:/etc/postfix/bogus_mx.cidr

3. Reload Postfix:
Quote:postfix reload

4. Keep your wildcard section up to date (I do it once a week)
This can be done with the following skript (It takes a while to run...):
Thx to Uwe Driessen, Jan P. Kessler, Ralph Hildebrandt and Andreas Winkelmann from the german Postfixbuch-Mailinglist for creating this script... I hope I did not miss somebody!
Quote:#!/bin/bash

curl -s ftp://ftp.internic.net/domain/root.zone.gz | \
gunzip -c | \
awk ' / NS / {if (length($1) > 1) print "_."$1}' | \
sort -u | \
#Zum sort:
sort -b -t. -k1,1n -k2,2n -k3,3n -k4,4n| \

#sortiert IP-V4 Adressen numerisch nach 1., 2., 3. und 4. Zahl


dig -f - +noall +answer | \
awk ' $5 ~ /[0-9]+\.[0-9]+\./ {
gsub("_.","",$1);
print $5" REJECT IP address of MX host is a wild-card "$1
}' | \
sort -g | \
awk ' BEGIN{
oline=""; }
{
if (NR>1) {
if( length(oline) > 0) {
split(oline,arr);
if ($1==arr[1]) {
oline=oline"&"$11;
}
else {
print oline;
oline=$0;
}
}
else {
oline=$0;
}
}
else {
oline=$0;
}
}
END{ print oline;}'
Noticed? This was a oneliner :-)

5. Thats it
(This post was last modified: 01-16-2009 06:44 AM by rbtux.)
11-13-2007 06:47 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
[HowTo] Block bogus sender mx in postfix... - rbtux - 11-13-2007 06:47 AM

Forum Jump:


User(s) browsing this thread: 2 Guest(s)