Написал в ACL exim4 и на всех доп серверах вот это в конфигах:
deny
message = Inconsistent or no DNS reverse entry for $sender_host_address (PTR RECORD) (Please, contact with you system administrator or you ISP (hosting) company [IP: $sender_host_address, PTR: $sender_host_name])
log_message = deny: not AUTH user and no PTR or PTR check failed [IP: $sender_host_address, PTR: $sender_host_name])
add_header = X-Sender-IP-address: $sender_host_address
add_header = X-Sender-PTR-record: $sender_host_name
!authenticated = *
condition = ${if and{{def:sender_host_address}{!def:sender_host_name}} {yes}{no}}
Смысл в том, если PTR нет, или PTR запись не указывает на IP - рубить письмо, не отправляя его даже в антиспам чекер (spamassassin)
Что самое интересное, отваливается масса спама:
serv001:~# tail -f /var/log/exim4/mainlog | grep PTR
2010-11-11 18:02:32 H=(slave2.mybootyspace.com) [189.62.193.239] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 189.62.193.239, PTR: ])
2010-11-11 18:02:32 H=(slave2.mybootyspace.com) [189.62.193.239] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 189.62.193.239, PTR: ])
2010-11-11 18:02:40 H=(gptboycott.com) [187.21.178.37] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 187.21.178.37, PTR: ])
2010-11-11 18:02:40 H=(articlesandcontent.com) [178.91.71.48] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 178.91.71.48, PTR: ])
2010-11-11 18:02:48 H=(dsldevice.lan) [190.71.171.141] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.71.171.141, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:59 H=(ku.edu.tr) [92.83.195.53] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 92.83.195.53, PTR: ])
2010-11-11 18:03:00 H=(clickrack.com) [115.147.232.23] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 115.147.232.23, PTR: ])
2010-11-11 18:03:03 H=(cbpu.com) [1.53.135.61] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 1.53.135.61, PTR: ])
2010-11-11 18:03:03 H=(gutbugs.com) [109.82.170.49] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 109.82.170.49, PTR: ])
...
serv001:~# tail -f /var/log/exim4/mainlog | grep PTR
2010-11-11 18:02:32 H=(slave2.mybootyspace.com) [189.62.193.239] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 189.62.193.239, PTR: ])
2010-11-11 18:02:32 H=(slave2.mybootyspace.com) [189.62.193.239] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 189.62.193.239, PTR: ])
2010-11-11 18:02:40 H=(gptboycott.com) [187.21.178.37] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 187.21.178.37, PTR: ])
2010-11-11 18:02:40 H=(articlesandcontent.com) [178.91.71.48] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 178.91.71.48, PTR: ])
2010-11-11 18:02:48 H=(dsldevice.lan) [190.71.171.141] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.71.171.141, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:59 H=(ku.edu.tr) [92.83.195.53] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 92.83.195.53, PTR: ])
2010-11-11 18:03:00 H=(clickrack.com) [115.147.232.23] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 115.147.232.23, PTR: ])
2010-11-11 18:03:03 H=(cbpu.com) [1.53.135.61] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 1.53.135.61, PTR: ])
2010-11-11 18:03:03 H=(gutbugs.com) [109.82.170.49] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 109.82.170.49, PTR: ])
2010-11-11 18:03:16 H=(slave2.mybootyspace.com) [190.146.9.131] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.146.9.131, PTR: ])
2010-11-11 18:03:16 H=(slave2.mybootyspace.com) [190.146.9.131] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.146.9.131, PTR: ])
2010-11-11 18:03:16 H=(slave2.mybootyspace.com) [190.146.9.131] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.146.9.131, PTR: ])
2010-11-11 18:03:23 H=(host-tel.com) [95.80.143.16] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 95.80.143.16, PTR: ])
2010-11-11 18:03:33 H=(animail.com) [190.126.207.240] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.126.207.240, PTR: ])
Собственно вопрос, а нормально ли?
deny
message = Inconsistent or no DNS reverse entry for $sender_host_address (PTR RECORD) (Please, contact with you system administrator or you ISP (hosting) company [IP: $sender_host_address, PTR: $sender_host_name])
log_message = deny: not AUTH user and no PTR or PTR check failed [IP: $sender_host_address, PTR: $sender_host_name])
add_header = X-Sender-IP-address: $sender_host_address
add_header = X-Sender-PTR-record: $sender_host_name
!authenticated = *
condition = ${if and{{def:sender_host_address}{!def:sender_host_name}} {yes}{no}}
Смысл в том, если PTR нет, или PTR запись не указывает на IP - рубить письмо, не отправляя его даже в антиспам чекер (spamassassin)
Что самое интересное, отваливается масса спама:
serv001:~# tail -f /var/log/exim4/mainlog | grep PTR
2010-11-11 18:02:32 H=(slave2.mybootyspace.com) [189.62.193.239] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 189.62.193.239, PTR: ])
2010-11-11 18:02:32 H=(slave2.mybootyspace.com) [189.62.193.239] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 189.62.193.239, PTR: ])
2010-11-11 18:02:40 H=(gptboycott.com) [187.21.178.37] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 187.21.178.37, PTR: ])
2010-11-11 18:02:40 H=(articlesandcontent.com) [178.91.71.48] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 178.91.71.48, PTR: ])
2010-11-11 18:02:48 H=(dsldevice.lan) [190.71.171.141] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.71.171.141, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:59 H=(ku.edu.tr) [92.83.195.53] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 92.83.195.53, PTR: ])
2010-11-11 18:03:00 H=(clickrack.com) [115.147.232.23] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 115.147.232.23, PTR: ])
2010-11-11 18:03:03 H=(cbpu.com) [1.53.135.61] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 1.53.135.61, PTR: ])
2010-11-11 18:03:03 H=(gutbugs.com) [109.82.170.49] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 109.82.170.49, PTR: ])
...
serv001:~# tail -f /var/log/exim4/mainlog | grep PTR
2010-11-11 18:02:32 H=(slave2.mybootyspace.com) [189.62.193.239] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 189.62.193.239, PTR: ])
2010-11-11 18:02:32 H=(slave2.mybootyspace.com) [189.62.193.239] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 189.62.193.239, PTR: ])
2010-11-11 18:02:40 H=(gptboycott.com) [187.21.178.37] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 187.21.178.37, PTR: ])
2010-11-11 18:02:40 H=(articlesandcontent.com) [178.91.71.48] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 178.91.71.48, PTR: ])
2010-11-11 18:02:48 H=(dsldevice.lan) [190.71.171.141] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.71.171.141, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:51 H=(slave2.mybootyspace.com) [122.163.0.10] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 122.163.0.10, PTR: ])
2010-11-11 18:02:59 H=(ku.edu.tr) [92.83.195.53] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 92.83.195.53, PTR: ])
2010-11-11 18:03:00 H=(clickrack.com) [115.147.232.23] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 115.147.232.23, PTR: ])
2010-11-11 18:03:03 H=(cbpu.com) [1.53.135.61] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 1.53.135.61, PTR: ])
2010-11-11 18:03:03 H=(gutbugs.com) [109.82.170.49] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 109.82.170.49, PTR: ])
2010-11-11 18:03:16 H=(slave2.mybootyspace.com) [190.146.9.131] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.146.9.131, PTR: ])
2010-11-11 18:03:16 H=(slave2.mybootyspace.com) [190.146.9.131] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.146.9.131, PTR: ])
2010-11-11 18:03:16 H=(slave2.mybootyspace.com) [190.146.9.131] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.146.9.131, PTR: ])
2010-11-11 18:03:23 H=(host-tel.com) [95.80.143.16] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 95.80.143.16, PTR: ])
2010-11-11 18:03:33 H=(animail.com) [190.126.207.240] F=<[email protected]> rejected RCPT <[email protected]>: deny: not AUTH user and no PTR or PTR check failed [IP: 190.126.207.240, PTR: ])
Собственно вопрос, а нормально ли?
