Marc skrev den 2023-09-15 23:57:
>> >Marc skrev den 2023-09-15 17:01:
>> >>Anyone have any experience with a dns blacklist specific to known smtp
>> >>auth abuse?
>>
>> On 15.09.23 17:51, Benny Pedersen wrote:
>> >spamrats ?
>> >
>> >https://www.spamrats.com/
>>
>> I have bad experiente with spam rats and thus wouldn't recommend using
>> them.
>> YMMV of course.
>>
>
> You could be right about this. When I compare the last 413 failed smtp
> auths, none are listed in auth.spamrats.com. While bl.spamcop.net
> lists 230 at 127.0.0.2, while zen.spamhaus.org gets 371 at
> 127.0.0.4/127.0.0.3/127.0.0.11. I just have to check which of them is
> not a list that lists any 'dynamic' ip by default.
submission inet n - y - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_delay_reject=no
-o { smtpd_client_restrictions = reject_rbl_client
auth.spamrats.com=127.0.0.43, permit }
-o { smtpd_relay_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject }
i find dokumention good, dqs can be added here aswell, but i am unsure
if it will expose my dqs key, for me i dont like to use y (chroot), note
all details in this, just not auth.spamrats.com plus return code hardend
please be carefull, and ask