Commit b0ac876b authored by Bob Tanner's avatar Bob Tanner

Notes from Mike.

parent 40d041e2
......@@ -36,3 +36,62 @@ Author Information
An optional section for the role authors to include contact information, or a website (HTML is not allowed).
What i recently implemented was:
give thx MX a second IP (I used
Add it everywehere as backup-mx (I used preference of 110,
primary is 100)
disable postcreen WL on that IP (see below)
It's cutting further spam for me.
Many zombies and bots connect to the backup MX first and foremost, and
at times, never ever connect to the primary. Found this out via a
mailing list then I added the configuration and seeing a drop in spam.
Even if they do come back through primary hopefully the blacklists
will have picked up steam and can block them there. The postfix
postscreen greylisting functions continue to do what need to be done
as well.
Here is my relevant configuration for postfix postscreen:
postscreen_whitelist_interfaces = !, static:all
# postive numbers are spammy
# negative numbers are not spammy
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_sites =*-5*-5*-4*-4[0..255].0*-1[0..255].1*-1[0..255].[2..3]*-5*-4*2*1*1*-3[2..7]*3[10..11]*1*2*2*3*2[10..12]*2*1[18..20]*-2
YMMV, don't blindly trust, and pay the reaper on the way out!
Mike Horwath, reachable via drechsau@Geeks.ORG
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment