Log in

No account? Create an account
DHCP users - brad's life — LiveJournal [entries|archive|friends|userinfo]
Brad Fitzpatrick

[ website | bradfitz.com ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

DHCP users [Jul. 17th, 2004|10:44 pm]
Brad Fitzpatrick
I followed tydel's advice and setup danga.com's postfix to not accept mail from DHCP addresses. If you try to send mail to me or anybody @danga.com now from your home DHCP server, you'll get:

554 DHCP Pool clients should use their ISP's mail server

Tailing my mail.log, it sure is rejecting a shitload of messages!

But really, you shouldn't be running an MTA on your DHCP address anyway. I know this will block some geeks who just want to run their own mail server, but they should be smarthosting it elsewhere.

Next step: ClamAV? That's the one you recommended, right scsi?

[User Picture]From: scsi
2004-07-17 11:10 pm (UTC)

If you're running debian stable on danga, add this to your sources.list

# ClamAV
deb http://people.debian.org/~sgran/debian woody main

Here is my /etc/clamav/clamav.conf

vadept:~# more /etc/clamav/clamav.conf
#Automatically Generated by clamav-daemon postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-daemon
LocalSocket /var/run/clamav/clamd.ctl
User qscand
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000
ArchiveMaxFileSize 10M
ReadTimeout 180
MaxThreads 5
MaxConnectionQueueLength 15
LogFile /var/log/clamav/clamav.log
LogFileMaxSize 0
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav/
SelfCheck 3600

I'm running qmail-scanner, so you'll have to set the 'User clamd' to the user that has write/read access to the incoming mail.. I have no idea in postfix who this is.,, I havent read my postfix book yet.. :)

If you want, i can send you my spamassassin rules too.. It knocks out about 99% of the spam, and so far i've gotten about 1 legit email blocked (in about 6 months time, which is pretty good)
(Reply) (Thread)