apache@unicornlove.info とか apache@fivelove.info と言ったメールアドレスでスパムを送ってきて、そのドメインがlivedoorで登録されているスパム業者があります。
NSが ns1.domain.livedoor.com なのですが、他の(スパマー以外の)ドメインでもこのNSが使われているため、これだけで拒否することは出来ません。
そこで、sender のメールアドレスが、apache@〜.infoかどうかを確認し、かつS25Rにマッチする接続元からだったら拒否するような設定をします。
main.cf
smtpd_restriction_classes =
reject_client_s25r
check_sender_apacheinfo
reject_client_s25r =
check_client_access regexp:/etc/postfix/reject_client_s25r
check_sender_apacheinfo =
check_sender_access regexp:/etc/postfix/check_sender_apacheinfo
smtpd_recipient_restrictions =
...
check_sender_ns_access regexp:/etc/postfix/check_ns
check_ns
/^ns[1-2]\.domain\.livedoor\.com$/ check_sender_apacheinfo
check_sender_apacheinfo
/^apache@[^\.]+\.info$/ reject_client_s25r
# *** WHITE LIST *** # d23-201.gmo-media.jp /\.gmo-media\.jp$/ DUNNO # mail1.blogpeople.net /^202\.177\.198\.125$/ DUNNO # May 26, 2005: bay-w1-inf5.verisign.net, benicia-w2-inf30.verisign.net (*) /\.verisign\.net$/ DUNNO # Nov 29, 2004: cpsexchange.cpstrategy.com (*) /^65\.201\.25\.2$/ DUNNO # Nov 29, 2004: lrmail01.lawroom.com (*) /^63-199-151-170\.ded\.pacbell\.net$/ DUNNO # Nov 29, 2004: mail.mfactory.tv (*) /^203\.112\.13\.213$/ DUNNO # Nov 29, www.stoc.co.jp (*) /^252\.218\.244\.43\.ap\.yournet\.ne\.jp$/ DUNNO # Nov 29, 2004: mail.ubix.co.jp (*) /^61\.197\.233\.59$/ DUNNO # Nov 28, 2004: mail.ebenkei.com (*) /^209\.196\.41\.185$/ DUNNO # Nov 24, 2004: www.akibare.net (*) /^61\.202\.159\.66$/ DUNNO # Nov 24, 2004: mx.zentek.com.sg (*) /^202\.157\.139\.50$/ DUNNO # Nov 24, 2004: wserver.alliance.co.jp (*) /^210-172-21-218\.cust\.bit-drive\.ne\.jp$/ DUNNO # Nov 24, 2004: mail1.55192.com (*) /^202\.177\.193\.203$/ DUNNO # Nov 22, 2004: mx1.zentek.com (*) /^h-67-102-70-3\.snfccasy\.covad\.net$/ DUNNO # Nov 15, 2004: cs1mr1.comsourceone.com, etc. /\.comsourceone\.com$/ DUNNO # Oct 04, 2004: mail.entrend.net /^202\.222\.18\.17$/ DUNNO # Oct 04, 2004: mail.daha.co.jp /^pee4b38\.tokyff01\.ap\.so-net\.ne\.jp$/ DUNNO # Sep 06, 2004: mail.moonbeach.co.jp #/^61\.199\.212\.138$/ DUNNO # Jul 21, 2004: nedomao.nedo.go.jp #/^202\.232\.182\.85$/ DUNNO # Aug 30, 2005: web10902.mail.bbt.yahoo.co.jp (*) /^web[0-9]+\.mail\.(.+\.)?yahoo\.co\.jp$/ DUNNO # Aug 30, 2005: web35509.mail.mud.yahoo.com (*) /^web[0-9]+\.mail\.(.+\.)?yahoo\.com$/ DUNNO # Jul 13, 2005: imt1omta04-s0.ezweb.ne.jp, etc. (*) /\.ezweb\.ne\.jp$/ DUNNO # Jul 11, 2005: kddi-tech.com's /^210\.174\.65\.136$/ DUNNO # Jun 29, 2005: zns001-0m9001.yokogawa.co.jp, etc. /\.yokogawa\.co\.jp$/ DUNNO # Jun 07, 2005: toshiba-pro.co.jp's /^211\.14\.137\.62$/ DUNNO # Jun 01, 2005: carrot.nri.com /^64\.140\.94\.94$/ DUNNO # May 13, 2005: ex02-mal000.nils.go.jp /\.nils\.go\.jp$/ DUNNO # Nov 29, 2004: web10306.mail.mci.yahoo.co.jp (*) #/^web[0-9]+\.mail\.mci\.yahoo\.co\.jp$/ DUNNO # Nov 29, 2004: tgmsmttk01sc1.t.vodafone.ne.jp, etc. (*) /\.vodafone\.ne\.jp$/ DUNNO # Nov 29, 2004: n-seikahouso.co.jp's (*) /^61\.127\.31\.147$/ DUNNO # Nov 29, 2004: rohhc.com's (*) /^h216\.70\.22\.140\.superiorbroadband\.com$/ DUNNO # Nov 25, 2004: mta12.m2.home.ne.jp, etc. /\.m2\.home\.ne\.jp$/ DUNNO # Nov 23, 2004: c151240.vh.plala.or.jp (*) /\.vh\.plala\.or\.jp$/ DUNNO # Aug 16, 2004: web61203.mail.yahoo.com #/^web[0-9]+\.mail\.yahoo\.com$/ DUNNO # Apr 26, 2004: h04-a1.data-hotel.net, etc. /\.data-hotel\.net$/ DUNNO # Mar 08, 2004: mc1-s3.bay6.hotmail.com, etc. /\.bay[0-9]+\.hotmail\.com$/ DUNNO # Aug 22, 2005: 221-251-37-149.platz.jp /\.platz\.jp$/ DUNNO # Nov 24, 2004: ticketmaster.com's vg2.irp3.ntf.lax1.tmcs.net (*) /\.tmcs\.net$/ DUNNO # Nov 23, 2004: ausc60ps301.us.dell.com (*) /\.dell\.com$/ DUNNO # Jun 06, 2004: iad-fw-global.amazon.com /^207\.171\.(167\.25|172\.6)$/ DUNNO # Sep 14, 2005: megasoft.co.jp's /^221x115x158x242\.ap221\.ftth\.ucom\.ne\.jp$/ DUNNO # Dec 08, 2004: megasoft.co.jp's /^219\.163\.0\.34$/ DUNNO # Nov 25, 2004: penlug.org's rdns.162.240.218.216.fre.communitycolo.net (*) /\.communitycolo\.net$/ DUNNO # Nov 24, 2004: ebpass.com's 69.64.193.170.nyc.electricfiber.net, etc. (*) /\.nyc\.electricfiber\.net$/ DUNNO # Nov 24, 2004: melma.com's 203.174.78.145, etc. (*) /^203\.174\.78\.[0-9]+$/ DUNNO # Nov 24, 2004: esampo.com's (*) /^61\.120\.197\.250$/ DUNNO # Oct 28, 2004: 207-171-180-101.amazon.com /\.amazon\.com$/ DUNNO # Jun 10, 2004: megasoft.co.jp's /^usen-221x115x158x242\.ap-US01\.usen\.ad\.jp$/ DUNNO # Apr 17, 2004: info-ntt.co.jp's /^ps23\.suite2\.arena\.ne\.jp$/ DUNNO # Apr 07, 2004: henrietta.ekiworld.net /^210\.146\.189\.76$/ DUNNO # Feb 24, 2004: pioneer.co.jp's /^usen-221x115x147x174\.ap-US01\.usen\.ad\.jp$/ DUNNO # # *** BLACK LIST *** /^[0-9\.]+\.ap\.yournet\.ne\.jp$/ REJECT match compound blacklist /^pl[0-9]+\.nas[0-9]+\.(ichikawa|o-tokyo|kyoto|toyama)\.nttpc\.ne\.jp$/ REJECT match compound blacklist /^adsl-[0-9\-]+\.dsl\.irvnca\.(pacbell|sbcglobal)\.net$/ REJECT match compound blacklist /^[0-9x]+\.ap[0-9]+\.ftth\.ucom\.ne\.jp$/ REJECT match compound blacklist /^[0-9\-]+\.eonet\.ne\.jp$/ REJECT match compound blacklist /^m[0-9]+\.mailyes\.net$/ REJECT match compound blacklist /^ns[0-9]+\.italianservers\.com$/ REJECT match compound blacklist # # *** S25R *** /^unknown$/ REJECT match compound blacklist /^[^\.]*[0-9][^0-9\.]+[0-9]/ REJECT match compound blacklist /^[^\.]*[0-9]{5}/ REJECT match compound blacklist /^([^\.]+\.)?[0-9][^\.]*\.[^\.]+\..+\.[a-z]/ REJECT match compound blacklist /^[^\.]*[0-9]\.[^\.]*[0-9]-[0-9]/ REJECT match compound blacklist /^[^\.]*[0-9]\.[^\.]*[0-9]\.[^\.]+\..+\./ REJECT match compound blacklist /^(dhcp|dialup|ppp|adsl)[^\.]*[0-9]/ REJECT match compound blacklist
