DevHeads.net

Postings by allenc

Postscreen Feature Request

GIVEN THAT, when the Postscreen internal SMTP engine is invoked, the
decision to reject the message has already been made;
It seems to me that this is an opportunity to tar-pit the (bad) remote
host, diminishing spam throughput, and eroding the host's useful life-span.

I SUGGEST, therefore, that an additional "TAR-PIT" option be added to
the list of available postscreen_mumble_action's.

Postscreen temporary whitelist

Is there any way of reducing the TTL of the postscreen temporary whitelist?

I am having problems with spammers repeatedly getting through postscreen
with a "PASS OLD" result.

While I can't stop them trying, at least I can cost them time by making
them run the full postscreen gauntlet more frequently...

Many thanks

Allen C

Strange log entry

Hello all

From time to time I see a strange log entry:

2016-11-30T10:40:43+00:00 geronimo postfix/postscreen[20844]: warning:
getpeername: Transport endpoint is not connected -- dropping this connection

Can someone explain what this means, please.

Is there anything I could/should do about it?

many thanks

Allen C

OT: "X-PHP-Script" header

Over the weekend I had three spam messages get through to my in-box. Two
contained an "X-PHP-Script" header

one was
X-PHP-Script:
folar.org/wp-content/plugins/the-events-calendar/src/Tribe/Aggregator/uploader.php
for 110.83.63.152

and the other
X-PHP-Script:
118k.org/wp-content/plugins/formidable/classes/views/frm-entries/stats.php
for 110.83.62.203

I suppose I could block them using header_checks, but first, does
anybody know what they (are supposed to) do? I have not encountered
them before.

Allen C