[[postfix_check]]
 
Piste: » postfix_check
main.cf
header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/body_checks
smtpd_helo_restrictions = check_helo_access regexp:/etc/postfix/helo_checks
/etc/postfix/header_checks
 /^Subject: ILOVEYOU/ REJECT
 /^From:.*<_.*>$/ REJECT
 /^Subject: How are you$/ REJECT
 /^Subject: Eager to see you$/ REJECT
 /^Subject: Les 7 coquir nains$/ REJECT
 /^Subject: Les 7 coquin nains$/ REJECT
 /^Subject: W32.Elkern.*$/ REJECT
 /^Subject: .*removal tools$/ REJECT
 /^Subject: Re: Wicked screensaver$/ REJECT
 /^Subject: Re: Re: My details$/ REJECT
 /^Subject: Re: That movie$/ REJECT
 /^Subject: Re: My details$/ REJECT
 /^Subject: Re: Thank you!$/ REJECT
 /^Subject: Re: Approved$/ REJECT
 /^Subject: use this patch immediately/ REJECT
 /^Subject: hi\ / REJECT
 /^Subject: Hi\ / REJECT
 /^Subject: Your password has been updated/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Your password has been successfully updated/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: You have successfully updated your password/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Your new account password is approved/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Your Account is Suspended/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: *DETECTED* Online User Violation/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Your Account is Suspended For Security Reasons/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Warning Message: Your services near to be closed./ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Important Notification/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Members Support/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Security measures/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Email Account Suspension/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: Notice of account limitation/ REJECT Virus: W32.Mytob.KU@mm
 /^Subject: You visit illegal websites/ REJECT Virus: Sober.Y
 /^Subject: Your IP was logged/ REJECT Virus: Sober.Y
 /^Subject: Paris Hilton & Nicole Richie/ REJECT Virus:Sober.Y
 /^Subject: Haben Sie diese EMail verschickt?/ REJECT Virus: Sober.T
 /^Subject: Registration Confirmation/ REJECT Virus: Sober.T
 /^Subject: Your new Password/ REJECT Virus: Sober.K
 /^Subject: Mail_delivery_failed/ REJECT Virus: Sober.K
 /^Subject: Paris Hilton, pure!/ REJECT Virus: Sober.K
 /^Subject: Alert! New Sober Worm!/ REJECT Virus: Sober.K
 /^Subject: You visit illegal websites/ REJECT Virus: Sober.K
 /^Subject: FwD: Glueckwunsch: Ihr WM Ticket/ REJECT Virus: Sober.P
 /^Subject: FwD: Ich bin's, was zum lachen ;)/ REJECT Virus: Sober.P
 /^Subject: FwD: Ihr Passwort/ REJECT Virus: Sober.P
 /^Subject: FwD: Ihre E-Mail wurde verweigert/ REJECT Virus: Sober.P
 /^Subject: FwD: WM Ticket Verlosung/ REJECT Virus: Sober.P
 /^Subject: FwD: WM-Ticket-Auslosung/ REJECT Virus: Sober.P
 /^Subject: Re: mailing error/ REJECT Virus: Sober.P
 /^Subject: Re: Registration Confirmation/ REJECT Virus: Sober.P
 /^Subject: Re: Your email was blocked/ REJECT Virus: Sober.P
 /^Subject: Re: Your Password/ REJECT Virus: Sober.P
 /^Subject: Security measures/ REJECT Virus: W32/Mytob-CM
 /^Subject: Notice: **Last Warning**/ REJECT Virus: W32/Mytob-CM
 /^Subject: *DETECTED* Online User Violation/ REJECT Virus: W32/Mytob-CM
 /^Subject: Your Email Account is Suspended For Security Reasons/ REJECT Virus: W32/Mytob-CM
 /^Subject: Account Alert/ REJECT Virus: W32/Mytob-CM
 /^Subject: Important Notification/ REJECT Virus: W32/Mytob-CM
 /^Subject: *WARNING* Your Email Account Will Be Closed/ REJECT Virus: W32/Mytob-CM
 /^Subject: Email Account Suspension/ REJECT Virus: W32/Mytob-CM
 /^Subject: Notice of account limitation/ REJECT Virus: W32/Mytob-CM
 /^From: "?MS / REJECT
 /^From:.*crowford@free.com/ REJECT
 /^From:.*spencer@free.com/ REJECT
 /^From:.*info@maconventioncollective.com.*/ REJECT
 /^From:.*fuckensuicide@hotmail.com.*/ REJECT
 /^Subject: E-mail account disabling warning./ REJECT
 /^From:.*brilliantmarketinginc.*/ DISCARD
 /^Subject: 4,8 Mill\. Osteuropaeer durch Fischer-Volmer Erlass/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Auf Streife durch den Berliner Wedding/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Auslaender bevorzugt/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Auslaenderpolitik/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Blutige Selbstjustiz/ REJECT Nazi Spam 15.05.2005 AWI
 /^Subject: Deutsche werden kuenftig beim Arzt abgezockt/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Dresden 1945/ REJECT Nazi Spam 15.05.2005 AWI
 /^Subject: Du wirst zum Sklaven gemacht\!\!\!/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Graeberschaendung auf bundesdeutsche Anordnung/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Hier sind wir Lehrer die einzigen Auslaender/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Paranoider Deutschenmoerder kommt in Psychiatrie/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Tuerkei in die EU/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: Verbrechen der deutschen Frau/ REJECT Nazi Spam 15.05.2005 RHI
 /^Subject: 60 Jahre Befreiung: Wer feiert mit\?/ REJECT Nazi Spam 15.05.2005 AWI
 /^Subject: Armenian Genocide Plagues Ankara 90 Years On/ REJECT Nazi Spam 15.05.2005 AWI
 /^Subject: Augen auf/ REJECT Nazi Spam 15.05.2005 AWI
 /^Subject: Deutsche Buerger trauen sich nicht \.\.\./ REJECT Nazi Spam 15.05.2005 AWI
 /^Subject: Dresden Bombing Is To Be Regretted Enormously/ REJECT Nazi Spam 15.05.2005 AWI
 /^Subject: Du wirst ausspioniert \.\.\.\.\!/ REJECT Nazi Spam 15.05.2005 AWI
/^Subject: Massenhafter Steuerbetrug durch auslaendische Arbeitnehmer/ REJECT Nazi Spam 15.05.2005 AWI
/^Subject: Multi-Kulturell = Multi-Kriminell/ REJECT Nazi Spam 15.05.2005 AWI
/^Subject: S\.O\.S\. Kiez\! Polizei schlaegt Alarm/ REJECT Nazi Spam 15.05.2005 AWI
/^Subject: Schily ueber Deutschland/ REJECT Nazi Spam 15.05.2005 AWI
/^Subject: Transparenz ist das Mindeste/ REJECT Nazi Spam 15.05.2005 AWI
/^Subject: Trotz Stellenabbau/ REJECT Nazi Spam 15.05.2005 AWI
/^Subject: Volk wird nur zum zahlen gebraucht\!/ REJECT Nazi Spam 15.05.2005 AWI
/^Subject: Vorbildliche Aktion/ REJECT Nazi Spam 15.05.2005 AWI
/^From:.*sabine_sabine@laposte\.net.*/ HOLD Spam minitel
/^Subject: *WARNING* Your Email Account Will Be Closed/ REJECT Damn virus!
/^Subject: Your Account is Suspended For Security Reasons/ REJECT Damn virus!
/^Subject:[:space:]*Notice: \*\*Last Warning\*\*/  REJECT Damn virus!
/^Subject:[:space:]*Email Account Suspension/ REJECT Damn virus!
/^From:( *|.*<)abuse@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)administration@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)admin@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)contact@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)direction@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)email@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)equipe@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)hostmaster@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)info@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)mailer-daemon@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)mail@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)mailping@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)postmaster@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)root@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)securite@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)security@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)service@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)services@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)spam@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)technique@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)tech@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)webmaster@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)web@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)www-data@geekmx\.org.*/ HOLD Don't pretend to be us!
/^From:( *|.*<)information@geekmx\.org.*/ DISCARD Don't pretend to be us!
/^From:( *|.*<)helpdesk@geekmx\.org.*/ REJECT Don't pretend to be us!
/^From:( *|.*<)upgrade@geekmx\.org.*/ DISCARD Don't pretend to be us!
/etc/postfix/body_check
/^Hi! How are you(=3F|\?)$/ REJECT
/^begin(-base64)? [0-9]+.*(\.|=2E)bat(\?=)?(\.)?/ REJECT
/^[^<]*(body|filename|name=).*(\.|=2E)bat(\?=)?(\.)?/ REJECT
/^begin(-base64)? [0-9]+.*(\.|=2E)scr(\?=)?(\.)?/ REJECT
/^[^<]*(body|filename|name=).*(\.|=2E)scr(\?=)?(\.)?/ REJECT
/^begin(-base64)? [0-9]+.*(\.|=2E)lnk(\?=)?(\.)?/ REJECT
/^[^<]*(body|filename|name=).*(\.|=2E)lnk(\?=)?(\.)?/ REJECT
/^begin(-base64)? [0-9]+.*(\.|=2E)pif(\?=)?(\.)?/ REJECT
/^[^<]*(body|filename|name=).*(\.|=2E)pif(\?=)?(\.)?/ REJECT
/^<iframe src/ REJECT
/^<FONT>Hi,This is a  excite game<br>$/ REJECT
/^You're the first player.<br>$/ REJECT
/^<FONT>This is a  WinXP patch<br>$/ REJECT
/W32.Klez.E removal tools/ REJECT
/Hello,This is a  IE 6.0 patch/ REJECT
/^Best regards, Administrator/ REJECT
/See the attached file for details/ REJECT
/etc/postfix/helo_check
/^NICO$/        HOLD Spam pour des trucs minitel
/^satie$/       HOLD Spam pour des trucs minitel
/^.*$/          OK
 
postfix_check.txt · Dernière modification: 2010/08/06 12:57 (modification externe)
 
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki