現在、spamメールが日本国内のアクセスポイントに接続したPCやサーバーから送られてくることが非常に少なくて、海外のアクセスポイントに接続したPCから送られてくることが多いです。
ここのメールサーバーの場合、日本語で書かれたspamは殆どが中国から送信されたものだったりします・・・(-o-;。中国の場合、逆引き設定がされていないので、逆引きできないホストからのメールを拒否するように変更しました。
参考:逆引きできないホストからのメールを遮断
時々、auの携帯電話にspamメールが届きますが、それも中国から送信されたものが多いですね・・・(~_~;)。auもここは思い切って、逆引きできないホストからのメールを遮断しちゃって欲しいです。
Greet Pauseを設定してみましたを参考にして、sendmailでGreet Pauseを使うように設定してみました。
デフォルトの待ち時間が5秒だと短いと思ったので、10秒にして設定してみました。
ログからの抜粋
Oct 25 02:13:59 linux sendmail[11889]: l9OHDnoS011889: rejecting commands from 89-139-168-29.bb.netvision.net.il [89.139.168.29] due to pre-greeting traffic
Oct 25 04:35:23 linux sendmail[13077]: l9OJZHNA013077: rejecting commands from 125-24-64-191.adsl.totbb.net [125.24.64.191] due to pre-greeting traffic
Oct 25 09:39:33 linux sendmail[14403]: l9P0dOqA014403: rejecting commands from 18949241216.user.veloxzone.com.br [189.49.241.216] due to pre-greeting traffic
Oct 25 12:00:19 linux sendmail[15518]: l9P30ESo015518: rejecting commands from 125-24-87-4.adsl.totbb.net [125.24.87.4] due to pre-greeting traffic
Oct 25 12:30:31 linux sendmail[15663]: l9P3UFA1015663: rejecting commands from 156-160-17-190.fibertel.com.ar [190.17.160.156] due to pre-greeting traffic
Oct 25 13:35:08 linux sendmail[16306]: l9P4Y8g3016306: rejecting commands from ppp-124.120.95.253.revip2.asianet.co.th [124.120.95.253] due to pre-greeting traffic
Oct 25 14:55:31 linux sendmail[16624]: l9P5tGAX016624: rejecting commands from dfn77.neoplus.adsl.tpnet.pl [83.23.143.77] due to pre-greeting traffic
Oct 25 15:22:13 linux sendmail[16792]: l9P6M626016792: rejecting commands from NK219-91-71-222.adsl.dynamic.apol.com.tw [219.91.71.222] due to pre-greeting traffic
Oct 25 22:17:44 linux sendmail[7553]: l9PDHdOr007553: rejecting commands from 125-24-67-237.adsl.totbb.net [125.24.67.237] due to pre-greeting traffic
Oct 26 02:12:26 linux sendmail[15642]: l9PHCKU1015642: rejecting commands from [88.228.43.97] [88.228.43.97] due to pre-greeting traffic
Oct 26 02:55:53 linux sendmail[16434]: l9PHtcAl016434: rejecting commands from eod47.neoplus.adsl.tpnet.pl [83.20.19.47] due to pre-greeting traffic
Oct 26 03:29:10 linux sendmail[17483]: l9PIT5Y1017483: rejecting commands from 125-24-64-249.adsl.totbb.net [125.24.64.249] due to pre-greeting traffic
Oct 26 03:50:25 linux sendmail[17908]: l9PIoEZd017908: rejecting commands from 211.Red-83-46-227.dynamicIP.rima-tde.net [83.46.227.211] due to pre-greeting traffic
Oct 26 09:31:32 linux sendmail[21083]: l9Q0VVwW021083: rejecting commands from 122-116-17-133.HINET-IP.hinet.net [122.116.17.133] due to pre-greeting traffic
Oct 26 09:32:32 linux sendmail[21084]: l9Q0WWkM021084: rejecting commands from 122-116-17-133.HINET-IP.hinet.net [122.116.17.133] due to pre-greeting traffic
Oct 26 09:32:32 linux sendmail[21085]: l9Q0WWxb021085: rejecting commands from 122-116-17-133.HINET-IP.hinet.net [122.116.17.133] due to pre-greeting traffic
Oct 26 10:09:07 linux sendmail[21132]: l9Q18ugS021132: rejecting commands from localhost [222.253.99.113] due to pre-greeting traffic
Oct 26 21:22:27 linux sendmail[24706]: l9QCMRnQ024706: rejecting commands from [190.166.100.48] [190.166.100.48] due to pre-greeting traffic
Oct 26 22:32:24 linux sendmail[25395]: l9QDVOP5025395: rejecting commands from ppp-124.120.93.18.revip2.asianet.co.th [124.120.93.18] due to pre-greeting traffic
Oct 26 23:11:54 linux sendmail[25843]: l9QEAsBE025843: rejecting commands from atg136.neoplus.adsl.tpnet.pl [83.26.244.136] due to pre-greeting traffic
Oct 26 23:14:00 linux sendmail[25871]: l9QED005025871: rejecting commands from atg136.neoplus.adsl.tpnet.pl [83.26.244.136] due to pre-greeting traffic
Oct 27 01:00:49 linux sendmail[26593]: l9QG0mWM026593: rejecting commands from host45-200-dynamic.18-87-r.retail.telecomitalia.it [87.18.200.45] due to pre-greeting traffic
Oct 27 02:27:11 linux sendmail[27429]: l9QHRAhU027429: rejecting commands from kr-lg.ispk.biz [195.39.233.21] due to pre-greeting traffic
Oct 27 02:28:29 linux sendmail[27432]: l9QHSTtp027432: rejecting commands from kr-lg.ispk.biz [195.39.233.21] due to pre-greeting traffic
Oct 27 02:29:34 linux sendmail[27439]: l9QHTY6F027439: rejecting commands from kr-lg.ispk.biz [195.39.233.21] due to pre-greeting traffic
Oct 27 02:30:32 linux sendmail[27457]: l9QHUW7u027457: rejecting commands from kr-lg.ispk.biz [195.39.233.21] due to pre-greeting traffic
Oct 27 02:31:15 linux sendmail[27463]: l9QHVF7O027463: rejecting commands from kr-lg.ispk.biz [195.39.233.21] due to pre-greeting traffic
Oct 27 03:25:46 linux sendmail[27575]: l9QIPgsM027575: rejecting commands from [61.28.164.188] [61.28.164.188] due to pre-greeting traffic
Oct 27 04:54:23 linux sendmail[28844]: l9QJsNma028844: rejecting commands from 64-13-64-60.gsb.clearwire-dns.net [64.13.64.60] due to pre-greeting traffic
Oct 27 08:16:54 linux sendmail[29386]: l9QNFs7A029386: rejecting commands from ppp-124.120.95.208.revip2.asianet.co.th [124.120.95.208] due to pre-greeting traffic
Oct 27 18:27:28 linux sendmail[326]: l9R9RCQX000326: rejecting commands from acfh176.neoplus.adsl.tpnet.pl [83.9.209.176] due to pre-greeting traffic
逆引きが出来ないホストからの接続は拒否しているので、それを外したらGreet Pauseで拒否されるホストがもう少し多くなると思います。
あまり見かけないのですが、Fromにあるアドレスに出鱈目なドメインを設定しているスパムメールもありますので、そういったメールはメールサーバで拒否するように、設定を変更すると良いと思います。
sendmailの場合、sendmail.mcを以下のように修正します。
FEATURE(`accept_unresolvable_domains')dnl
↓
dnl FEATURE(`accept_unresolvable_domains')dnl
修正後、make -C /etc/mailとしてsendmail.cfを再作成します。