Re: Postfix trouble

To: Adrian Minta <adrian.minta@gmail.com>, debian-isp@lists.debian.org
Subject: Re: Postfix trouble
From: Theodore Knab <tjk@annapolislinux.org>
Date: Sun, 18 Sep 2005 07:29:34 -0400
Message-id: <[🔎] 20050918112933.GA18943@annapolislinux.org>
In-reply-to: <[🔎] 432AF131.5000309@gmail.com>
References: <[🔎] 432AF131.5000309@gmail.com>

You might want to ask the postfix mailing list. Your 
configuration can be modified to block certain clients but it is a lot
of work seeing they will always be changing.

Here are some of the smtpd_restrictions I use on this box.

smtpd_recipient_restrictions = 

####################################
#used to stop virus infected machines on our net
####################################
    reject_invalid_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unauth_pipelining,
    check_client_access hash:/etc/postfix/badclients,
    check_sender_access hash:/etc/postfix/broken_sender_exception,
    permit_mynetworks,
    reject_unknown_recipient_domain,
    check_client_access hash:/etc/postfix/broken_sender_exception,
    reject_unauth_destination,
    #postgrey
    check_policy_service inet:127.0.0.1:60000,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    #reject_unknown_client,
    #eject unknown dns --> mailfrom: 
    reject_unknown_sender_domain,
    #reject unknown --> rcpt to:
    #bad helo
    #reverse lookup of ip sending 
    #version 2 postfix only
    reject_unverified_sender,
    reject_multi_recipient_bounce,
    reject_rbl_client sbl.spamhaus.org,
    reject_rbl_client relays.ordb.org,
    reject_rbl_client opm.blitzed.org,
    reject_rbl_client blackholes.wirehub.net,
    reject_rbl_client dynablock.wirehub.net,
    reject_rbl_client proxies.relays.monkeys.org,
    reject_rbl_client dnsbl.njabl.org,
    #reject_rbl_client list.dsbl.org,
    #reject_rbl_client cbl.abuseat.org,

    #if they get here they are allowd
    permit
:


It is easier just to use global spam reduction techniques.

Here are some simple ways to reduce spam postfix:
Use RBHL with Postfix.
Use Postgrey

Clamd with Amavis will help reduce viruses but it might take a little 
time to figure out how to get Amavis working. 

Amavis is setup in my master.cf not the main.cf.

Spam-assassin is good but it takes more time than the above
to setup. 

On 16/09/05 19:22 +0300, Adrian Minta wrote:
> I need an advice on the following problem:
> I setup an email server for a small ISP. The server is sarge with 
> postfix as MTA. Unfortunately some of the clients contacted a 
> virus/spambot that is sending spam via my mail server. I want to bloc 
> spam that came from $mynetworks but the sender in not in $relay_domains. 
> Is such thing possible ?
> 
> Thank you in advance !
> 
> -- 
> Best regards,
> Adrian Minta
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact 
> listmaster@lists.debian.org
> 

-- 
------------------------------------------
Ted Knab
Stevensville, Maryland  21666 USA
------------------------------------------
Error: Not enough pixels to render your signature.

Reply to:

Follow-Ups:
- Re: Postfix trouble
  - From: Adrian Minta <adrian.minta@gmail.com>

References:
- Postfix trouble
  - From: Adrian Minta <adrian.minta@gmail.com>

Prev by Date: Re: Postfix trouble
Next by Date: Re: Postfix trouble
Previous by thread: Re: Postfix trouble
Next by thread: Re: Postfix trouble
Index(es):
- Date
- Thread