Re: Postfix trouble

To: debian-isp@lists.debian.org
Subject: Re: Postfix trouble
From: Adrian Minta <adrian.minta@gmail.com>
Date: Sun, 18 Sep 2005 18:16:35 +0300
Message-id: <[🔎] 432D84D3.6010409@gmail.com>
In-reply-to: <[🔎] 20050918112933.GA18943@annapolislinux.org>
References: <[🔎] 432AF131.5000309@gmail.com> <[🔎] 20050918112933.GA18943@annapolislinux.org>

Thank you all for suggestions !

I use antivirus and antispam but in case of spam bots on my clientsmachines all those are ineffective :(The simples solution I could find is to use SMTP auth, unfortunatelywill not be so easy to inform all clients about the change and toinstruct them to change settings.



Theodore Knab wrote:

You might want to ask the postfix mailing list. Yourconfiguration can be modified to block certain clients but it is a lot

of work seeing they will always be changing.

Here are some of the smtpd_restrictions I use on this box.

smtpd_recipient_restrictions =

####################################
#used to stop virus infected machines on our net
####################################
   reject_invalid_hostname,
   reject_non_fqdn_sender,
   reject_non_fqdn_recipient,
   reject_unknown_sender_domain,
   reject_unauth_pipelining,
   check_client_access hash:/etc/postfix/badclients,
   check_sender_access hash:/etc/postfix/broken_sender_exception,
   permit_mynetworks,
   reject_unknown_recipient_domain,
   check_client_access hash:/etc/postfix/broken_sender_exception,
   reject_unauth_destination,
   #postgrey
   check_policy_service inet:127.0.0.1:60000,
   reject_non_fqdn_hostname,
   reject_non_fqdn_sender,
   #reject_unknown_client,

#eject unknown dns --> mailfrom:reject_unknown_sender_domain,

   #reject unknown --> rcpt to:
   #bad helo

#reverse lookup of ip sending#version 2 postfix only

   reject_unverified_sender,
   reject_multi_recipient_bounce,
   reject_rbl_client sbl.spamhaus.org,
   reject_rbl_client relays.ordb.org,
   reject_rbl_client opm.blitzed.org,
   reject_rbl_client blackholes.wirehub.net,
   reject_rbl_client dynablock.wirehub.net,
   reject_rbl_client proxies.relays.monkeys.org,
   reject_rbl_client dnsbl.njabl.org,
   #reject_rbl_client list.dsbl.org,
   #reject_rbl_client cbl.abuseat.org,

   #if they get here they are allowd
   permit
:


It is easier just to use global spam reduction techniques.

Here are some simple ways to reduce spam postfix:
Use RBHL with Postfix.
Use Postgrey

Clamd with Amavis will help reduce viruses but it might take a littletime to figure out how to get Amavis working.

Amavis is setup in my master.cf not the main.cf.

Spam-assassin is good but it takes more time than the above

to setup.

On 16/09/05 19:22 +0300, Adrian Minta wrote:

I need an advice on the following problem:
I setup an email server for a small ISP. The server is sarge withpostfix as MTA. Unfortunately some of the clients contacted avirus/spambot that is sending spam via my mail server. I want to blocspam that came from $mynetworks but the sender in not in $relay_domains.Is such thing possible ?
Thank you in advance !

--
Best regards,
Adrian Minta


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contactlistmaster@lists.debian.org



--
Best regards,
Adrian Minta

Reply to:

Follow-Ups:
- Re: Postfix trouble
  - From: sin <sin@pvs.ro>

References:
- Postfix trouble
  - From: Adrian Minta <adrian.minta@gmail.com>
- Re: Postfix trouble
  - From: Theodore Knab <tjk@annapolislinux.org>

Prev by Date: Re: Postfix trouble
Next by Date: Apache2 and vhost bandwidth quota
Previous by thread: Re: Postfix trouble
Next by thread: Re: Postfix trouble
Index(es):
- Date
- Thread