You might want to ask the postfix mailing list. Your
configuration can be modified to block certain clients but it is a lot
of work seeing they will always be changing.
Here are some of the smtpd_restrictions I use on this box.
smtpd_recipient_restrictions =
####################################
#used to stop virus infected machines on our net
####################################
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unauth_pipelining,
check_client_access hash:/etc/postfix/badclients,
check_sender_access hash:/etc/postfix/broken_sender_exception,
permit_mynetworks,
reject_unknown_recipient_domain,
check_client_access hash:/etc/postfix/broken_sender_exception,
reject_unauth_destination,
#postgrey
check_policy_service inet:127.0.0.1:60000,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
#reject_unknown_client,
#eject unknown dns --> mailfrom:
reject_unknown_sender_domain,
#reject unknown --> rcpt to:
#bad helo
#reverse lookup of ip sending
#version 2 postfix only
reject_unverified_sender,
reject_multi_recipient_bounce,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client blackholes.wirehub.net,
reject_rbl_client dynablock.wirehub.net,
reject_rbl_client proxies.relays.monkeys.org,
reject_rbl_client dnsbl.njabl.org,
#reject_rbl_client list.dsbl.org,
#reject_rbl_client cbl.abuseat.org,
#if they get here they are allowd
permit
:
It is easier just to use global spam reduction techniques.
Here are some simple ways to reduce spam postfix:
Use RBHL with Postfix.
Use Postgrey
Clamd with Amavis will help reduce viruses but it might take a little
time to figure out how to get Amavis working.
Amavis is setup in my master.cf not the main.cf.
Spam-assassin is good but it takes more time than the above
to setup.
On 16/09/05 19:22 +0300, Adrian Minta wrote:
I need an advice on the following problem:
I setup an email server for a small ISP. The server is sarge with
postfix as MTA. Unfortunately some of the clients contacted a
virus/spambot that is sending spam via my mail server. I want to bloc
spam that came from $mynetworks but the sender in not in $relay_domains.
Is such thing possible ?
Thank you in advance !
--
Best regards,
Adrian Minta
--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org