Resources to control spam using postfix

main.cf settings

#
unknown_local_recipient_reject_code = 550
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
#
default_process_limit = 20
smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 60 # This should translate to 1 per second limit
smtpd_client_message_rate_limit = 60
smtpd_client_new_tls_session_rate_limit = 60
#
smtpd_helo_required = yes
address_verify_map = btree:${data_directory}/verify_cache
smtpd_reject_unlisted_sender=yes
smtpd_recipient_restrictions =
    check_client_access hash:/etc/postfix/white_lists,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_unknown_client_hostname,
    reject_unverified_sender,
    permit_mynetworks,
    reject_unauth_destination,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client sbl.spamhaus.org,
    reject_rbl_client pbl.spamhaus.org
    permit
smtpd_data_restrictions =
    reject_unauth_pipelining,
    permit

White list (and black list) settings

  • Added check_client_access hash:/etc/postfix/white_lists
  • Created file /etc/postfix/white_lists with list of IP and domain names white listed
  • Ran postmap /etc/postfix/white_lists
  • Restarted postfix: /etc/init.d/postfix restart

PostFix report

JIMSUN - Postfix Contribs has a tools called Postfix Log Entry Summarizer (pflogsumm) that is a perl script that does a summary report on postfix logs.

A daily cron job as below will work. Make sure to create a directory under /var/log as /var/log/postfixrep

#!/bin/bash
#
# Daily Postfix Log report
#
TS=$(date +%Y%m%d_%H%M%S);
LOGFILE="/var/log/postfixrep/pfrep_$TS"
PFLOGSUMM="/usr/local/bin/pflogsumm"
PFMAILINF="/var/log/mail.info"
REMAIL="root@example.org"
REPSUB="Postfix Report"
#
$PFLOGSUMM $PFMAILINF > $LOGFILE
cat $LOGFILE | mailx -s "$REPSUB" $REMAIL
#
exit 0

A quick note is to rotate logs on daily basis so the report is truly a daily summary.


QR Code
QR Code tech:linux:postfix_spam_control (generated for current page)