Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

tech:linux:postfix_spam_control [2014/11/15 09:13]
 tech:linux:postfix_spam_control [2014/11/15 09:13] (current)
Line 1: Line 1:
 +====== Resources to control spam using postfix ======
 +  * [[http://​jimsun.linxnet.com/​misc/​postfix-anti-UCE.txt|Text file of postfix configuration to reduce spam]]
 +  * [[http://​en.linuxreviews.org/​HOWTO_Stop_spam_using_Postfix]]
 +  * [[http://​www.howtoforge.com/​block_spam_at_mta_level_postfix]]
 +  * [[http://​www.akadia.com/​services/​postfix_uce.html]]
 +  * [[http://​forum.parallels.com/​showthread.php?​t=87605|Postfix configuration:​ reject_rbl_client]]
 +  * [[http://​www.yolinux.com/​TUTORIALS/​Postfix.html]]
 +  * [[http://​www.postfix.org/​postconf.5.html|Postfix Configuration Parameters]]
 +  * [[http://​wiki.centos.org/​HowTos/​postfix_restrictions|HowTos-postfix restrictions - CentOS Wiki]]
 +  * [[http://​slammingspam.uw.hu/​|Slamming Spam: A Guide for System Administrators]]
  
 +====== main.cf settings ======
 +<​code>​
 +#
 +unknown_local_recipient_reject_code = 550
 +unknown_address_reject_code = 550
 +unknown_client_reject_code = 550
 +unknown_hostname_reject_code = 550
 +unknown_relay_recipient_reject_code = 550
 +unknown_virtual_alias_reject_code = 550
 +unknown_virtual_mailbox_reject_code = 550
 +unverified_recipient_reject_code = 550
 +unverified_sender_reject_code = 550
 +#
 +default_process_limit = 20
 +smtpd_client_connection_count_limit = 10
 +smtpd_client_connection_rate_limit = 60 # This should translate to 1 per second limit
 +smtpd_client_message_rate_limit = 60
 +smtpd_client_new_tls_session_rate_limit = 60
 +#
 +smtpd_helo_required = yes
 +address_verify_map = btree:​${data_directory}/​verify_cache
 +smtpd_reject_unlisted_sender=yes
 +smtpd_recipient_restrictions =
 +    check_client_access hash:/​etc/​postfix/​white_lists,​
 +    reject_invalid_hostname,​
 +    reject_non_fqdn_hostname,​
 +    reject_non_fqdn_sender,​
 +    reject_non_fqdn_recipient,​
 +    reject_unknown_sender_domain,​
 +    reject_unknown_recipient_domain,​
 +    reject_unknown_client_hostname,​
 +    reject_unverified_sender,​
 +    permit_mynetworks,​
 +    reject_unauth_destination,​
 +    reject_rbl_client cbl.abuseat.org,​
 +    reject_rbl_client sbl.spamhaus.org,​
 +    reject_rbl_client pbl.spamhaus.org
 +    permit
 +smtpd_data_restrictions =
 +    reject_unauth_pipelining,​
 +    permit
 +</​code>​
 +
 +====== White list (and black list) settings ======
 +  * Added check_client_access hash:/​etc/​postfix/​white_lists
 +  * Created file /​etc/​postfix/​white_lists with list of IP and domain names white listed
 +  * Ran postmap /​etc/​postfix/​white_lists
 +  * Restarted postfix: /​etc/​init.d/​postfix restart
 +
 +====== PostFix report ======
 +[[http://​jimsun.linxnet.com/​postfix_contrib.html|JIMSUN - Postfix Contribs]] has a tools called __Postfix Log Entry Summarizer__ (pflogsumm) that is a perl script that does a summary report on postfix logs.
 +
 +A daily cron job as below will work. Make sure to create a directory under /var/log as /​var/​log/​postfixrep
 +<code bash>
 +#!/bin/bash
 +#
 +# Daily Postfix Log report
 +#
 +TS=$(date +%Y%m%d_%H%M%S);​
 +LOGFILE="/​var/​log/​postfixrep/​pfrep_$TS"​
 +PFLOGSUMM="/​usr/​local/​bin/​pflogsumm"​
 +PFMAILINF="/​var/​log/​mail.info"​
 +REMAIL="​root@example.org"​
 +REPSUB="​Postfix Report"​
 +#
 +$PFLOGSUMM $PFMAILINF > $LOGFILE
 +cat $LOGFILE | mailx -s "​$REPSUB"​ $REMAIL
 +#
 +exit 0
 +</​code>​
 +
 +A quick note is to rotate logs on daily basis so the report is truly a daily summary. ​

QR Code
QR Code tech:linux:postfix_spam_control (generated for current page)