Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+====== Resources to control spam using postfix ======
+  * [[http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt|Text file of postfix configuration to reduce spam]]
+  * [[http://en.linuxreviews.org/HOWTO_Stop_spam_using_Postfix]]
+  * [[http://www.howtoforge.com/block_spam_at_mta_level_postfix]]
+  * [[http://www.akadia.com/services/postfix_uce.html]]
+  * [[http://forum.parallels.com/showthread.php?t=87605|Postfix configuration: reject_rbl_client]]
+  * [[http://www.yolinux.com/TUTORIALS/Postfix.html]]
+  * [[http://www.postfix.org/postconf.5.html|Postfix Configuration Parameters]]
+  * [[http://wiki.centos.org/HowTos/postfix_restrictions|HowTos-postfix restrictions - CentOS Wiki]]
+  * [[http://slammingspam.uw.hu/|Slamming Spam: A Guide for System Administrators]]
+====== main.cf settings ======
+<code>
+#
+unknown_local_recipient_reject_code = 550
+unknown_address_reject_code = 550
+unknown_client_reject_code = 550
+unknown_hostname_reject_code = 550
+unknown_relay_recipient_reject_code = 550
+unknown_virtual_alias_reject_code = 550
+unknown_virtual_mailbox_reject_code = 550
+unverified_recipient_reject_code = 550
+unverified_sender_reject_code = 550
+#
+default_process_limit = 20
+smtpd_client_connection_count_limit = 10
+smtpd_client_connection_rate_limit = 60 # This should translate to 1 per second limit
+smtpd_client_message_rate_limit = 60
+smtpd_client_new_tls_session_rate_limit = 60
+#
+smtpd_helo_required = yes
+address_verify_map = btree:${data_directory}/verify_cache
+smtpd_reject_unlisted_sender=yes
+smtpd_recipient_restrictions =
+    check_client_access hash:/etc/postfix/white_lists,
+    reject_invalid_hostname,
+    reject_non_fqdn_hostname,
+    reject_non_fqdn_sender,
+    reject_non_fqdn_recipient,
+    reject_unknown_sender_domain,
+    reject_unknown_recipient_domain,
+    reject_unknown_client_hostname,
+    reject_unverified_sender,
+    permit_mynetworks,
+    reject_unauth_destination,
+    reject_rbl_client cbl.abuseat.org,
+    reject_rbl_client sbl.spamhaus.org,
+    reject_rbl_client pbl.spamhaus.org
+    permit
+smtpd_data_restrictions =
+    reject_unauth_pipelining,
+    permit
+</code>
+====== White list (and black list) settings ======
+  * Added check_client_access hash:/etc/postfix/white_lists
+  * Created file /etc/postfix/white_lists with list of IP and domain names white listed
+  * Ran postmap /etc/postfix/white_lists
+  * Restarted postfix: /etc/init.d/postfix restart
+====== PostFix report ======
+[[http://jimsun.linxnet.com/postfix_contrib.html|JIMSUN - Postfix Contribs]] has a tools called __Postfix Log Entry Summarizer__ (pflogsumm) that is a perl script that does a summary report on postfix logs.
+A daily cron job as below will work. Make sure to create a directory under /var/log as /var/log/postfixrep
+<code bash>
+#!/bin/bash
+#
+# Daily Postfix Log report
+#
+TS=$(date +%Y%m%d_%H%M%S);
+LOGFILE="/var/log/postfixrep/pfrep_$TS"
+PFLOGSUMM="/usr/local/bin/pflogsumm"
+PFMAILINF="/var/log/mail.info"
+REMAIL="root@example.org"
+REPSUB="Postfix Report"
+#
+$PFLOGSUMM $PFMAILINF > $LOGFILE
+cat $LOGFILE | mailx -s "$REPSUB" $REMAIL
+#
+exit 0
+</code>
+A quick note is to rotate logs on daily basis so the report is truly a daily summary.

Differences

Search

QR Code