no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


tech:linux:postfix_spam_control [2014/11/15 15:13] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== Resources to control spam using postfix ======
 +  * [[http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt|Text file of postfix configuration to reduce spam]]
 +  * [[http://en.linuxreviews.org/HOWTO_Stop_spam_using_Postfix]]
 +  * [[http://www.howtoforge.com/block_spam_at_mta_level_postfix]]
 +  * [[http://www.akadia.com/services/postfix_uce.html]]
 +  * [[http://forum.parallels.com/showthread.php?t=87605|Postfix configuration: reject_rbl_client]]
 +  * [[http://www.yolinux.com/TUTORIALS/Postfix.html]]
 +  * [[http://www.postfix.org/postconf.5.html|Postfix Configuration Parameters]]
 +  * [[http://wiki.centos.org/HowTos/postfix_restrictions|HowTos-postfix restrictions - CentOS Wiki]]
 +  * [[http://slammingspam.uw.hu/|Slamming Spam: A Guide for System Administrators]]
  
 +====== main.cf settings ======
 +<code>
 +#
 +unknown_local_recipient_reject_code = 550
 +unknown_address_reject_code = 550
 +unknown_client_reject_code = 550
 +unknown_hostname_reject_code = 550
 +unknown_relay_recipient_reject_code = 550
 +unknown_virtual_alias_reject_code = 550
 +unknown_virtual_mailbox_reject_code = 550
 +unverified_recipient_reject_code = 550
 +unverified_sender_reject_code = 550
 +#
 +default_process_limit = 20
 +smtpd_client_connection_count_limit = 10
 +smtpd_client_connection_rate_limit = 60 # This should translate to 1 per second limit
 +smtpd_client_message_rate_limit = 60
 +smtpd_client_new_tls_session_rate_limit = 60
 +#
 +smtpd_helo_required = yes
 +address_verify_map = btree:${data_directory}/verify_cache
 +smtpd_reject_unlisted_sender=yes
 +smtpd_recipient_restrictions =
 +    check_client_access hash:/etc/postfix/white_lists,
 +    reject_invalid_hostname,
 +    reject_non_fqdn_hostname,
 +    reject_non_fqdn_sender,
 +    reject_non_fqdn_recipient,
 +    reject_unknown_sender_domain,
 +    reject_unknown_recipient_domain,
 +    reject_unknown_client_hostname,
 +    reject_unverified_sender,
 +    permit_mynetworks,
 +    reject_unauth_destination,
 +    reject_rbl_client cbl.abuseat.org,
 +    reject_rbl_client sbl.spamhaus.org,
 +    reject_rbl_client pbl.spamhaus.org
 +    permit
 +smtpd_data_restrictions =
 +    reject_unauth_pipelining,
 +    permit
 +</code>
 +
 +====== White list (and black list) settings ======
 +  * Added check_client_access hash:/etc/postfix/white_lists
 +  * Created file /etc/postfix/white_lists with list of IP and domain names white listed
 +  * Ran postmap /etc/postfix/white_lists
 +  * Restarted postfix: /etc/init.d/postfix restart
 +
 +====== PostFix report ======
 +[[http://jimsun.linxnet.com/postfix_contrib.html|JIMSUN - Postfix Contribs]] has a tools called __Postfix Log Entry Summarizer__ (pflogsumm) that is a perl script that does a summary report on postfix logs.
 +
 +A daily cron job as below will work. Make sure to create a directory under /var/log as /var/log/postfixrep
 +<code bash>
 +#!/bin/bash
 +#
 +# Daily Postfix Log report
 +#
 +TS=$(date +%Y%m%d_%H%M%S);
 +LOGFILE="/var/log/postfixrep/pfrep_$TS"
 +PFLOGSUMM="/usr/local/bin/pflogsumm"
 +PFMAILINF="/var/log/mail.info"
 +REMAIL="root@example.org"
 +REPSUB="Postfix Report"
 +#
 +$PFLOGSUMM $PFMAILINF > $LOGFILE
 +cat $LOGFILE | mailx -s "$REPSUB" $REMAIL
 +#
 +exit 0
 +</code>
 +
 +A quick note is to rotate logs on daily basis so the report is truly a daily summary. 

QR Code
QR Code tech:linux:postfix_spam_control (generated for current page)