Migliorare la configurazione antispam di postfix: Difference between revisions
Jump to navigation
Jump to search
New page: {{Stub}} Postfix is free and powerful MTA. You can easily configure Postfix to block spam. You need to add following directives to /etc/postfix/main.cf file: *=> disable_vrfy_command = y... |
mNo edit summary |
||
| Line 1: | Line 1: | ||
{{Stub}} | {{Stub}} | ||
==Riferimenti da Verificare== | |||
* [http://www200.pair.com/mecham/spam/additional_settings_v2.html Additional Anti-UCE settings] | |||
* [http://www.ebb.org/bkuhn/blog/2008/01/09/postfix-secondary-mx-local-deliver.html Postfix Trick to Force Secondary MX to Deliver Locally] | |||
* [http://www.freespamfilter.org/FC4.html How to install Postfix, Amavisd-new, SpamAssassin, Pyzor, Rzor, DCC, and ClamAV on Fedora Core 4 v2.1.8] | |||
*[http://doc.sumy.ua/network/postfix/faq.html#virtual_setup Postfix Frequently Asked Questions] | |||
*[http://www.postfix.org/ADDRESS_VERIFICATION_README.html Postfix Address Verification] | |||
*[http://doc.sumy.ua/network/postfix/faq.html Postfix Frequently Asked Questions:Postfix accepts mail for non-existing local users] | |||
*[http://www200.pair.com/mecham/spam/amavisd-settings.html Amavisd-new critical settings] | |||
* http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt | |||
Postfix is free and powerful MTA. You can easily configure Postfix to block spam. You need to add | Postfix is free and powerful MTA. You can easily configure Postfix to block spam. You need to add | ||
Latest revision as of 08:04, 5 November 2010
| Attenzione questo articolo è ancora incompleto. Sentiti libero di contribuire cliccando sul tasto edit. |
Riferimenti da Verificare
- Additional Anti-UCE settings
- Postfix Trick to Force Secondary MX to Deliver Locally
- How to install Postfix, Amavisd-new, SpamAssassin, Pyzor, Rzor, DCC, and ClamAV on Fedora Core 4 v2.1.8
- Postfix Frequently Asked Questions
- Postfix Address Verification
- Postfix Frequently Asked Questions:Postfix accepts mail for non-existing local users
- Amavisd-new critical settings
- http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
Postfix is free and powerful MTA. You can easily configure Postfix to block spam. You need to add following directives to /etc/postfix/main.cf file:
- => disable_vrfy_command = yes : Disable the SMTP VRFY command. This stops some techniques used to harvest email addresses.
- => smtpd_delay_reject = yes : It allows Postfix to log recipient address information when rejecting a client name/address or sender address, so that it is possible to find out whose mail is being rejected.
- => smtpd_helo_required = yes : Require that a remote SMTP client introduces itself at the beginning of an SMTP session with the HELO or EHLO command. Many spam bot ignores HELO/EHLO command and you save yourself from spam.
Following lines further restrictions on HELO command:
- smtpd_helo_restrictions = permit_mynetworks,
- reject_non_fqdn_hostname, Reject email if remote hostname is not in fully-qualified domain form. Usually bots *sending email don’t have FQDN names.
- reject_invalid_hostname, Reject all bots sending email from computers connected via DSL/ADSL computers. They don’t have valid internet hostname.
You can put the following access restrictions that the Postfix SMTP server applies in the context of the RCPT TO command.
- => smtpd_recipient_restrictions =
reject_invalid_hostname, - Reject email if it not valid hostname reject_non_fqdn_hostname, - Reject email if it not valid FQDN reject_non_fqdn_sender, - Reject the request when the MAIL FROM address is not in fully-qualified domain form. For example email send from xyz or abc is rejected. reject_non_fqdn_recipient, - Reject the request when the RCPT TO address is not in fully-qualified domain form reject_unknown_sender_domain, - Reject email, if sender domain does not exists reject_unknown_recipient_domain, Reject email, if recipient domain does not exists permit_mynetworks, reject_rbl_client list.dsbl.org, Configure spam black lists reject_rbl_client sbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net
Open /etc/postfix/main.cf file :
# vi /etc/postfix/main.cf
Set/modify configuration as follows
disable_vrfy_command = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
reject_non_fqdn_hostname,
reject_invalid_hostname,
permit
smtpd_recipient_restrictions =
permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, permit
smtpd_error_sleep_time = 1s smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20
Also force (highlighted using red color) Postfix to limit incoming or receiving email rate to avoid spam.
Save and close the file. Restart postfix:
# /etc/init.d/postfix restart
Watch out maillog file. Now you should see lots of spam email blocked by above configuration directive:
# tail -f /var/log/maillog
Output:
Jan 9 06:07:22 server postfix/smtpd[10308]: NOQUEUE: reject: RCPT from 183-12-81.ip.adsl.hu[81.183.12.81]: 554 Service unavailable; Client host [81.183.12.81] blocked using dul.dnsbl.sorbs.net; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?81.183.12.81; from= to= proto=ESMTP helo=<183-12-230.ip.adsl.hu> Jan 9 06:07:23 server postfix/smtpd[10308]: lost connection after RCPT from 183-12-81.ip.adsl.hu[81.183.12.81] Jan 9 06:07:23 server postfix/smtpd[10308]: disconnect from 183-12-81.ip.adsl.hu[81.183.12.81] Jan 9 06:10:43 server postfix/anvil[10310]: statistics: max connection rate 1/60s for (smtp:81.183.12.81) at Jan 9 06:07:17 Jan 9 06:10:43 server postfix/anvil[10310]: statistics: max connection count 1 for (smtp:81.183.12.81) at Jan 9 06:07:17 Jan 9 06:10:43 server postfix/anvil[10310]: statistics: max cache size 1 at Jan 9 06:07:17 Jan 9 06:16:58 server postfix/smtpd[10358]: warning: 81.92.197.249: address not listed for hostname unassigned.or.unconfigured.reverse.nfsi-telecom.net Jan 9 06:16:58 server postfix/smtpd[10358]: connect from unknown[81.92.197.249] Jan 9 06:17:00 server postfix/smtpd[10358]: NOQUEUE: reject: RCPT from unknown[81.92.197.249]: 550 : Recipient address rejected: User unknown in virtual alias table; from=<> to= proto=ESMTP helo= Jan 9 06:17:00 server postfix/smtpd[10358]: disconnect from unknown[81.92.197.249]
Next time I will write about simple procmail and spamassassin combination to filter out spam :)
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or full RSS feed to get all updates. You can Email this page to a friend.