I am using postfix with Virtualmin and am trying to follow numerous
tutorials on spam prevention/handling. I have tried to apply the following
to the postfix main.cf file.
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
permit_mynetworks,
reject_non_fqdn_helo_hostname,
reject_invalid_helo_hostname,
permit
#check_helo_access hash:/usr/local/etc/postfix/helo_access,
smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unauth_destination,
permit
smtpd_recipient_restrictions =
reject_unauth_pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
permit
#check_policy_service unix:postgrey/socket,
#check_policy_service unix:private/spfpolicy
#check_policy_service inet:127.0.0.1:10023
#reject_rbl_client relays.ordb.org,
#reject_rbl_client list.dsbl.org,
#reject_rbl_client sbl-xbl.spamhaus.org,
#check_sender_access hash:/etc/postfix/sender_access,
#check_recipient_access hash:/etc/postfix/recipient_access,
smtpd_client_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client dnsbl.sorbs.net,
permit
The items that are commented out are of concern. I cannot figure out how to
set them right. I have the rbl in the client_restrictions but online the
examples show in the recipient. Which is it? client or recipient?
Also, is there a good tutorial on configuring the HELO access file? I am
migrating from Eudora Internet Mail Server and have some nice HELO rules set
up there to catch a bunch of spam. I'd like to incorporate them into the
postfix setup.
For the HELO:
does not contain .
starts with [
contains .dynamic.
contains .adsl.
ends with .airtelbroadband.in
is speedtouch.lan
is gmail.com
contains .pool.
starts with adsl-
is dsldevice.lan
contains .dsl.
Expressions for a few of the top expressions:
Typical names for household connections contain a name followed by an ip
(dashed or dotted)
[a-zA-Z_-][0-9]{1,3}-[0-9]{1,3}-[0-9]{1,3}-[0-9]{1,3}.
[a-zA-Z_-][0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.
Plain IP number without [ ]:
[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}
With the spf handling, I keep seeing mention of a file that I am supposed to
have but it was not included in the install of CentOS 5. smtpd-policy.pl is
the file that everyone mentions I need for the SPF but it's no where to be
found and I did not see anywhere online to download this. In one spot, I saw
mention that it is not needed. Which is it? Is it worth it?
I have postgrey installed via yum. Does anyone know how to make all this
work? It seems it would be optimal setup for spam prevention.
It's a long post. Sorry.
Thanks
Steffan
---------------------------------------------------------------
T E L 6 0 2 . 7 9 3 . 0 0 1 4 | F A X 6 0 2 . 9 7 1 . 1 6 9 4
Steffan A. Cline
[email protected] Phoenix, Az
http://www.ExecuChoice.net USA
AIM : SteffanC ICQ : 57234309
YAHOO : Steffan_Cline MSN : [email protected]
GOOGLE: Steffan.Cline Lasso Partner Alliance Member
---------------------------------------------------------------