| View previous topic :: View next topic |
| Author |
Message |
g4dave
n00b
Joined: 24 Apr 2002
Posts: 7
Location: Sioux Falls, SD
|
 Posted: Tue Aug 13, 2002 9:02 pm Post subject: In need of quick postfix domain blocking.... |
 |
|
I am trying to upgrade out E-Mail server at work to Gentoo 1.4 running postfix. The old E-Mail server is running sendmail with a flat text file of about 200 or so domains that I reject E-Mail from. Is there a flat text file I can edit in Postfix to deny these known spam senders? I looked on Google and all I get is some wacky configuration items that I cannot figure out. Can anyone tell me what files exactly I need to edit and what to add to them? I looked at SpamAssassin and sounds like it would be cool, but I don't like the idea of it filtering our outgoing E-Mail too. Might break some of the bosses outgoing mail or something.
Any other ideas on how to block Spam from known domains?
-Dave
****
Feel free to E-Mail me at anon1981@hotmail.com! Just leave the SUBJECT: field BLANK or it goes directly to TRASH.
****
_________________
-----------------------------------------------
Whip your unit out, shake it and scream "BuulahhhuwahhhhhhAAAAA!"
----------------------------------------------- |
|
| Back to top |
|
 |
mglauche
Retired Dev
Joined: 25 Apr 2002
Posts: 564
Location: Germany
|
| Posted: Tue Aug 13, 2002 10:53 pm Post subject: |
|
|
its in the postfix manual  http://www.postfix.org/uce.html#smtpd_client_restrictions
by the way, its not a good idea to run gentoo 1.4 on the mailserver  things can and will probably break, which is not good for a mailserver 
(besides, 1.4 does not offer much more to a mailserver than 1.2 does ... in opposite to kde |
|
| Back to top |
|
|
trapni
Retired Dev
Joined: 16 May 2002
Posts: 251
Location: Germany/Berlin
|
| Posted: Tue Aug 13, 2002 11:44 pm Post subject: |
|
|
| mglauche wrote: | by the way, its not a good idea to run gentoo 1.4 on the mailserver things can and will probably break, which is not good for a mailserver
(besides, 1.4 does not offer much more to a mailserver than 1.2 does ... in opposite to kde |
Well, I've upgraded our SOHO Server from Gentoo 1.3b to 1.4beta, too. This was primary because of gcc 3.2 (pre). I really had no problems yet, only the INN (nntp server broke on compile *args*), but everything else works well, even on run time.
I need a non gcc3 system, since it doesn't compile my very own sources I wrote for Apache. (gcc2 is simply to old)
Greets,
Christian Parpart. |
|
| Back to top |
|
|
rizzo
Retired Dev
Joined: 30 Apr 2002
Posts: 1067
Location: Manitowoc, WI, USA
|
| Posted: Wed Aug 14, 2002 1:13 pm Post subject: |
|
|
| Does postfix let you use the various public blacklists, like sendmail does? I will be changing my mailserver from sendmail to postfix, and I use those public blacklists for spam/uce blocking. |
|
| Back to top |
|
|
trapni
Retired Dev
Joined: 16 May 2002
Posts: 251
Location: Germany/Berlin
|
| Posted: Wed Aug 14, 2002 2:45 pm Post subject: |
|
|
| rizzo wrote: | | Does postfix let you use the various public blacklists, like sendmail does? I will be changing my mailserver from sendmail to postfix, and I use those public blacklists for spam/uce blocking. |
If you got the answer elsewhere, please let me know, because I switched from sendmail to postfix too. But this was because sendmail doesn't support maildir folders.
Having a spam blocker would be really very helpfull
Thanks,
Christian Parpart. |
|
| Back to top |
|
|
rizzo
Retired Dev
Joined: 30 Apr 2002
Posts: 1067
Location: Manitowoc, WI, USA
|
| Posted: Wed Aug 14, 2002 2:55 pm Post subject: |
|
|
| In particular I use the MAPS RBL. Their product endorsement page doesn't list postfix in there. Again, if anyone has done this or knows of a work-around, please chime in. |
|
| Back to top |
|
|
trapni
Retired Dev
Joined: 16 May 2002
Posts: 251
Location: Germany/Berlin
|
|
| Back to top |
|
|
rizzo
Retired Dev
Joined: 30 Apr 2002
Posts: 1067
Location: Manitowoc, WI, USA
|
| Posted: Wed Aug 14, 2002 3:07 pm Post subject: |
|
|
Yes I just found this on the MAPS DUL page, but it applies to the RBL:
| Quote: |
Postfix
Oliver Robert made an example config for Postfix but it changed with the latest known Postfix (20010228_pl03). The following example is valid for the 20010228_pl03 version:
Here is an entry for the HOWTO configure DUL into Postfix (mailer made by
W. Venema).Enjoy !
* Postfix
You need to edit the "maps_rbl_domains" parameter in the "main.cf" file,
located in /etc/postfix.
Add dialups.mail-abuse.org in the list of RBL-like system you want to use. It
will look like the following:
| Code: |
# MAPS RBL DOMAINS (see also: CLIENT NAME/ADDRESS RESTRICTIONS)
#
# The real-time blackhole list works as follows: reverse the client
# network address, and reject service if it is listed below any of
# the following domains.
maps_rbl_domains = blackholes.mail-abuse.org dialups.mail-abuse.org
|
If you're already using the RBL, then you're finished. If not, you'll
need to a restriction in the "smtpd_client_restrictions" parameter to add
"reject_maps_rbl" like the following:
smtpd_client_restrictions = permit_mynetworks, reject_unknown_client,
hash:$config_directory/access, reject_maps_rbl
Don't forget to run "postfix reload" to refresh the configuration.
The "permit_mynetworks" feature lets you specify your dial-up pools as excluded from checks. |
|
|
| Back to top |
|
|
trapni
Retired Dev
Joined: 16 May 2002
Posts: 251
Location: Germany/Berlin
|
| Posted: Wed Aug 14, 2002 3:18 pm Post subject: |
|
|
Hi rizzo,
okay here I found nearly the same,
I added into main.cf: | Code: | smtpd_helo_restrictions = reject_maps_rbl
maps_rbl_domains = blackholes.mail-abuse.org, relays.osirusoft.com
|
I now added also your abuse hosts you posted and added the client restriction - restarted and pray that it works
Greets,
Christian Parpart. |
|
| Back to top |
|
|
eivinn
Apprentice
Joined: 10 Jul 2002
Posts: 219
Location: Norway
|
| Posted: Thu Aug 15, 2002 10:26 pm Post subject: Antispam |
|
|
For this to work you need to add the lines presented by trapni.
To test your setup you also need to add server
to maps_rbl_domains
Then you need to
To test your configuration you send an e-mail to nelson-SBL-test@crynwr.com from your domain.
If, or if not, successful you will recieve a message describing what happened... |
|
| Back to top |
|
|
|
Networking & Security
