Home   >>   Postfix   >>   How To Stop Spam Using Postfix Configuration
How To Stop Spam Using Postfix Configuration PDF Print E-mail
( 6 Votes )
How To - Postfix
Written by Christian Foronda   
Wednesday, 02 February 2011 11:36

This howto assume you have a fully working mail server using Postfix.

Open /etc/postfix/main.cf and place the following lines (replacing the respective settings if they exist):

	# vi /etc/postfix/main.cf


	smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_unauth_pipelining,
    permit_mynetworks,
    reject_rbl_client zen.spamhaus.org,
    reject_rbl_client multi.uribl.com,
    reject_rbl_client dsn.rfc-ignorant.org,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.sorbs.net,
    reject_rbl_client ix.dnsbl.manitu.net,
    reject_rbl_client combined.rbl.msrbl.net,
    reject_rbl_client rabl.nuclearelephant.com,
    reject_rbl_client list.dsbl.org,
    reject_rbl_client sbl.spamhaus.org,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client dul.dnsbl.sorbs.net,
    reject_rbl_client multihop.dsbl.org,
    reject_rbl_client unconfirmed.dsbl.org
    reject_rbl_client relays.ordb.org,
    permit

 

This tell Postfix to check those website if it is listed on their spam database before sending out to the users.

Also, puti this anti-spam blacklist:

	disable_vrfy_command = yes
    smtpd_delay_reject = yes
    smtpd_helo_required = yes
    smtpd_sender_restrictions = reject_unknown_address
    smtpd_helo_restrictions =
    permit_mynetworks,
    reject_non_fqdn_hostname,
    reject_invalid_hostname,
    permit
    strict_rfc821_envelopes = yes
    invalid_hostname_reject_code = 554
    multi_recipient_bounce_reject_code = 554
    non_fqdn_reject_code = 554
    relay_domains_reject_code =554
    unknown_address_reject_code = 554
    unknown_client_reject_code = 554
    unknown_hostname_reject_code = 554
    unknown_relay_recipient_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    unverified_recipient_reject_code = 554
    unverified_sender_reject_code = 554

 

Force Postfix to limit incoming or receiving email rate to avoid spam:

	smtpd_error_sleep_time = 1s
    smtpd_soft_error_limit = 10
    smtpd_hard_error_limit = 20

 



blog comments powered by Disqus
back to top
Last Updated on Wednesday, 02 February 2011 11:37