Friday, March 25, 2005

Configuring postfix for basic SPAM protection

This is what I got from one postfix's how to :

Relayhost

Here you define where to deliver outgoing mails. If you do not provide any host, mail is delivered directly to the destination smtp host. Usually your relayhosts are your internet service provider's smtp server.

relayhost = relay01.foobar.net relay02.foobar.net relay03.foobar.net

 
   
Fighthing against SPAM
   
Postfix has some built-in filters that allow you to stop obvious SPAM attempts. In particular these are:
   
     
  •  smtpd_helo_required = yes  
     This switch in main.cf means that SMTP clients connecting to your mail server must give   a »helo« when connecting.  
  •  smtpd_recipient_restrictions  
    This option in main.cf lets you define different rules on the handling the acceptance of mail. The following example simply rejects all invalid sender and recipient data. Additionally it defines how to lookup known spammers from online blacklists. 
    smtpd_recipient_restrictions =
             reject_invalid_hostname,
             reject_non_fqdn_hostname,
             reject_non_fqdn_sender,
             reject_non_fqdn_recipient,
             reject_unknown_sender_domain,
             reject_unknown_recipient_domain,
             reject_unauth_pipelining,
             permit_mynetworks,
             reject_unauth_destination,
             reject_rbl_client zombie.dnsbl.sorbs.net,
             reject_rbl_client relays.ordb.org,
             reject_rbl_client opm.blitzed.org,
             reject_rbl_client list.dsbl.org,
             reject_rbl_client sbl.spamhaus.org,
             permit
  • mime_header_checks=pcre:/etc/postfix/body_checks
    MIME header checks let you reject mail which contains malicious MIME content, i.e dangerous attachments such as Windows executables. Create the file /etc/postfix/body_checks. The following example rejects all mail that contains potentially dangerous attachments. In my experience, using this example would filter out most of viruses delivered by e-mail. In any event, a virus scanner should always be installed. 
     /^((Content-(Disposition: attachment;|Type:).*|\ +)| *)(file)?name\ *=\ *"?.*\.(lnk|asd|hlp|ocx|reg|bat|c[ho]m|cmd|exe|dll|vxd|pif|scr|hta|jse?|sh[mbs]|vb[esx]|ws[fh]|wmf)"?\ *$/      REJECT  attachment type not allowed
    •    
 
 


    Reference :

    http://www.telenovela-world.com/~spade/linux/howto/Postfix-Cyrus-Web-cyradm-HOWTO/postfix-config.html
    
    
    
    
    
    
    
    
      posted by fadzlan at 12:30 PM

        
    
    
  
  
    
  
  
  
  
  
 

  
    

	
    
    
    1 Comments:
    
    
    
    
      
      
    
        Blogger fadzlan said...
      
    

      
    
        
    Now... it seems all internal users which are under NAT cannot send any email using this configuration
    
      
    
      
    3:22 PM
	   
	  
    
      
    
    

    
   
    
    Post a Comment
    
    
    
		
    
	<< Home