this 2all

 

Postfix configure anti spam with blacklist

 

Postfix is free and powerful MTA. You can easily configure Postfix to block spam. You need to add
following directives to /etc/postfix/main.cf file:
 

=> disable_vrfy_command = yes : Disable the SMTP VRFY command. This stops some techniques used to harvest email addresses.

=> smtpd_delay_reject = yes : It allows Postfix to log recipient address information when rejecting a client name/address or sender address, so that it is possible to find out whose mail is being rejected.

=> smtpd_helo_requi
red = yes
 : Require that a remote SMTP client introduces itself at the beginning of an SMTP session with the HELO or EHLO command. Many spam bot ignores HELO/EHLO command and you save yourself from spam. Following lines further restrictions on HELO command:
smtpd_helo_restrictions = permit_mynetworks,
reject_non_fqdn_hostname, Reject email if remote hostname is not in fully-qualified domain form. Usually bots sending email don't have FQDN names.
reject_invalid_hostname, Reject all bots sending email from computers connected via DSL/ADSL computers. They don't have valid internet hostname.
permit

You can put the following access restrictions that the Postfix SMTP server applies in the context of the RCPT TO command.
=> smtpd_recipient_restrictions =
reject_invalid_hostname, - Reject email if it not valid hostname
reject_non_fqdn_hostname, - Reject email if it not valid FQDN
reject_non_fqdn_sender, - Reject the request when the MAIL FROM address is not in fully-qualified domain form. For example email send from xyz or abc is rejected.
reject_non_fqdn_recipient, - Reject the request when the RCPT TO address is not in fully-qualified domain form
reject_unknown_sender_domain, - Reject email, if sender domain does not exists
reject_unknown_recipient_domain, Reject email, if recipient domain does not exists
permit_mynetworks,
reject_rbl_client list.dsbl.org, Configure spam black lists
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit




-: CLEANED :- smtpd_sender_restrictions = permit_sasl_authenticated,permit_mynetworks
smtpd_client_restrictions = hash:/etc/postfix/smtpdreject
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
check_client_access hash:/etc/postfix/access-addresses,
check_sender_access hash:/etc/postfix/access-addresses,
check_client_access hash:/etc/postfix/access-ips,
check_sender_access hash:/etc/postfix/access-ips,
reject_rbl_client dun.dnsrbl.net,
reject_rbl_client dynablock.njabl.org,
reject_rbl_client relays.ordb.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client korea.services.net,
reject_rbl_client opm.blitzed.org,
reject_rbl_client dialups.visi.com,
reject_rbl_client relays.visi.com,
reject_rbl_client list.dsbl.org,
reject_rbl_client cn-kr.blackholes.us,
reject_rbl_client singapore.blackholes.us,
reject_rbl_client thailand.blackholes.us,
reject_rbl_client malaysia.blackholes.us,
reject_rbl_client china.blackholes.us,
reject_rbl_client korea.blackholes.us,
reject_rbl_client argentina.blackholes.us,
reject_rbl_client brazil.blackholes.us,
reject_rbl_client taiwan.blackholes.us,
reject_rbl_client nigeria.blackholes.us,
reject_rbl_client cbl.abuseat.org,
permit
-: CLEANED :-