Pfsense and Sentora

[Qtech]

Hi everyone,

I am considering building a new Sentora server. Over the past year my email server was taken over and has been used for spamming to the point Google, Yahoo, Outlook and several others have banned me. It got to the point where i just simply turned of postfix even after putting PFsense infront of Sentora.

It's impossible to continue without mail.

Does anyone have any tips or tutorial on installing sentora behind PFsense. I am using CentOS 7. How can I transfer from 1 server to the other? or should I redo everything manually? 

I have 1 wordpress/woocommerce website (still running). It has Wordfense running and I have blocked everything other than traffic from the U.S. but I would like to change this.

I am considering using hosting service as well that uses Sentora.

Not sure of what to do.

[Me.B]

When using pfsense what do you gain?

you can use already the firewall included in the server?

Mainly if you plan to expose only pfsense you will need to NAT and translate public ip to private ip and forward all traffic. I don't think it's advised then to use sentora DNS.

By default sentora will listen on port 80 on all ip's so no need for more changes.

You will need to forward 80 for http and 443 for https. If you need email you may need 25/110/143 ( als TLS ports if you setup any ).

M B

[TGates]

First off, if your server is sending out spam chances are it is one of your web sites being exploited. Also, there are a few very good tutorials in the Community Guides and HOW-TO forum on how to help lock down postfix and reduce spam.

[Me.B]

If you are unable to locate the hacked website try to use clamav it can help.

M B

[gozfly]

With sentora you can enable the blacklist check like: spamhaus or spamcop in your postfix service, so you can use your pfsense firewall to limit the concurrent connections on port 25 tcp for prevent spamming.

I recommend to enable PTR, SPF records into your DNS server.

[Qtech]

appreciate all the advice. I will give it go this weekend.

Pfsense give another layer of analyzing traffic before it hits the server. The server has multiple nics so I can forward the static IP to the server.

Pfsense should be able to analyze traffic going out as well. Still working on that.

I probably have an issue with SPF records.

our DNS zone has been loaded, but with errors. Some features may not work until corrected.

Please note that changes to your zone records can take up to 24 hours before they become 'live'.

Output of DNS zone checker: (main domain).
zone domain.net/IN: domain.net/MX 'mail.domain.net' has no address records (A or AAAA) zone domain.net/IN: 'domain.net' found type SPF record but no SPF TXT record found, add matching type TXT record zone domain.net/IN: loaded serial 2017110530 OK

v=spf1 ip4:xxx.xxx.xxx.xxx -all

spf for functioning domainB.
v=spf1 ip4:xxx.xxx.xxx.xxx a:mail.domainB.org -all


does anyone have any suggestions for a package that will analzye the outgoing traffic from sentora. (something I can install on Sentora)?