Centos 7 | Postfix + Postgrey and other SPAM evasive actions
02-24-2015, 08:38 PM
(This post was last modified: 02-24-2015, 08:47 PM by paknet.
Edit Reason: Change postgrey delay from 60s to 300s
)
Say bye bye to huge amount of SPAM messages with this simple to install daemon.
Install Postgrey:
edit this file
and change this line from
to
Start the service and make sure that daemon is automatically started after reboot:
OK. Now we need to tell Postfix to start using Postgrey and also set some other SPAM evasive actions
Edit the file:
… find this “block”
… and replace it with this one:
below that block find this line:
… and replace it with:
One last thing…
find the line:
… and paste the following before that line:
Save and close the file and restart the Postfix
Just to make sure that Postgray is working, check the maillog:
… and send a mail from external (non hosted) domain. Note: google and bunch of others are Whitelisted by default.
You should see a line like this:
Thats it! You’ve dramatically reduced the amount of SPAM messages =)
Install Postgrey:
Code:
yum install postgrey
edit this file
Code:
vi /etc/sysconfig/postgrey
and change this line from
Code:
POSTGREY_OPTS="--delay=60"
Code:
POSTGREY_OPTS="--delay=300"
Start the service and make sure that daemon is automatically started after reboot:
Code:
systemctl start postgrey
systemctl enable postgrey
OK. Now we need to tell Postfix to start using Postgrey and also set some other SPAM evasive actions
Edit the file:
Code:
vi /etc/postfix/main.cf
Code:
# rules restrictions
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain
# uncomment for realtime black list checks. (Warn: will also reject false positive)
# ,reject_rbl_client zen.spamhaus.org
# ,reject_rbl_client bl.spamcop.net
# ,reject_rbl_client dnsbl.sorbs.net
Code:
# rules restrictions
smtpd_client_restrictions =
permit_mynetworks,
permit_sasl_authenticated
smtpd_sender_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
check_policy_service unix:/var/spool/postfix/postgrey/socket,
reject_invalid_hostname,
reject_unauth_destination,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
# uncomment for realtime black list checks
reject_rbl_client sbl-xbl.spamhaus.org,
# reject_rbl_client multi.uribl.com, ### Too many requests - payable service
reject_rbl_client dsn.rfc-ignorant.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client bl.spamcop.net,
# reject_rbl_client dnsbl.sorbs.net, # Emails from yahoo are blocked with this one
reject_rbl_client cbl.abuseat.org,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client combined.rbl.msrbl.net,
reject_rbl_client rabl.nuclearelephant.com,
permit
below that block find this line:
Code:
smtpd_data_restrictions = reject_unauth_pipelining
Code:
smtpd_data_restrictions =
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated
One last thing…
find the line:
Code:
message_size_limit = 20480000
Code:
# Try to resend mail after 15 min
transport_retry_time = 15m
# More anti-spam checks
smtpd_delay_reject = yes
smtpd_helo_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_invalid_hostname,
reject_unknown_helo_hostname,
permit
Save and close the file and restart the Postfix
Code:
systemctl restart postfix
Just to make sure that Postgray is working, check the maillog:
Code:
tail -f /var/log/maillog
… and send a mail from external (non hosted) domain. Note: google and bunch of others are Whitelisted by default.
You should see a line like this:
Code:
Feb 00 00:00:00 host postgrey[122947]: action=greylist, reason=new, client_name=mail.domain.com
Thats it! You’ve dramatically reduced the amount of SPAM messages =)