HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   SPAM & Postfix on a WWW server. (http://www.howtoforge.com/forums/showthread.php?t=61545)

SamTzu 20th April 2013 19:38

SPAM & Postfix on a WWW server.
 
Hi all.

Old Joomla sites are causing me a lot of headaches.
We have denied direct emails from websites to internet but that just means that thousands of (SPAM) emails get stuck in the www server's mail que's because the sites are leaking like a sieve.

netstat -tapn example..

Quote:

tcp 0 1 10.10.103.117:45233 212.52.84.172:25 SYN_SENT 7976/smtp
tcp 0 1 10.10.103.117:46636 220.181.14.139:25 SYN_SENT 6564/smtp
tcp 0 1 10.10.103.117:43322 65.54.188.126:25 SYN_SENT 6584/smtp
tcp 0 1 10.10.103.117:38889 65.54.188.110:25 SYN_SENT 8026/smtp
tcp 0 1 10.10.103.117:51595 202.136.40.234:25 SYN_SENT 6580/smtp
Now since /smtp can not connect to out of the server without username and password these get stuck in the que.
Currently the que is only for 1 day but soon we are forced to lower that to just a few hours.
I was wondering if you have figured out a way to "limit" how many emails a "site" can send per/hour or maybe disable email entirely from some sites.
Our WWW servers have Postfix installed but it is only allowed to send email not receive any external mail.

(PS. If you know how to disable all those useless Postfix delivery error messages let me know :)

almere 24th April 2013 10:54

It is possible to limit e-mails for user per hour (or day) in postfix.

SamTzu 2nd May 2013 21:45

How can you limit it?

till 2nd May 2013 22:04

You acn do that with e.g. policyd:

http://wiki.policyd.org/quotas

REgarding the original problem with old joomla installs, have you tried to use apache mod_security on that server. It can block most of the attacks against old / unpatched cms systems.

SamTzu 3rd May 2013 11:39

Thx 4 the tip Till. I did try mod_sec a while back but found it difficult to control. Maybe I will give it another shot soon.

Does anyone know of a way to prevent a website accessing SMTP?
Maybe with a "Apache Directives" or "Custom php.ini settings"


All times are GMT +2. The time now is 19:55.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.