Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 14th February 2009, 23:57
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Red face How To Fight Spam Using Your Postfix Configuration (Questions)

Hello group...

Breif server info: UBUNTU 7.10, Postfix, SMTPAUTH.

I have been working on this Tutorial and have come to have doubt and question..

At the section "QMAIL LEGACY" should I ignore this particular section beings I am not replacing old Qmail MTAs with Postfix and move onto the very next section beginning with:
Code:
Realistically you can authenicate against anything but I decided to authenticate against mynetworks.  After you have added the above into main.cf you need to further modify /etc/postfix/master.cf and make sure it contains the following:
628      inet  n       -       -       -       100       qmqpd
Or would I also ignore the above which also appears to cater to QPMD and continue from the section below?


In the section:
Quote:
Authentication Via IP (Ideal for Smarthost relaying in MS Exchange Servers )
After I create the file 'mysql-mynetworks.cf'--I would log into MySQL then create the db 'mail'? Correct?
Then I would create the following SQL table in the db 'mail' also?
Code:
CREATE TABLE `allowed_hosts` (
`active` enum('yes','no') NOT NULL default '1',
`IP` varchar(15) NOT NULL default '',
`Client` varchar(128) NOT NULL default '',
`Comments` text NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

Right now when I attempt to send e-mail through the server I receive:
Code:
An error ocurred while sending mail. The mail server responded: 5.7.1 giganetwireless@yahoo.com: Relay access denied. Pl,ease check the message recipients and try again.
Thanking you in advance for your help and knowledge..
Best Regards
Reply With Quote
Sponsored Links
  #2  
Old 15th February 2009, 16:51
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Quote:
Originally Posted by giganet View Post
At the section "QMAIL LEGACY" should I ignore this particular section beings I am not replacing old Qmail MTAs with Postfix
Yes.

Quote:
Originally Posted by giganet View Post
and move onto the very next section beginning with:
Code:
Realistically you can authenicate against anything but I decided to authenticate against mynetworks.  After you have added the above into main.cf you need to further modify /etc/postfix/master.cf and make sure it contains the following:
628      inet  n       -       -       -       100       qmqpd
No, move on to "Authentication Via IP (Ideal for Smarthost relaying in MS Exchange Servers )"


Quote:
Originally Posted by giganet View Post
After I create the file 'mysql-mynetworks.cf'--I would log into MySQL then create the db 'mail'? Correct?
Then I would create the following SQL table in the db 'mail' also?
Code:
CREATE TABLE `allowed_hosts` (
`active` enum('yes','no') NOT NULL default '1',
`IP` varchar(15) NOT NULL default '',
`Client` varchar(128) NOT NULL default '',
`Comments` text NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
No. The tutorial is based on http://www.howtoforge.com/virtual_po..._quota_courier , so you should have that database already.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (16th February 2009)
  #3  
Old 16th February 2009, 17:56
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Lightbulb

Thank you Falko

The Tutorial is based upon: http://www.howtoforge.com/virtual_po..._quota_courier

I use ISPConfig, the last time I attempted using the Virutal Users and Domains it screwed up my mail system just this last December, you helped me out of that mess ;-).

Could I just create the db 'mail' using MySQL and build that one table within it so I can complete this particular Tutorial to bring it to functionality or should I add this table to my maildb used by ISPConfig?

EDIT: MySQL Table Creation Question;

I have elected to create the db 'mail' in MySQL.
After creating the db 'mail' I then attemtped to drop the following MySQL table into thi db...
Code:
mysql> CREATE TABLE `allowed_hosts` (
    ->   `active` enum('yes','no') NOT NULL default '1',
    ->   `IP` varchar(15) NOT NULL default '',
    ->   `Client` varchar(128) NOT NULL default '',
    ->   `Comments` text NOT NULL
    -> ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
After dropping the above table and pressing 'Enter' MySQL returns the following error...
Code:
ERROR 1067 (42000): Invalid default value for 'active'
I have also tried to create the table using MyPHPAdmin and MySQL still returns the above error, is this my error?

Thanking you in advance for your help Falko..

Best Regards

Last edited by giganet; 17th February 2009 at 00:17. Reason: MySQL Table Creation Question
Reply With Quote
  #4  
Old 17th February 2009, 15:37
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Quote:
Originally Posted by giganet View Post
The Tutorial is based upon: http://www.howtoforge.com/virtual_po..._quota_courier

I use ISPConfig, the last time I attempted using the Virutal Users and Domains it screwed up my mail system just this last December, you helped me out of that mess ;-).
You cannot use ISPConfig 2 with virtual email users, so the spam fighting tutorial is not for you.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (17th February 2009)
  #5  
Old 18th February 2009, 00:46
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Post Another Solution

Hi Falko..

Thank you for sharing your knowledge with us all at HTF...

After reversing changes I made to the server following this Tutorial I did some searches on the Internet pertaining to controlling attacks against PostFix & to also help fight SPAM using PostFix and I found the following that I would like to share with users of HTF that also run ISPConfig2.

I added the following to '/etc/postfix/main.cf' successfully this morning, POP & SMTP-AUTH both appear to work without problem using the following.

Code:
# BEGIN ATTACK CONTROL
# The first line is the sleep or delay time.  After the system senses 10 
# attacks from the same source the 11th attack is delayed 12 seconds, 
# the 12th attack is delayed 14 seconds, etc.  Once it reaches the hard # limit the misbehaving client is disconnected.  In the example, the soft 
# limit is 15 and the hard limit is 25. These settings can all be changed to # reflect your needs.  
# This practice will help you set up the soft and hard limits for attack 
# parameters. Edit your main.cf file and place the following settings in it, 
# at the end of the file. Configure your hard limit at 25, your soft limit at 
# 15 and use a 1 second delay.
 
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 15
smtpd_hard_error_limit = 25
 
# END ATTACK CONTROL
 
# Checks senders IP against SBL's prior to allowing SMTP to pass.
 
smtpd_client_restrictions = reject_rbl_client spam.dnsrbl.net,reject_rbl_client list.dsbl.org,reject_rbl_client ipwhois.rfc-ignorant.org,reject_rbl_client bl.spamcop.net,reject_rbl_client sbl.spamhaus.org,reject_rbl_client dun.dnsrbl.net,reject_rbl_client multihop.dsbl.org,reject_rbl_client dialups.visi.com,reject_rbl_client dynablock.wirehub.net,reject_rbl_client dnsbl.njabl.org,reject_rbl_client ztl.dorkslayers.com,reject_rbl_client blacklist.spambag.org,reject_rbl_client opm.blitzed.org
 
# This disables VRFY so that malicious users cannot determine
# valid users on your host with the VRFY command.
 
disable_vrfy_command = yes
Reply With Quote
  #6  
Old 18th February 2009, 21:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
 
Default

This is basically the same as what is written here: http://www.howtoforge.com/block_spam..._level_postfix
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Undelivered Mail Returned to Sender Error202 General 5 7th May 2009 11:14
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 17:39
Ubuntu 8.04 Spamsnake - all SA scores 0.00 Thomas_Powers HOWTO-Related Questions 23 24th June 2008 17:37
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36


All times are GMT +2. The time now is 10:49.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.