How To Fight Spam Using Your Postfix Configuration (Questions)

[giganet]

Hello group...

Breif server info: UBUNTU 7.10, Postfix, SMTPAUTH.

I have been working on this Tutorial and have come to have doubt and question..

At the section "QMAIL LEGACY" should I ignore this particular section beings I am not replacing old Qmail MTAs with Postfix and move onto the very next section beginning with:

Code:

Realistically you can authenicate against anything but I decided to authenticate against mynetworks.  After you have added the above into main.cf you need to further modify /etc/postfix/master.cf and make sure it contains the following:
628      inet  n       -       -       -       100       qmqpd

Or would I also ignore the above which also appears to cater to QPMD and continue from the section below?


In the section:

Quote:

Authentication Via IP (Ideal for Smarthost relaying in MS Exchange Servers )

After I create the file 'mysql-mynetworks.cf'--I would log into MySQL then create the db 'mail'? Correct?
Then I would create the following SQL table in the db 'mail' also?

Code:

CREATE TABLE `allowed_hosts` (
`active` enum('yes','no') NOT NULL default '1',
`IP` varchar(15) NOT NULL default '',
`Client` varchar(128) NOT NULL default '',
`Comments` text NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

Right now when I attempt to send e-mail through the server I receive:

Code:

An error ocurred while sending mail. The mail server responded: 5.7.1 giganetwireless@yahoo.com: Relay access denied. Pl,ease check the message recipients and try again.

Thanking you in advance for your help and knowledge..
Best Regards

[falko]

Quote:

Originally Posted by giganet

At the section "QMAIL LEGACY" should I ignore this particular section beings I am not replacing old Qmail MTAs with Postfix

Yes.

Quote:

Originally Posted by giganet

and move onto the very next section beginning with:

Code:

Realistically you can authenicate against anything but I decided to authenticate against mynetworks.  After you have added the above into main.cf you need to further modify /etc/postfix/master.cf and make sure it contains the following:
628      inet  n       -       -       -       100       qmqpd

No, move on to "Authentication Via IP (Ideal for Smarthost relaying in MS Exchange Servers )"

Quote:

Originally Posted by giganet

After I create the file 'mysql-mynetworks.cf'--I would log into MySQL then create the db 'mail'? Correct?
Then I would create the following SQL table in the db 'mail' also?

Code:

CREATE TABLE `allowed_hosts` (
`active` enum('yes','no') NOT NULL default '1',
`IP` varchar(15) NOT NULL default '',
`Client` varchar(128) NOT NULL default '',
`Comments` text NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

No. The tutorial is based on http://www.howtoforge.com/virtual_po..._quota_courier , so you should have that database already.

[giganet]

Thank you Falko

The Tutorial is based upon: http://www.howtoforge.com/virtual_po..._quota_courier

I use ISPConfig, the last time I attempted using the Virutal Users and Domains it screwed up my mail system just this last December, you helped me out of that mess ;-).

Could I just create the db 'mail' using MySQL and build that one table within it so I can complete this particular Tutorial to bring it to functionality or should I add this table to my maildb used by ISPConfig?

EDIT: MySQL Table Creation Question;

I have elected to create the db 'mail' in MySQL.
After creating the db 'mail' I then attemtped to drop the following MySQL table into thi db...

Code:

mysql> CREATE TABLE `allowed_hosts` (
    ->   `active` enum('yes','no') NOT NULL default '1',
    ->   `IP` varchar(15) NOT NULL default '',
    ->   `Client` varchar(128) NOT NULL default '',
    ->   `Comments` text NOT NULL
    -> ) ENGINE=MyISAM DEFAULT CHARSET=latin1;

After dropping the above table and pressing 'Enter' MySQL returns the following error...

Code:

ERROR 1067 (42000): Invalid default value for 'active'

I have also tried to create the table using MyPHPAdmin and MySQL still returns the above error, is this my error?

Thanking you in advance for your help Falko..

Best Regards

[falko]

Quote:

Originally Posted by giganet

The Tutorial is based upon: http://www.howtoforge.com/virtual_po..._quota_courier

I use ISPConfig, the last time I attempted using the Virutal Users and Domains it screwed up my mail system just this last December, you helped me out of that mess ;-).

You cannot use ISPConfig 2 with virtual email users, so the spam fighting tutorial is not for you.

[giganet]

Hi Falko..

Thank you for sharing your knowledge with us all at HTF...

After reversing changes I made to the server following this Tutorial I did some searches on the Internet pertaining to controlling attacks against PostFix & to also help fight SPAM using PostFix and I found the following that I would like to share with users of HTF that also run ISPConfig2.

I added the following to '/etc/postfix/main.cf' successfully this morning, POP & SMTP-AUTH both appear to work without problem using the following.

Code:

# BEGIN ATTACK CONTROL
# The first line is the sleep or delay time.  After the system senses 10 
# attacks from the same source the 11th attack is delayed 12 seconds, 
# the 12th attack is delayed 14 seconds, etc.  Once it reaches the hard # limit the misbehaving client is disconnected.  In the example, the soft 
# limit is 15 and the hard limit is 25. These settings can all be changed to # reflect your needs.  
# This practice will help you set up the soft and hard limits for attack 
# parameters. Edit your main.cf file and place the following settings in it, 
# at the end of the file. Configure your hard limit at 25, your soft limit at 
# 15 and use a 1 second delay.
 
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 15
smtpd_hard_error_limit = 25
 
# END ATTACK CONTROL
 
# Checks senders IP against SBL's prior to allowing SMTP to pass.
 
smtpd_client_restrictions = reject_rbl_client spam.dnsrbl.net,reject_rbl_client list.dsbl.org,reject_rbl_client ipwhois.rfc-ignorant.org,reject_rbl_client bl.spamcop.net,reject_rbl_client sbl.spamhaus.org,reject_rbl_client dun.dnsrbl.net,reject_rbl_client multihop.dsbl.org,reject_rbl_client dialups.visi.com,reject_rbl_client dynablock.wirehub.net,reject_rbl_client dnsbl.njabl.org,reject_rbl_client ztl.dorkslayers.com,reject_rbl_client blacklist.spambag.org,reject_rbl_client opm.blitzed.org
 
# This disables VRFY so that malicious users cannot determine
# valid users on your host with the VRFY command.
 
disable_vrfy_command = yes

[falko]

This is basically the same as what is written here: http://www.howtoforge.com/block_spam..._level_postfix