Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 7th June 2010, 15:22
clucian clucian is offline
Junior Member
 
Join Date: May 2010
Location: Romania, Spain
Posts: 11
Thanks: 0
Thanked 3 Times in 3 Posts
Default

To remove your ip from SORBS-SPAM request that your ISP to request to remove from this blacklist.
Or request to change your ISP to change your IP.

Be sure to DROP your port 25 in firewall chain FORWARD.

iptables -A FORWARD -p tcp --dport -j DROP
Reply With Quote
Sponsored Links
  #12  
Old 7th June 2010, 16:31
djmixx07 djmixx07 is offline
Junior Member
 
Join Date: Mar 2010
Posts: 29
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by clucian View Post
To remove your ip from SORBS-SPAM request that your ISP to request to remove from this blacklist.
Or request to change your ISP to change your IP.

Be sure to DROP your port 25 in firewall chain FORWARD.

iptables -A FORWARD -p tcp --dport -j DROP
Should I change my IP first before I do "iptables -A FORWARD -p tcp --dport -j DROP"? And can I ask what does this code do and what importance does it serve? According to SORBS-SPAM they will not remove me from the list unless I pay a "donation". Thanks for the reply.
Reply With Quote
  #13  
Old 8th June 2010, 10:34
clucian clucian is offline
Junior Member
 
Join Date: May 2010
Location: Romania, Spain
Posts: 11
Thanks: 0
Thanked 3 Times in 3 Posts
Default

I had an IP blacklist the Sorbs, and solutions was to request the ISP to do that, and solve the problem.

This rule in firewall is a MUST (my opinion) on mail server:
iptables -A FORWARD -p tcp --dport -j DROP

If the mail server is behind a network, and a computer is virus spam trafic on port 25. I'll have problems with blacklist spam.

For more info read this: block port 25
Reply With Quote
  #14  
Old 8th June 2010, 12:07
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

Code:
iptables -A FORWARD -p tcp --dport 25 -j DROP
you mean? ;-)
Reply With Quote
  #15  
Old 9th June 2010, 09:08
djmixx07 djmixx07 is offline
Junior Member
 
Join Date: Mar 2010
Posts: 29
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Is this applicable for me? because the ISP only provides us DNS, and all the rest is here in our in-house servers. And I'm using a public IP.

And I'm figuring maybe even if I change or request a new IP, it will be solved for the meantime but sooner or later it may be blacklisted again. Because just recently Gmail refused connections from my IP, meaning there's still wrong and my configuration isn't still fixed. I don't know if there's still missing or wrong with my posfix main.cf or any other configuration that's still causing or allowing this to happen. I need to track down which is causing my IP to be blacklisted.

Is there a possibility that one of our user's computer has a virus that makes their email client send spam -- therefore makes us blacklisted? But if so, it would impossible and difficult to check/scan all their computers one by one. And so if my assumption is true, how can I filter outgoing mail from spam? How would I know which users are sending spam and how can I stop it?

Like I said, it's just an assumption..if I'm wrong, pls suggest other causes and solutions. Thanks so much.

Here's my main.cf
Code:
# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mail.mydomain.com
mydomain = mydomain.com
myorigin = $mydomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = /etc/postfix/local-host-names
relayhost = 
home_mailbox =
mynetworks = 127.0.0.0/8, 124.6.144.0/29
mailbox_command = 
mailbox_size_limit = 0
message_size_limit = 104857600
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain = 
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_hostname, reject_rbl_client zen.spamhaus.org, reject_rhsbl_sender dsn.fc-ignorant.org, check_policy_service inet:127.0.0.1:60000, permit
soft_bounce = yes
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
virtual_maps = hash:/etc/postfix/virtusertable
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit
smtpd_helo_restrictions = permit_mynetworks, reject_unknown_helo_hostname, permit
smtpd_sender_restrictions = reject_unknown_address, reject_unknown_sender_domain
maximal_queue_lifetime = 1d
delay_warning_time = 0h
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_reject_unlisted_recipient = yes
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
Thanks again
Reply With Quote
  #16  
Old 9th June 2010, 10:02
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

Well, you've been looking at firewall rules, dns stuff, block lists and i see you have dkim-filter installed ..

i'd suggest you take a few steps back and start with a clean postfix install and work your way up from there again.
Reply With Quote
  #17  
Old 10th June 2010, 06:23
djmixx07 djmixx07 is offline
Junior Member
 
Join Date: Mar 2010
Posts: 29
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Mark_NL View Post
Well, you've been looking at firewall rules, dns stuff, block lists and i see you have dkim-filter installed ..

i'd suggest you take a few steps back and start with a clean postfix install and work your way up from there again.
What? install everything again?? Why? Which are the things I should install again besides postfix?
Reply With Quote
  #18  
Old 10th June 2010, 10:20
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

Why, because you're kind of stuck and i doubt you actually know what you're doing ;-)

I've learned all this by just .. install .. config .. mess up .. reinstall.. rinse and repeat ;-)

Setting up postfix with (virt)users/domains etc etc should take up to 30mins to set up and test.

Ow and looking at your config files, i also noticed you installed greylisten (port 60000? ;-)

I'm running multiple mailservers that get more that 500k+ mails each day, try adding these rbl checks in your main.cf

Code:
smtpd_recipient_restrictions = 
 permit_sasl_authenticated,
 permit_mynetworks,
 reject_unauth_destination
 reject_invalid_hostname,
 reject_rbl_client virbl.dnsnl.bit.nl,
 reject_rbl_client cbl.abuseat.org,
 reject_rbl_client bl.spamcop.net,
 reject_rbl_client sbl-xbl.spamhaus.org
Reply With Quote
The Following User Says Thank You to Mark_NL For This Useful Post:
djmixx07 (10th June 2010)
  #19  
Old 10th June 2010, 11:10
djmixx07 djmixx07 is offline
Junior Member
 
Join Date: Mar 2010
Posts: 29
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Yes that's correct I'm already lost and I don't know what I'm doing anymore LOL.. My only basis are the stuff I read online..It's been a total crash course for me. That's why I'm very anxious about doing it all over again. But I really want to learn this. About the greylist, I got this from of the tutorials here..isn't it supposed to be 60000? Sorry..What number should I put there? Thanks for the tips, you've been helpful.
Reply With Quote
  #20  
Old 10th June 2010, 13:10
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
 
Default

Well from my understanding, you want to set up a mailserver .. using ispconfig3 would make your life easier with handling users/groups etc etc ..

so i suggest you follow this tutorial:
http://www.howtoforge.org/perfect-se...nny-ispconfig3

gl!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix problem and few questions Gimly Installation/Configuration 12 7th July 2009 17:27
Postfix + postfixadmin = SMTP errors... Rashef Server Operation 4 25th June 2009 17:12
just the last step...and it works. Postfix...need help config. ubuntusr Installation/Configuration 1 5th January 2009 10:50
Problem with dcc-client installation (Postfix) swap-as Installation/Configuration 9 18th September 2008 21:47
Core 4: Error Messages on Fresh Install re CTX/SSL jjw Installation/Configuration 30 6th September 2006 13:16


All times are GMT +2. The time now is 16:59.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.