Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 1st November 2006, 16:26
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 220
Thanks: 11
Thanked 10 Times in 10 Posts
Default Spam emails...bounced from me

I've been getting a bunch of emails the last few days all undeliverable and bounced back to me. i know that these aren't being sent from my server, just faking my address for the sent from address.

Is their a filter in Spamassassin or in the ISP Config email blacklisting that can filter these out for me?

Thanks.

Brian
Reply With Quote
Sponsored Links
  #2  
Old 2nd November 2006, 14:44
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

Have a look here: http://www.howtoforge.com/forums/sho...t_restrictions
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 2nd November 2006, 15:10
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 220
Thanks: 11
Thanked 10 Times in 10 Posts
Default

Thanks much...I appreciate it.
Reply With Quote
  #4  
Old 2nd November 2006, 17:22
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,138
Thanks: 4
Thanked 52 Times in 48 Posts
Default

or you can use postfix filtering :)

Quote:
smtpd_recipient_restrictions =
reject_invalid_hostname,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
# Postfix Filtering
reject_unauth_destination,
check_recipient_access hash:/etc/postfix/recipient_checks,
check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
check_helo_access hash:/etc/postfix/helo_checks,
check_sender_access hash:/etc/postfix/sender_checks,
# some RBLs
reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rbl_client relays.ordb.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rbl_client relays.ordb.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client proxies.blackholes.wirehub.net,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.njabl.org,
# Grey Listing
check_policy_service inet:127.0.0.1:60000
permit
recipient_checks: This is usefull when you use a catch-all email address (e.g. all mails to @domain.com will be put into the same mailbox). I use catch-all for the following: Whenever I have to give an email address somehwere, then I make "www.theirdomain.com@mydomain.com". Then based on the recipient info I know where there was a leak of email addresses :)
Quote:
# This file must be "compiled" with "postmap"
recipient1@domain.com REJECT
recipient2@domain.com REJECT
recipient_checks.pcre: You can also work with regular expressions
Code:
# Note: You must have PCRE support support built in to Postfix at
# compile time to use this.  (Tho I've been told the following are
# valid POSIX RE's ["regexp:" map type], as well.)
#
# Postfix doesn't relay by default.  But it may *appear* to do so
# to some testers.  The first two statements below remove all
# doubt.

/^\@/                   550 Invalid address format.
/[!%\@].*\@/            550 This server disallows weird address syntax.

# Let email to the following destinations bypass all the remaining
# "reject" and "check" tests.  We always want to let email for these
# recipients in.

/^postmaster\@/         OK
/^hostmaster\@/         OK
/^abuse\@/              OK

# Note: The "OK"s above, for postmaster, etc., will *not*
# bypass header and body checks.  There is currently no way
# to do so with Postfix :(
#
# Remember where I said, at the very beginning, about how
# order is important?  Whatever you do, do *not* place an
# access map like this one before the "permit mynetworks"
# and "reject_unauth_destination" statements.  Not unless
# you want to be an open relay, anyway.
helo_checks: List your domains :)
Code:
# This file has to be "compiled" with "postmap"

# Reject anybody that HELO's as being in our own domain(s)
# (Note that if you followed the order suggested in the main.cf
# examples, above, that machines in mynetworks will be okay.)

roleplayer.org           REJECT You are not in roleplayer.org
notkeriana.ch           REJECT You are not in notkeriana.ch
montepacis.com          REJECT You are not in montepacis.com
montepacis.ch           REJECT You are not in montepacis.ch
ferronet.de             REJECT You are not in ferronet.de
regenmacher.ch          REJECT You are not in regenmacher.ch
laurelin.fr             REJECT You are not in laurelin.fr

# Somebody HELO'ing with our IP address?
#192.168.1.2            REJECT You are not 192.168.1.2
83.133.126.175          REJECT You are not 83.133.126.175

# Somebody HELO'ing as "localhost?"  Impossible, we're "localhost"
localhost               REJECT You are not me
sender_checks: Check the sender's domain...
Code:
# This file must be "compiled" with "postmap"

# Using a domain name
discardmail.com         554 Spam not tolerated here
izmail.serveftp.net     554 Spam not tolerated here

# Maybe example2.tld is on a DNSbl, but we want to let their
# email in anyway.
example2.tld            OK

# We get lots of spam from example3.tld, but we have somebody
# there from which we do want to hear
someuser@example3.tld   OK
example3.tld            REJECT
I don't remember what was necessary to install pcre and whether postmap works out of the box. You'll have to check your logs if you implement these things :)

Well, with the above things you can easily make white/black lists and some general checks :)
Reply With Quote
  #5  
Old 2nd November 2006, 23:18
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 220
Thanks: 11
Thanked 10 Times in 10 Posts
 
Default

Again, thanks for the help!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Slicker spam handling with Maildirs IntnsRed Feature Requests 9 30th March 2008 06:02
How to kill spam when spamassassin marks it spam kpimichael Suggest HOWTO 15 6th August 2007 16:44
Amavisd question outbound scan emails (falko howto debian) tuflipes HOWTO-Related Questions 4 23rd September 2006 23:02
complete spam protection with postfix - howto alexnz Server Operation 1 22nd June 2006 14:06
Spam vpns2000 Installation/Configuration 7 3rd May 2006 18:07


All times are GMT +2. The time now is 04:03.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.