Sender restrictions

Discussion in 'Installation/Configuration' started by woy-s, Nov 24, 2013.

  1. woy-s

    woy-s New Member

    Hi,

    I would like to set some restrictions on senders. Postfix allows send emails from "mynetworks" which is bad for me. So i changed smtpd_sender_restrictions in main.cf. But still someone is sending spam.
    It seems that amavis allows to send emails without restrictions:
    -o smtpd_sender_restrictions=

    Is it possible to check if sender is authenticated (even if he is in my network) or block sender somehow in content filter tab?

    I've tried with:
    -o smtpd_sender_restrictions=permit_sasl_authenticated,reject
    but i couldn't send any email (Sender address rejected: Access denied)
     
  2. Quaxth

    Quaxth New Member

    Me think that you could never protect your Servers Mail system from be used to send spam. That would simply impossible! AFAIK you could limit the amount of mails send from each domain by a number of mail send per hour or day. May you google for that "feature"!
     
  3. pititis

    pititis Member

    You can do may things to solve your issue BUT you should give us more information about your problem.

    Where exactly is your problem? Websites or mail users?

    Anyway, your post sounds familiar to me :D

    For websites:

    - Disable the php mail function (force users to use smtp auth)
    - Disable cgi support (where possible)
    - Enable suEXEC
    - Search and destroy malware


    Cheers
     
  4. woy-s

    woy-s New Member

    I have one VPS for email and websites services. Client have website based on Joomla CMS.
    I've disabled mail function in php.ini, suEXEC is enabled, CGI disabled.
    Still someone is sending emails from webmaster@*** account.

    It's strange for me because user need to authenticate and webmaster@** account doesn't exists:
    Code:
    telnet localhost 25
    MAIL FROM:<webmaster@****>
    250 2.1.0 Ok
    RCPT TO:<[email protected]>
    554 5.7.1 <webmaster@****>: Sender address rejected: Access denied
    
     
  5. pititis

    pititis Member

    In debian based distributions you can find three php.ini

    If your sites are using mod_php you could change /etc/php5/apache2/php.ini
    If your sites are using fastcgi or fpm you could change /etc/php5/cgi/php.ini


    Don't change /etc/php5/cli/php.ini It's for the command line and ispconfig use it.

    Also you can use custom php.ini in the option tab inside your website in ispconfig.

    It's your choice to disable the mail function globally or per website.

    ...and restart apache or fpm after the change.

    Cheers
     
  6. woy-s

    woy-s New Member

    [SOLVED] Sender restrictions

    Forgot about this. It's much better now.
    Thank you!
     
  7. pititis

    pititis Member

    Great!

    Glad to help you
     

Share This Page