Spam Control For Postfix - Page 2
6) Restart Postfix and Spamassassin
/etc/init.d/postfix restart
/etc/init.d/spamassassin restart
7) Copy the mailgraph CGI script to your websites CGI-BIN:
cp -p /usr/lib/cgi-bin/mailgraph.cgi /var/www/www.example.com/cgi-bin
8) Create and CHMOD the postfix_report.sh script:
nano /usr/local/sbin/postfix_report.sh
Paste the following into the script:
#!/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin pflogsumm /var/log/mail.log | formail -c -I"Subject: Mail Statistics" -I"From: [email protected]" -I"To: [email protected]" -I"Received: from www.example.com ([ 127.0.0.1])" | sendmail [email protected] ##gzip /var/log/mail.log.0 exit 0
chmod 755 /usr/local/sbin/postfix_report.sh
9) Edit the RSYSLOG file so that your mail.log rotates daily and to set up an automatic email with postfix statistics:
nano /etc/logrotate.d/rsyslog
Delete the line that says /var/log/mail.log and add this at the VERY bottom of the file:
/var/log/mail.log { rotate 7 daily missingok notifempty delaycompress compress prerotate /usr/local/sbin/postfix_report.sh > /dev/null endscript postrotate invoke-rc.d rsyslog reload > /dev/null endscript }
With this, every time the mail.log rotates (usually around 6am by default) you will get a detailed email about what Postfix has delivered, not delivered, greylisted, and so on.
So now you're all done! What did you do? You installed blacklist filters, greylisting, graphing for on-the-fly information about Postfix, daily emails with detailed Postfix stats, created a spam trap, and other minor things to make your mailserver a lot more secure and less susceptible to spam.
IMPORTANT: Let me know what you all do. Please respond with your choice, if you use it, and how well it worked. If there's much of a use, I will keep building upon the instructions and make it even better (hopefully). Responses are in the form of thread messages.
BONUS INSTRUCTIONS:
If you use the script I posted below, that gives you GREYLISTING SPECIFIC STATS, do the following:
1) DELETE it from having a CRONJOB if you added one originaly. Most likely, you did.
2) Open the RSYSLOG file again.
3) Modify the above entry so that it looks like this:
/var/log/mail.log { rotate 7 daily missingok notifempty delaycompress compress prerotate /path/to/the/greylist_script.sh > /dev/null /usr/local/sbin/postfix_report.sh > /dev/null endscript postrotate invoke-rc.d rsyslog reload > /dev/null endscript }
Make sure that the /path/to/the/greylist_script.sh > /dev/null matches the exact path to the script you were using.
Here is the greylist_script.sh:
#!/bin/sh LOGFILE=/tmp/greylist-statistics [email protected] echo "Total amount of GreyListed messages " > $LOGFILE cat /var/log/mail.log | /usr/bin/postgreyreport --delay=300 >> $LOGFILE echo -ne "-------------------------------------\n" >> $LOGFILE echo -ne "-------------------------------------\n" >> $LOGFILE echo "Get only the top 20 sources getting greylisted out " >> $LOGFILE cat /var/log/mail.log | postgreyreport | awk '{print $1}' | sort | uniq -c | sort -nr | head -n20 >> $LOGFILE echo -ne "-------------------------------------\n" >> $LOGFILE echo -ne "-------------------------------------\n" >> $LOGFILE echo "Get a list of the top 20 email address that the greylisted sources are sending email to " >> $LOGFILE cat /var/log/mail.log | postgreyreport | awk '{print $4}' | sort | uniq -c | sort -nr | head -n20 >> $LOGFILE echo -ne "-------------------------------------\n" >> $LOGFILE echo -ne "-------------------------------------\n" >> $LOGFILE cat $LOGFILE | mail -s "Greylisting Statistics of `hostname` for `date +%Y-%m-%d`" $YOURMAIL
Edit the following parts of the above script:
1) Change the YOUREMAIL = line so that it goes to your personal mail box. This will give you details on how its working.
2) Make sure that /var/log/mail.log is the correct path to your current mail.log file. Distros are different.
Set the script to chmod +700 so that it is executable:
chmod 700 /path/to/the/greylist_script.sh