Control Web Panel
WebPanel => E-Mail => Topic started by: je2u on September 16, 2015, 07:36:04 AM
-
Hello,
This is my first topic, so I would like to thank CWP crew for great job.
We use CWP as a service priveder in Poland and CWP doing a awesome job. Customers are loving it.
I got a question about spam. Is there any possibility to make some black domain list, that will always be marked as a spam ?
Best regards,
je2u
-
Hello, unfortunately it is impossible to do from the CWP but you can configure your postfix.
For block all mail to/from the list of domains, you should add the following directive to your postfix main.cf file:
smtpd_sender_restrictions = hash:/etc/postfix/access
reject_unauth_destination = hash:/etc/postfix/access
Once this has been added to the main.cf, you need to create the /etc/postfix/access file and put entries in it like this:
some_bad_domain REJECT
next_bad_domain REJECT
nex_bad_domain REJECT
after run:
postmap hash:/etc/postfix/access
service postfix restart
-
As I supposed, thank you a lot!
-
Hello, unfortunately it is impossible to do from the CWP but you can configure your postfix.
For block all mail to/from the list of domains, you should add the following directive to your postfix main.cf file:
smtpd_sender_restrictions = hash:/etc/postfix/access
reject_unauth_destination = hash:/etc/postfix/access
Once this has been added to the main.cf, you need to create the /etc/postfix/access file and put entries in it like this:
some_bad_domain REJECT
next_bad_domain REJECT
nex_bad_domain REJECT
after run:
postmap hash:/etc/mail/access
service postfix restart
The postmap command should be:
postmap hash:/etc/postfix/access
-
Right. My mistake. The command fixed, thank's.
-
Hello, I just finished configuring the postfix and would like to post for posterity my solution which works just fine.
First of all, we start at /etc/postfix/main.cf file and adding this:
# Sender restrictions:
smtpd_sender_restrictions =
permit_mynetworks,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
check_sender_access hash:/etc/postfix/access,
permit
Here you got the explanations - http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions (http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions)
Then we need the access file, which should be at the postfix directory. (explanations -> http://www.postfix.org/access.5.html (http://www.postfix.org/access.5.html))
In this file, we start to list domains/mails/patterns and actions to take after postfix will read that. So, I just needed domains for now and it looks like this:
domain.com REJECT
domain1.com REJECT
domain2.com REJECT
After that we need to postmap the file access, so run:
postmap hash:/etc/postfix/access
After all, restart postfix:
service postfix restart
To check if domain is blocked, you can create domain block for your private mail (for ex. gmail.com, yahoo.com, etc.) and see the action in /var/log/maillog
tail /var/log/maillog
There should be: [...] Sender address rejected: Access denied; [...]
For me, It's just fine.
Thank you Igor for motivating me to action.
-
You can use rbls to reject the emails for more security NOte: Sender from the backlisted ips gets rejected automatically
smtpd_client_restrictions = reject_unknown_client
smtpd_helo_restrictions =
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_client_access hash:/etc/postfix/sender_whitelist, check_client_access hash:/etc/postfix/sender_blacklist, reject_unauth_destination, reject_non_fqdn_sender,reject_unknown_sender_domain,check_sender_access hash:/etc/postfix/access, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client b.barracudacentral.org, reject_rbl_client dnsbl-1.uceprotect.net, reject_rbl_client noptr.spamrats.com, reject_rbl_client dyna.spamrats.com, reject_rbl_client spam.spamrats.com