Author Topic: SPAM - config  (Read 15816 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
SPAM - config
« on: September 16, 2015, 07:36:04 AM »
Hello,

This is my first topic, so I would like to thank CWP crew for great job.
We use CWP as a service priveder in Poland and CWP doing a awesome job. Customers are loving it.

I got a question about spam. Is there any possibility to make some black domain list, that will always be marked as a spam ?

Best regards,
je2u

Offline
*****
Re: SPAM - config
« Reply #1 on: September 16, 2015, 04:31:07 PM »
Hello, unfortunately it is impossible to do from the CWP but you can configure your postfix.
For block all mail to/from the list of domains, you should add the following directive to your postfix main.cf file:
Code: [Select]
smtpd_sender_restrictions = hash:/etc/postfix/access
reject_unauth_destination = hash:/etc/postfix/access
Once this has been added to the main.cf, you need to create the /etc/postfix/access file and put entries in it like this:
Code: [Select]
some_bad_domain REJECT
next_bad_domain REJECT
nex_bad_domain REJECT

after run:
Code: [Select]
postmap hash:/etc/postfix/access
service postfix restart
« Last Edit: September 21, 2015, 11:18:59 AM by Igor S. »
You can ask me to solve any problem with your server for some money in pm  ;)
Services Monitoring & RBL Monitoring
http://centos-webpanel.com/services-monitor
Join our Development Team and get paid !
http://centos-webpanel.com/develope-modules-for-cwp

Installation Instructions
http://centos-webpanel.com/installation-instructions
Get Fast Support Here
http://centos-webpanel.com/support-services

Offline
*
Re: SPAM - config
« Reply #2 on: September 17, 2015, 05:40:12 AM »
As I supposed, thank you a lot!

Offline
*
Re: SPAM - config
« Reply #3 on: September 21, 2015, 08:08:21 AM »
Hello, unfortunately it is impossible to do from the CWP but you can configure your postfix.
For block all mail to/from the list of domains, you should add the following directive to your postfix main.cf file:
Code: [Select]
smtpd_sender_restrictions = hash:/etc/postfix/access
reject_unauth_destination = hash:/etc/postfix/access
Once this has been added to the main.cf, you need to create the /etc/postfix/access file and put entries in it like this:
Code: [Select]
some_bad_domain REJECT
next_bad_domain REJECT
nex_bad_domain REJECT

after run:
Code: [Select]
postmap hash:/etc/mail/access
service postfix restart

The postmap command should be:

Code: [Select]
postmap hash:/etc/postfix/access

Offline
*****
Re: SPAM - config
« Reply #4 on: September 21, 2015, 11:18:37 AM »
Right. My mistake. The command fixed, thank's.
You can ask me to solve any problem with your server for some money in pm  ;)
Services Monitoring & RBL Monitoring
http://centos-webpanel.com/services-monitor
Join our Development Team and get paid !
http://centos-webpanel.com/develope-modules-for-cwp

Installation Instructions
http://centos-webpanel.com/installation-instructions
Get Fast Support Here
http://centos-webpanel.com/support-services

Offline
*
Re: SPAM - config
« Reply #5 on: September 21, 2015, 01:24:50 PM »
Hello, I just finished configuring the postfix and would like to post for posterity my solution which works just fine.

First of all, we start at /etc/postfix/main.cf file and adding this:
Code: [Select]
# Sender restrictions:
smtpd_sender_restrictions =
    permit_mynetworks,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    check_sender_access hash:/etc/postfix/access,
    permit

Here you got the explanations - http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions

Then we need the access file, which should be at the postfix directory. (explanations -> http://www.postfix.org/access.5.html)
In this file, we start to list domains/mails/patterns and actions to take after postfix will read that. So, I just needed domains for now and it looks like this:
Code: [Select]
domain.com REJECT
domain1.com REJECT
domain2.com REJECT

After that we need to postmap the file access, so run:
Code: [Select]
postmap hash:/etc/postfix/access
After all, restart postfix:
Code: [Select]
service postfix restart
To check if domain is blocked, you can create domain block for your private mail (for ex. gmail.com, yahoo.com, etc.) and see the action in /var/log/maillog
Code: [Select]
tail /var/log/maillogThere should be: [...] Sender address rejected: Access denied; [...]

For me, It's just fine.
Thank you Igor for motivating me to action.

Offline
*
Re: SPAM - config
« Reply #6 on: December 18, 2019, 06:21:36 PM »
You can use rbls to reject the emails for more security NOte: Sender from the backlisted ips gets rejected automatically 
Code: [Select]
smtpd_client_restrictions = reject_unknown_client
smtpd_helo_restrictions =
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_client_access hash:/etc/postfix/sender_whitelist, check_client_access hash:/etc/postfix/sender_blacklist, reject_unauth_destination, reject_non_fqdn_sender,reject_unknown_sender_domain,check_sender_access hash:/etc/postfix/access, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client b.barracudacentral.org, reject_rbl_client dnsbl-1.uceprotect.net, reject_rbl_client noptr.spamrats.com, reject_rbl_client dyna.spamrats.com, reject_rbl_client spam.spamrats.com