[PREV] | [UP] | [NEXT]

Some tips on postfix security

These rules almost speak for themselves:
# some settings to make life easier
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
smtpd_recipient_restrictions =
        reject_rbl_client bl.spamcop.net,
        reject_rbl_client relays.ordb.org,
        reject_rbl_client sbl.spamhaus.org,
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access, reject_unknown_sender_domain

#getting rid of slow hosts
transport_maps = hash:/etc/postfix/transport
deadbeats_destination_concurrency_limit = 50

For the slow hosts, you also need a line added to master.cf:
deadbeats         unix  -       -       n       -       -       smtp -o smtp_connect_timeout=5 -o smtp_helo_timeout=5

You will also need to create two files:
#        transport - format of Postfix transport table
hotmail.com             deadbeats:
yahoo.com               deadbeats:
myokay.net              deadbeats:
freenet.de              deadbeats:
earthlink.net           deadbeats:
getnet.it               deadbeats:
freemail.com.au         deadbeats:
byte.it                 deadbeats:
and /etc/postfix/access
mail.ru REJECT OK
Run postmap access, postmap transport, after creating these files, then run postfix reload.

[PREV] | [UP] | [NEXT]