More postfix spam blocking and Whitelisting….



I almost forgot to pass along a link to a more comprehensive detailing of postfix’s anti-uce controls…. here. Also, in the last article I briefly mentioned whitelisting. IF you intend to have several blacklists active it will pay to learn how to whitelist before you HAVE to. To do so, I simply created a text file at /etc/postfix/whitelist and int hat file you enter IP address or hostname followed by OK…. like this….

1.2.3.4 OK
goodmachine.com OK

But… of course, there’s a bit more.


Since I’m using smtpd_client_restrictions for the blacklist lookups, I’m adding in the search for the whitelist there….

smtpd_client_restrictions = check_client_access hash:/etc/postfix/whitelist

You also need to postmap that file after any changes…

postmap /etc/postfix/whitelist

I’ve also been in the habit of reloading postfix after a change like that (although I don’t know that it’s necessary.)

/etc/init.d/postfix reload

It should be noted that the rules of who accesses your server in smtpd_client_restrictions and the other restriction checks are important to be considered as occuring in the order listed. In other words, it matters whether something comes first or last in the list. For instance… if a host is in an ACCEPT rule before they are in a REJECT list they will be accepted, also… if they are in the matching REJECT rule before the ACCEPT rule is found they will be rejected.

Related Posts

Blog Traffic Exchange Related Posts
  • Using ssh to protect web browsing over wireless or other hostile networks This really could be used to encyrpt web traffic over any "hostile" network. Here's what I'm talking about. Laptop using wireless. Within our internal network we would LIKE all our web traffic to be encrypted at least from the laptop to a wired host. (From there to the outside world......
  • Hiding malware may evade antivirus Sans had an interesting malware analysis this morning about a blob that appeared to be ascii text (gibberish) that was retrieved by a piece of malware. It turns out that the ascii text was a cleverly encoded exe file (windows executable or program file.) It took several iterations of their......
  • Evolution email error MAIL FROM command failed: Unknown Some time back, I was teetering on the brink.... I've used Evolution as my linux mail client for ages (since I switched), because it had the calender integrated etc... However, Kontact has REALLY looked nice for some time, but I didn't have time to mess with changing. Then one day,......
Blog Traffic Exchange Related Websites
  • Mountain Biking Basics Trail cycling is a great way to explore the outdoors, stay fit, or simply have fun. Racing down the side of a mountain is a large amount of fun indeed, though it may also be quite dangerous. Although it's dangerous, if you ride with caution, it can be enjoyed by......
  • Snug Harbor Marina, Carlsbad, CA Snug Harbor Marina is located in: Carlsbad, CA Phone: (916) 775-1455 Dock/Slip Rates: The marina management states: Basic rule for covered berth charges: $7.00 per foot (berth length) per month for long term leases. (Over 6 months). Basic rule for Open slips and docks: $6.00 per ft of dock space......
  • Filing Small Claims Court: Basic FAQs What is small claims court? Small claims court is usually for cases involving claims of less than $5,000. A benefit of small claims court is that you do not need a lawyer as it is simplified to expedite cases. What can I do in small claims? There are two type......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site