|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Noel Jones (njones
megan.vbhcs.org)
Date: Mon Dec 01 2008 - 10:17:57 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
J.P. Trosclair wrote:
> For the past couple of weeks we've been getting a lot of spam from valid
> mail accounts on our domain. The spam gets automatically white listed
> since it's from our domain. Short of removing our own domain from our
> white lists, I'm looking for a way to put an end to this. Our server
> already requires smtp auth for relaying. Is it possible to apply the
> same idea to local accounts trying to deliver mail back to local
> accounts? I.E., if the sender claims to be joeuserourdomain.com and
> wants to email joeuser or janedoe on ourdomain.com, require them to
> authenticate with the server first. Most of the spam is being forged as
> webmaster or postmaster which are both accounts I need to keep intact.
Yes, you can reject mail to local domains from
outside/unauthenticated clients. Note some legit mail arrives
this way, so be prepared for some false positives.
# main.cf
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_unlisted_recipient
# add this here:
check_sender_access hash:/etc/postfix/mydomains
# consider adding:
reject_unlisted_sender
reject_rbl_client zen.spamhaus.org
# mydomains
example.org REJECT sender not allowed
...other local domains... REJECT your message here
--
Noel Jones
>
> postconf -n:
>
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> disable_vrfy_command = yes
> html_directory = no
> inet_interfaces = all
> mail_owner = postfix
> mailbox_size_limit = 0
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> mydestination = judelawfirm.com, mail1.judelawfirm.com, mail1.jude,
> localhost, localhost.localdomain, localhost.judelawfirm.com
> mydomain = judelawfirm.com
> myhostname = mail1.judelawfirm.com
> mynetworks = 127.0.0.0/8, 192.168.1.0/24
> myorigin = mail1.judelawfirm.com
> newaliases_path = /usr/bin/newaliases.postfix
> queue_directory = /var/spool/postfix
> readme_directory = /usr/share/doc/postfix-2.4.5/README_FILES
> sample_directory = /usr/share/doc/postfix-2.4.5/samples
> sender_bcc_maps = hash:/etc/aliases_bcc
> sender_canonical_classes = header_sender
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> smtp_tls_note_starttls_offer = yes
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP
> smtpd_data_restrictions = reject_unauth_pipelining
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_invalid_hostname
> smtpd_recipient_restrictions = permit_sasl_authenticated
> permit_mynetworks reject_unauth_destination
> reject_unlisted_recipient reject_non_fqdn_recipient
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_sender_restrictions = reject_non_fqdn_sender
> reject_unknown_sender_domain
> smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
> smtpd_tls_auth_only = no
> smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
> smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom
> unknown_local_recipient_reject_code = 550
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]