Category Archives: RBL

Use DNSBL on ISPCONFIG


Spam filters are nice, but can consumer 100MB or more of your server RAM. If you have a big server, with 1GB or more of RAM all for yourself, great! If you have a small budget VPS, that can tank your entire setup. Not great! In another post, I just discussed how ClamAV and Amavis can be disabled to save more than 150MB of memory. However, that doesn’t mean you just have to live with spam. Use DNSBL!

Using your favorite text editor (I’m using vi on my Ubuntuo 10.10 VPS), you’ll simply edit one file, then disable the unneeded services via command-line.
Remember your basic vi commands:
Press i to edit the text file.
Press ESC to exit edit mode.
After escaping, type :w to save changes.
Then :q to quit the editor.

To edit the Postfix configuration file, ype this into your shell (SSH) console window:

Code:
vi /etc/postfix/main.cf

Find the line that has this:

Code:
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_tls_security_level = may

and add

Code:
reject_rbl_client zen.spamhaus.org

which gives you a line that now looks like this:

Code:
smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org, permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_tls_security_level = may

In this example, I added a single DNSBL entry: zen.spamhaus.org.
However, you can added more. Just be aware that not all DNSBL are safe to use, and will end up blocking some degree of legitimate content. Tread carefully, tread lightly. Don’t be a DNSBL junkie, or you could find yourself with an empty inbox (which may mean missed business, missed contacts from friends/family, etc).

A “more” entry might look like this:

Code:
smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org, reject_rbl_client 2.0.0.127.b.barracudacentral.org, permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_tls_security_level = may

Note that “reject_rbl_client” is repeated for each new entry, and then separated by a comma.

After your editing is done, restart postfix. Type this into SSH:

Code:
/etc/init.d/postfix restart

If you see this, you succeeded in making correct changes:

Code:
 * Stopping Postfix Mail Transport Agent postfix ( OK )
 * Starting Postfix Mail Transport Agent postfix ( OK )

If you edited the code improperly, such as not keeping all code on a single line, you may end up with an error message like this:

Code:
 * Stopping Postfix Mail Transport Agent postfix
  postfix: fatal: /etc/postfix/main.cf, line 54: missing '=' after attribute name: "reject_rbl_client zen.spamhaus.org,"

Edit code as needed to fix your mistake.

And that’s it. Very easy. 

A list of all possible DNS blacklists can be found at Wikipedia: http://en.wikipedia.org/wiki/Compari…DNS_blacklists
Though I’m not a big Wikipedia fan, this page does seem to be well maintained. Do note that quite a few DNSBL are pretty terrible, dumping legitimate mail and missing spam. If I had to suggest the best DNSBL, I’d look at Spamhaus (zen), Barracuda (register on the Barricuda site), UCE Protect (L2), and SORBS (recent). The goal is to use as few DNSBL as possible, while also blocking at least 95% of spam.

And, of course, if you run into spam that can all be traced back to specific nuisance IP addresses, you can always use your Firewall.

Hope this helps. 

Read more: http://www.digitalfaq.com/forum/web-tech/3262-edit-postfix-dns.html#ixzz1VVPGahWO

ISPCONFIG BLOCK SPAM USING RBL


# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = sitcol.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = sitcol.com, localhost, localhost.localdomain, mail.sitcol.com
relayhost = 
mynetworks = 127.0.0.0/8 [::1]/128
#mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains = 
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
#smtpd_tls_loglevel = 1
#smtpd_tls_CAfile = /etc/postfix/cacert.pem

#smtpd_tls_received_header = yes
#smtpd_tls_session_cache_timeout = 3600s
#tls_random_source = dev:/dev/urandom

broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
#smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination
# reject_rbl_client dnsbl.sorbs.net, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit 
smtpd_tls_security_level = may
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
#virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
inet_protocols = all

#tambahan
#inet_protocols = no
readme_directory = /usr/share/doc/postfix
html_directory = /usr/share/doc/postfix/html

smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
#smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
#smtpd_tls_auth_only = no
#smtp_use_tls = yes
smtpd_use_tls = yes

#smtp_tls_note_starttls_offer = yes



#mailbox_command = 
virtual_transport = maildrop
message_size_limit = 52428800

Use DNSBL! ISPCONFIG


shisdew

Listens until think alike

moses.spaceku@yahoo.com / voip ipbx

Hosted PBX, IP-PBX SOHO/ CALL CENTER, VOICE GATEWAY, VOICE CARD, COST EFECTIVE SOLUTIONS (LCR), GSM/CDMA GATEWAY

%d bloggers like this: