Postfix & anti-spam optimization
Hello,
My postfix server has been working great for the last 1-2 years. Lately the number of spams encreased (from 1-2 every day to aprox 8-10 every day per domain for some domains ). I post here the output of postconf -n. Maybe someone gives me some advices about what cat I change or how can I optimize. I must recognise that I don't fully understand details of how postfix and all the restrictions works together, but I will document every advice. Thanks Code:
alias_database = hash:/etc/aliases |
What other anti-spam utilities are you using? It is not obvious from main.cf just what you are doing. You should have amavis and clamav to run all the arriving mail through to help filter spam.
|
As I know amavis and clamav are anti-virus software and not anti-spam.
In fact I am interested what could I optimize here: Code:
smtpd_recipient_restrictions = reject_non_fqdn_sender reject_non_fqdn_recipient permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_sender_login_mismatch reject_invalid_hostname reject_unknown_sender_domain reject_unknown_recipient_domain reject_unverified_recipient reject_unlisted_recipient reject_invalid_helo_hostname check_sender_access hash:/etc/postfix/access_sender check_helo_access pcre:/etc/postfix/helo_checks reject_unknown_sender_domain reject_rbl_client zen.spamhaus.org, reject_rhsbl_sender dsn.rfc-ignorant.org permit |
Here are a couple of threads where I have discussed this. In particular, this thread, discusses using anti-spam measures in layers which is one of the key things that you will need to do. This thread has some tips that are quite recent as I have been having a problem with a real increase in spam too.
As I mention in the threads, you will need to apply your spam filtering in layers. Start with greylisting, which will require the sender to use a compliant mail client. Then use HELO restrictions to keep some junk from even being queued up. Follow this with some DNS checks, such as the RBL list. Note, this is a YMMV issue, but I had to place the spamhaus check towards the top in my list or else messages would be accepted before the check. I think it may have been a conflict with the Amavis checks. Next, use a content filter such as DSpam or Spamassassin. These are resource intense so if you can reject it before it gets there your better off. Amavis works with Spamassassin by co-ordinating the filtering of your mail of which virus checking is a part, but it isn't just for viruses. I found I was having a real problem with certain senders and regions which I blocked. If you find that you have a problem with repeat offenders, look up the domain by the AS number and block their entire IP range. Also watch your reject codes. A 400 level code, typical of a DNS problem, is a temporary code and may just cause the stuff to keep coming back. Lastly, consider reporting the stuff that does get through to Spamcop and cause grief for their ISPs. Once you install the content filter, e.g. Spamassassin, it will take some time to train it as far as what is spam and what is not, as well as tweaking the rules. In any case, implement one thing at a time and see what effect it has. If you do too much at once, you won't know how effective a particular measure was. |
Thanks. I will read those threads you have recommended.
|
All times are GMT -5. The time now is 04:34 AM. |