LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 11-15-2006, 10:19 AM   #1
crxssi
Member
 
Registered: Apr 2005
Location: USA
Distribution: Mageia
Posts: 84

Rep: Reputation: 15
Postfix blacklist


Using Mandriva 2006 + Postfix + RBL + Postgrey.

We have just about everything we want, with one exception- I have no way to easily add an IP address (or range) or domain to manually blacklist.

Yes, you can do it with complex tables and hashes that have to be rebuilt every time you want to add or change something in it. But isn't there a way I can have either Postfix or Postgrey just look in a plain text file for a list of banned IP's/names without having to rebuild a hash table every time (and sometimes even reloading Postfix)?

Thanks for any ideas!
 
Old 11-16-2006, 06:34 AM   #2
gani
Member
 
Registered: Jun 2004
Location: Metro Manila, Philippines
Distribution: OpenBSD, Slackware, XP
Posts: 347

Rep: Reputation: 31
Add amvisd-new and SpamAssassin and tell amavisd-new to use SA as well.

In SA's local.cf you can add a blacklist like this:

blacklist_from *@domain.com

Using amavisd-new, you can as well use clamav to scan mails against viruses/worms, not just spam.

http://www.ijs.si/software/amavisd

To install amavisd-new, read and follow INSTALL text file after you have unpacked the tar ball or refer to their page. Or through this howto.

http://www.postfixvirtual.net/postfi...tml#amavisdnew
 
Old 11-16-2006, 05:50 PM   #3
crxssi
Member
 
Registered: Apr 2005
Location: USA
Distribution: Mageia
Posts: 84

Original Poster
Rep: Reputation: 15
Thanks for the suggestion, although we don't really want to install/configure/test/run SpamAssassin at this time (since we are not interested in that type of filtering... yet).
 
Old 11-17-2006, 09:01 AM   #4
Child of Wonder
Member
 
Registered: Jul 2004
Location: Sioux Falls, SD
Distribution: Debian, Ubuntu, Fedora, Red Hat
Posts: 69

Rep: Reputation: 16
Here's a very simple script that can do what you want.

Quote:
nano /usr/local/bin/addblacklistedip
Quote:
#!/bin/sh

echo -e "$1\tREJECT" >> /etc/postfix/client_access
postmap /etc/postfix/client_access

Then make it executable:

Quote:
chmod +x /usr/local/bin/addblacklistedip
Then make sure you have "check_client_access hash:/etc/postfix/client_access" in your "smtpd_client_restrictions" section (or any section) in /etc/postfix/main.cf.

Quote:
postfix reload
All you need to do is type "addblacklistedip x.x.x.x" and hit enter. In fact, you can name the script anything you want. "blacklist" "badip" etc. It will append the IP with REJECT in your client_access file and postmap it. This will stop the IP from connecting to Postfix.

Last edited by Child of Wonder; 11-17-2006 at 09:04 AM.
 
1 members found this post helpful.
Old 02-14-2009, 10:11 AM   #5
crxssi
Member
 
Registered: Apr 2005
Location: USA
Distribution: Mageia
Posts: 84

Original Poster
Rep: Reputation: 15
Thanks, "Child of Wonder". I seem to have gotten distracted and never tried your suggestion. I implemented it yesterday and it works great.

First thing to go in the blacklist was:

constantcontact.com

They will no longer CONSTANTLY CONTACT my users
 
Old 09-22-2009, 03:45 PM   #6
oranges
LQ Newbie
 
Registered: Sep 2009
Posts: 1

Rep: Reputation: 0
will this also work if I blacklist a subnet? x.x.x.0/24?

TIA!
 
Old 09-22-2009, 05:13 PM   #7
crxssi
Member
 
Registered: Apr 2005
Location: USA
Distribution: Mageia
Posts: 84

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by oranges View Post
will this also work if I blacklist a subnet? x.x.x.0/24? TIA!
Not sure on that. I have only blocked DNS things like this:

.XXX
XXXX.XXX
XXX@XXXX.XXX

Using the blacklist has been a *HUGE* success. Especially blocking entire countries like .pl .ru .cn

I just add something to the /etc/postfix/blacklist file and run postmap on it. Done!
 
Old 09-23-2009, 02:34 PM   #8
sasykes
LQ Newbie
 
Registered: Sep 2009
Posts: 1

Rep: Reputation: 0
Great info. Finally got around to blacklisting some annoying email addresses.

Thanks for the script.

EDIT: Actually, I had to change the postfix main.cf line to...

Quote:
smtpd_client_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/sender_access, permit
and now all is well.

Last edited by sasykes; 11-06-2009 at 10:05 AM. Reason: Updated information
 
  


Reply

Tags
blacklist, email, hash, maincf, postfix


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
?Odd bug. modprobe.blacklist~ behaves as modprobe.blacklist arubin Slackware 1 11-05-2006 07:08 PM
spamassassin blacklist stomach Linux - Software 1 02-08-2006 04:37 PM
a blacklist for hal? evans0409 Linux - Software 12 02-05-2006 09:29 PM
'blacklist' WARNING JerryP Mandriva 5 12-01-2005 06:47 PM
using the squidguard blacklist myheart Linux - Security 4 02-01-2005 11:05 AM


All times are GMT -5. The time now is 03:05 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration