Home | Comics | Gallery | (Amazon| ThinkGeek) wishlist | Donations | Impressum | The Book of Postfix | Postfix - Einrichtung, Betrieb und Wartung | Blog
Besonderes Augenmerk sollte der Anti Spam Sektion gelten!
Have a look at the Anti Spam section!
biff = no # wir haben kein biff / we don't have biff -- nobody uses this content_filter = amavis:[localhost]:10024 # I created a dedicated transport called "amavis" in master.cf notify_classes = resource, software queue_minfree = 20480000 mydomain = arschkrebs.de # see how I don't need to set $myhostname and $mydomain? mydestination = $mydomain $myhostname www.$mydomain mynetworks = 127.0.0.0/8, 134.169.69.192/26 smtpd_helo_required = yes strict_rfc821_envelopes = yes # Strenge Syntax / Strict syntax disable_vrfy_command = yes # kein VRFY / no VRFY command unknown_address_reject_code = 554 unknown_hostname_reject_code = 554 unknown_client_reject_code = 554 # permanent error codes for these reject_unknown_* things alias_maps = hash:/etc/postfix/aliases hash:/var/lib/mailman/data/aliases alias_database = $alias_maps # Additonal maps since we use mailman owner_request_special = no # for mailman recipient_canonical_maps = hash:/etc/postfix/canonical relocated_maps = hash:/etc/postfix/relocated virtual_alias_maps = hash:/etc/postfix/virtual_aliases virtual_domain_maps = hash:/etc/postfix/virtual_domains relay_domains = hash:/etc/postfix/relay_domains transport_maps = hash:/etc/postfix/transport local_recipient_maps = $relocated_maps, $alias_maps, proxy:unix:passwd.byname # Damit wird Mail fuer unbekannte User direkt am SMTP port geblockt smtpd_client_restrictions = smtpd_helo_restrictions = smtpd_sender_restrictions = smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, check_recipient_access regexp:/etc/postfix/recipient_checks.regexp, check_recipient_access hash:/etc/postfix/recipient_checks, check_sender_access hash:/etc/postfix/sender_checks, check_client_access hash:/etc/postfix/client_checks, reject_unauth_pipelining, reject_invalid_hostname, reject_non_fqdn_hostname, reject_rbl_client ix.dnsbl.manitu.net reject_rbl_client zen.spamhaus.org reject_rbl_client list.dsbl.org check_sender_access hash:/etc/postfix/rhsbl_sender_domain_exceptions, reject_rhsbl_sender dsn.rfc-ignorant.org check_sender_access hash:/etc/postfix/frequently_forged_senders permit # reject non FQ sender/recipients and unknown domains # then allow local networks # check for relaying # apply recipient, sender and client checks first (to be able to make exceptions) # refuse unauthorized pipelining # check the HELO/EHLO parameter # Perform lookups in DNS based blacklists # reject mail from clients without hostname address_verify_map = hash:/etc/postfix/verify # Sender address verification cache smtpd_etrn_restrictions = permit_mynetworks, check_client_access $relay_domains reject header_checks = pcre:/etc/postfix/header_checks.regexp body_checks = pcre:/etc/postfix/body_checks.regexp message_size_limit = 20480000 delay_warning_time = 4h home_mailbox = Maildir/ # lokale Zustellung in Maildir Mailboxen unknown_local_recipient_reject_code = 554 unverified_sender_reject_code = 550
header_checks.pcre:
/[^[:print:]][^[:print:]][^[:print:]][^[:print:]][^[:print:]][^[:print:]][^[:print:]][^[:print:]]/ REJECT
recipient_checks.pcre:
/[@!%].*[@!%]/ 550 Please use user@domain address forms only.
and in recipient_checks:
postmaster@ OK abuse@ OK # always allow mail to postmaster and abuse!! # man 5 access # this is safe since it takes place after the relay test
|
© by Ralf Hildebrandt This document contains links to external information sources that I do neither monitor nor control. I explicitly disclaim any liabilities in respect to external references. You are getting this document without any guarantees. Any methods shown above are meant as demonstration and may be wrong in some place. You may damage your system if you try to follow my hints and instructions. You do this at your own risk! |
|
|
|
This file was last modified 28. Apr 2007 by root
