Enable Postscreen in Postfix to fight Spam

This is apparently fairly simple in fighting spam.

Firstly take uncomment the appropriate lines in master.cf (carefully)

as root:

Note that on Apple OS X 10.10.3, sed seems to miss behave differently than this list of commands, however what it is doing is removing the ‘#’ Remark tabs from in front of any lines containing
smtp or smtpd, and second line, lines as listed there. I’m pretty sure so far that the default is the case anyway.
Check with ‘vi’


## configure Postfix to use postscreen 
sed -i 's/^smtp .*smtpd$/#&/' /etc/postfix/master.cf 
sed -i '/\(smtpd .*pass\|postscreen\|dnsblog\|tlsproxy\)/s/^#//' /etc/postfix/master.cf 
grep '\(smtp .*smtpd$\|smtpd .*pass\|postscreen\|dnsblog\|tlsproxy\)' /etc/postfix/master.cf 

Then, change the main.cf setting to reflect this.


## enable tests before the 220 SMTP server greeting 
postconf -e 'postscreen_blacklist_action = enforce' 
postconf -e 'postscreen_dnsbl_action = enforce' 
# about RBL lists <http://www.sdsc.edu/~jeff/spam/cbc.html> 
postconf -e 'postscreen_dnsbl_sites = zen.spamhaus.org*2, dnsbl-1.uceprotect.net*1, b.barracudacentral.org*1' 
postconf -e 'postscreen_dnsbl_threshold = 2' 
postconf -e 'postscreen_greet_action = enforce' 
## enable tests after the 220 SMTP server greeting 
postconf -e 'postscreen_pipelining_enable = yes' 
#postconf -e 'postscreen_pipelining_action = enforce' 
postconf -e 'postscreen_non_smtp_command_enable = yes' 
#postconf -e 'postscreen_non_smtp_command_action = drop' 
postconf -e 'postscreen_bare_newline_enable = yes' 
postconf -e 'postscreen_bare_newline_action = enforce' 

Then restart postfix.

sudo postfix reload.

and it will start working.


 postfix/postfix-script[59043]: refreshing the Postfix mail system
 postfix/master[61]: reload -- version 3.1-20150330, configuration /etc/postfix
 postfix/postscreen[59104]: CONNECT from [217.170.205.78]:37664 to [192.168.0.15]:25
 postfix/dnsblog[59106]: addr 217.170.205.78 listed by domain dnsbl-1.uceprotect.net as 127.0.0.2
 postfix/postscreen[59104]: NOQUEUE: reject: RCPT from [217.170.205.78]:37664: 450 4.3.2 Service currently unavailable; from=<wc.roberts@205.170.217.stwvps.net>, to=<intrudersd@chalmers.podzone.net>, proto=ESMTP, helo=<vps-78.205.170.217.stwvps.net>
 postfix/postscreen[59104]: HANGUP after 0.29 from [217.170.205.78]:37664 in tests after SMTP handshake
 postfix/postscreen[59104]: PASS OLD [217.170.205.78]:37664
 postfix/postscreen[59104]: DISCONNECT [217.170.205.78]:37664

This is added to my main.cf, in addition to the “spambayes” setup I have.

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA * Time limit is exhausted. Please reload CAPTCHA.