TheGeekery

The Usual Tech Ramblings

Postfix, and Anti-spam

While I know there are plenty of documents on how to defeat spam with Postfix and various tools, I’m still quite amazed at how effective two options are. They are:

1
2
smtpd_sender_restrictions =
                            reject_unknown_sender_domain

And:

1
2
3
4
5
smtpd_client_restrictions =
                            cidr:/etc/postfix/access_cidr,
                            check_client_access hash:/etc/postfix/access,
                            reject_rbl_client relays.ordb.org,
                            reject_rbl_client sbl-xbl.spamhaus.org

Now the cidr: line isn’t necessary above, but it’s handy if you want to shut down a whole IP block. The above two configurations have dropped the spam abuse on one of the servers I manage from about 90 or so a day, down to about 25. I was considering adding spamcop.net to the above RBLs, however, they’ve been known to blacklist SourceForge’s servers on a regular basis.

Comments