Hi list The first thing to do will be a blacklist created for me. Im looking to make it and is putting the line:
check_client_access hash:/etc/postfix/blacklist but I have doubts. Where I need to put this? in smtp_recipient_restrictions or in smtpd_client_restrictions? The content inside the archive permit to put domains and Ips? For example: 121.222.33.44 REJECT domain.com REJECT This is my configuration: smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/overquota, permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_unauth_pipelining, #check_client_access hash:/etc/postfix/clientes #This is correct reject_unauth_destination, reject_rbl_client rbl.orbitrbl.com, reject_rbl_client zen.spamhaus.org, reject_rbl_client whois.rfc-ignorant.org, reject_rbl_client dnsbl.njabl.org, reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client bl.spamcop.net, permit Other recommendations? On Mon, Apr 27, 2009 at 12:39 AM, Terry Carmen <te...@cnysupport.com> wrote: > > > Hi list > > > > Im with the next problem: I have and old server and Im in process to > migrate > > to a better machine, but actually Im having spam attacks in the server > than > > saturate it. For the age of the server and because in two weeks is > replaced > > I can't install any program like spamity or similar to help to detect > spam > > attacks, but I need to understand the mail.log to deduce the Ips where > comes > > the attacks and stop it. Any people can help me what clues can help me to > > deduce this Ips? > > There are a number of things you can do, including possibly using a better > (or > an additional) blacklist, rejecting incoming connections that have no > reverse > DNS entry, and on a more controversial, but very effective note, reject IP > addresses that have a "dynamic looking" reverse DNS and rejecting messages > that are for non-existent users. > > If you can you can post a few log entries for this spam, as well as the > output > from postconf -n, I'm sure you'll get a lot of good suggestions. > > Some well-chosen restrictions will let even a small machine handle a really > significant volume of mail. The trick is to reject as much spam as possible > during the initial SMTP connection. > > Terry > > > > >