Hello All, I am new to the list and this is my first post. I have a postfix server that is receiving a big number of spam. I already have spamassassin, amavisd-new and a number of configs in postfix that are blocking a huge number, but then I was looking for something to help me diminish the passing spams. Comes postscreen.
I understand that a great number of chekings that are already been done by postfix can be relayed to postscreen. My postfix main.cf is at the end of this post. What is not clear for me is: do I need to change my main.cf in order to run postscreen and do not duplicate its functionality in postfix? It seems to me that smtpd_hard_error_limit, smtpd_helo_required and other configs may just be removed from main.cf, but I am not sure and I would not like to do it in production site... Also I could not find any HOWTO that spoke clearly about the issue... If any of you can help with that too I will be very grateful. 8<-------------------- soft_bounce = yes biff = no maximum_queue_lifetime = 2h default_destination_concurrency_limit = 50 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases transport_maps = hash:/etc/postfix/transport local_recipient_maps = smtpd_hard_error_limit = ${stress?1}${stress:4} smtpd_helo_required = yes strict_rfc821_envelopes = yes disable_vrfy_command = yes content_filter = smtp-amavis:[127.0.0.1]:10024 header_checks = pcre:/etc/postfix/header_checks.pcre smtpd_client_restrictions = reject_unknown_client_hostname, reject_unknown_reverse_client_hostname, check_client_access pcre:/etc/postfix/accepted-servers.pcre, check_client_access pcre:/etc/postfix/blocked-servers.pcre, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net, permit smtpd_helo_restrictions = reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access hash:/etc/postfix/helo_checks, permit smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/whitelist, check_sender_access pcre:/etc/postfix/frequently_forged_senders.pcre, check_sender_access pcre:/etc/postfix/blocked-senders.pcre, check_sender_access hash:/etc/postfix/blocked-senders, check_sender_access hash:/etc/postfix/blocked-domains, permit smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unlisted_recipient, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/recipient_checks.pcre, check_policy_service inet:127.0.0.1:10031, permit smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit smtpd_banner = $mydomain ESMTP Server smtpd_client_restrictions = reject_unknown_client_hostname, reject_unknown_reverse_client_hostname, check_client_access pcre:/etc/postfix/accepted-servers.pcre, check_client_access pcre:/etc/postfix/blocked-servers.pcre, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net, permit smtpd_helo_restrictions = reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access hash:/etc/postfix/helo_checks, permit smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/whitelist, check_sender_access pcre:/etc/postfix/frequently_forged_senders.pcre, check_sender_access pcre:/etc/postfix/blocked-senders.pcre, check_sender_access hash:/etc/postfix/blocked-senders, check_sender_access hash:/etc/postfix/blocked-domains, permit smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unlisted_recipient, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/recipient_checks.pcre, check_policy_service inet:127.0.0.1:10031, permit smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit 8<-------------------- Many thanks! Fernando Maior