Re: main.cf best practices
On Mon, Aug 8, 2011 at 3:48 PM, Stephen Atkins wrote: > My main goal is to figure out what I should have in each section of > main.cf (smptd/client restrictions to help stop spam and not to be a open > relay or back scatter host. You won't be successful in stopping spam with any kind of "set it and forget it" configuration. But, if you want to test for open-relay-ness: http://www.abuse.net/relay.html Is a nice tool to test your server for different address conventions in an attempt to relay mail out via your server.
Re: main.cf best practices
Stephen Atkins: > My main goal is to figure out what I should > have in each section of main.cf (smptd/client restrictions to help stop > spam There is no universal solution against spam. Some people don't tolerate false negatives (spam not blocked), and some people don't tolerate false positives (blocked non-spam). > and not to be a open relay or back scatter host. That's easy: don't accept-then-bounce. This means reject non-existent recipients before mail enters your mail queue. If you have to block spam after it enters your mail queue, quarantine if if you must, discard it if it contains known malware. Wietse
main.cf best practices
Thanks again for the help everyone. I setup these postfix servers about 5 years ago. I've pretty much ignored then except for postfix updates since then. I know this probably wasn't the best idea but I got moved into a different department and could barely keep up. Now I'm back and have the chance to do a complete re-install to new server hardware. I'm just wondering if anyone out there has some how to or best practices to follow. I'm going to use a Ubuntu 11.04 server install. I've got about 15 domains to accept mail for and just over 1000 users. I'm not worried about the setup of mysql/virtual server as I've done that a few times. My main goal is to figure out what I should have in each section of main.cf (smptd/client restrictions to help stop spam and not to be a open relay or back scatter host. Thanks. -- Stephen Atkins Information Systems
