Postfix

From ConShell
Jump to navigation Jump to search

What is Postfix?

Postfix is a very capable and secure Mail Transfer Agent (MTA) written by Wietse Venema.

How to configure Postfix to filter spam using a block list

Block lists, also known as RBLs, are a technique using DNS to query for a given IP address to determine if it has been flagged for nefarious activity by the entity maintaining the block list. My favorite block list is XBL which is run by the SpamHaus Project. It is a comprehensive list combining other reputable lists for "one-stop shopping".

So, to configure postfix to check the XBL, we need a line like this in /etc/postfix/main.cf. 

 smtpd_client_restrictions = permit_mynetworks, reject_rbl_client xbl.spamhaus.org

How to enable amavisd-new for content scanning

1. Setup and amavisd-new and make sure it is running 2. Tell postfix about it by adding these configuration entries:

  • in /etc/postfix/main.cf
content_filter = smtp-amavis:[127.0.0.1]:10024
  • in /etc/postfix/master.cf
smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= \
-o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= \
-o smtpd_helo_restrictions= -o smtpd_sender_restrictions= \
-o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 \
-o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 \
-o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000

How to tell postfix to check DNSBL

smtpd_client_restrictions = permit_mynetworks, reject_rbl_client sbl-xbl.spamhaus.org

How to clear the queue

From time to time your mail queue may get filled up. This may be due to network problems or misconfiguration. For instance, if you botch (typo) the relayhost parameter, the mail will be undeliverable.

The first thing to do is fix the problem, meaning get the network back online, or fix the configuration. Issuing this command will tell postfix to try and deliver the mail from the queue. 

 postfix flush

However if you discover (using the mailq command) that the deferred mail is useless anyway, it may be desirable to just purge it from the queue without delivering, like so... 

 postsuper -d ALL deferred

Specific messages can be removed based on their message ID, which is the first thing shown for each message shown in the mailq output. 

 postsuper -d 0C0FF240F2

Many MAILER-DAEMON mail messages are moved to the deferred queue, which you can check by: 

 qshape -s deferred | head

To delete these messages use: 

  mailq  | grep MAILER-DAEMON | awk '{print $1}' | postsuper -d -
Retrieved from "https://conshell.net/wiki/index.php?title=Postfix&oldid=5829"