From: Danny (no email)
Date: Wed Sep 01 2004 - 10:50:21 EDT
Hello,
I would like to experiment with some smtpd restrictions, and possibly
add sorbs into my config.
The SORBS website states I would need to make the following addition
to my config:
"Two parts of the configuration need to be changed:
In your main.cf file (usually /etc/postfix/main.cf) set the following:
1. maps_rbl_domains = dnsbl.sorbs.net
2. smtpd_client_restrictions = reject_maps_rbl
Note: the 'reject_maps_rbl' restriction should be added rather than
replacing the current options."
Here is my current config:
mx1# postconf -n
alias_database = hash:/usr/local/etc/postfix/aliases
alias_maps = hash:/usr/local/etc/postfix/aliases
body_checks = regexp:/usr/local/etc/postfix/body_checks
bounce_size_limit = 65536
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
header_checks = regexp:/usr/local/etc/postfix/header_checks
header_size_limit = 32768
local_recipient_maps = hash:/usr/local/etc/postfix/local_recipients_maps
local_transport = local
mail_owner = postfix
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 12533760
mime_header_checks = regexp:/usr/local/etc/postfix/mime_header_checks
mydestination = $myhostname, localhost.$mydomain, $mydomain, mx.$mydomain.com
mydomain = example.org
myhostname = mx1.example.org
mynetworks = 127.0.0.0/8, 10.10.10.0/24
myorigin = $mydomain
newaliases_path = /usr/local/bin/newaliases
proxy_interfaces = 123.123.123.123
queue_directory = /var/spool/postfix
readme_directory = no
relay_domains = hash:/usr/local/etc/postfix/relay_domains
relay_recipient_maps = hash:/usr/local/etc/postfix/relay_recipient_maps
sample_directory = /usr/local/etc/postfix/samples
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
show_user_unknown_table_name = no
smtpd_banner = $myhostname - ESMTP Mail Server - Attn: UCE trespassers
will be pursued!
smtpd_etrn_restrictions = reject
smtpd_helo_required = yes
smtpd_recipient_limit = 128
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_sender_restrictions = check_sender_access
hash:/usr/local/etc/postfix/restricted_senders
smtpd_timeout = 180
strict_rfc821_envelopes = yes
transport_maps = hash:/usr/local/etc/postfix/transport
unknown_local_recipient_reject_code = 550
Would I simply add:
maps_rbl_domains = dnsbl.sorbs.net
smtpd_sender_restrictions = check_sender_access, reject_maps_rbl
anywhere to my main.cf?
Thank you,
...D
|
|
|