Posts tagged ‘mail’
mail spam rabl.nuclearelephant.com is dead
Today some mails did not reached my inbox and were blocked through my postfix spam filter rabl.nuclearelephant.com.
It seems that this rbl is not available since today.
See this info on sourceforge forum page.
Any legacy services that might have been hosted on nuclearelephant.com have been discontinued, in particular rabl.nuclearelephant.com
Solution:
simply remove from your postfix main.cf:
reject_rbl_client rabl.nuclearelephant.com
install postgrey for postfix on Ubuntu
Greylisting is yet another way for preventing your mailbox getting full of spam. A famous spam fighter software is spamassassin which filter emails. Greylisting won’t replace such softwares but it will behave as a powerful proactive barrier which will reduce the amount of spam getting through your mail server.
Greylisting is a great way for fighting spams, the basic idea out of it is that spammers mail servers are not respecting RFC standards specifications which basically says that when an email could not be delivered, the mail server should try again later on. By sending so many emails, spammers can’t afford to spend to much resources on resending emails when they could not be delivered, so if the email could not be delivered in the first place, they won’t send it back to you.
From this ideas, greylisting simply reject any untrusted mail domain by giving a 450 response code, which means “I can’t deal with your request now, please try again later”.
As spam mail server are not usually RFC compliant, they won’t try back and therefore you won’t get the spam.
Postgrey is a postfix policy server implementing greylisting.
It is really easy to integrate to postfix and is really effective.
step 1: install postgrey
apt-get install postgrey libnet-rblclient-perl libparse-syslog-perl libio-socket-ssl-perl
i got a warning during installation, but that can be ignored:
Warning: The home dir /var/lib/postgrey you specified can't be accessed: No such file or directory
step 2: add check_policy_service inet:127.0.0.1:60000 to /etc/postfix/main.cf
for example:
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policy, check_policy_service inet:127.0.0.1:60000
step 3: reload postfix configuration
/etc/init.d/postfix reload
step 4: send a test mail and verify your /var/log/mail.log
first entry
Jul 19 18:13:58 MYHOST postgrey[10713]: action=greylist, reason=new, client_name=CLIENT_HOST, client_address=CLIENT_ADDRESS, sender=SENDER_EMAIL, recipient=RECIPIENT_EMAIL
second entry (some minutes later, depends on sender’s MTA)
Jul 19 18:20:20 MYHOST postgrey[10713]: action=pass, reason=triplet found, delay=382, client_name=CLIENT_HOST, client_address=CLIENT_ADDRESS, sender=SENDER_EMAIL, recipient=RECIPIENT_EMAIL
(optional) exclude some recipients from whitelisting
edit /etc/postgrey/whitelist_recipient and add e.g. YOURDOMAIN.COM to exclude this address from greylisting processing.
# postgrey whitelist for mail recipients
# --------------------------------------
# put this file in /etc/postgrey or specify its path
# with --whitelist-recipients=xxx
postmaster@
abuse@
YOURDOMAIN.COM
(optional) postgrey report
to get a postgrey report, simple run this command:
cat /var/log/mail.log | postgreyreport --nosingle_line --check_sender=mx,a --show_tries --separate_by_subnet="--------------------\n"
Reduce spam and enjoy postgrey!