SYSTEM INFORMATION | |
---|---|
OS type and version | Ubuntu Linux 20.04.5 |
Webmin version | 2.001 |
Virtualmin version | 7.3-1 Pro |
Related packages | Postfix RBL Configuration |
This morning a user on a server with 100s of domains and probably around 500 mailboxes called me to report spam. Upon closer inspection I did a lookup for blacklists at MX Toolbox and found that the IP address is listed at 18 RBLs.
Then I checked Postfix and noticed that it doesn’t seem to contain any checks for blacklists.
I need some help to configure RBLs, especially these ones for Virtualmin:
- Spamcop
- Spamhaus
- Sorbs
- Abuseat
Here is the original Postfix main.cf on a fresh Ubuntu server. Note spaces instead of commas.
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service inet:127.0.0.1:10023
Here are the modifications I made (note the commas):
smtpd_recipient_restrictions =.
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname, # Added
check_policy_service inet:127.0.0.1:10023,
reject_rbl_client zen.spamhaus.org, # Added
reject_rbl_client bl.spamcop.net, # Added
reject_rbl_client dnsbl.sorbs.net, # Added
reject_rbl_client cbl.abuseat.org, # Added
reject_rbl_client b.barracudacentral.org, # Added
reject_rbl_client dnsbl-1.uceprotect.net, # Added
permit # Added
```
This is the guide from Rackspace that I used:
https://docs.rackspace.com/support/how-to/prevent-spam-in-postfix/
Note to use Spamhaus you can't use open resolvers such as 1.1.1.1 and 8.8.x.x. You have to use your DCs DNS resolver.
Perhaps I'm missing the boat and these RBLs are actually configured somewhere else e.g. in SpamAssassin?
Please comment?