|OS type and version||Ubuntu Linux 20.04.5|
|Virtualmin version||7.3-1 Pro|
|Related packages||Postfix RBL Configuration|
This morning a user on a server with 100s of domains and probably around 500 mailboxes called me to report spam. Upon closer inspection I did a lookup for blacklists at MX Toolbox and found that the IP address is listed at 18 RBLs.
Then I checked Postfix and noticed that it doesn’t seem to contain any checks for blacklists.
I need some help to configure RBLs, especially these ones for Virtualmin:
Here is the original Postfix main.cf on a fresh Ubuntu server. Note spaces instead of commas.
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service inet:127.0.0.1:10023
Here are the modifications I made (note the commas):
smtpd_recipient_restrictions =. permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, # Added check_policy_service inet:127.0.0.1:10023, reject_rbl_client zen.spamhaus.org, # Added reject_rbl_client bl.spamcop.net, # Added reject_rbl_client dnsbl.sorbs.net, # Added reject_rbl_client cbl.abuseat.org, # Added reject_rbl_client b.barracudacentral.org, # Added reject_rbl_client dnsbl-1.uceprotect.net, # Added permit # Added ``` This is the guide from Rackspace that I used: https://docs.rackspace.com/support/how-to/prevent-spam-in-postfix/ Note to use Spamhaus you can't use open resolvers such as 220.127.116.11 and 8.8.x.x. You have to use your DCs DNS resolver. Perhaps I'm missing the boat and these RBLs are actually configured somewhere else e.g. in SpamAssassin? Please comment?