Tag Archives: postfix

RBL whitelisting postfix

vi /etc/postfix/rbl_override
10.10.10.10 OK
12.23.34.45 OK
mail.freemailer.tld OK
domain.com OK
[email protected] OK
[email protected] OK

postmap /etc/postfix/rbl_override

mtpd_recipient_restrictions =
reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_client_access hash:/etc/postfix/rbl_override,
reject_rbl_client dsn.rfc-ignorant.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client combined.rbl.msrbl.net,
reject_rbl_client rabl.nuclearelephant.com,
permit

SYSERR(autoresponse): Too many hops 27 (25 max): from mailer-daemon via localhost, to


autoresponse[66556]: Unauthenticated attempt to set autoresponse message for mailer-daemon from 127.0.0.1!
Authentication-Warning: autoresponse set sender to mailer-daemon using -f

SYSERR(autoresponse): Too many hops 27 (25 max): from mailer-daemon via localhost, to
DSN: Too many hops 27 (25 max): from mailer-daemon via localhost, to
relay=autoresponder, delay=0.18, delays=0.06/0/0/0.13, dsn=5.3.0, status=bounced (service unavailable)

yum remove sendmail
service postfix restart

postfix message size limit


Reporting-MTA: dns;
Action: failed
Final-Recipient: rfc822
Status: 5.0.0
Remote-MTA: dns;
Diagnostic-Code: smtp; 552 5.3.4 Message size exceeds fixed limit

postconf | grep message_size_limit
message_size_limit = 10240000 #This is default message size

echo "message_size_limit = 30480000" >> /etc/postfix/main.cf
service postfix reload

postfix remove received header


vi /etc/postfix/header_checks
/^Received:.*with ESMTPSA/ IGNORE
/^Received:/ IGNORE
/^X-Originating-IP:/ IGNORE
/^X-Mailer:/ IGNORE
/^Mime-Version:/ IGNORE

vi /etc/postfix/main.cf
mime_header_checks = regexp:/etc/postfix/header_checks
header_checks = regexp:/etc/postfix/header_checks

postmap /etc/postfix/header_checks
postfix reload

centos postfix autoresponder


mkdir ~/tmp && cd ~/tmp
To download bash script you can here: autoresponse-1.6.3.tar.gz
tar xvfz autoresponse-1.6.3.tar.gz
useradd -d /var/spool/autoresponse -s `which nologin` autoresponse
mkdir -p /var/spool/autoresponse/log /var/spool/autoresponse/responses
cp -v autoresponse/autoresponse /usr/local/sbin/
chown -R autoresponse.autoresponse /var/spool/autoresponse
chmod -R 0770 /var/spool/autoresponse

vim /etc/postfix/master.cf

smtp      inet  n       -       n       -       -       smtpd
        -o content_filter=autoresponder:dummy


autoresponder unix - n n - - pipe
  flags=Fq user=autoresponse argv=/usr/local/sbin/autoresponse -s ${sender} -r ${original_recipient} -S ${sasl_username} -C ${client_address}

postfix check
service postfix restart

autoresponse -e [email protected]
autoresponse -d [email protected]
autoresponse -E [email protected]
autoresponse -D [email protected]

postfix amavis centos


yum install amavisd-new clamav-scanner clamav-scanner-systemd
systemctl start [email protected] amavisd spamassassin
systemctl enable [email protected] amavisd spamassassin

vi /etc/postfix/main.cf
content_filter=smtp-amavis:[127.0.0.1]:10024

vi /etc/postfix/master.cf

smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000

service restart postfix

postfix enable rbl centos 7

vi /etc/postfix/main.cf

smtpd_helo_required = yes
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
invalid_hostname_reject_code = 554
multi_recipient_bounce_reject_code = 554
non_fqdn_reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_sender_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554

smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
permit

postfix whitelist domains


vi /etc/postfix/whitelist_domains
google.com OK
gmail.com OK

postmap /etc/postfix/whitelist_domains

vi /etc/postfix/main.cf

smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_client_access hash:/etc/postfix/whitelist_domains,
reject_rbl_client dsn.rfc-ignorant.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client combined.rbl.msrbl.net,
reject_rbl_client rabl.nuclearelephant.com,
permit

service postfix restart

● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
Active: active (running) since Tr 2018-08-29 18:32:05 CEST; 1s ago
Process: 10656 ExecStop=/usr/sbin/postfix stop (code=exited, status=0/SUCCESS)
Process: 10672 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
Process: 10669 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
Process: 10666 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
Main PID: 10748 (master)
CGroup: /system.slice/postfix.service
├─10748 /usr/libexec/postfix/master -w
├─10750 pickup -l -t unix -u
└─10751 qmgr -l -t unix -