Difference between revisions of "Blocking SPAM at MTA level in postfix"

Home > CentOS > CentOS 6.x > Postfix server configuration > Blocking SPAM at MTA level in postfix

Refer https://www.howtoforge.com/block_spam_at_mta_level_postfix and use section 2 Postfix 2.x configuration

Then test by sending emails from popular providers such as Gmail, Yahoo, etc. If you see log lines such as:

   Sep 22 09:26:22 mail postfix/smtpd[12999]: NOQUEUE: reject: RCPT from mail-lf0-f50.google.com[209.85.215.50]: 554 5.7.1 Service unavailable; Client host [209.85.215.50] blocked using dnsbl.sorbs.net; Currently Sending Spam See: http://www.sorbs.net/lookup.shtml?209.85.215.50; from=<jitendders@gmail.com> to=<jitender@rekallsoftware.com> proto=ESMTP helo=<mail-lf0-f50.google.com>

then it might make sense to remove corresponding blacklist. For example after above log lines dnsbl.sorbs.net can be removed to allow incoming emails from Gmail

How to query DNSBL blacklists using dig to check for blacklisting

To query a blacklist use commands similar to:

   dig +short -t any 50.215.85.209.dnsbl.sorbs.net
   dig +short -t any 50.215.85.209.zen.spamhaus.org

Typically outputs that start with 127.0.0. indicate that given IP is known for sending spams.

Refer https://www.spamhaus.org/faq/section/DNSBL%20Usage#366

Home > CentOS > CentOS 6.x > Postfix server configuration > Blocking SPAM at MTA level in postfix