More postfix spam blocking and Whitelisting….



I almost forgot to pass along a link to a more comprehensive detailing of postfix’s anti-uce controls…. here. Also, in the last article I briefly mentioned whitelisting. IF you intend to have several blacklists active it will pay to learn how to whitelist before you HAVE to. To do so, I simply created a text file at /etc/postfix/whitelist and int hat file you enter IP address or hostname followed by OK…. like this….

1.2.3.4 OK
goodmachine.com OK

But… of course, there’s a bit more.


Since I’m using smtpd_client_restrictions for the blacklist lookups, I’m adding in the search for the whitelist there….

smtpd_client_restrictions = check_client_access hash:/etc/postfix/whitelist

You also need to postmap that file after any changes…

postmap /etc/postfix/whitelist

I’ve also been in the habit of reloading postfix after a change like that (although I don’t know that it’s necessary.)

/etc/init.d/postfix reload

It should be noted that the rules of who accesses your server in smtpd_client_restrictions and the other restriction checks are important to be considered as occuring in the order listed. In other words, it matters whether something comes first or last in the list. For instance… if a host is in an ACCEPT rule before they are in a REJECT list they will be accepted, also… if they are in the matching REJECT rule before the ACCEPT rule is found they will be rejected.

   Send article as PDF   

Similar Posts