This article will describe that how to enable rbls in postfix and prevent the spam mails on the server. Configure Postfix to verify the IP address of the incoming mail against one or more RBL’s. If the IP is a contest, then server will not accept the message from listed ip addres. So enable the RBL’s in postfix we need to modify smtpd_recipient_restrictions parameter in the main Postfix configuration file /etc/postfix/main.cf).
reject_rbl_client cbl.abuseat.org,
reject_rbl_client b.barracudacentral.org,
reject_rbl_client dnsbl-1.uceprotect.net,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
permit
Once this configuration done, restart postfix
In addition to RBL’s, you can prevent your mail server from relaying and receiving spam by implementing some of the following configuration options under the smtpd_recipient_restrictions parameter:
reject_invalid_hostname – Reject the request when the HELO or EHLO hostname is crooked. This can potentially prevent poorly programmed bots from sending spam to your server.
reject_unknown_recipient_domain – Reject the request when Postfix is not final destination for the recipient domain. This can avoid your server from being used as an open relay.
reject_unauth_pipelining – Reject the request when the client sends SMTP commands ahead of time where it is not allowed. This is useful for prevent bulk mailing.
Append the following lines in your postfix mail configuration file.
reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client b.barracudacentral.org,
reject_rbl_client dnsbl-1.uceprotect.net,
permit
I hope this article is useful for you to reduce the spam volume on your posfix mail server.
I am founder and webmaster of www.linuxpcfix.com and working as a Sr. Linux Administrator (Expertise on Linux/Unix & Cloud Server) and have been in the industry since more than 14 years.
