Archive

Posts Tagged ‘postfix blacklist’

postfix’s filtering mechanism (antispam):blacklist & whitelist

October 21st, 2010 3 comments

First of all,modify /etc/postfix/main.cf ,append the following line to the end of it:
header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/body_checks
To add an item to the blacklist:
For example,you want to filter away coming mails that contain words 'A funny game' in the subject,and to reject the mail to the sender,then do as the follows:
Type in /etc/postfix/header_checks:
/^Subject:.*A funny game/ REJECT drop header deny
List of actions:
REJECT : return the mail to the sender;
WARN : receive the letter,and log the information of the matter;
DISCARD : discard the mail,and give no reflection to the sender.
Then,using postmap to test the configuration:
postmap -q - regexp:/etc/postfix/header_checks < /etc/postfix/header_checks
Then reload postfix if no errors prompts:
postfix reload
To test the theory,I send a mail using my gmail account,in which the subject of the mail is 'anotherhi,A funny game'.If it works,the mail should be rejected by the mail server.After I've sent the mail,I can get the response of the mail server:
tail -f /var/log/mail.info:
Oct 21 04:52:14 newserver6484 postfix/smtpd[27138]: connect from mail-qy0-f170.google.com[209.85.216.170]
Oct 21 04:52:15 newserver6484 postfix/smtpd[27138]: 0B8077529A5: client=mail-qy0-f170.google.com[209.85.216.170]
Oct 21 04:52:15 newserver6484 postfix/cleanup[27142]: 0B8077529A5: reject: header Subject: anotherhi,A funny game from mail-qy0-f170.google.com[209.85.216.170]; from= to= proto=ESMTP helo=: 5.7.1 drop header deny
#notice here,the mail is rejected by the mail server
Oct 21 04:52:15 newserver6484 postfix/smtpd[27138]: disconnect from mail-qy0-f170.google.com[209.85.216.170]
In my gmail account,I get a undelivered mail report as follows:
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 5.7.1 drop header deny (state 18).
#notice the phrase here :'drop header deny'.
OK,success!Next we're going to add an item to the whitelist.
To add an item into the whitelist:
1.modify /etc/postfix/main.cf
Locate 'smtpd_recipient_restrictions' and type in the following content next to it:
check_recipient_access hash:/etc/postfix/to_white_list, #don't lose the comma
Then :
touch /etc/postfix/to_white_list
The content of the file to_white_list is the items of your whitelist,for example:
sanity@yourdomain.com OK
2.postmap /etc/postfix/to_white_list
postfix reload

After the above operations,sanity@yourdomain.com is then OK to send mail to your mail server.