Postfix is too restrictive

Discussion in 'Server Operation' started by Craos, May 17, 2020.

  1. Craos

    Craos New Member

    I am quite new to Linux and Postfix. I am trying to configure Postfix in order to receive as less spam as possible. It looks like, I made it too restrictive now, but I don't know why. I installed pflogsumm in order to detect the issues, but stil I don't know, which setting is causing, that "good" emails are rejected. Please, could anybody advice, how to detect, which settings reject rule was applied on which email? My settings are now:

    smtpd_sender_restrictions =
    permit_sasl_authenticated
    permit_mynetworks
    reject_unknown_sender_domain
    reject_non_fqdn_sender
    reject_unlisted_sender
    reject_unknown_reverse_client_hostname
    reject_unknown_client_hostname
    check_sender_access pcre:/etc/postfix/sender_access.pcre
    permit

    # Recipient restrictions
    smtpd_recipient_restrictions =
    permit_sasl_authenticated
    permit_mynetworks
    check_client_access cidr:/etc/postfix/client_checks
    reject_invalid_hostname
    reject_unauth_pipelining
    reject_rbl_client bl.spamcop.net
    reject_rbl_client cbl.abuseat.org
    reject_rbl_client dnsbl.sorbs.net
    reject_rbl_client zen.spamhouse.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.sorbs.net,
    reject_rbl_client b.barracudacentral.org,
    reject_rbl_client dnsbl-.uceprotect.net,
    reject_rhsbl_helo dbl.spamhaus.org,
    reject_rhsbl_reverse_client dbl.spamhaus.org,
    reject_rhsbl_sender dbl.spammhaus.org,
    reject_unknown_recipient_domain
    reject_non_fqdn_recipient
    reject_unlisted_recipient
    check_policy_service inet:127.0.0.1:7777
    reject_unauth_destination
    permit

    smtpd_relay_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    defer_unauth_destination
     

    Attached Files:

  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If the settings you showed are copy-pasted from Postfix conf, they have syntax errors. That may be one reason.
    What changes did you do to postfix configuration? Compare the original file to current with command diff, or copy the files to your workstation where you can use nicer diff tool like meld. http://meldmerge.org/
     
  3. Craos

    Craos New Member

    Thanks a lot, there was hidden 'stop' command, which I coppied - paste when I was changing the file. Emails started to come now normaly. Stupid mistake .... Anyway, is there a way, how to find which "reject_...." rule was applyed on a particular rejected email? E.g. I can see this record:

    554 5.7.1 <gleaming.infordet.com[45.141.149.38]>: Client host rejected: Access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<gleaming.infordet.com> (top 10) (total: 1)

    But it does not say the reason ....
     

Share This Page