I have installed Debian 7 + ISPConfig 3 in my VPS following this tutorial: http://www.howtoforge.com/perfect-server-debian-wheezy-nginx-bind-dovecot-ispconfig-3-p3 Now i am trying to implement spam protection and i am following this tutorial: http://www.howtoforge.com/hardening-postfix-for-ispconfig-3 I am a newbie in sysadmin and i have a doubt related with Postscreen implementation in the above tutorial. What this mean? i don't understand what to do related this line: -o ... # Parameters moved from smtp service to the new smtpd service. Code: # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== #smtp inet n - - - - smtpd # -o ... smtpd pass - - n - - smtpd -o ... # Parameters moved from smtp service to the new smtpd service.(if any) smtp inet n - n - 1 postscreen tlsproxy unix - - n - 0 tlsproxy dnsblog unix - - n - 0 dnsblog My current file /etc/postfix/master.cf Code: #cyrus unix - n n - - pipe # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} # # ==================================================================== # Old example of delivery via Cyrus. # #old-cyrus unix - n n - - pipe # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} # # ==================================================================== # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks # by prgs1971 # http://www.howtoforge.com/hardening-postfix-for-ispconfig-3 # rule for python spf checker policy-spf unix - n n - - spawn user=nobody argv=/usr/bin/policyd-spf How i do the implementation suggested in the tutorial?
Don´t remove the smtpd from your master.cf and use the tutorial step-by-step. I betit works. Maybe this link helps you too
This morning, i think that i was able to understand how to solve my doubts expressed in this topic. I have applyed the changes like this: Code: # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== # by prgs1971 - Postscreen implementation - uncomment next line #smtp inet n - - - - smtpd #smtp inet n - - - 1 postscreen #smtpd pass - - - - - smtpd #dnsblog unix - - - - 0 dnsblog #tlsproxy unix - - - - 0 tlsproxy # by prgs1971 - Postscreen implementation # http://www.howtoforge.com/hardening-postfix-for-ispconfig-3 smtpd pass - - n - - smtpd smtp inet n - n - 1 postscreen tlsproxy unix - - n - 0 tlsproxy dnsblog unix - - n - 0 dnsblog Now i will install a website and see if the email is working properly and filtering the spam messages that i am used to receive. After i test this i will try your suggestion
No i notice your are the author of that blog Congratulations, last night before i go to bed i have implemented your DKIM plugin... very nice But your tutorial http://blog.schaal-24.de/?p=2223&lang=en needs to have somehere: Code: mkdir /etc/postfix/dkim Without this when you apply the path in ISPConfig you will get a error. To be perfect the tutorial just need to state when things are to be added in a file if they are in end or in other section of the file... My postfix stop to work because i misunderstood where to put some code in a file, because you give to files as option and just works in one of the files. DKIM is working now, passed in the online tests, just need to test it directly in Hotmail, Yahoo and Google.
