Postfix

From Cheatsheet

Jump to: navigation, search

Postfix is a moderately tasty replacement for Sendmail, the big ugly. Once you install it, which is easy using apt-get or yum, you have to do some stuff with it to get it to work, or it does nothing, though the installation will tell you it's doing something, it's lying.

There's some good tutorials here: http://workaround.org/moin/Welcome

and here: http: http://howtoforge.net/taxonomy_menu/1/78/4?s=e4fdf30b88cf1a675264fe8348cdf534&

what you have to do

  • you have to edit stuff in the /etc/postfix/main.cf file

I use fail2ban with this:

failregex = reject: RCPT from (.*)\[<HOST>\]: (550|554).*(Recipient address rejected: User unknown|Relay access denied)

watch for wrapping, as this is all on one line in the /etc/fail2ban/filter.d/postfix.conf

I have it set in /etc/fail2ban/jail.conf to block the source IP address for 1 hour after 5 associated maillog entries, and it's been working fine here for quite some time.

Bill

It works great! I've been using it for a while to catch dictionary attacks and relay attempts.

I have this in /etc/fail2ban/filter.d:

failregex = reject: RCPT from (.*)\[<HOST>\]: 5

- ----------------------------------------------

and this in /etc/fail2ban/jail.conf: [postfix] enabled = true filter = postfix action = iptables-allports[name=postfix] 

          sendmail-whois[name=postfix, dest=root@cnysupport.com,

sender=smtp@cnysupport.com] logpath = /var/log/maillog maxretry = 6


Depending on how fast your email addresses change, 6 might be too low, so you'll probably need to adjust it.

wrote: > I have monitoring applications on boxes on the same subnet as a box I > want to use for mailing list notification using Postfix/mailman to > notify several users. An example is some box throwing an snmp trap, > where a notification would try to send to notification_listexample.com > so several people would know. Right now that e-mail would be seen to be > coming from rootthe_monitor_node_box_name, which won't deliver. What > are best practices for this? I would only ever have about 15 boxes > reporting. Sorry if this has been already covered. > ------ > Best, > > > Each box that has mail services should at least have an alias that maps root to a deliverable address. So typically in your /etc/aliases file, you'd have a line like:

root: admindomain.com

Then use that admin address for your snmp processes. -- Daniel

Retrieved from "http://logicalwebhost.com/cheatsheet/index.php/Postfix"
Personal tools