Not so charming, mega spam!
Tip #6: Using Public Anti-Spam Blacklists
There are spam emails that are sent from servers that has a valid hostname, valid PTR record and can pass through grey listing. In this case, you can use blacklisting to reject spam. There are many public anti-spam blacklists online. You can use multiple blacklists to block spam. Go to https://www.debouncer.com and mxtoolbox.com , enter the spammer’s domain and IP address to see which blacklists are blocking them, then you can use those blacklists. For example, I found that spammers are blacklisted by one of the following blacklists:
So I can add the following configurations in
/etc/postfix/main.cf file. Some public blacklisting service requires monthly fee. For now, I’m using the free service of spamhaus.org.
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rbl_client zen.spamhaus.org
reject_rhsbl_helomakes Postfix reject email when the client HELO or EHLO hostname is blacklisted.
reject_rhsbl_reverse_client: reject the email when the unverified reverse client hostname is blacklisted. Postfix will fetch the client hostname from PTR record. If the hostname is blacklisted, reject the email.
reject_rhsbl_sendermakes Postfix reject email when the MAIL FROM domain is blacklisted.
reject_rbl_client: This is an IP-based blacklist. When the client IP address is backlisted, reject the email.
Some spammers use Google’s mail server, so
reject_rhsbl_helo is ineffective, but most of them use their own domain names in the MAIL FROM header, so
reject_rhsbl_sender will be effective.
reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rbl_client zen.spamhaus.org
Source: 6 Effective Tips for Blocking Email Spam with Postfix SMTP Server
You must log in to post a comment.