| Linode Forum https://forum.linode.com/ |
|
| How To Ensure That My Server Isn't Bulk / Spam Sender https://forum.linode.com/viewtopic.php?f=11&t=10334 |
Page 1 of 1 |
| Author: | sami1255 [ Sat Aug 10, 2013 8:31 pm ] |
| Post subject: | How To Ensure That My Server Isn't Bulk / Spam Sender |
I am running an email server based on iRedmail, a script which set up an optimized set of tools (postfix, dovecot, spam assasign etc). I have a few clients which use the email server for regular emailing needs. My question is, how do I ensure that a client or anybody isn't using this machine to send spam or sending bulk emails, etc. I have logwatch send me email daily which mentions xx messages checked and passed by amavisd xx send via smtp Postfix Is that it ? am I 100 percent safe or still there may be some loophole ? |
|
| Author: | Piki [ Sun Aug 11, 2013 2:30 pm ] |
| Post subject: | Re: How To Ensure That My Server Isn't Bulk / Spam Sender |
You are never 100% safe. Postfix will, to the best of my knowledge, send anything it's told to send. The best you can do is to ensure that it's not set to act as a mail relay for other servers, and that it is set to allow only authenticated users to send emails. Although I personally haven't tried it, I think there should be a way to use SpamAssassin to filter outgoing emails. Trouble is, it may filter out a few legit emails here and there. Spam filtering can never be perfect. |
|
| Author: | AGWA [ Mon Aug 12, 2013 2:06 am ] |
| Post subject: | Re: How To Ensure That My Server Isn't Bulk / Spam Sender |
Unless you trust your users absolutely, you can't be 100% sure. Here are some suggestions though: 1. Use postfwd[1] to rate-limit the number of emails an account can send per day/hour/whatever. When spammers take over an account to send spam, they typically send a huge volume of spam in a short amount of time, which is hugely damaging to your reputation. Rate-limiting is an effective way to minimize the damage. The following postfwd rules should limit each SASL user to 50 messages per hour and 100 messages per day: Code: id=R001; sasl_username=~/./; action=rate(sasl_username/100/86400/REJECT only 100 messages per day for $$sasl_username) 2. Monitor the major blacklists for your IP address (you can do this yourself or use a free service such as mxtoolbox[2]), so you'll get alerted if your server is ever blacklisted. Then you'll know to look for a compromised account and apply for removal from blacklists. Policies vary between blacklist operators, but for the most part they're willing to de-blacklist you if you say you had a compromised account which you've taken care of. (I've administered email systems used by hundreds of users and this has happened to me a few times.) Hope this helps. [1] http://postfwd.org/ [2] http://mxtoolbox.com/ |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|