Postfix anti-spam with SQLGrey and barracudacentral
After hosting my sites on a VPS server I needed to configure everything myself. Luckely there’s lots of things to find on the net.
My server is running Debian with Postfix as mail agent. It appeared that I suddenly received a lot of spam mail.
Of course I didn’t like that and I started searching for solutions.
The first thing I did was activating BRBL (Barracuda Reputation Block List).
This one is quite easy: register your server at barracuda and add this line to /etc/postfix/main.cf:
reject_rbl_client b.barracudacentral.org,
The IP address of every mail delivered is checked in their database for known spam senders. If known the mail is rejected.
That wasn’t enough to block all spam so I added another tool: SQLGrey.
SQLGrey is an easy to setup greylisting policy. Greylisting is actually delaying each mail with a ‘retry later’ respond. A well configured mailserver will retry sending te mail after couple of minutes, a spam server mostly doesn’t.
From the name you can already guess that this daemon uses a SQL database. Once the sender and IP address are verified they’re stored. This way the second mail from that sender is delivered instantly because it’s on the whitelist.
Install SQLgrey with this command:
apt-get install sqlgrey
There’s also a nice webinterface for SQLgrey found at http://www.vanheusden.com/sgwi/. With this you can keep a close eye on everything that’s going on, in the end, you don’t want to miss a legit mail either.
The policy in my main.cf looks like this, there are also 2 other rbl rules.
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client b.barracudacentral.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.mailspike.net,
check_policy_service inet:127.0.0.1:2501,
permit
On to a better internet with less spam!