I wanted to mention a technique that has been the silver bullet in preventing spam on my email server. When I say silver bullet, I mean we've seen a 98% reduction in the number of spam messages that we receive. I am still a little shocked at how effective it has been.
The technique that prevented all of that unsolicited mail? It's called Greylisting, and I added it to my email server with a single command and a single line of configuration.
First step is installing the greylisting service. I went with Postgrey, because it is in the Debian repositories and works great with Postfix. To install:
aptitude install postgrey
If you're an apt-get fan,
apt-get install postgrey should work just fine as well.
Once you have it installed, check in
/etc/default/postgrey to see what port the Postgrey daemon will be running on. The important line will look like this:
That means that my instance of Postgrey is running on port 10023. With that knowledge, we can set up Postfix to use it. You have to add the greylisting check to the
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain, check_policy_service inet:127.0.0.1:10023, reject_invalid_hostname, permit
The added line is
check_policy_service inet:127.0.0.1:10023. See where we put that port number? Very important. Make sure that points to the port that your postgrey daemon is running on.
I put the postgrey check above the DNS-based hostname rule, because it's so very effective. That should cut down on DNS queries, which is a boon for everyone.
My only regret is that I haven't tried this sooner. If you're setting up a mail server, greylisting should be the first anti-spam measure you put into place. It's brilliant.
I discovered this about six months ago and it's been working a treat!
Scott Evans (aka VK7HSE) – http://vk7hse.hobby-site.org/