Go Back    Forum > Digital Publishing / Web Sites > Web Hosting Tutorials > SSH for VPS/Dedicated (CLI)

Reply
 
LinkBack Thread Tools
  #1  
07-06-2011, 11:12 AM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
 
Join Date: Feb 2004
Posts: 4,311
Thanked 374 Times in 341 Posts
Spam filters are nice, but can consumer 100MB or more of your server RAM. If you have a big server, with 1GB or more of RAM all for yourself, great! If you have a small budget VPS, that can tank your entire setup. Not great! In another post, I just discussed how ClamAV and Amavis can be disabled to save more than 150MB of memory. However, that doesn't mean you just have to live with spam. Use DNSBL!

Using your favorite text editor (I'm using vi on my Ubuntuo 10.10 VPS), you'll simply edit one file, then disable the unneeded services via command-line.
Remember your basic vi commands:
Press i to edit the text file.
Press ESC to exit edit mode.
After escaping, type :w to save changes.
Then :q to quit the editor.

To edit the Postfix configuration file, ype this into your shell (SSH) console window:
Code:
vi /etc/postfix/main.cf
Find the line that has this:
Code:
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_tls_security_level = may
and add
Code:
reject_rbl_client zen.spamhaus.org
which gives you a line that now looks like this:
Code:
smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org, permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_tls_security_level = may
In this example, I added a single DNSBL entry: zen.spamhaus.org.
However, you can added more. Just be aware that not all DNSBL are safe to use, and will end up blocking some degree of legitimate content. Tread carefully, tread lightly. Don't be a DNSBL junkie, or you could find yourself with an empty inbox (which may mean missed business, missed contacts from friends/family, etc).

A "more" entry might look like this:
Code:
smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org, reject_rbl_client 2.0.0.127.b.barracudacentral.org, permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_tls_security_level = may
Note that "reject_rbl_client" is repeated for each new entry, and then separated by a comma.

After your editing is done, restart postfix. Type this into SSH:
Code:
/etc/init.d/postfix restart
If you see this, you succeeded in making correct changes:
Code:
 * Stopping Postfix Mail Transport Agent postfix ( OK )
 * Starting Postfix Mail Transport Agent postfix ( OK )
If you edited the code improperly, such as not keeping all code on a single line, you may end up with an error message like this:
Code:
 * Stopping Postfix Mail Transport Agent postfix
  postfix: fatal: /etc/postfix/main.cf, line 54: missing '=' after attribute name: "reject_rbl_client zen.spamhaus.org,"
Edit code as needed to fix your mistake.

And that's it. Very easy.

A list of all possible DNS blacklists can be found at Wikipedia: http://en.wikipedia.org/wiki/Compari...DNS_blacklists
Though I'm not a big Wikipedia fan, this page does seem to be well maintained. Do note that quite a few DNSBL are pretty terrible, dumping legitimate mail and missing spam. If I had to suggest the best DNSBL, I'd look at Spamhaus (zen), Barracuda (register on the Barricuda site), UCE Protect (L2), and SORBS (recent). The goal is to use as few DNSBL as possible, while also blocking at least 95% of spam.

And, of course, if you run into spam that can all be traced back to specific nuisance IP addresses, you can always use your Firewall.

Hope this helps.

And most important, USE A GOOD HOST!
See our list here: http://www.digitalfaq.com/forum/web-...-best-web.html

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
Someday, 12:01 PM
admin's Avatar
Ads / Sponsors
 
Join Date: ∞
Posts: 42
Thanks: ∞
Thanked 42 Times in 42 Posts
Reply




Similar Threads
Thread Thread Starter Forum Replies Last Post
How to Block Windows Media Player's automatic updates kpmedia Computers 2 08-29-2017 12:57 AM
How to Optimize ISPConfig 3, reduce 150MB+ RAM: Disable clamav, amavis, spamd kpmedia ISPConfig 0 07-06-2011 10:54 AM
Block WordPress Spam: How to deny comments to non-referrer traffic kpmedia Website and Server Troubleshooting 0 07-25-2010 10:06 PM
Deleting PM spam easily on vBulletin kpmedia Website and Server Troubleshooting 0 01-25-2010 03:19 PM

Thread Tools



 
All times are GMT -5. The time now is 08:25 AM