1.修改 sudo /vim /etc/postfix/mail.cf ,加入以下這段

smtpd_client_restrictions =
                 permit_mynetworks,
                permit_sasl_authenticated,
                reject_unknown_client,
                check_client_access hash:/etc/postfix/access,
                reject_rbl_client cbl.abuseat.org,
                reject_rbl_client sbl.spamhaus.org,
                reject_rbl_client xbl.spamhaus.org,
                reject_rbl_client dsbl.dnsbl.net.au

說明:
permit_mynetworks ====>允許內網不用檢查
permit_sasl_authenticated ====>SASL驗證
reject_unknown_client ======>反解失敗就拒絕

check_client_access hash:/etc/postfix/access ===>依據清單內容拒絕動態IP

  1.建立文件 sudo touch /etc/postfix/access
  2.access內容
         dynamic.apol.com.tw REJECT We can't allow dynamic IP to relay!
         dynamic.giga.net.tw REJECT We can't allow dynamic IP to relay!
         dynamic.hinet.net REJECT We can't allow dynamic IP to relay!
         dynamic.seed.net.tw REJECT We can't allow dynamic IP to relay!
         dynamic.tfn.net.tw REJECT We can't allow dynamic IP to relay!
         dynamic.ttn.net REJECT We can't allow dynamic IP to relay!
         dynamic.lsc.net.tw REJECT We can't allow dynamic IP to relay!

  3.連結指令 sudo sudo postmap hash\:/etc/postfix/access

以下為拒絕的黑名單DNS
reject_rbl_client cbl.abuseat.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client xbl.spamhaus.org,
reject_rbl_client dsbl.dnsbl.net.au

sudo /etc/init.d/postfix reload

arrow
arrow
    全站熱搜

    蒼穹 發表在 痞客邦 留言(0) 人氣()

    E-mail轉寄