Dev {Tricks}

  • Home
  • WordPress
  • OJS
  • Oxwall
  • Server and Hosting
You are here: Home / Server and Hosting / Web Control Panel / ISPConfig / Hardening Postfix For ISPConfig 3

October 1, 2022 by dev

Hardening Postfix For ISPConfig 3

Reverse DNS, (DNS PTR Record)

You can check your rdns with the command host:

host YOUE-IP

SPF For Your Domain (DNS TXT Record)

Copy the spf result, then go to ISPConfig -> dns -> zones ->click on your domain name -> click on records tab -> and click on TXT

Hostname -> example.com. (with dot at the end!)

Text -> Paste here the spf result

Example:

v=spf1 a mx ptr ip4:YOUR.IP.ADDRESS -all

Click on Save.

Postfix main.cf

Let’s add/change something to /etc/postfix/main.cf

Helo restrictions:

smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname

Strict rfc:

strict_rfc821_envelopes = yes

Clients restrictions:

smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_client_hostname, check_client_access mysql:/etc/postfix/mysql-virtual_client.cf

Recipient restrictions:

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unknown_recipient_domain

Data restrictions:

smtpd_data_restrictions = reject_unauth_pipelining

Smtpd delay:

smtpd_delay_reject = yes

Reload postfix:

/etc/init.d/postfix reload

SPF Check For Postfix (Debian And Ubuntu)

Intstall spf package:

apt-get install postfix-policyd-spf-python

or

apt-get install postfix-policyd-spf-perl

Add this to /etc/postfix/main.cf :

policy-spf_time_limit = 3600s

and add check_policy_service unix:private/policy-spf at the end of smtpd_recipient_restrictions:

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, reject_unknown_recipient_domain, check_policy_service unix:private/policy-spf

Now edit master.cf and add at the end this (for the python version):

policy-spf unix – n n – – spawn
user=nobody argv=/usr/bin/policyd-spf

or this for the perl version:

policy-spf unix – n n – – spawn
user=nobody argv=/usr/sbin/postfix-policyd-spf-perl

…reload postfix.

/etc/init.d/postfix reload

Greylist

Greylisting is a method of defending email users against spam. A mail transfer agent (MTA) using greylisting will “temporarily reject” any email from a sender it does not recognize. If the mail is legitimate the originating server will, after a delay, try again and, if sufficient time has elapsed, the email will be accepted.

Installing postgrey (Debian, Ubuntu):

apt-get install postgrey

The configuration options are in /etc/default/postgrey ( default delay is 5 min).

Edit main.cf and add check_policy_service inet:127.0.0.1:10023 to the end of smtpd_recipient_restrictions:

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, reject_unknown_recipient_domain, check_policy_service unix:private/policy-spf,check_policy_service inet:127.0.0.1:10023

…reload postfix:

/etc/init.d/postfix reload

DNSBL (DNS Based Blacklist/Blocklist)

Post Views: 749

Share this:

  • Click to share on X (Opens in new window) X
  • Click to share on Facebook (Opens in new window) Facebook

Filed Under: ISPConfig

You May Also Like

How to Install Maldet and Run a Scan | Maldetect
How to Install Maldet and Run a Scan | Maldetect
Cannot Edit fstab as it is a Read-Only File
Cannot Edit fstab as it is a Read-Only File
How to Add Swap Space/file on CentOS 7 and CentOS 8
How to Add Swap Space/file on CentOS 7 and CentOS 8
MySQL: Error Code: 1118
MySQL: Error Code: 1118
How To Create a New User and Grant Permissions in MySQL
How To Create a New User and Grant Permissions in MySQL
How to Clean the YUM Cache in CentOS
How to Clean the YUM Cache in CentOS
How to disable functions using the PHP disable_functions directive in php ini
How to disable functions using the PHP disable_functions directive in php ini
How to Install Zip/Unzip
How to Install Zip/Unzip
ISPConfig Checklist
ISPConfig Checklist
Possible attack detected. This action has been logged.  How to fix ?
Possible attack detected. This action has been logged. How to fix ?
Missing vmail Folders .Sent, .Trash, .Drafts, .Junk, and Other
Missing vmail Folders .Sent, .Trash, .Drafts, .Junk, and Other
How to Add and Remove Swap Space on Ubuntu 20.04
How to Add and Remove Swap Space on Ubuntu 20.04

Hire Me!

  • Upwork
  • Freelancer
  • Fiverr
  • Guru

  • Upwork
  • Freelancer
  • Fiverr
  • Guru

www.ojsexpert.com
www.ojsdev247.com

Recent Posts

  • To get your email for castamodel.com going to the right place, you need to update your DNS settings.
  • Security and WordPress
  • ROR
  • How do we copy google form to google workspace?
  • Install ImageMagick – Almalinux
  • How to remove /public/ from URL in Laravel
  • How to install Maldet alert?
  • How to Install Maldet and Run a Scan | Maldetect
  • Where is Roundcube location on CWP control panel?
  • How To Add Node.js Projects In aaPanel?
  • SPF/DKIM/DMARC Tools
  • Associative arrays – How to loop over Associative arrays
  • Indexed Arrays. How to loop over Indexed Arrays.
  • PHP Break | Continue
  • For Loop | While Loop | Do…While Loop | Foreach Loop
  • Strict mode in PHP
  • PHP Function Return Types
  • PHP Anonymous Functions (or Closures)
  • PHP Variadic Functions
  • PHP nullable type hints

Categories

  • Affiliate Marketing (1)
  • Customization (4)
    • CSS (2)
  • Email Solutions (23)
    • FrontApp (2)
    • Google Spreadsheet (2)
    • Microsoft Outlook (1)
    • PHP Email Form (3)
    • PolyMail (2)
    • Recaptcha (1)
    • Roundcube (4)
    • Thunderbird (3)
    • WebMail (5)
  • Games (1)
  • How to (87)
  • Joomla (6)
    • Akeeba (1)
    • Fix & Tricks (3)
  • jQuery (4)
  • jQuery Plugins (4)
    • BX Slider (1)
    • Slick (1)
  • Laravel (5)
  • Marketplace (5)
  • Miscellaneous (31)
  • MultiSaaS (1)
  • OJS (56)
    • Crossref (1)
    • Help (37)
    • Installation (10)
      • Issues (5)
    • Plugins (8)
    • Scholar Indexing (2)
    • Theme (7)
      • Templates (7)
        • Frontend (6)
        • legacy (1)
    • Theme Customization (10)
    • Theme Development (14)
    • TPL CSS JS (2)
    • Upgrade (11)
  • OSTAD (17)
  • Oxwall (3)
  • Payment Methods (1)
    • Paypal (1)
  • PC Tips and Tricks (14)
    • MS Office (2)
      • PowerPoint (1)
    • Windows (4)
  • PHP Parse error (2)
  • phpBB (2)
  • Server and Hosting (213)
    • Billing and Management (10)
      • Blesta (5)
      • Boxbilling (2)
      • WHMCS (5)
    • Email (10)
      • Postfix (3)
    • Error and Fix (17)
    • FTP (2)
    • Linux Distribusion (28)
      • Almalinux (13)
      • CentOS (17)
      • Debian (21)
      • Ubuntu (19)
    • Mail Server Solusion (7)
      • iRedMain (6)
    • MySQL (12)
    • Providers (69)
      • AWS (37)
      • Bluehost (37)
      • Cloudcone (26)
      • Contabo (40)
      • Digitalocean (68)
      • Hetzner (3)
      • HostGator (36)
      • Hostinger (8)
      • RackNerd (10)
      • VPSDime (38)
    • Security (21)
      • SSH (8)
    • VPS Management (72)
    • Web Control Panel (147)
      • aaPanel (14)
      • CentOS Web Panel (46)
      • cPanel (33)
      • CyberPanel (7)
      • DirectAdmin (96)
        • Find & fix (38)
      • ISPConfig (17)
      • KeyHelp (7)
      • Plesk (26)
      • Webmin (25)
        • Usermin (2)
        • Virtualmin (13)
      • WHM (18)
  • Uncategorized (19)
  • Wordpress (89)
    • Elementor (2)
    • Find and Fix (11)
    • Functions (5)
    • Genesis (9)
    • Glossary (1)
    • How to (22)
    • Neuron TD (15)
      • Console Error (1)
      • functions (5)
        • register_post_type (1)
        • register_sidebar (1)
        • theme_files (1)
        • theme_supports (1)
      • Image Directory (1)
      • Menu (2)
      • Query (4)
    • Plugins (13)
      • Contact Form 7 (5)
      • Duplicator (1)
      • Essential Grid (2)
    • Softaculous (3)
    • Speed and Security (4)
    • Stock Theme Development (6)
      • Header Footer (1)
      • PHP (1)
      • VC (1)
    • Theme Development (2)
      • Issues (1)
      • Menu (1)
    • Timer Theme Development (3)
    • Update (2)
    • Woocommerce (2)
    • WP Basic Guideline (8)

Important DEV links

  • Premium Themes
    • Themeforest
    • Envato Market
  • Built With (What Theme is That?)
    • What WP theme is that
    • Joomla Template Detector
    • Drupal Template Detector
    • Prestashop Template Detector
    • Shopify Theme Detector
    • Squarespace Template Detector
    • OpenCart Detector
    • WordPress.com Theme Detector
  • Domain/IP history checker
    • Who IS request
    • Hosting Info
  • Check DNS Propagation
    • DNS Checker
    • intoDNS
  • What is my IP
    • What is My IP Address
    • What is My IP
    • IP location
    • What is My IP
    • Porkbun
  • SEO Tools
    • Visitor Traffic
    • Broken Link
    • Website Speed Test
      • SEMrush
      • GTmetrix
      • Pingdom
      • PageSpeed Insights
      • DebugBear
      • keyCDN
  • Photo Image
    • Remove Background 50 Free Preview Image 375 × 666 per month
  • Domain Registrars
    • 123-Reg
    • Porkbun
    • Freenom
    • Namecheap NEWCOM598
  • Hosting Providers
    • Bluehost
    • Hostgator
    • Inmotion
  • Hosting Control Panel
    • CWPpro (FREE)
    • DirectAdmin (Trial 60 Days, One account $2/month)
    • ISPConfig (Free)
  • Webmaster Tools
    • Google
    • Bing
    • Yandex
  • Miscellaneous
    • Time Calculator

 

Categories

  • Affiliate Marketing (1)
  • Customization (4)
    • CSS (2)
  • Email Solutions (23)
    • FrontApp (2)
    • Google Spreadsheet (2)
    • Microsoft Outlook (1)
    • PHP Email Form (3)
    • PolyMail (2)
    • Recaptcha (1)
    • Roundcube (4)
    • Thunderbird (3)
    • WebMail (5)
  • Games (1)
  • How to (87)
  • Joomla (6)
    • Akeeba (1)
    • Fix & Tricks (3)
  • jQuery (4)
  • jQuery Plugins (4)
    • BX Slider (1)
    • Slick (1)
  • Laravel (5)
  • Marketplace (5)
  • Miscellaneous (31)
  • MultiSaaS (1)
  • OJS (56)
    • Crossref (1)
    • Help (37)
    • Installation (10)
      • Issues (5)
    • Plugins (8)
    • Scholar Indexing (2)
    • Theme (7)
      • Templates (7)
        • Frontend (6)
        • legacy (1)
    • Theme Customization (10)
    • Theme Development (14)
    • TPL CSS JS (2)
    • Upgrade (11)
  • OSTAD (17)
  • Oxwall (3)
  • Payment Methods (1)
    • Paypal (1)
  • PC Tips and Tricks (14)
    • MS Office (2)
      • PowerPoint (1)
    • Windows (4)
  • PHP Parse error (2)
  • phpBB (2)
  • Server and Hosting (213)
    • Billing and Management (10)
      • Blesta (5)
      • Boxbilling (2)
      • WHMCS (5)
    • Email (10)
      • Postfix (3)
    • Error and Fix (17)
    • FTP (2)
    • Linux Distribusion (28)
      • Almalinux (13)
      • CentOS (17)
      • Debian (21)
      • Ubuntu (19)
    • Mail Server Solusion (7)
      • iRedMain (6)
    • MySQL (12)
    • Providers (69)
      • AWS (37)
      • Bluehost (37)
      • Cloudcone (26)
      • Contabo (40)
      • Digitalocean (68)
      • Hetzner (3)
      • HostGator (36)
      • Hostinger (8)
      • RackNerd (10)
      • VPSDime (38)
    • Security (21)
      • SSH (8)
    • VPS Management (72)
    • Web Control Panel (147)
      • aaPanel (14)
      • CentOS Web Panel (46)
      • cPanel (33)
      • CyberPanel (7)
      • DirectAdmin (96)
        • Find & fix (38)
      • ISPConfig (17)
      • KeyHelp (7)
      • Plesk (26)
      • Webmin (25)
        • Usermin (2)
        • Virtualmin (13)
      • WHM (18)
  • Uncategorized (19)
  • Wordpress (89)
    • Elementor (2)
    • Find and Fix (11)
    • Functions (5)
    • Genesis (9)
    • Glossary (1)
    • How to (22)
    • Neuron TD (15)
      • Console Error (1)
      • functions (5)
        • register_post_type (1)
        • register_sidebar (1)
        • theme_files (1)
        • theme_supports (1)
      • Image Directory (1)
      • Menu (2)
      • Query (4)
    • Plugins (13)
      • Contact Form 7 (5)
      • Duplicator (1)
      • Essential Grid (2)
    • Softaculous (3)
    • Speed and Security (4)
    • Stock Theme Development (6)
      • Header Footer (1)
      • PHP (1)
      • VC (1)
    • Theme Development (2)
      • Issues (1)
      • Menu (1)
    • Timer Theme Development (3)
    • Update (2)
    • Woocommerce (2)
    • WP Basic Guideline (8)
  • Home
  • WordPress
  • OJS
  • Oxwall
  • Server and Hosting

Copyright © 2025 · Executive Pro Theme on Genesis Framework · WordPress · Log in