Postfix MTA updated to fix security vulnerabilities such as incorrectly checks the ownership of a mailbox. In some configurations, this allows for appending data to arbitrary files as root. This update has been rated as having moderate security impact.
In this tutorial yo0u will learn about Installing SSL Certificate (Secure Server Certificate) to secure communication between Postfix SMTP server and mail client such as Outlook or Thunderbird.
Malware is used for a malicious purpose. It can be in your software or hardware. Email and pirated software is the most powerful way to spread malware. Malware inserted in a system without user notification.
Continue reading “Postfix mail server block Malware with blacklist”
Librenix has a posted small and sweet article that explains basic steps to configure and install a mail server with antivirus / antispam in minutes.
From the article:
This article illustrates a situation where you need to set up your own mail server (be it your home mail server, or a small office one). It actually shows that, if using an integrated service mail server, anyone can do the job, all in a matter of minutes.
AXIGEN Mail Server, the solution chosen for this example, can send and receive e-mails securely via “mydomain.com” and is able to retrieve them in a WebMail interface – this means that it includes all mail services needed for a fully functional mail server (SMTP, IMAP, POP3, WebMail, WebAdmin).
To get an idea of the amount of time you can spare by installing such a solution, just think of all the different open source applications you would need to install instead (i.e. an MTA, Squirrelmail for Webmail, QmailAdmin for web configuration, Courier for IMAP and POP3 and many others.)
Postfix is free and powerful MTA. You can easily configure Postfix to block spam. You need to add following directives to /etc/postfix/main.cf file:
Continue reading “Postfix configure anti spam with blacklist”
You can send email with attachment via shell script or at shell prompt/command line using mutt or mail command. This will not hide your IP address.
To send anonymous email from shell prompt use Mixmaster, which is the type II remailer protocol and the most popular implementation of it.
Remailers provide protection against traffic analysis and allow sending email anonymously or pseudonymously. Mixmaster consists of both client and server installations and is designed to run on several operation systems including but not limited to *BSD, Linux and Microsoft Windows.
This article explains how to install mixmaster and how to use it to send email, in an anonymous and secure fashion:
An anonymous remailer is a computer service that privatizes your email. A remailer allows you to send electronic mail to a Usenet news group or to a person without the recipient knowing your name or your email address. Anonymous remailers provide protection against traffic analysis.
This package provides both a client and an optional server installation.
Address rewriting allows changing outgoing email ID or domain name itself. This is good for hiding internal user names. For example:
SMTP user: tom-01
EMAIL ID: [email protected]
Server name: server01.hosting.com
However when tom-01 send an email from shell prompt or using php it looks like it was send from [email protected]
In some cases internal hosts have no valid Internet domain name, and instead use a name such as localdomain.local or something else. This can be a problem when you want to send mail over the Internet, because many mail servers reject mail addresses with invalid domain names to avoid spam.
Postfix MTA offers smtp_generic_maps parameter. You can specify lookup tables that replace local mail addresses by valid Internet addresses when mail leaves the machine via SMTP.
Open your main.cf file
# vi /etc/postfix/main.cf
Append following parameter
smtp_generic_maps = hash:/etc/postfix/generic
Save and close the file. Open /etc/postfix/generic file:
# vi /etc/postfix/generic
Save and close the file. Create or update generic postfix table:
# postmap /etc/postfix/generic
# /etc/init.d/postfix restart
When mail is sent to a remote host via SMTP this replaces [email protected] by [email protected] mail address. You can use this trick to replace address with your ISP address if you are connected via local SMTP.
Email filtering is an essential task. There are many methods like:
=> Bayesian spam filtering
=> SpamAssassin/DSPAM programs
=> Check open relay using RBL etc
Now ORDB.org is shutting down its operation. ORDB is quite effective and I use this list against all of email servers. Spammers still use 3rd party servers and desktop computers so that they could minimize or avoid detection by re-routing their e-mail through these third party e-mail servers.
According to their home page:
We encourage system owners to remove ORDB checks from their mailers immediately and start investigating alternative methods of spam filtering. We recommend a combination involving greylisting and content-based analysis (such as the dspam project, bmf or Spam Assassin). DNS and the mailing lists will vanish today, December 18, 2006.
Generally, I use following sequence while configuring anti-spam
These services blocks thousands of spam everyday before hitting email server and Spam Assassin. Indeed a bad news for mail server admins!