First steps before enabling Anti-Spam solution

The Anti-spam solution as "content" filtering must be the last module you have to add on your Artica server, some severals settings can be implemented in order to enforce your SMTP service...

A) Standard SMTP RFC

The MTA provides some settings that can be used in order to not accept all messages:

  • On the Postfix MTA Mail system section, choose "Security" icon.

15-12-2012_02-40-32.png

  • Click on "Connection filters" tab
  • Click on "Senders Computers restrictions" icon

15-12-2012_02-41-23.png

  • There are some option to enable in order to enforce the your MTA verifications before accepting messages.

15-12-2012_02-44-57.png

Reject unknown client hostname:

Reject the client when

  • 1) the client IP address=name mapping fails,
  • 2) the name=address mapping fails,
  • 3) the name=address mapping does not match the client IP address

Reject unknown reverse client hostname

Reject the SMTP connection when
the client IP address has no address=name mapping.
This is a weaker restriction than the reject unknown client hostname rule,
which requires not only that
the address=name and name=address mappings exist,
but also that the two mappings reproduce the client IP address.

Reject unknown sender domain

Reject the request when Postfix is not final destination
for the sender address, and the MAIL FROM address has no DNS or MX record,
or when it has a malformed MX record
such as a record with a zero-length MX hostname

Reject invalid hostname

Reject the request when the client has a bad hostname syntax.

Reject non fqdn sender

Reject the request when the MAIL FROM address
is not in fully-qualified domain form,
as required by the RFC.
This specifies the response code to rejected requests (default: 504).

Reject forged emails

reject emails that pretend to be sent from your domains but not authenticated and not listed in your network list