Skip to main content

Posts

Showing posts from July, 2020

How to Produce Postfix MTA logfile summary using Pflogsumm on CWP?

Pflogsumm is a log analyzer/summarizer for the Postfix MTA. It is designed to provide an over-view of Postfix activity, with just enough detail to give the administrator a "heads up" for potential trouble spots. Pflogsumm generates summaries and, in some cases, detailed reports of mail server traffic volumes, rejected and bounced email, and server warnings, errors and panics. CentOS 7 & Ubuntu 16: # yum -y install postfix-perl-scripts # sudo apt install pflogsumm [ For Ubuntu ] Generate Log Summary # perl /usr/sbin/pflogsumm -d yesterday /var/log/maillog # perl /usr/sbin/pflogsumm -d today /var/log/maillog Generate Log Once a Day and Received via Mail # crontab -e 0 0 * * * perl /usr/sbin/pflogsumm -e -d yesterday /var/log/mail.log | mail -s 'Logwatch for Postfix' admin@awsmonster.com Generate More Details CentOS sudo pflogsumm /var/log/maillog [Weekly] sudo pflogsumm -d today /var/log/maillog --problems_first sudo pflogsumm -d today /var/log/maillog --rej_ad

How to Configure Postfix SMTP Relay on CWP CentOS 7 with Relay Provider ?

If you are using Google Cloud, Then you are not able to send email directly using SMTP 25 port. So You can configure your Postfix  to send email via relay using SASL authentication. Simple Authentication and Security Layer (SASL) is a standard authentication framework supported by many services including Postfix.  CASE A: I am using a VM on Google Cloud which is my Application server where multiple domain is hosted. I want to send email from specific domain using specific relay. You can use multiple relay for multiple domain. Another Domain will not able send email directly because GCP block SMTP 25 port for outgoing. Make sure the SASL authentication framework, and mailx are all installed # yum -y install cyrus-sasl-plain mailx In /etc/postfix/main.cf , Add the following lines #Relay smtp_sasl_security_options = noanonymous smtp_sender_dependent_authentication = yes sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay smtp_sasl_auth_enable = yes smtp_sasl_password_m

How to Remove Sensitive Data and Internal Network Information from Postfix Headers ?

E-mail header contain some sensitive information. I’ll show you how to remove that information from the Postfix headers. note: some email clients will mark your email as spam if your header doesn’t contain an IP address. It is also very important to keep header details for your analysis. If any user started to spamming or compromised , then we must need header for analysis. So we will remove only our client private network details. We are assuming that postfix is already up and running and will make below changes. Step:1 Edit ‘/etc/postfix/main.cf’ file header_checks = regexp:/etc/postfix/header_checks Step:2 Append the below line in ‘/etc/postfix/header_checks’ [at the bottom] /^Received:/ IGNORE Step:3 Run postmap to apply the new configuration in /etc/postfix/header_checks [root@server1 ~]# postmap /etc/postfix/header_checks Step:4 Restart or Reload the postfix server [root@server1 ~]# systemctl restart postfix [root@server1 ~]# postfix reload Actually this

How to Block (Virus) Extensions on Postfix Mail Server ?

It's very important to block virus extension on Postfix mail server. Using  mime_header_checks directive on Postfix , we can block some specific extension to protection our mail server from spamming. So we are going to block some dangerous extension for Postfix users . Login as the root, enter: # vi /etc/postfix/main.cf Use mime_header_checks postfix config directive, enter: mime_header_checks = regexp:/etc/postfix/block_attachments Save and close the file. Open /etc/postfix/block_attachments file and append code as follows: /name=[^>]*\.(bat|com|dll|vbs|exe|pdf|zip)/ REJECT Save and close the file. You must restart or reload postfix: # /etc/init.d/postfix reload Watch log file:  You should see rejected mail log in /var/log/maillog file: # tail -f /var/log/maillog But There is a issues on that setting , That setting will also block dmarc report with attachment thats coming Google, MicroSoft etc. Use the following setting to work perfectly  # vi /etc/postfix/mime_