smtp

jgreylist

An effective tool for dealing with spam is to implement greylisting on your port 25 SMTP service. For a good explanation of how this works, see John Simpon's jgreylist webpage.

Decide which version you want to install - Perl or C. The C version is faster for busier servers

  • Perl version
    The jgreylist script needs to be installed where the SMTP run script can find it. Easiest place is the /var/qmail/bin directory:

    cd /var/qmail/bin
    wget http://qmail.jms1.net/scripts/jgreylist

    The script should be owned by root, have the same group ID as the greylist user's group ID, and have permissions 0750. With these server install instructions, the group is nofiles.

    chmod 0750 jgreylist

validrcptto

An important part of John Simpson's Combined Patch is the validrcptto.cdb patch which allows your server to check the RCPT TO argument and reject messages which were being sent to non-existent addresses. This is a great way to decrease the amount of spam your server has to process as dictionary attacks are a common spammer technique.

The validrcptto patch consults a CDB file, /var/qmail/control/validrcptto.cdb which should contain every valid email address and alias on your server. Rather than generate this list manually or try to create our own script to do it, we'll utilize John Simpson's mkvalidrcptto script.

Technology:

Port 587

A TLS-encrypted SMTP service so your users can send mail through your server without passing clear-text passwords across the network.

Set up the service directory, download John Simpson's SMTP run script, and set it's permissions:

cd /var/service
mkdir -m 1755 smtp-tls
cd smtp-tls
wget http://qmail.jms1.net/scripts/service-qmail-smtpd-run
mv service-qmail-smtpd-run run
chmod 700 run

Edit /var/service/smtp-tls/run and set the appropriate options:

IP=
PORT=587
SSL=0

Technology:

Port 465

An SSL-encrypted SMTP service so your users can send mail through your server without passing clear-text passwords across the network.

Set up the service directory, download John Simpson's SMTP run script, and set it's permissions:

cd /var/service
mkdir -m 1755 smtp-ssl
cd smtp-ssl
wget http://qmail.jms1.net/scripts/service-qmail-smtpd-run
mv service-qmail-smtpd-run run
chmod 700 run

Edit /var/service/smtp-ssl/run and set the appropriate options:

IP=
PORT=465
SSL=1

Technology:

Port 25

Unencrypted, unauthenticated service for normal mail from the Internet.

Because spammers occasionally max out the number of SMTP connections (default 30), I usually call this service smtp and use it strictly for external SMTP connections. By running a separate SMTP service for the internal users, a spike in spammer activity doesn't cause connection issues for your internal users.

Set up the service directory, download John Simpson's SMTP run script, and set it's permissions:

cd /var/service
mkdir -m 1755 smtp
cd smtp

Technology:

SMTP

Simple Mail Transfer Protocol (SMTP) is the de facto standard for e-mail transmissions across the Internet.

There are a variety of SMTP services that you can configure on your mail server. If you plan on receiving email from the internet, you'll definitely need a Port 25 service.

Technology:

Subscribe to RSS - smtp

Recent Updates

  • 3 weeks 6 days ago
  • 3 weeks 6 days ago
  • 1 month 31 min ago
    php 8.x
  • 1 month 1 day ago
    10.6.7
  • 1 month 2 days ago
    Drop Centos 5/6 stuff