Hello friends,
I am trying to make my email system on tls-mail.com more secure and
solid.
I have taken the following deployments.
1. close port 587 and 143, use port 993 and 465 with ssl only.
2. disable sasl auth on port 25.
3. use policyd-rate-limit to limit sending rate.
4. use postscreen for anti-bot and RBL scoring.
5. use policyd-spf to check sender IP's SPF and reject the failed one.
6. use opendmarc to check sender domain's DMARC and reject the failed
one.
7. opendkim is also deployed for either incoming messages (check
signatures) or outgoing messages (add signatures).
8. have reject_unknown_client_hostname, reject_unknown_sender_domain
options for smtpd_sender_restrictions.
9. rspamd for email content security (not deployed yet).
can you give suggestions on these or is there any other options?
Thanks & regards.
Jeff.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
