You are here: Home > OpenBSD mail server: pfbadhost
No Hair Github Pages
Setting up a mailserver on OpenBSD 6.9: pfbadhost
K. Install pf-badhost
For additional spam rejection and to protect your mail server, download and install pf-badhost as decribed on the authors page. (BTW, tip your local developer; both pf-badhost and unbound-adblock are worthy projects.)
Edit pf-badhost.sh to include blocklists for email attackers:
....
##################################################################
# Block Lists
# Enter URL to any IP blocklist
....
### SMTP/E-Mail Attackers
https://lists.blocklist.de/lists/25.txt
https://lists.blocklist.de/lists/110.txt
https://lists.blocklist.de/lists/143.txt
https://lists.blocklist.de/lists/993.txt
https://lists.blocklist.de/lists/email.txt
https://lists.blocklist.de/lists/mail.txt
https://lists.blocklist.de/lists/imap.txt
https://lists.blocklist.de/lists/courierimap.txt
https://lists.blocklist.de/lists/courierpop3.txt
https://lists.blocklist.de/lists/pop3.txt
https://lists.blocklist.de/lists/postfix.txt
.... Then, restart pfbadhost to load new blocklists:
doas -u _pfbadhost pf-badhost -O openbsdIf you haven't done so during the installation, remember to add the block directives to /etc/pf.conf:
... tablepersist file "/etc/pf-badhost.txt" block in quick on egress from block out quick on egress to ...
Next: Further testing
Previous: OpenSMTPD tweaks and testing
Posted by Gordon, No Hair Github Pages, August 24, 2021
© nohair.net and the author
For comments, corrections, and addenda, email: gordon[AT]nohair.net