Jaap Westerbeek wrote:
Hi All,
Lately some spammer has been able to relay spam through my server.
I think they use a valid (hacked) account and then rewrite the sender
e-mail address.
My setup is :
Debian Etch server
postfix-mysql 2.3.8-2+etch1
amavisd-new-2.6.1
spamassassin
cyrus imap server (on a separate box)
mysql-server 5.0.32-7etch6
I use web-cyradm to create users and domains
I see two possibilities to stop the spammer :
1) I'd like to set up mysql proxy maps so that either the sender OR
the recipient match a valid user in the mysql DB.
If none match, it should reject the mail.
2) Rewriting the sender address should not be possible
The server hosts about 30 domains and has like 2000 active users.
I don't know exactly how to write the mysql proxymaps, and I am not
sure if disabling the rewriting feature is at all possible.
If you need more info or configs to help me , please let me know
postfix rewrite is controlled by the admin (you for example), not by
remote spammers nor users. your observation is flawed.
if you show logs showing the abuse, you'll get more help. It is unlikely
that the spammers are abusing postfix.
Regarding unlisted addresses, unlisted recipients are rejected by
default. unlisted senders can be rejected with
smtpd_reject_unlisted_sender = yes
