masses of mailer-daemon mails to postmaster

Sat, 06 Dec 2008 09:13:12 -0800 

To comply with RFC's I enabled the postmaster alias on my system.  As soon as 
I did this I started to recieve something like a mail every second of the 
form below.  Naturally I disabled the postmaster alias immediately, but this 
will of course place me on the rfc-ignorant blacklist.  I think what's 
happening is that I'm rejecting an invalid mail (correctly) because it's 
coming to an invalid user on my system, then I appear to be sending myself 
(!) an error message to tell myself about the valid rejection.  I've attached 
my main.cf in the hope this might help clarify what's going on.  Can anyone 
shed a little light on this such that one of little (smtp) brain might 
understand? 

Return-Path: <[EMAIL PROTECTED]>
X-Original-To: postmaster
Delivered-To: [EMAIL PROTECTED]
Received: by blix.rfi.net (Postfix)
        id B514D1416825; Sat,  6 Dec 2008 15:24:24 +0000 (GMT)
Date: Sat,  6 Dec 2008 15:24:24 +0000 (GMT)
From: [EMAIL PROTECTED] (Mail Delivery System)
To: postmaster (Postmaster)
Subject: Postfix SMTP server: errors from 
189-18-95-65.dsl.telesp.net.br[189.18.95.65]
Message-Id: <[EMAIL PROTECTED]>
Status: R
X-Status: NC
X-KMail-EncryptionState:  
X-KMail-SignatureState:  
X-KMail-MDN-Sent:  

Transcript of session follows.

 Out: 220 blix.rfi.net ESMTP Postfix (Debian/GNU)
 In:  EHLO aa
 Out: 250-blix.rfi.net
 Out: 250-PIPELINING
 Out: 250-SIZE 10240000
 Out: 250-ETRN
 Out: 250-STARTTLS
 Out: 250-AUTH LOGIN PLAIN
 Out: 250-AUTH=LOGIN PLAIN
 Out: 250 8BITMIME
 In:  MAIL FROM:<[EMAIL PROTECTED]>
 Out: 250 Ok
 In:  RCPT TO: <[EMAIL PROTECTED]>
 Out: 451 Server configuration error
 In:  RCPT TO: <[EMAIL PROTECTED]>
 Out: 451 Server configuration error
 In:  DATA
 Out: 554 Error: no valid recipients

Session aborted, reason: lost connection

-- 
Richard Foley
Ciao - shorter than aufwiedersehen

http://www.rfi.net/

# See /usr/share/postfix/main.cf.dist for a commented, more complete version
#
# postfix config - postfix reload
#

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no
append_at_myorigin  = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = blix.rfi.net
mydomain = rfi.net
# alias_maps = pcre:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
alias_database = alias_maps
myorigin = /etc/mailname
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost
relayhost = 
mynetworks = 127.0.0.0/8, 195.10.223.184
mailbox_size_limit = 0
home_mailbox = mbox
# mailbox_command = 
mailbox_command = /usr/bin/procmail -t
recipient_delimiter = +
inet_interfaces = all

# rfi 
virtual_alias_domains = hash:/etc/postfix/virtual_alias_domains
virtual_alias_maps = pcre:/etc/postfix/virtual_alias_maps
# relay_domains = lists.nakedeurope.org

# mailman
# transport_maps = hash:/etc/postfix/transport
# mailman_destination_recipient_limit = 1

# sasl
smtpd_sasl_local_domain = 
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

# clamav + spamassassin
# content_filter = smtp-amavis:[127.0.0.1]:10024
content_filter = amavisfeed:[127.0.0.1]:10024
# receive_override_options = no_address_mappings

# http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_delay_reject = yes
parent_domain_matches_subdomains = smtpd_access_maps

header_checks = pcre:/etc/postfix/header_checks
# mime_header_checks = pcre:/etc/postfix/mime_header_checks
# body_checks = pcre:/etc/postfix/body_checks 

smtpd_data_restrictions =
        reject_unauth_pipelining
        permit

smtpd_sender_restrictions = 
        reject_non_fqdn_sender
        reject_unknown_sender_domain
    reject_rhsbl_sender dsn.rfc-ignorant.org 
        permit

smtpd_recipient_restrictions =
        reject_non_fqdn_recipient
        reject_non_fqdn_sender
        reject_unknown_sender_domain
        reject_unknown_recipient_domain
        permit_mynetworks
        permit_sasl_authenticated
        reject_unauth_destination
#   reject_unknown_reverse_client_hostname
        check_recipient_access pcre:/etc/postfix/recipient_checks
        reject_multi_recipient_bounce
        check_helo_access hash:/etc/postfix/helo_checks
        reject_non_fqdn_hostname
        reject_invalid_hostname
        check_sender_access hash:/etc/postfix/sender_checks
#       check_client_access pcre:/etc/postfix/client_checks
#
#       reject_rbl_client cbl.abuseat.org
#       reject_rbl_client list.dsbl.org
#       reject_rbl_client sbl.spamhaus.org
#       reject_rbl_client pbl.spamhaus.org
#       NB. zen.spamhaus incorporates the CBL list from abuseat.org, as well as 
all
#       the zen.spamhaus.org SBL/XBL/PBL lists
        reject_rbl_client zen.spamhaus.org 
    reject_rbl_client bl.spamcop.net
    reject_rbl_client dnsbl.njabl.org
    permit

Reply via email to