To comply with RFC's I enabled the postmaster alias on my system. As soon as
I did this I started to recieve something like a mail every second of the
form below. Naturally I disabled the postmaster alias immediately, but this
will of course place me on the rfc-ignorant blacklist. I think what's
happening is that I'm rejecting an invalid mail (correctly) because it's
coming to an invalid user on my system, then I appear to be sending myself
(!) an error message to tell myself about the valid rejection. I've attached
my main.cf in the hope this might help clarify what's going on. Can anyone
shed a little light on this such that one of little (smtp) brain might
understand?
Return-Path: <[EMAIL PROTECTED]>
X-Original-To: postmaster
Delivered-To: [EMAIL PROTECTED]
Received: by blix.rfi.net (Postfix)
id B514D1416825; Sat, 6 Dec 2008 15:24:24 +0000 (GMT)
Date: Sat, 6 Dec 2008 15:24:24 +0000 (GMT)
From: [EMAIL PROTECTED] (Mail Delivery System)
To: postmaster (Postmaster)
Subject: Postfix SMTP server: errors from
189-18-95-65.dsl.telesp.net.br[189.18.95.65]
Message-Id: <[EMAIL PROTECTED]>
Status: R
X-Status: NC
X-KMail-EncryptionState:
X-KMail-SignatureState:
X-KMail-MDN-Sent:
Transcript of session follows.
Out: 220 blix.rfi.net ESMTP Postfix (Debian/GNU)
In: EHLO aa
Out: 250-blix.rfi.net
Out: 250-PIPELINING
Out: 250-SIZE 10240000
Out: 250-ETRN
Out: 250-STARTTLS
Out: 250-AUTH LOGIN PLAIN
Out: 250-AUTH=LOGIN PLAIN
Out: 250 8BITMIME
In: MAIL FROM:<[EMAIL PROTECTED]>
Out: 250 Ok
In: RCPT TO: <[EMAIL PROTECTED]>
Out: 451 Server configuration error
In: RCPT TO: <[EMAIL PROTECTED]>
Out: 451 Server configuration error
In: DATA
Out: 554 Error: no valid recipients
Session aborted, reason: lost connection
--
Richard Foley
Ciao - shorter than aufwiedersehen
http://www.rfi.net/
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
#
# postfix config - postfix reload
#
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
append_at_myorigin = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
myhostname = blix.rfi.net
mydomain = rfi.net
# alias_maps = pcre:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
alias_database = alias_maps
myorigin = /etc/mailname
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost
relayhost =
mynetworks = 127.0.0.0/8, 195.10.223.184
mailbox_size_limit = 0
home_mailbox = mbox
# mailbox_command =
mailbox_command = /usr/bin/procmail -t
recipient_delimiter = +
inet_interfaces = all
# rfi
virtual_alias_domains = hash:/etc/postfix/virtual_alias_domains
virtual_alias_maps = pcre:/etc/postfix/virtual_alias_maps
# relay_domains = lists.nakedeurope.org
# mailman
# transport_maps = hash:/etc/postfix/transport
# mailman_destination_recipient_limit = 1
# sasl
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
# clamav + spamassassin
# content_filter = smtp-amavis:[127.0.0.1]:10024
content_filter = amavisfeed:[127.0.0.1]:10024
# receive_override_options = no_address_mappings
# http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_delay_reject = yes
parent_domain_matches_subdomains = smtpd_access_maps
header_checks = pcre:/etc/postfix/header_checks
# mime_header_checks = pcre:/etc/postfix/mime_header_checks
# body_checks = pcre:/etc/postfix/body_checks
smtpd_data_restrictions =
reject_unauth_pipelining
permit
smtpd_sender_restrictions =
reject_non_fqdn_sender
reject_unknown_sender_domain
reject_rhsbl_sender dsn.rfc-ignorant.org
permit
smtpd_recipient_restrictions =
reject_non_fqdn_recipient
reject_non_fqdn_sender
reject_unknown_sender_domain
reject_unknown_recipient_domain
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
# reject_unknown_reverse_client_hostname
check_recipient_access pcre:/etc/postfix/recipient_checks
reject_multi_recipient_bounce
check_helo_access hash:/etc/postfix/helo_checks
reject_non_fqdn_hostname
reject_invalid_hostname
check_sender_access hash:/etc/postfix/sender_checks
# check_client_access pcre:/etc/postfix/client_checks
#
# reject_rbl_client cbl.abuseat.org
# reject_rbl_client list.dsbl.org
# reject_rbl_client sbl.spamhaus.org
# reject_rbl_client pbl.spamhaus.org
# NB. zen.spamhaus incorporates the CBL list from abuseat.org, as well as
all
# the zen.spamhaus.org SBL/XBL/PBL lists
reject_rbl_client zen.spamhaus.org
reject_rbl_client bl.spamcop.net
reject_rbl_client dnsbl.njabl.org
permit