Hi all, as I said before I'm a newbie in mail server administration, so any help will be *greatly* appreciated!
My mail server is continuosly listed in some blacklists and it's a whole week I'm trying to tighten up the security. Few seconds ago I've been listed (again!) in the CBL: http://cbl.abuseat.org/lookup.cgi?ip=217.133.111.72 and this is the reason: ATTENTION: At the time of detection, this IP was infected with, or NATting for a computer infected with a high volume spam sending trojan - it is participating or facilitating a botnet sending spam or spreading virus/spam trojans. I suspect that some windows users in my network is sending spam... and the question is: how can I prevent this acting on postfix? Here it is my main.cf: # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h # TLS parameters #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_cert_file=/etc/ssl/certs/email.pem smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = elabor.homelinux.org alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = localhost.localdomain, localhost mynetworks = 127.0.0.0/8, 10.0.0.0/8 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all ## VIRTUAL DOMAINS HANDLING virtual_mailbox_base = /var/mail/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual-domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual-mailbox-maps.cf virtual_uid_maps = static:116 virtual_gid_maps = static:117 virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual-alias-maps.cf, hash:/var/lib/mailman/data/virtual-mailman relay_domains = proxy:mysql:/etc/postfix/mysql/relay-domains.cf local_transport = virtual local_recipient_maps = $virtual_mailbox_maps ## MAILMAN INTEGRATION owner_request_special = no mailman_destination_recipient_limit=1 transport_maps = hash:/etc/postfix/transport ## SPAM MANAGEMENT content_filter = smtp-amavis:[127.0.0.1]:10024 ## SPAMCOP FILTER smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, permit_mynetworks, check_sender_access hash:/etc/postfix/backscatter, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_invalid_hostname, reject_unauth_pipelining, permit Many thanks, :) Ivan -- Ivan Ricotti ------------------------------------------- eLabor sc - via G. Garibaldi 33, 56127 Pisa tel: +39 050970363 web: http://www.elabor.biz email: i...@elabor.homelinux.org GnuPG KeyID: DFD581C5 - 13/11/2003
