lots of lost connections

[Terry Barnum]

I moved our company over to postfix (v2.6.2) last Friday and have been 
mesmerized by the log. One thing I'm seeing is a lot of 'lost connections from 
unknown[ IP ]'. I'm hoping that these are due to either poorly written spambots 
bailing early or smtpd_recipient_restrictions rejecting the connection.

google finds discussions about it but I couldn't find anything really recent.

From the following can you determine if this is something I should be worried 
about? I'd be happy to provide more or different log data if required.

$ grep 'lost connection' /var/log/mail.log
<snip>
Mar 30 05:07:14 mail postfix/smtpd[45236]: lost connection after DATA from 
unknown[123.28.125.3]
Mar 30 05:07:17 mail postfix/smtpd[45244]: lost connection after DATA from 
unknown[62.32.223.28]
Mar 30 05:07:18 mail postfix/smtpd[45240]: lost connection after RCPT from 
public16037.xdsl.centertel.pl[79.163.62.165]
Mar 30 05:07:18 mail postfix/smtpd[45159]: lost connection after RCPT from 
unknown[218.157.167.131]
Mar 30 05:07:20 mail postfix/smtpd[45188]: lost connection after CONNECT from 
unknown[212.63.221.10]
Mar 30 05:07:23 mail postfix/smtpd[45230]: lost connection after RCPT from 
mproxy01.jheel.bdcom.com[210.4.76.3]
Mar 30 05:07:25 mail postfix/smtpd[45229]: lost connection after DATA from 
unknown[119.15.93.218]
Mar 30 05:07:27 mail postfix/smtpd[45237]: lost connection after RCPT from 
unknown[213.198.111.207]
<snip>

Most are unknown:
$ grep 'lost connection' /var/log/mail.log | wc -l
9178
$ grep 'lost connection after RCPT from unknown' /var/log/mail.log |  wc -l
2758
$ grep 'lost connection after DATA from unknown' /var/log/mail.log | wc -l
3507
$ grep 'lost connection after CONNECT from unknown' /var/log/mail.log | wc -l
237

$ postconf -n
broken_sasl_auth_clients = yes
command_directory = /opt/local/sbin
config_directory = /opt/local/etc/postfix
daemon_directory = /opt/local/libexec/postfix
data_directory = /opt/local/var/lib/postfix
debug_peer_level = 2
default_privs = nobody
delay_warning_time = 4h
home_mailbox = Maildir/
html_directory = no
mail_owner = _postfix
mailq_path = /opt/local/bin/mailq
manpage_directory = /opt/local/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
myhostname = mailbox.dop.com
mynetworks = 192.168.0.0/23, 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /opt/local/bin/newaliases
proxy_interfaces = 70.167.15.114
queue_directory = /opt/local/var/spool/postfix
readme_directory = /opt/local/share/postfix/readme
sample_directory = /opt/local/share/postfix/sample
sendmail_path = /opt/local/sbin/sendmail
setgid_group = _postdrop
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, 
reject_non_fqdn_sender, reject_non_fqdn_recipient, 
reject_unknown_sender_domain, reject_unknown_recipient_domain, 
reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient, 
check_helo_access hash:/opt/local/etc/postfix/helo_checks, check_sender_access 
hash:/opt/local/etc/postfix/access_sender, reject_rbl_client zen.spamhaus.org, 
reject_rbl_client bl.spamcop.net, check_policy_service inet:127.0.0.1:60000, 
check_client_access pcre:/opt/local/etc/postfix/dspam_filter_access
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, reject_unknown_address
smtpd_tls_cert_file = /opt/local/etc/postfix/ssl/certs/postfix.cert
smtpd_tls_key_file = /opt/local/etc/postfix/ssl/private/postfix.key
smtpd_tls_loglevel = 1
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/opt/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:102
virtual_mailbox_base = /Volumes/mail/vmail/
virtual_mailbox_domains = 
mysql:/opt/local/etc/postfix/mysql_virtual_mailbox_domains.cf
virtual_mailbox_maps = 
mysql:/opt/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 102
virtual_transport = dovecot
virtual_uid_maps = static:102

-Terry