From: owner-postfix-us...@postfix.org [owner-postfix-us...@postfix.org] On Behalf Of Appliantologist [octo...@gmail.com] Sent: Tuesday, 4 May 2010 9:11 AM To: Gary Smith Cc: The Doctor; postfix-users@postfix.org Subject: Re: Stopping spammers extreme
Hi, We don't have any legitimate users sending mail aside from scripts on the server (linux), only mail from localhost, anyone with an email address is listed in the virtual file and has their email forwarded to a gmail and uses gmail's MTA to send mail. Since we have all the email addresses we accept mail for in a file (/etc/postfix/virtual) I was hoping there was some way to check a) is the mail from the localhost OR is the mail for an address in some file. My understanding is you can make a list of email addresses that you will deliver to like a whitelist, but we also send mail from scripts to outside addresses of which we don't alway know beforehand. I don't think I am running an open relay, I've tested it on a couple of sites came back clean. I come from 20 years of sendmail, which has a completely different system and we were using pop authorization, until people had their password compromised and spammers took over. I am sure some of this is trojans so the amavisd seems like a solid tool to have anyway. Thanks guys, David Do this..: Then change mynetwokrs to be 127.0.0.1 and use a firewall to block incoming tcp on 25 and 587 it really is that simple. Dont allow services to listen to anything you dont want them to act on. On Tue, May 4, 2010 at 1:49 AM, Gary Smith <gary.sm...@holdstead.com> wrote: >> > I tried to make a CIDR file with most of the 3rd world in it, some >> > 30,000 ips but for some reason it doesn't seem to have the effect I >> > was hoping for. >> > Any ideas would be helpful, thanks.David >> >> Add amavisd to your postfix. > > If they are relaying messages through their server, how is amavisd going to > help? Some additional configuration details might be useful. Are the users > authenticated? If so, which user is sending the email? It actually sounds > like an open relay issue. But I'm just guessing here. >
