Hi guys, I still need to accept mail for the email addresses we host on our machine from the net, so blocking port 25 or mynetworks as local host would seem to prevent that. we still have users on the domain that get mail to the address, except now we forward that mail to gmail using the virtual table
here is the result of postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = apache disable_vrfy_command = yes html_directory = no in_flow_delay = 1s inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost mydomain = wans-eu.com myhostname = wans-eu.com newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_helo_restrictions = reject_invalid_hostname strict_rfc821_envelopes = yes unknown_local_recipient_reject_code = 550 virtual_alias_domains = multiterminal.ua virtual_alias_maps = hash:/etc/postfix/virtual On Tue, May 4, 2010 at 2:14 AM, Terry Gilsenan <terry.gilse...@interoil.com> wrote: > From: owner-postfix-us...@postfix.org [owner-postfix-us...@postfix.org] On > Behalf Of Appliantologist [octo...@gmail.com] > Sent: Tuesday, 4 May 2010 9:11 AM > To: Gary Smith > Cc: The Doctor; postfix-users@postfix.org > Subject: Re: Stopping spammers extreme > > Hi, > > We don't have any legitimate users sending mail aside from scripts on > the server (linux), only mail from localhost, anyone with an email > address is listed in the virtual file and has their email forwarded to > a gmail and uses gmail's MTA to send mail. > > Since we have all the email addresses we accept mail for in a file > (/etc/postfix/virtual) I was hoping there was some way to check a) is > the mail from the localhost OR is the mail for an address in some > file. My understanding is you can make a list of email addresses > that you will deliver to like a whitelist, but we also send mail from > scripts to outside addresses of which we don't alway know beforehand. > > I don't think I am running an open relay, I've tested it on a couple > of sites came back clean. I come from 20 years of sendmail, which has > a completely different system and we were using pop authorization, > until people had their password compromised and spammers took over. > > I am sure some of this is trojans so the amavisd seems like a solid > tool to have anyway. > > Thanks guys, > David > > Do this..: > > Then change mynetwokrs to be 127.0.0.1 and use a firewall to block incoming > tcp on 25 and 587 it really is that simple. Dont allow services to listen to > anything you dont want them to act on. > > > > > On Tue, May 4, 2010 at 1:49 AM, Gary Smith <gary.sm...@holdstead.com> wrote: >>> > I tried to make a CIDR file with most of the 3rd world in it, some >>> > 30,000 ips but for some reason it doesn't seem to have the effect I >>> > was hoping for. >>> > Any ideas would be helpful, thanks.David >>> >>> Add amavisd to your postfix. >> >> If they are relaying messages through their server, how is amavisd going to >> help? Some additional configuration details might be useful. Are the users >> authenticated? If so, which user is sending the email? It actually sounds >> like an open relay issue. But I'm just guessing here. >> >
