В Птн, 11/06/2010 в 13:54 -0500, Stan Hoeppner пишет: > Покотиленко Костик put forth on 6/11/2010 1:37 PM: > > В Чтв, 10/06/2010 в 16:48 +0300, Покотиленко Костик пишет: > >> В Чтв, 10/06/2010 в 08:32 -0500, Stan Hoeppner пишет: > >>> Покотиленко Костик put forth on 6/10/2010 8:04 AM: > >>> > >>>> Thanks for suggestion, I'll apply it. > >>> > >>> You're welcome. > >>> > >>>> But if somebody can help discover (configuration) error which > >>>> prioritizing postmaster that would be nice. > >>> > >>> "postconf -d | grep mail_version" might be helpful. IIRC some early > >>> versions > >>> of Postfix had some things related to postmaster hard coded. > >> > >> This is Debian lenny. > >> > >> # postconf -d | grep mail_version > >> mail_version = 2.5.5 > >> milter_macro_v = $mail_name $mail_version > > > > Any comments on this? > > > > I've applied configuration that Stan Hoeppner suggested, and it didn't > > helped much: > > > >>> smtpd_client_restrictions = > >>> permit_mynetworks, > >>> permit_sasl_authenticated, > >>> reject_unknown_client_hostname, > >>> reject_rbl_client list.dsbl.org, > >>> reject_rbl_client zen.spamhaus.org > >> > >> + reject_rbl_client b.barracudacentral.org [1] > >> reject_rbl_client spam.dnsbl.sorbs.net > >> reject_rbl_client recent.spam.dnsbl.sorbs.net > >> reject_rhsbl_client dbl.spamhaus.org > >> > >>> smtpd_sender_restrictions = > >> > >> + reject_rhsbl_sender dbl.spamhaus.org > >> > >>> smtpd_helo_restrictions = > >> > >> + reject_rhsbl_helo dbl.spamhaus.org > > > > I didn't registered at barracudacentral yet, so not added. > > > > Here is sample header of spam which got through after those additions: > > > > ====================================== > > Return-Path: <olgarebrr...@mail.ru> > > Received: from example.com ([unix socket]) by darkstar.example.com > > (Cyrus v2.2.13-Debian-2.2.13-14+lenny3) with LMTPA; Fri, 11 Jun 2010 > > 03:54:41 +0300 > > X-Sieve: CMU Sieve 2.2 > > Received: from smtp.harddriveme.com (smtp.harddriveme.com > > [111.67.206.181]) by example.com (Postfix) with ESMTP id 0753E11B9D5 for > > <postmas...@example.com>; Fri, 11 Jun 2010 03:54:24 +0300 (EEST) > > X-Virus-Status: Clean > > X-Virus-Scanned: clamav-milter 0.96.1 at darkstar.example.com > > Date: Fri, 11 Jun 2010 04:21:30 +0400 (03:21 EEST) > > From: Импoрт из Китaя <olgarebrr...@mail.ru> > > To: postmas...@example.com > > Reply-To: Импoрт из Китaя <olgarebrr...@mail.ru> > > Subject: Организация импортa > > X-Priority: 3 (Normal) > > Message-ID: <3457841698.20091029461...@smtp.harddriveme.com> > > MIME-Version: 1.0 > > Content-Type: text/html; charset=windows-1251 > > Content-Transfer-Encoding: 8bit > > X-Spam-Status: No, score=1.1 required=5.0 tests=FREEMAIL_FROM=0.001, > > HTML_MESSAGE=0.001,MIME_HTML_ONLY=1.105,UNPARSEABLE_RELAY=0.001 > > autolearn=no version=3.3.0 > > X-Spam-Level: * > > X-Spam-Checker-Version: SpamAssassin 3.3.0 (2010-01-18) on > > darkstar.example.com > > ====================================== > > You've munged the headers so badly it's almost impossible to see what's going > on here. Why did you munge the client name?
This client name unmungled: smtp.harddriveme.com [111.67.206.181] I only changed my domain name to example.com. This mail server smtp/pop/imap box which is MX for my domain. Mail server is in DMZ, darkstar is it's local name. Router is doing DNAT for connects on 25 port on external domain and mx ip. > BTW, this is an MX host, correct? Yes. If I made log unreadable I can repost it unchanged, just let me know. -- Покотиленко Костик <cas...@meteor.dp.ua>
