Hello ppl,
can some one help with postfix. I have version 2.7.2 installed on
slackware 13.2 with spam assassin, clamd, domainkey. I use dovecot 2.0.8
for local deliver agent + sieve plugin for spam folder. The problem is
that spammers send a spam email to local hosts from local domain. How to
disable that ?
Here is header for example:
Return-Path: <con...@mydomain.com>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mydomain.com
X-Spam-Flag: YES
X-Spam-Level: **************************************************
X-Spam-Status: Yes, score=50.0 required=5.0 tests=DCC_CHECK,DIGEST_MULTIPLE,
DKIM_SIGNED,DRUGS_ERECTILE,DRUG_ED_CAPS,FH_HELO_EQ_D_D_D_D,
FROM_IN_TO_AND_SUBJ,HELO_DYNAMIC_IPADDR2,HTML_IMAGE_ONLY_12,HTML_MESSAGE,
HTML_SHORT_LINK_IMG_1,LIVEFILESTORE,MIME_HTML_ONLY,PYZOR_CHECK,
RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RDNS_NONE,
SUBJECT_NEEDS_ENCODING,TO_EQ_FM_DIRECT_MX,TO_EQ_FM_DOM_HTML_IMG,
TO_EQ_FM_DOM_HTML_ONLY,TO_EQ_FM_HTML_DIRECT,TO_EQ_FM_HTML_ONLY,TO_IN_SUBJ,
TO_NO_BRKTS_DIRECT,TO_NO_BRKTS_NORDNS_HTML,TO_NO_BRKTS_PCNT,T_DKIM_INVALID,
T_REMOTE_IMAGE,T_SURBL_MULTI1,T_SURBL_MULTI2,T_SURBL_MULTI3,
T_URIBL_BLACK_OVERLAP,URIBL_AB_SURBL,URIBL_BLACK,URIBL_DBL_SPAM,
URIBL_JP_SURBL,URIBL_SC_SURBL,URIBL_WS_SURBL autolearn=spam
version=3.3.1
X-Spam-Report:
* 3.9 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP
addr
* 2)
* 1.1 FH_HELO_EQ_D_D_D_D Helo is d-d-d-d
* 4.5 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist
* [URIs: sysoogayn.com]
* 1.7 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
* [URIs: sysoogayn.com]
* 1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
* [URIs: sysoogayn.com]
* 0.0 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist
* [URIs: sysoogayn.com]
* 1.8 URIBL_BLACK Contains an URL listed in the URIBL blacklist *
[URIs: sysoogayn.com]
* 1.7 URIBL_DBL_SPAM Contains an URL listed in the DBL blocklist *
[URIs: sysoogayn.com]
* 1.0 DRUG_ED_CAPS BODY: Mentions an E.D. drug
* 2.6 LIVEFILESTORE URI: LIVEFILESTORE
* 1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of
words * 0.0 HTML_MESSAGE BODY: HTML included in message
* 1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts *
1.1 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/) *
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
* 2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence
level * above 50%
* [cf: 100]
* 0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
* [cf: 100]
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* 2.0 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
* 0.0 DIGEST_MULTIPLE Message hits more than one network digest check
* 2.2 DRUGS_ERECTILE Refers to an erectile drug
* 0.0 T_SURBL_MULTI2 T_SURBL_MULTI2
* 0.0 T_URIBL_BLACK_OVERLAP T_URIBL_BLACK_OVERLAP
* 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
* 0.1 SUBJECT_NEEDS_ENCODING SUBJECT_NEEDS_ENCODING
* 0.1 HTML_SHORT_LINK_IMG_1 HTML is very short with a linked image *
0.0 T_SURBL_MULTI3 T_SURBL_MULTI3
* 0.0 T_SURBL_MULTI1 T_SURBL_MULTI1
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid *
0.8 TO_EQ_FM_DOM_HTML_IMG To domain == From domain and HTML image
link * 2.1 FROM_IN_TO_AND_SUBJ From address is in To and Subject
* 0.4 TO_NO_BRKTS_PCNT To: misformatted + percentage
* 0.2 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only *
1.5 TO_IN_SUBJ To address is in Subject
* 1.1 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX
* 0.0 T_REMOTE_IMAGE Message contains an external image
* 1.1 TO_NO_BRKTS_NORDNS_HTML To: misformatted and no rDNS and HTML
only * 3.2 TO_EQ_FM_HTML_DIRECT To == From and HTML only,
direct-to-MX * 1.7 TO_EQ_FM_HTML_ONLY To == From and HTML only
* 3.5 TO_NO_BRKTS_DIRECT To: misformatted and direct-to-MX
Delivered-To: con...@mydomain.com
Received: from mail.mydomain.com (localhost [127.0.0.1])
by mail.mydomain.com (Postfix) with ESMTP id 15B14102F33
for <con...@mydomain.com>; Wed, 19 Jan 2011 14:15:42 +0200 (EET)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mydomain.com; h=from:to
:subject:mime-version:content-type:content-transfer-encoding; s=
mail; bh=ssAe2x6s3O6nOGEcewgIBuO3Xhw=; b=IRQ6bNnSEG6L0vD2BJdSy2u
RYZA/XCx/C0KmBfzpcM7g0AGqFqOMWJ42QKGtxITAi4SxNP8umArqYkiQzwvBRuX
IFY+sVUftO8CzfG7G1wq4kQbzs6KCXwjdB6pjapM5aE9p3oM+BRHX2NX5ibRL3bO
DJaxAzHVvhf0ZeoGVKeY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=mydomain.com; h=from:to
:subject:mime-version:content-type:content-transfer-encoding; q= dns;
s=mail; b=CCksT1DHtAGI3hRSsmlekaNBKlbdmLiwaszjz0JYdB3mJhaZK
YbW5ejyDRAfPl7yx74uKwm8VYtW+D5tEYkqxNj4JqhULw5AFm0WBwMu5ljO2cET8
VGPMkHSqWwLWr7uXd/5Vnf947xem5kox1s36dSD5ismtG47EN1EIrjUr74=
Received: from 119-24-207-82.pool.ukrtel.net (unknown [82.207.24.119])
by mail.mydomain.com (Postfix) with SMTP id 5D199102F32
for <con...@mydomain.com>; Wed, 19 Jan 2011 14:15:41 +0200 (EET)
From: con...@mydomain.com
To: con...@mydomain.com
Subject: con...@mydomain.com VIAGRA ® Official -04%
Mime-Version: 1.0
Content-type: text/html; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <20110119121542.15b14102...@mail.mydomain.com>
Date: Wed, 19 Jan 2011 14:15:42 +0200 (EET)
Here is postmail user config:
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailbox_size_limit = 0
message_size_limit = 30720000
myhostname = mydomain.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
proxy_read_maps = $local_recipient_maps $mydestionation
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps
$virtual_mailbox_domains $relay_recipient_maps $relay_domains
$canonical_maps $sender_canonical_maps $recipient_canonical_maps
$relocated_maps transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = no
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,
check_helo_access dbm:/etc/postfix/helo_checks
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/mail.mydomain.com.pem
smtpd_tls_cert_file = /etc/postfix/ssl/mail.mydomain.com.crt
smtpd_tls_key_file = /etc/postfix/ssl/mail.mydomain.com.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_catchall_maps.cf
virtual_gid_maps = static:1005
virtual_mailbox_base = /var/spool/postmail
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf,
proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:1004
Regards,
Hristo Simeonov
