Hello ppl, can some one help with postfix. I have version 2.7.2 installed on slackware 13.2 with spam assassin, clamd, domainkey. I use dovecot 2.0.8 for local deliver agent + sieve plugin for spam folder. The problem is that spammers send a spam email to local hosts from local domain. How to disable that ?
Here is header for example: Return-Path: <con...@mydomain.com> X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mydomain.com X-Spam-Flag: YES X-Spam-Level: ************************************************** X-Spam-Status: Yes, score=50.0 required=5.0 tests=DCC_CHECK,DIGEST_MULTIPLE, DKIM_SIGNED,DRUGS_ERECTILE,DRUG_ED_CAPS,FH_HELO_EQ_D_D_D_D, FROM_IN_TO_AND_SUBJ,HELO_DYNAMIC_IPADDR2,HTML_IMAGE_ONLY_12,HTML_MESSAGE, HTML_SHORT_LINK_IMG_1,LIVEFILESTORE,MIME_HTML_ONLY,PYZOR_CHECK, RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RDNS_NONE, SUBJECT_NEEDS_ENCODING,TO_EQ_FM_DIRECT_MX,TO_EQ_FM_DOM_HTML_IMG, TO_EQ_FM_DOM_HTML_ONLY,TO_EQ_FM_HTML_DIRECT,TO_EQ_FM_HTML_ONLY,TO_IN_SUBJ, TO_NO_BRKTS_DIRECT,TO_NO_BRKTS_NORDNS_HTML,TO_NO_BRKTS_PCNT,T_DKIM_INVALID, T_REMOTE_IMAGE,T_SURBL_MULTI1,T_SURBL_MULTI2,T_SURBL_MULTI3, T_URIBL_BLACK_OVERLAP,URIBL_AB_SURBL,URIBL_BLACK,URIBL_DBL_SPAM, URIBL_JP_SURBL,URIBL_SC_SURBL,URIBL_WS_SURBL autolearn=spam version=3.3.1 X-Spam-Report: * 3.9 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr * 2) * 1.1 FH_HELO_EQ_D_D_D_D Helo is d-d-d-d * 4.5 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist * [URIs: sysoogayn.com] * 1.7 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist * [URIs: sysoogayn.com] * 1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist * [URIs: sysoogayn.com] * 0.0 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist * [URIs: sysoogayn.com] * 1.8 URIBL_BLACK Contains an URL listed in the URIBL blacklist * [URIs: sysoogayn.com] * 1.7 URIBL_DBL_SPAM Contains an URL listed in the DBL blocklist * [URIs: sysoogayn.com] * 1.0 DRUG_ED_CAPS BODY: Mentions an E.D. drug * 2.6 LIVEFILESTORE URI: LIVEFILESTORE * 1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words * 0.0 HTML_MESSAGE BODY: HTML included in message * 1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts * 1.1 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/) * 1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) * 2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level * above 50% * [cf: 100] * 0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% * [cf: 100] * 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily * valid * 2.0 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/) * 0.0 DIGEST_MULTIPLE Message hits more than one network digest check * 2.2 DRUGS_ERECTILE Refers to an erectile drug * 0.0 T_SURBL_MULTI2 T_SURBL_MULTI2 * 0.0 T_URIBL_BLACK_OVERLAP T_URIBL_BLACK_OVERLAP * 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS * 0.1 SUBJECT_NEEDS_ENCODING SUBJECT_NEEDS_ENCODING * 0.1 HTML_SHORT_LINK_IMG_1 HTML is very short with a linked image * 0.0 T_SURBL_MULTI3 T_SURBL_MULTI3 * 0.0 T_SURBL_MULTI1 T_SURBL_MULTI1 * 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid * 0.8 TO_EQ_FM_DOM_HTML_IMG To domain == From domain and HTML image link * 2.1 FROM_IN_TO_AND_SUBJ From address is in To and Subject * 0.4 TO_NO_BRKTS_PCNT To: misformatted + percentage * 0.2 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only * 1.5 TO_IN_SUBJ To address is in Subject * 1.1 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX * 0.0 T_REMOTE_IMAGE Message contains an external image * 1.1 TO_NO_BRKTS_NORDNS_HTML To: misformatted and no rDNS and HTML only * 3.2 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX * 1.7 TO_EQ_FM_HTML_ONLY To == From and HTML only * 3.5 TO_NO_BRKTS_DIRECT To: misformatted and direct-to-MX Delivered-To: con...@mydomain.com Received: from mail.mydomain.com (localhost [127.0.0.1]) by mail.mydomain.com (Postfix) with ESMTP id 15B14102F33 for <con...@mydomain.com>; Wed, 19 Jan 2011 14:15:42 +0200 (EET) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mydomain.com; h=from:to :subject:mime-version:content-type:content-transfer-encoding; s= mail; bh=ssAe2x6s3O6nOGEcewgIBuO3Xhw=; b=IRQ6bNnSEG6L0vD2BJdSy2u RYZA/XCx/C0KmBfzpcM7g0AGqFqOMWJ42QKGtxITAi4SxNP8umArqYkiQzwvBRuX IFY+sVUftO8CzfG7G1wq4kQbzs6KCXwjdB6pjapM5aE9p3oM+BRHX2NX5ibRL3bO DJaxAzHVvhf0ZeoGVKeY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=mydomain.com; h=from:to :subject:mime-version:content-type:content-transfer-encoding; q= dns; s=mail; b=CCksT1DHtAGI3hRSsmlekaNBKlbdmLiwaszjz0JYdB3mJhaZK YbW5ejyDRAfPl7yx74uKwm8VYtW+D5tEYkqxNj4JqhULw5AFm0WBwMu5ljO2cET8 VGPMkHSqWwLWr7uXd/5Vnf947xem5kox1s36dSD5ismtG47EN1EIrjUr74= Received: from 119-24-207-82.pool.ukrtel.net (unknown [82.207.24.119]) by mail.mydomain.com (Postfix) with SMTP id 5D199102F32 for <con...@mydomain.com>; Wed, 19 Jan 2011 14:15:41 +0200 (EET) From: con...@mydomain.com To: con...@mydomain.com Subject: con...@mydomain.com VIAGRA ® Official -04% Mime-Version: 1.0 Content-type: text/html; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20110119121542.15b14102...@mail.mydomain.com> Date: Wed, 19 Jan 2011 14:15:42 +0200 (EET) Here is postmail user config: alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix html_directory = no inet_interfaces = all mail_owner = postfix mailbox_size_limit = 0 message_size_limit = 30720000 myhostname = mydomain.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 proxy_read_maps = $local_recipient_maps $mydestionation $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps transport_maps $mynetworks $virtual_mailbox_limit_maps queue_directory = /var/spool/postfix readme_directory = no receive_override_options = no_address_mappings recipient_delimiter = + smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination, check_helo_access dbm:/etc/postfix/helo_checks smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/postfix/ssl/mail.mydomain.com.pem smtpd_tls_cert_file = /etc/postfix/ssl/mail.mydomain.com.crt smtpd_tls_key_file = /etc/postfix/ssl/mail.mydomain.com.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_catchall_maps.cf virtual_gid_maps = static:1005 virtual_mailbox_base = /var/spool/postmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf virtual_transport = dovecot virtual_uid_maps = static:1004 Regards, Hristo Simeonov