On Fri, Dec 07, 2012 at 01:23:21AM +0100, Titanus Eramius wrote: > My highest concern is to setup an open relay by accident, so > in the process I've used an online anti-spam tester several > times: http://www.antispam-ufrj.pads.ufrj.br/test-relay.html
That need not be your highest concern. > It has always (and still does) reported the servers to reject > relaying. > > I therefore thought it was only possible to relay mail through the > servers if a valid username (an active email-address) and a password > were given to the server (unless it's a systemuser logged in through > ssh). That is how I would like the servers to behave. What about when your server is the final destination? > However, trying to learn a little I played around with telnet from > my computer today, and was able to relay mail through the servers > from the internet, without having to log in. > > It appears though, that it's only possible to relay mail if the > server holds the address in the database, which suggest that the > servers only are open to some limited backscatter, since the > recipient address has to be known and given to Postfix. Some > testing seems to support this. > > Even so, I would like Postfix to deny relaying in this case also, > if at all possible. > > A telnet session goes like this, on either the server containing > my_address or the backup MX: > > $ telnet X.X.X.X 25 > Trying X.X.X.X... > Connected to X.X.X.X. > Escape character is '^]'. > 220 machinename.domain.tld ESMTP Postfix > EHLO fake-name.domain.tld > 250-machinename.domain.tld > 250-PIPELINING > 250-SIZE 10240000 > 250-ETRN > 250-STARTTLS > 250-AUTH PLAIN LOGIN > 250-AUTH=PLAIN LOGIN > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250 DSN > $ MAIL FROM:s...@dont-exists.tld See reject_unknown_sender_domain if you want to reject mail from senders in nonexisting domains (a good idea.) > 250 2.1.0 Ok > $ RCPT TO:my_address@my_domain.tld Your munging makes it hard to say for sure, but I'm going to go out on a limb and venture a guess that you host "my_domain.tld" on this Postfix. That's not what "relaying" means. That's "accepting for delivery." "Relaying" means taking mail for some OTHER site and sending it on for the client. What exactly are you trying to prevent here? > 250 2.1.5 Ok > DATA > 354 End data with <CR><LF>.<CR><LF> > Test something > . > 250 2.0.0 Ok: queued as 3653E371BAA1 > quit > 221 2.0.0 Bye > Connection closed by foreign host. > > Then grep'ing the query ID from the log gives 5 lines: > > Dec 6 23:30:40 machinename postfix/smtpd[3184]: 3653E371BAA1: > client=unknown[my wan-IP] > Dec 6 23:30:51 machinename postfix/cleanup[3557]: 3653E371BAA1: > message-id=<> > Dec 6 23:30:51 machinename postfix/qmgr[4628]: 3653E371BAA1: > from=<SRS0=nFZn=KA=dont-exists.tld=spam@my_domin.tld>, size=379, That's a different sender than you showed. If you're going to mung, do be consistent! > nrcpt=1 (queue active) > Dec 6 23:30:51 machinename postfix/pipe[3577]: 3653E371BAA1: > to=<my_address@my_domain.tld>, relay=dovecot, delay=56, > delays=56/0/0/0, dsn=2.0.0, status=sent (delivered via dovecot > service) See, you accepted this for final delivery. You did not relay. > Dec 6 23:30:51 machinename postfix/qmgr[4628]: 3653E371BAA1: > removed > > > And the mail is indeed delivered. In master.cf the > submission-part looks like this: So? Your telnet was to port 25. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
