Hello,
I run a Drupal 7 website on a CentOS 6.4 server
with postfix-2.6.6-2.2.el6_1.x86_64.
In the last few months the amount of fake users trying to register at my
website has increased dramatically - I get 2 or 3 of such registrations per
minute.
Mostly they have fake mail adresses with many dots and at gmail.com:
c.ar.eer.t...@gmail.com
all.ego.ry.nl....@gmail.com
b.is.on.bk....@gmail.com
notab.ly.ib....@gmail.com
p.os.t.h.um.o.u.szd....@gmail.com
At the end those users can't register, because a mail confirmation is
required.
But my mailbox is filled with mail bounces and in the /var/log/maillog I
see my site contacting Gmail servers again and again:
Nov 17 07:05:07 www postfix/smtp[14348]: 182A6803FD2: to=<
p.os.t.h.um.o.u.szd....@gmail.com>,
relay=alt1.gmail-smtp-in.l.google.com[74.125.143.27]:25,
conn_use=6, delay=21589, delays=21586/2.6/0.11/0.5, dsn=4.2.1,
status=deferred (host alt1.gmail-smtp-in.l.google.com[74.125.143.27] said:
450-4.2.1 The user you are trying to contact is receiving mail too quickly.
450-4.2.1 Please resend your message at a later time. If the user is able
to 450-4.2.1 receive mail at that time, your message will be delivered. For
more 450-4.2.1 information, please visit 450 4.2.1
http://support.google.com/mail/bin/answer.py?answer=6592pw9si3558657lbb.147
- gsmtp (in reply to RCPT TO command))
The latter makes me very worried (that my website will be put on a black
list).
I haven't found a good Drupal solution for my problem yet.
My question is if there is a way (as a temporary workaround until I find a
Drupal side solution) to stop my postfix information from sending mail to
any users at gmail.com domain - when they have more than 3 dots in the
username part of the mail address?
I'm okay if I miss few false positives, since my website is just a small
card game site and also I have yet to see legit users with three or more
dots.
Please point me to a right direction as I am a Postfix newbie and don't
know where to start looking.
My "postconf -n" output is below (I use virtual_alias_domains to accept
mail for several Drupal sites hosted as Apache vhosts at my dedicated
server).
Thank you
Alex
postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_generic_maps = hash:/etc/postfix/generic
unknown_local_recipient_reject_code = 550
virtual_alias_domains = videoskat.de balkan-preferans.de simplex.ru
preferans.de larissa-farber.de bukvy.de
virtual_alias_maps = hash:/etc/postfix/virtual
