On 4/8/2014 12:32 PM, Noel Jones wrote:
> On 4/8/2014 11:32 AM, Roberto Carraro wrote:
>> Hello,
>> for reasons that I still have to investigate my Postfix server is
>> sending mails to an outgoing server to the address:
>> zamu...@spyandfly.com
>> I would really like to know the content of those mails, if it is
>> possible...
>> Most important, how can I block mails to that address or to the
>> entire domain?
>
> I suspect these are bounces of undeliverable mail. The proper
> solution is to not accept mail you can't deliver.
>
> some random nuggets:
>
> Bounces generated by postfix are not subject to the normal access
> controls and cannot be blocked with an access map or header/body checks.
>
>
> Display the contents of the postfix queue with either of
> # mailq
> -- or --
> # postqueue -q
oops, that should be
# postqueue -p
-- Noel Jones
>
>
> View the contents of a message in the queue with the postcat command.
> # postcat -q QUEUEID | less
>
>
> You can delay mail in the queue by adding a transport_maps entry
> pointing to the defer: transport. Release the deferred mail with
> "postqueue -i QUEUEID"
> # main.cf
> transport_maps = hash:/etc/postfix/transport
> # transport
> example.com defer:
>
>
>
> -- Noel Jones
>
>
>>
>> This is my config:
>>
>> alias_database = hash:/etc/aliases
>> alias_maps = hash:/etc/aliases
>> append_dot_mydomain = no
>> biff = no
>> config_directory = /etc/postfix
>> header_checks = regexp:/etc/postfix/header_checks
>> home_mailbox = Maildir/
>> inet_interfaces = all
>> inet_protocols = ipv4
>> mailbox_command = /usr/bin/maildrop
>> mailbox_size_limit = 0
>> mydestination = ***.com, robhost, localhost, mail.***.com
>> myhostname = mail.***.com
>> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
>> myorigin = ***.com
>> readme_directory = no
>> recipient_delimiter = +
>> relayhost =
>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>> smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
>> smtpd_data_restrictions = reject_unauth_pipelining
>> reject_multi_recipient_bounce
>> smtpd_delay_reject = yes
>> smtpd_helo_required = yes
>> smtpd_recipient_restrictions = check_recipient_access
>> hash:/etc/postfix/bad_recipients
>> permit_mynetworks permit_sasl_authenticated
>> reject_unauth_destination
>> reject_non_fqdn_recipient
>> reject_non_fqdn_sender
>> reject_unknown_sender_domain
>> reject_unknown_recipient_domain
>> check_recipient_access hash:/etc/postfix/roleaccount_exceptions
>> check_client_access hash:/etc/postfix/client_access
>> check_sender_access hash:/etc/postfix/sender_access
>> reject_non_fqdn_hostname
>> reject_invalid_hostname
>> check_helo_access pcre:/etc/postfix/helo_checks
>> check_sender_mx_access cidr:/etc/postfix/bogus_mx
>> reject_unknown_client_hostname
>> check_policy_service inet:127.0.0.1:10023
>> permit
>> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
>> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
>> smtpd_use_tls = yes
>> virtual_alias_domains = ****.it
>> virtual_alias_maps = hash:/etc/postfix/virtual
>>
>> And this is where I tried to block the entire domain, but it seems
>> ineffective:
>>
>> $ cat /etc/postfix/bad_recipients
>>
>> spyandfly.com REJECT
>>
>> Thank you in advance.
>>
>
