On Wed, 10 Mar 2021, Wietse Venema wrote:
Markus E.:
On Wed, 10 Mar 2021, Wietse Venema wrote:
Markus E.:
Hello!
I just noticed my servers replies with a 454 (instead of 554) when a bot
checks for an open relay. Here's one exameple:
Mar 10 08:53:46 mx1 postfix/smtpd[16747]: connect from
xxx.fesersglobal.com[45.85.90.xxx]
Mar 10 08:53:51 mx1 postfix/smtpd[16747]: NOQUEUE: reject: RCPT from
xxx.fesersglobal.com[45.85.90.xxx]: 454 4.7.1 <spam...@tiscali.it>: Relay access denied;
from=<spam...@tiscali.it> to=<spam...@tiscali.it> proto=ESMTP helo=<WIN-CLJ1B0GQ6JP>
Mar 10 08:53:52 mx1 postfix/smtpd[16747]: disconnect from
xxx.fesersglobal.com[45.85.90.xxx] ehlo=1 mail=1 rcpt=0/1 rset=1 quit=1
commands=4/5
smtpd_relay_restrictions, I presume?
Wietse
Hi Wietse and others,
smtpd_relay_restrictions is emty, i.e. using the defaults.
The default is NOT EMPTY since 2015. That is six years now,
Wietse
Sorry, I meant it's empty in my config. I know that defaults to
"permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination".
But, you gave me a good hint here. I'll try to set
smtpd_relay_restrictions to "permit_mynetworks, reject_unauth_destination"
instead (I dont need sasl auth here).
I'll give it a try.
I thought it was enought to have reject_unauth_destination in
smtpd_recipient_restrictions.
Thank you!
-me
