LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 12-14-2004, 12:25 PM   #1
gaslq
LQ Newbie
 
Registered: Jul 2004
Location: USA
Distribution: Slackware
Posts: 8

Rep: Reputation: 0
Our mail server is being flooded with email address to non-existent recipients.


For about a week now, our mail server has been getting flooded with email address to non-existent recipients.

The emails are coming in from all over and are mostly a bounce from a MAILER-DAEMON addressed to xzczxzvxcvzxcv@ourdomain.com.

We have Qmail and because Qmail does not have a mechanism to check for valid users, it happily accepts to mail. This is a major problem because now the queue is reaching numbers in the hundreds of thousands and most of the email is junk. This puts a burden on the resources because the legitimate email is not being delivered on time

We have created a few immediate solutions by installing scripts to safely remove the junk mail from the queue and also have installed a mail gateway. This is however not stopping a the zxcvxcgvcxxx@ourdomain.com emails from being delivered to our server.

Any suggestions, directions or ideas would be greatly appreciated.

Thank you!
 
Old 12-14-2004, 12:44 PM   #2
gcombe74
Member
 
Registered: Jul 2001
Location: Utah, Roy
Distribution: Gentoo
Posts: 72

Rep: Reputation: 15
ok....

Well you are in luck.... i dont know what you are running,(ok after reading again, I guess I do) but here is how we solved the issue....

for our MTA we use postfix. so we created a file called helo_access. here is what is in it...

12.xx.xx.xx REJECT Get lost - you're lying about who you are scumbags
co.weber.xx.xx REJECT Get lost - you're lying about who you are scumbags

in postfix run this.

postmap hash:/etc/postfix/helo_access your dir structure maybe different this just where postfix is on our system....

now when someone tries to send to your domain from your domain it will be rejected with a nice little message...

Also I would recommend looking at amavisd-new.... this program is briliant and does a whole lot.... can use spamassassin, does virus filter using clamd, and spam filtering... well worth the time to config.

cheers
Glen

Last edited by gcombe74; 12-14-2004 at 12:45 PM.
 
Old 12-14-2004, 01:54 PM   #3
gaslq
LQ Newbie
 
Registered: Jul 2004
Location: USA
Distribution: Slackware
Posts: 8

Original Poster
Rep: Reputation: 0
Our mail server is being flooded with email address to non-existent recipients.

Hi gcombe74!

Thank you for the immediate reply!

Currently, our mail gateway MTA is Postfix. It is setup to relay to the mail to pop and imap servers. On the Postfix gateway MTA, we have RBLs and smtpd_restrictions doing most of the checking. However, main problem is with the email that is still coming in addressed to:

xcvgdfgdfgfgfcvz@outdomain.com

These are the emails flooding our our system. We do have SA+ClamAV+AMaViS working nicely on the Postfix mail gateway.
 
Old 12-14-2004, 03:51 PM   #4
gcombe74
Member
 
Registered: Jul 2001
Location: Utah, Roy
Distribution: Gentoo
Posts: 72

Rep: Reputation: 15
you could do reciepeints mapping? then it will only let mail to valid users pass?
 
Old 12-14-2004, 07:27 PM   #5
scowles
Member
 
Registered: Sep 2004
Location: Texas, USA
Distribution: Fedora
Posts: 620

Rep: Reputation: 31
Re: Our mail server is being flooded with email address to non-existent recipients.

Quote:
Originally posted by gaslq
xcvgdfgdfgfgfcvz@outdomain.com

These are the emails flooding our our system. We do have SA+ClamAV+AMaViS working nicely on the Postfix mail gateway.
On your postfix relay, implement "relay_recipient_maps" (see the section in main.cf). By doing so, postfix will check if the e-mail address is vaild prior to relaying to your pop/imap servers. If the e-mail address is bogus, postfix simply rejects it wthout generating a DSN (bounce). In fact, I have postfix configured to where it does not even call Spamassassin for these bogus addresses.

There are a couple of ways of implementing relay_recipient_maps:

1) LDAP queries against the pop/imap servers. (This is what I do with my exchange server)
2) Create a static file of valid e-mail addresses. i.e.

# cat /etc/postfix/valid_email_addresses
scowles@mydomain.com OK
postmaster@mydomain.com OK
etc...
 
Old 12-14-2004, 09:29 PM   #6
DaHammer
Member
 
Registered: Oct 2003
Location: Planet Earth
Distribution: Slackware, LFS
Posts: 561

Rep: Reputation: 30
There are patches available for qmail that will confirm the email addresses before accepting the mail. Check th toaster at http://shupp.org/toaster/ & http://www.qmail.org/
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Send root mail to email address GUIPenguin Linux - General 1 03-01-2005 08:16 PM
Mutt sorts non existent mail ernobe Debian 0 12-17-2004 09:18 AM
send mail to external email address hamish Linux - Networking 8 12-10-2004 10:17 AM
sylpheed email client, how to blank out the recipients fields cyberbot Linux - Software 0 02-12-2004 07:51 AM
sylpheed email client, how to blank out the recipients fields cyberbot Linux - Software 1 02-11-2004 11:13 AM


All times are GMT -5. The time now is 10:13 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration