Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
It looks as though you are being trawled for email addresses. You could try slowing the spammers down by introducing a soft error limit and sleep time. Try the following in your main.cf file:
using
smtpd_soft_error_limit = 2
smtpd_error_sleep_time = 200
as you suggested, is not a good solution for me, because - fro sure - I also receive mails to the domains which are trawled for email addresses.
So, the moment the service "sleeps" it cannot deliver to an existing box. Therefor I had to check all postmaster-warnings for possible existing-mailbox-names...
Thanks again - but at present I use a couple of rbl_client commands, which -so far- does sort out a lot of the junk....
since I'm the postmaster - I can only contact myself ;-)
I re-tried the "soft_error_limit & error_sleep_time" commands - this time took it off again, cause the number of smtpd proccesses running went up to 30 (instead of the usual 2 - 7), which scared me cause somewhere I've read that postfix gets in trouble once this number exceeds 50.
I manage to reject those 159.whoever@ mails using a pcre check (see main.cf below).
I get (IMO too many) "lost connection after RCPT..." messages in my log - maybe about every 10th process.
QUESTION remains - how to block these multi senders at the earliest stage?
See below my main.cf and (relevant) pcre check:
===========POSTFIX===main.cf===ACTUAL VERSION
# Global Postfix configuration file. 4 more see the postconf(5) manual
#soft_bounce = no
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = fortuner.big-tree.org
mydomain = big-tree.org
myorigin = $mydomain
mydestination = $myhostname, localhost
unknown_local_recipient_reject_code = 550
#relay_domains = $mydestination
#recipient_delimiter = +
#home_mailbox = Maildir/
mail_spool_directory = /var/spool/mail
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
#mailbox_command = /some/where/procmail -a "$EXTENSION"
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.