|
Our mail server is being flooded with email address to non-existent recipients.
For about a week now, our mail server has been getting flooded with email address to non-existent recipients.
The emails are coming in from all over and are mostly a bounce from a MAILER-DAEMON addressed to xzczxzvxcvzxcv@ourdomain.com. We have Qmail and because Qmail does not have a mechanism to check for valid users, it happily accepts to mail. This is a major problem because now the queue is reaching numbers in the hundreds of thousands and most of the email is junk. This puts a burden on the resources because the legitimate email is not being delivered on time We have created a few immediate solutions by installing scripts to safely remove the junk mail from the queue and also have installed a mail gateway. This is however not stopping a the zxcvxcgvcxxx@ourdomain.com emails from being delivered to our server. Any suggestions, directions or ideas would be greatly appreciated. Thank you! |
ok....
Well you are in luck.... i dont know what you are running,(ok after reading again, I guess I do) but here is how we solved the issue.... for our MTA we use postfix. so we created a file called helo_access. here is what is in it... 12.xx.xx.xx REJECT Get lost - you're lying about who you are scumbags co.weber.xx.xx REJECT Get lost - you're lying about who you are scumbags in postfix run this. postmap hash:/etc/postfix/helo_access your dir structure maybe different this just where postfix is on our system.... now when someone tries to send to your domain from your domain it will be rejected with a nice little message... Also I would recommend looking at amavisd-new.... this program is briliant and does a whole lot.... can use spamassassin, does virus filter using clamd, and spam filtering... well worth the time to config. cheers Glen |
Our mail server is being flooded with email address to non-existent recipients.
Hi gcombe74!
Thank you for the immediate reply! Currently, our mail gateway MTA is Postfix. It is setup to relay to the mail to pop and imap servers. On the Postfix gateway MTA, we have RBLs and smtpd_restrictions doing most of the checking. However, main problem is with the email that is still coming in addressed to: xcvgdfgdfgfgfcvz@outdomain.com These are the emails flooding our our system. We do have SA+ClamAV+AMaViS working nicely on the Postfix mail gateway. |
you could do reciepeints mapping? then it will only let mail to valid users pass?
|
Re: Our mail server is being flooded with email address to non-existent recipients.
Quote:
There are a couple of ways of implementing relay_recipient_maps: 1) LDAP queries against the pop/imap servers. (This is what I do with my exchange server) 2) Create a static file of valid e-mail addresses. i.e. # cat /etc/postfix/valid_email_addresses scowles@mydomain.com OK postmaster@mydomain.com OK etc... |
There are patches available for qmail that will confirm the email addresses before accepting the mail. Check th toaster at http://shupp.org/toaster/ & http://www.qmail.org/
|
| All times are GMT -5. The time now is 07:06 PM. |