Postfix Backscatter Problem
Hi All,
I have a server running postfix and I keep getting blacklisted for backscattering. I want to just out and out reject unknown recipients but I've been trying all day to do it and the only time I succeeded was when it rejected all recipients. Here's the configs: Main queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/lib/postfix mail_owner = postfix mydestination = $myhostname, localhost.$mydomain, localhost content_filter=smtp-amavis:[127.0.0.1]:10024 unknown_local_recipient_reject_code = 550 mynetworks_style = host alias_maps = hash:/etc/postfix/aliases newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix setgid_group = postdrop manpage_directory = /usr/share/man alias_database = hash:/etc/postfix/aliases virtual_maps = hash:/etc/postfix/virtual transport_maps = hash:/etc/postfix/transport virtual_mailbox_domains = $transport_maps local_destination_concurrency_limit=1 maildrop_destination_concurrency_limit=1 maildrop_destination_recipient_limit=1 relay_domains=$mydestination smtpd_recipient_restrictions=permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_sender_access hash:/etc/postfix/sender_access smtpd_sasl_auth_enable=yes smtpd_sasl_security_options=noanonymous sender_bcc_maps = hash:/etc/postfix/bcc_maps recipient_bcc_maps = hash:/etc/postfix/bcc_maps Master # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd -o content_filter=spamchk:dummy #628 inet n - n - - qmqpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil # spamchk is new mail transport (mail filter) spamchk unix - n n - 10 pipe flags=Rq user=spamd argv=/usr/local/bin/spamchk -f ${sender} -- ${recipient} maildrop unix - n n - - pipe flags=DRhu user=daemon:mail argv=/usr/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail.postfix ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient smtp-amavis unix - - n - 2 lmtp -o lmtp_data_done_timeout=1200 -o lmtp_send_xforward_command=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 Any help you can give is a great help :) Thanks Glyn |
When you post your configuration for assistance with postfix it's best to post the output of the command postconf -n that will show us ONLY changes you have made frodefault settings making it easier to spot what might be wrong.. Also if you folloewed a specific how-to to configure teh system referencing a link to that can be helpful as well.. just fyi for the future.
You want to read this.. http://www.postfix.org/SMTPD_ACCESS_README.html Your current restrictions.. not much.. Code:
smtpd_recipient_restrictions= Some suggested restrictions.. http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt Code:
For 2.x versions of Postfix: the gray entries refere to additional configuration files you need to create if you decide to use those options. . |
All times are GMT -5. The time now is 02:43 AM. |