HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   relay_recipients issue with spamsnake on ubuntu 8.04 (http://www.howtoforge.com/forums/showthread.php?t=40931)

filfish 12th November 2009 15:55

relay_recipients issue with spamsnake on ubuntu 8.04
 
Hi

We've been running the perfect spamsnake for about 8 months on ubuntu 8.04 we're mostly happy with it excluding a couple of issues we're working on in another thread.

We've been using the relay_recipients file with just the domain in
@anydomain.com OK

But have now sorted out the scheduling of exporting the 8000 email addresses from our exchange box over to the spamsnake, so I tried filing the relay recipients file with the 8000+ emails all with a space and OK at the end, ran postmap /etc/postfix/relay_recipients and even gave postfix a restart.

even with that done we still see emails to <anyone>@anydomain.com getting through even though those email addresses are not in the relay_recipient file.

Am i missing another step or using the wrong file even?

cheers

Phil

Rocky 13th November 2009 06:26

Stupid question but have you commented out @anydomain.com OK? If you didn't, that would be your reason why emails are still going through.

filfish 13th November 2009 11:20

Quote:

Originally Posted by Rocky (Post 210551)
Stupid question but have you commented out @anydomain.com OK? If you didn't, that would be your reason why emails are still going through.

Yes, I renamed the original relay_recipients to relay_recipients.old then created a new file with all the emails in and did the postmap on the new file.

Although I've not yet had a good look through the traffic this morning, as of midnight last night there was a significant drop in traffic, I'll try to look through to see any email addresses that shouldn't be there

filfish 13th November 2009 11:29

Ok, having had a quick look through the recent messages, emails are still flowing to addresses not in my relay_recipients file, although it's not the end of the world it would be nice to tie this one down.

Cheers

Rocky 13th November 2009 17:38

Hey,

Make sure to delete the relay_recipients.db file also and then repostmap your new relay_recipients file so that it recreates the db file.

Restart postfix and you should be good to go.

filfish 17th November 2009 15:11

Well, I did as advised, deleted the relay_recipients.db file deleted all versions of my relay_recipients file to ensure I didn't use the wrong one, then added the 8200 email addresses to a new relay_recipients file, ran "postmap /etc/postfix/relay_recipents" restarted postfix and for good measure even restarted the server.

After a few days of testing I can confirm that <any_rubbish@mydomain.com> still comes through, but oddly, it is only @mydomain.com that get through so it is filtering against the domain name, just not the full email address.

Rocky 18th November 2009 15:19

Please post your main.cf.

The reason it's only allowing your domain to pass through is because it's defined in your relay_domains file.

filfish 18th November 2009 17:22

Hi Rocky, Thanks

Below is my main.cf as requested, i've swapped out my actual domain name for 'anydomain.com' and my IP for '123.456.789.0'

I've noticed there is no reference in this file to a relay_recipients hash, i think this could be the problem!


Main.cf -->

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mailgate.anydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = anydomain.com
mydestination =
relayhost =
mynetworks = 127.0.0.0/8, 123.456.789.0/24
message_size_limit = 20480000
mailbox_size_limit =
recipient_delimiter = +
inet_interfaces = all
local_transport = error:No local mail delivery
local_recipient_maps =
virtual_alias_maps = hash:/etc/postfix/virtual
check_recipient_access = hash:/etc/postfix/recv_access
transport_maps = hash:/etc/postfix/transport
relay_domains = hash:/etc/postfix/relay_domains
smtpd_helo_required = yes
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination, check_policy_service inet:127.0.0.1:2525
smtpd_data_restrictions = reject_unauth_pipelining
header_checks = regexp:/etc/postfix/header_checks

Rocky 18th November 2009 19:38

You are correct and it confirms what I thought was the problem.

Insert this into your main.cf:

relay_recipient_maps = hash:/etc/postfix/relay_recipients or the name of your relay recipients file.

Then reboot postfix and you should be good to go.

filfish 19th November 2009 11:03

Thanks Rocky

I believe that has sorted it, now all that's left is cleaning the database but more RAM should fix that one.

Thanks again for the great spamsnake and your assistance getting it sorted.


All times are GMT +2. The time now is 15:09.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.