View Single Post
Old 13th February 2012, 11:53
lspdev lspdev is offline
Junior Member
Join Date: Nov 2011
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts

Originally Posted by till View Post
The Ubuntu guide does not result in a open relay normally. So there was either a misunderstanding while you tested the server (e.g. you tested to send a email to a domain which was configured as local on the system instead of using a test like this one:

Or the server was a open relay before.

To give you a more detailed answer, post the contant of the /etc/postfix/ file and the result of the relay test that i posted above.

Regarding Centos, I wont use that on a production system. Better use Ubuntu or Debian.
I have restored from backup to try and fix this problem - Here is the postfix file as requested. I feel it will be better to try and fix this server, as it will allow me to understand why it is doing this... and how I can resolve it... I have substitued my real server name with "servername" to protect it for now... PLEASE help...

# See /usr/share/postfix/ for a commented, more complete version

# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname =
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost, localhost.localdomain
relayhost =
mynetworks = [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/, mysql:/etc/postfix/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/
virtual_mailbox_maps = proxy:mysql:/etc/postfix/
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/, reject_unauth_destination
smtpd_tls_security_level = may
transport_maps = proxy:mysql:/etc/postfix/
relay_domains = mysql:/etc/postfix/
relay_recipient_maps = mysql:/etc/postfix/
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
content_filter = amavis:[]:10024
receive_override_options = no_address_mappings
message_size_limit = 0

I can assure you - This was all set up generic and have not added my laptop or adsline or even email addresses to a safe list / allow list....

But I can send via this server withouth ANY authentication to ANY email address.....

What is my next move?
Reply With Quote