ISPConfig + Perfect Setup Ubuntu 5.10 + Smtp SPAM problems

[lyndros]

HI all guys,

i configured my server a month ago but im havin problems with spam, i just followed all the steps in perfect setup ubuntu 5.10, but anyone can send emails throught smtp without authentification.


For example i telnet to my server to port 25(i tried from an outside ip and it worked).

So when i look to my mail logs, im noticing that some people is using my server to send emails....

anyone could help me?

thks in advanced :-P

[till]

First, did you try to send emails to a domain on your server or to an external domain. Your server is only an open relay if someone can send email to e.g. a gmail account without authentication.

Please post your postfix main.cf file here.

[falko]

What's the output of

Code:

telnet localhost 25

and then

Code:

ehlo localhost

?

[lyndros]

this is my output to ehlo :-P, i think its right because is starttls and AUTH...

501 Syntax: EHLO hostname
ehlo server.com
250-server1.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME

this is my main.cf from /etc/postfix

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = server1.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = server1.mydomain.com, localhost.mydomain.com, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
mailbox_command =
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names

[till]

Did you try to send emails to a domain on your server or to an external domain?

[falko]

There are three scenarios when you don't have to authenticate when you want to send mails:

1. You're sending directly from the server, e.g. with webmail.
2. You're sending to e recipient whose mailbox is on the server.
3. You're sending from a computer that is within mynetworks in /etc/postfix7main.cf.

[lyndros]

Quote:

Originally Posted by falko

There are three scenarios when you don't have to authenticate when you want to send mails:

1. You're sending directly from the server, e.g. with webmail.
2. You're sending to e recipient whose mailbox is on the server.
3. You're sending from a computer that is within mynetworks in /etc/postfix7main.cf.

ok, falko i understand but my networks only responds to 127.0.0.0/8 so if i tried from a machine from my local network 192.168.1.x , i must auth because it's not on my networks and i can send mails to any external domain, like hotmail, gmail etc...

thks in advanced :-)

[falko]

What's in your mail log when yout try to send to an external recipient?

[lyndros]

Quote:

Originally Posted by falko

What's in your mail log when yout try to send to an external recipient?

falko i think that the problem is solved i dont know how

another question this is normal ?

220 server1.example.com ESMTP Postfix
ehlo test.com
250-server1.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
mail from: test@example.com
501 Bad address syntax
mail from: example@test.com
501 Syntax: MAIL FROM: <address>
MAIL FROM: TEST@example.com
250 Ok
RCPT TO: test@gmail.com
554 <test@gmail.com>: Relay access denied

but when the auth is require? if i dont auth this is the message ?


thks in advanced

[till]

Quote:

Originally Posted by lyndros

but when the auth is require? if i dont auth this is the message ?

SMTP-Auth is required everytime you send an email to a domain that is not hosted on your server and where the sending host is not in mynetworks.