Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 17th August 2006, 23:39
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by sjau
Do you haven an open relay server?
Good question, one should never assume the obvious ...

Let me take a look ... but the standard install of postfix smtp only delivers email generated locally and postfix only delivers email locally ...


So in principle this should not happen.
Lets see ...
I have made
mynetworks_style = host
and relay is just from local machine
mynetworks = 127.0.0.0/8 has indicated in the man pages.

At what parameters should I take a look in the config to make absolute sure everything is setup correctly apart from this relating to relay ?

Also to notice is that this particular server does not have no domain MX record pointed to it.
It is a plain server, with just a few users.
No A records point to it, no MX records point to it.

Regards,
Pedro
Reply With Quote
Sponsored Links
  #12  
Old 18th August 2006, 04:24
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi sjan,

Actually I now know what is the problem.

The deferred queue was made of a lot of emails that obviously had to enter when the server was not configured correctly.
I did not noticed this in the beggining and postfix kept trying to send those spams ..
It was a lot of email ... something like +/-23000 emails!

My problem is that this server might go into a blacl list!

Anyway I overloaded

smtpd_sender_restrictions
smtpd_client_restrictions

smtpd_data_restrictions


and has you suggested the most important :
smtpd_recipient_restrictions


Regards,
Pedro
Reply With Quote
  #13  
Old 18th August 2006, 15:00
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

Make sure you have
Code:
mynetworks = 127.0.0.0/8
in /etc/postfix/main.cf. SuSE likes to add other networks to that variable (you can check with
Code:
postconf -d
) so these other networks would be allowed to send through your server without authentication.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #14  
Old 19th August 2006, 01:26
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi Falko,

Quote:
Originally Posted by falko
Make sure you have
Code:
mynetworks = 127.0.0.0/8
in /etc/postfix/main.cf. SuSE likes to add other networks to that variable (you can check with
Code:
postconf -d
) so these other networks would be allowed to send through your server without authentication.

You are right.
The problem was the default config.
At least in SuSE 10.1 64bit by default mynetwork_style = subnet.
(i thought it was server and localhost by default!! )
And worst, they add (I do not know how) your IP subnet xxx.xxx.xxx.xxx/24 !
But it was really _really_ a coincidence as the server with IP next to mine is a (micros***t) spam server! Always trying to search for relay email.
What a luck.
Had it been an ip in another class C and I guess I would have been safe .

No problem
Now everything is ok and my IP is not listed in no spam list anymore (I actually detected the thing very fast, it was only open for some hours).
When I detected the problem with a trivial ps ax I imediately stoped ... postfix and fixed it

Regards,
Pedro
Reply With Quote
  #15  
Old 19th August 2006, 02:03
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi Falko,

Quote:
Originally Posted by falko
Make sure you have
Code:
mynetworks = 127.0.0.0/8
in /etc/postfix/main.cf. SuSE likes to add other networks to that variable (you can check with
Code:
postconf -d
) so these other networks would be allowed to send through your server without authentication.
I just rechecked the config and what bothers me most is that I have specifically set on the config file

mynetworks_style= host

and also

mynetworks = 127.0.0.0/8

Yesterday I did not even made a check after the change to see if it was ok.
Now that you have mentioned it I just gave it a try and to my surprise:

the command postconf -d shows:

mynetwork_style = subnet
mynetworks = 127.0.0.0/8 xxx.xxx.xxx.xxx/24

That is my subnet!!!

Aparently this is not affecting me as all email received is not relayed and is rejected.
But this is strange ...


Regards,
Pedro
Reply With Quote
  #16  
Old 19th August 2006, 02:45
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by falko
Make sure you have
Code:
mynetworks = 127.0.0.0/8
in /etc/postfix/main.cf. SuSE likes to add other networks to that variable (you can check with
Code:
postconf -d
) so these other networks would be allowed to send through your server without authentication.
It seems that postfix has a will of it's own

main.cf specifically contains:

mynetworks_style = host

and postconf -d always shows

mynetworks_style = subnet

same for mynetworks and also for relay_domains, the values do not match what is on the main.cf.

Does someone know what is happening?

Regards,
Pedro
Reply With Quote
  #17  
Old 19th August 2006, 03:02
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Everyone sorry for the confusion in the previous comments.

I have been very inacurate.

The setup is perfect.
My confusion was due to the fact that if one makes:

postconf -d
the parameters shown are the defaults.

if one makes:
postconf -n
the listing shows the actual main.cf parameters.


Regards,
Pedro

time to go to sleep
Reply With Quote
  #18  
Old 19th August 2006, 13:19
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

One thing to add: If you specify mynetworks, you don't need mynetworks_style in /etc/postfix/main.cf.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #19  
Old 21st August 2006, 03:26
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi Falko,

Quote:
Originally Posted by falko
One thing to add: If you specify mynetworks, you don't need mynetworks_style in /etc/postfix/main.cf.
I noticed, and I have on the server the correct setup right now.


Regards,
Pedro
Reply With Quote
  #20  
Old 29th January 2007, 17:47
RicochetPeter RicochetPeter is offline
Member
 
Join Date: Apr 2006
Posts: 41
Thanks: 3
Thanked 1 Time in 1 Post
 
Default

[QUOTE=sjau]
Code:
        check_recipient_access hash:/etc/postfix/recipient_checks,
        check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
        check_helo_access hash:/etc/postfix/helo_checks,
        check_sender_access hash:/etc/postfix/sender_checks,
        check_client_access hash:/etc/postfix/client_checks,
        check_client_access pcre:/etc/postfix/client_checks.pcre,
Hi all,

sorry for the bump, but those lines gave me a hickup. What do the mentioned files contain? I don't have them by default, so I think they have to be created by myself. (I admit I'm too lazy now to look up those paramters in the postfix docs in the first place )
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Slicker spam handling with Maildirs IntnsRed Feature Requests 9 30th March 2008 06:02
How to kill spam when spamassassin marks it spam kpimichael Suggest HOWTO 15 6th August 2007 16:44
Filtering SPAM MvincM Installation/Configuration 28 3rd October 2006 17:33
Howto let procmail move spam to folder? oversight HOWTO-Related Questions 9 1st May 2006 15:39
Samba as a PDC HOWTO help jesterking HOWTO-Related Questions 2 23rd February 2006 19:45


All times are GMT +2. The time now is 17:43.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.