ISPConfig + Perfect Setup Ubuntu 5.10 + Smtp SPAM problems

Discussion in 'Installation/Configuration' started by lyndros, Apr 12, 2006.

  1. lyndros

    lyndros New Member

    HI all guys,

    i configured my server a month ago but im havin problems with spam, i just followed all the steps in perfect setup ubuntu 5.10, but anyone can send emails throught smtp without authentification.


    For example i telnet to my server to port 25(i tried from an outside ip and it worked).

    So when i look to my mail logs, im noticing that some people is using my server to send emails....

    anyone could help me?

    thks in advanced :p
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    First, did you try to send emails to a domain on your server or to an external domain. Your server is only an open relay if someone can send email to e.g. a gmail account without authentication.

    Please post your postfix main.cf file here.
     
  3. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What's the output of
    Code:
    telnet localhost 25
    and then
    Code:
    ehlo localhost
    ?
     
  4. lyndros

    lyndros New Member

    this is my output to ehlo :p, i think its right because is starttls and AUTH...

    501 Syntax: EHLO hostname
    ehlo server.com
    250-server1.mydomain.com
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH LOGIN PLAIN
    250-AUTH=LOGIN PLAIN
    250 8BITMIME

    this is my main.cf from /etc/postfix

    # See /usr/share/postfix/main.cf.dist for a commented, more complete version

    smtpd_banner = $myhostname ESMTP $mail_name
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    myhostname = server1.mydomain.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    #mydestination = server1.mydomain.com, localhost.mydomain.com, localhost
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    mailbox_command =
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    home_mailbox = Maildir/

    virtual_maps = hash:/etc/postfix/virtusertable

    mydestination = /etc/postfix/local-host-names
     
    Last edited: Apr 13, 2006
  5. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Did you try to send emails to a domain on your server or to an external domain?
     
  6. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    There are three scenarios when you don't have to authenticate when you want to send mails:
    1. You're sending directly from the server, e.g. with webmail.
    2. You're sending to e recipient whose mailbox is on the server.
    3. You're sending from a computer that is within mynetworks in /etc/postfix7main.cf.
     
  7. lyndros

    lyndros New Member

    ok, falko i understand but my networks only responds to 127.0.0.0/8 so if i tried from a machine from my local network 192.168.1.x , i must auth because it's not on my networks and i can send mails to any external domain, like hotmail, gmail etc...

    thks in advanced :)
     
  8. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What's in your mail log when yout try to send to an external recipient?
     
  9. lyndros

    lyndros New Member

    falko i think that the problem is solved :) i dont know how :(

    another question this is normal ?

    220 server1.example.com ESMTP Postfix
    ehlo test.com
    250-server1.example.com
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH LOGIN PLAIN
    250-AUTH=LOGIN PLAIN
    250 8BITMIME
    mail from: test@example.com
    501 Bad address syntax
    mail from: example@test.com
    501 Syntax: MAIL FROM: <address>
    MAIL FROM: TEST@example.com
    250 Ok
    RCPT TO: test@gmail.com
    554 <test@gmail.com>: Relay access denied

    but when the auth is require? if i dont auth this is the message ?


    thks in advanced
     
  10. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    SMTP-Auth is required everytime you send an email to a domain that is not hosted on your server and where the sending host is not in mynetworks.
     
  11. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

  12. lyndros

    lyndros New Member

Share This Page