mail problem

Discussion in 'Installation/Configuration' started by dumb-medic, Apr 22, 2006.

  1. dumb-medic

    dumb-medic New Member

    had to re-setup ispconfig, using opensuse 10.0.
    didn't have any problems during install,
    but somehow it's configured as an open relay.

    it seems that someone is abusing my server.

    in "/var/log/mail" there are thousands of entries within minutes:

    Apr 22 05:43:03 server1 postfix/smtp[15717]: DE5BB2E4040: to=<[email protected]>, relay=mx5.hanmail.net[211.43.197.110], delay=8, status=bounced (host mx5.hanmail.net[211.43.197.110] said: 550 5.7.1 <[email protected]>... Error.your access was denied.? Since you sent too many e-mails,you are not allowed to send more e-mails within 24 hours.After 24 hours,you can send e-mails as usual.If you did not send any e-mails,which is considered as a spam,you'd better register (in reply to MAIL FROM command))

    how can i prevent this?

    here's my main.cf:

    queue_directory = /var/spool/postfix
    command_directory = /usr/sbin
    daemon_directory = /usr/lib/postfix
    mail_owner = postfix
    unknown_local_recipient_reject_code = 550
    debug_peer_level = 2
    debugger_command =
    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
    xxgdb $daemon_directory/$process_name $process_id & sleep 5
    sendmail_path = /usr/sbin/sendmail
    newaliases_path = /usr/bin/newaliases
    mailq_path = /usr/bin/mailq
    setgid_group = maildrop
    html_directory = /usr/share/doc/packages/postfix/html
    manpage_directory = /usr/share/man
    sample_directory = /usr/share/doc/packages/postfix/samples
    readme_directory = /usr/share/doc/packages/postfix/README_FILES
    inet_protocols = all
    biff = no
    mail_spool_directory = /var/mail
    canonical_maps = hash:/etc/postfix/canonical
    relocated_maps = hash:/etc/postfix/relocated
    transport_maps = hash:/etc/postfix/transport
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    masquerade_exceptions = root
    masquerade_classes = envelope_sender, header_sender, header_recipient
    myhostname = server1.$mydomain
    program_directory = /usr/lib/postfix
    inet_interfaces = all
    masquerade_domains =
    defer_transports =
    disable_dns_lookups = no
    relayhost =
    mailbox_command =
    mailbox_transport =
    strict_8bitmime = no
    disable_mime_output_conversion = no
    smtpd_sender_restrictions = hash:/etc/postfix/access
    smtpd_client_restrictions =
    smtpd_helo_required = no
    smtpd_helo_restrictions =
    strict_rfc821_envelopes = no
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_relay_domains
    smtp_sasl_auth_enable = no
    smtpd_sasl_auth_enable = yes
    smtpd_use_tls = yes
    smtp_use_tls = yes
    alias_maps = hash:/etc/aliases
    mailbox_size_limit = 0
    message_size_limit = 10240000
    mydomain = hereismydomain.tld (removed ;-)
    smtpd_sasl_local_domain =
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_tls_auth_only = no
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    virtual_maps = hash:/etc/postfix/virtusertable
    mydestination = /etc/postfix/local-host-names

    here's /etc/postfix/local-host-names:
    ###################################
    #
    # ISPConfig local-host-names Configuration File
    # Version 1.0
    #
    ###################################
    localhost
    server1.hereismydomain.tld
    localhost.server1.hereismydomain.tld
    localhost.hereismydomain.tld
    www.hereismydomain.tld
    www.hereismyseconddomain.tld
    hereismydomain.tld
    hereismyseconddomain.tld
    #### MAKE MANUAL ENTRIES BELOW THIS LINE! ####

    server1:~ # telnet localhost 25
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    220 server1.hereismydomain.tld ESMTP Postfix
    ehlo localhost
    250-server1.hereismydomain.tld
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH PLAIN LOGIN
    250-AUTH=PLAIN LOGIN
    250 8BITMIME

    finally, i can't login via uebimiau, always saying that user & pass incorrect.

    regards,
    dumb-medic
     
    Last edited: Apr 22, 2006
  2. Hans

    Hans Moderator ISPConfig Developer

    If i was you add the line:

    mynetworks = 127.0.0.0/8

    to your main.cf file.


    Hans
     
  3. dumb-medic

    dumb-medic New Member

    hans! thank you very much, that did it!

    no idea how this line dropped out, i wonder if there are more lines missing.
    however, at least i can start postfix again to figure out why my uebiMiau-logins don't work.

    regards,
    dumb-medic
     
  4. Hans

    Hans Moderator ISPConfig Developer

  5. dumb-medic

    dumb-medic New Member

    All fixed

    thanks again, hans!

    this second i've located the problem by analyzing the etherreal frames during a login. (sometimes it's easier to lay your ear on the wire ;)
    somehow uebimiau always tried to connect to localhost, so i simply removed and reinstalled the webmail package and it was fixed :)

    regards,
    dumb-medic
     

Share This Page