postfix accepts

Discussion in 'Installation/Configuration' started by fireba11, Feb 22, 2016.

  1. fireba11

    fireba11 Member HowtoForge Supporter

    Hi,
    I'm a happy ISPconfig user, but with all the .doc virus mails lately i noticed my server (using postfix) is accepting mails that supposedly originate from one of my domains. I would have expected those to not be accepted automatically ... do i have a missconfiguration somewhere? Or what do i need to do to just not accept those mails?My domains have spf records, provideing i didn't mess them up that should cause mails from other servers to be detected alss phoney, right?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Your server is configured correctly. A mail server ahs to accept emails for its local domains, if he wont accpet them, then you wont be able to receive emails at all.
     
  3. fireba11

    fireba11 Member HowtoForge Supporter

    I meant that the supposed sender is not a user account on my server, and half the time the sender account doesn't even exist.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The sender account does not matter, when a domain is a local domain of your server then your server has to accept emails for ths local domain.

    If you want that postfix accepts only emails from existing domains, then you can change the recipient restrictions in main.cf e.g. like this:

    Code:
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_recipient_domain,reject_non_fqdn_recipient,reject_non_fqdn_sender,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client zen.spamhaus.org, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
     
  5. fireba11

    fireba11 Member HowtoForge Supporter

    I just notied I had not even installed spf ... added it now, that should help :)
    Got spf record for all my domains set up for a while now ...
     
  6. fireba11

    fireba11 Member HowtoForge Supporter

    Suggestion:
    Add spf to the perfect setup guides. see https://help.ubuntu.com/community/Postfix/SPF
    And add spf to the default DNS template (like TXT||v=spf1 mx a ip4:1.2.3.4/32 ip6::1/64 -all|0|86400

    Helps a lot with spam etc :-D
     

Share This Page