stop users receiving mail with no domain

Discussion in 'HOWTO-Related Questions' started by Reptile, Apr 26, 2007.

  1. Reptile

    Reptile New Member

    Using, Debian 4 and Postfix.

    I have set up virtual domains which is working nicely, however, I have been receiving spam because people have been sending email to generic names like reptile@atmydomain.com when the email is not set up in the /etc/postfix/virtual/addresses file.

    because the user reptile exists the mail is sent to this inbox. how do i stop mail going to this inbox and only going to the inbox of the mail specified in the virtual addresses list?

    I am aware I could obviously change my login to something less generic or send that specific email to a catch account but i'd rather have it rejected.
     
  2. edge

    edge Active Member Moderator

    I'm not sure how I stopped this on my server, but it was something I added to main.cf in /etc/postfix

    I think it was one of the following lines:
    Code:
    unknown_address_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    
    Make sure you restart postfix after adding the lines.
    Code:
    /etc/init.d/postfix restart
     
  3. Reptile

    Reptile New Member

    nah , that didn't work :(
     
  4. falko

    falko Super Moderator ISPConfig Developer

    What's in your /etc/postfix/main.cf?
     
  5. Reptile

    Reptile New Member

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no

    append_dot_mydomain = no

    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

    myhostname = server.xxxx.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases

    mydomain = $myhostname
    myorigin = $mydomain
    mydestination = $myhostname, /etc/postfix/virtual/domains, localhost, localhost.$mydomain
    virtual_maps = hash:/etc/postfix/virtual/addresses
    virtual_transport = virtual
    local_transport = local
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command =
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    #smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    smtpd_error_sleep_time = 2
    tls_random_source = dev:/dev/urandom
    home_mailbox = Maildir/
    unknown_address_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
     
  6. falko

    falko Super Moderator ISPConfig Developer

    What's in /etc/postfix/virtual/addresses and /etc/postfix/virtual/domains?
     
  7. Reptile

    Reptile New Member

  8. falko

    falko Super Moderator ISPConfig Developer

    If you want to send emails to user1@xxxxx.com, you should have xxxxx.com in the domains file, not www.xxxxx.com.
     
  9. Reptile

    Reptile New Member

    i think we are off the point now. The problem is not that the users are not receiving email, the problem is that a user created with the useradd command will receive email when there is no matching domain name if the name before the @ is the same.

    i.e. i only want users setup in the virtual/addresses file to receive email on those specific addresses.

    Please refer to the original post for the original question.

    For reference, I didn't have www. in the domain file, that was a mistake i made when typing it out.
     
  10. edge

    edge Active Member Moderator

    Try adding the following to your main.cf
    Code:
    local_recipient_maps = $alias_maps
    and see if this does the trick. (make sure you restart postfix)
     
  11. Reptile

    Reptile New Member

  12. edge

    edge Active Member Moderator

    this is how my main.cf looks like (note: I've changed the myhostname = mail.REMOVED.COM)
    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    
    append_dot_mydomain = no
    delay_warning_time = 4h
    myhostname = mail.REMOVED.COM
    
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    
    local_recipient_maps = $alias_maps
    smtpd_sender_restrictions = hash:/etc/postfix/restrictions
    
    virtual_maps = hash:/etc/postfix/virtusertable
    
    mydestination = /etc/postfix/local-host-names
    
    smtpd_helo_required = yes
    disable_vrfy_command = yes
    invalid_hostname_reject_code = 554
    multi_recipient_bounce_reject_code = 554
    non_fqdn_reject_code = 554
    relay_domains_reject_code = 554
    unknown_address_reject_code = 554
    unknown_client_reject_code = 554
    unknown_hostname_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_relay_recipient_reject_code = 554
    unknown_sender_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    unverified_recipient_reject_code = 554
    unverified_sender_reject_code = 554
    
    smtpd_recipient_restrictions =
                reject_invalid_hostname,
                reject_unknown_recipient_domain,
                reject_unauth_pipelining,
                permit_mynetworks,
                permit_sasl_authenticated,
                reject_unauth_destination,
                reject_rbl_client dsn.rfc-ignorant.org,
                reject_rbl_client dul.dnsbl.sorbs.net,
                reject_rbl_client list.dsbl.org,
                reject_rbl_client sbl-xbl.spamhaus.org,
                reject_rbl_client bl.spamcop.net,
                reject_rbl_client cbl.abuseat.org,
                permit
    
     
  13. Reptile

    Reptile New Member

    what do you have in

    mydestination = /etc/postfix/local-host-names

    Theres not much difference between mine and yours in main.cf

    Funnily enough though, if i have that mailbox_command (procmail) my mail does not get delivered. I have to leave it blank.
     
  14. edge

    edge Active Member Moderator

    This is what I have in my local-host-names (again I've changed tje myhostname)
    Code:
    localhost
    host.myhostname.com
    localhost.myhostname.com
    localhost.host.myhostname.com
    
    all my other domain names
    
     
  15. falko

    falko Super Moderator ISPConfig Developer

    Take a look at the local_recipient_maps and smtpd_recipient_restrictions parameters on http://www.postfix.org/postconf.5.html
     

Share This Page