stop users receiving mail with no domain

Discussion in 'HOWTO-Related Questions' started by Reptile, Apr 26, 2007.

  1. Reptile

    Reptile New Member

    Using, Debian 4 and Postfix.

    I have set up virtual domains which is working nicely, however, I have been receiving spam because people have been sending email to generic names like [email protected] when the email is not set up in the /etc/postfix/virtual/addresses file.

    because the user reptile exists the mail is sent to this inbox. how do i stop mail going to this inbox and only going to the inbox of the mail specified in the virtual addresses list?

    I am aware I could obviously change my login to something less generic or send that specific email to a catch account but i'd rather have it rejected.
     
  2. edge

    edge Active Member Moderator

    I'm not sure how I stopped this on my server, but it was something I added to main.cf in /etc/postfix

    I think it was one of the following lines:
    Code:
    unknown_address_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    
    Make sure you restart postfix after adding the lines.
    Code:
    /etc/init.d/postfix restart
     
  3. Reptile

    Reptile New Member

    nah , that didn't work :(
     
  4. falko

    falko Super Moderator ISPConfig Developer

    What's in your /etc/postfix/main.cf?
     
  5. Reptile

    Reptile New Member

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no

    append_dot_mydomain = no

    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

    myhostname = server.xxxx.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases

    mydomain = $myhostname
    myorigin = $mydomain
    mydestination = $myhostname, /etc/postfix/virtual/domains, localhost, localhost.$mydomain
    virtual_maps = hash:/etc/postfix/virtual/addresses
    virtual_transport = virtual
    local_transport = local
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command =
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    #smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    smtpd_error_sleep_time = 2
    tls_random_source = dev:/dev/urandom
    home_mailbox = Maildir/
    unknown_address_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
     
  6. falko

    falko Super Moderator ISPConfig Developer

    What's in /etc/postfix/virtual/addresses and /etc/postfix/virtual/domains?
     
  7. Reptile

    Reptile New Member

  8. falko

    falko Super Moderator ISPConfig Developer

    If you want to send emails to [email protected], you should have xxxxx.com in the domains file, not www.xxxxx.com.
     
  9. Reptile

    Reptile New Member

    i think we are off the point now. The problem is not that the users are not receiving email, the problem is that a user created with the useradd command will receive email when there is no matching domain name if the name before the @ is the same.

    i.e. i only want users setup in the virtual/addresses file to receive email on those specific addresses.

    Please refer to the original post for the original question.

    For reference, I didn't have www. in the domain file, that was a mistake i made when typing it out.
     
  10. edge

    edge Active Member Moderator

    Try adding the following to your main.cf
    Code:
    local_recipient_maps = $alias_maps
    and see if this does the trick. (make sure you restart postfix)
     
  11. Reptile

    Reptile New Member

    no that didn't work :(

    i sent two messages one to

    [email protected]

    and one to

    [email protected]

    and the [email protected] found its way into my account despite having no mapping for it.
     
  12. edge

    edge Active Member Moderator

    this is how my main.cf looks like (note: I've changed the myhostname = mail.REMOVED.COM)
    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    
    append_dot_mydomain = no
    delay_warning_time = 4h
    myhostname = mail.REMOVED.COM
    
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    
    local_recipient_maps = $alias_maps
    smtpd_sender_restrictions = hash:/etc/postfix/restrictions
    
    virtual_maps = hash:/etc/postfix/virtusertable
    
    mydestination = /etc/postfix/local-host-names
    
    smtpd_helo_required = yes
    disable_vrfy_command = yes
    invalid_hostname_reject_code = 554
    multi_recipient_bounce_reject_code = 554
    non_fqdn_reject_code = 554
    relay_domains_reject_code = 554
    unknown_address_reject_code = 554
    unknown_client_reject_code = 554
    unknown_hostname_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_relay_recipient_reject_code = 554
    unknown_sender_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    unverified_recipient_reject_code = 554
    unverified_sender_reject_code = 554
    
    smtpd_recipient_restrictions =
                reject_invalid_hostname,
                reject_unknown_recipient_domain,
                reject_unauth_pipelining,
                permit_mynetworks,
                permit_sasl_authenticated,
                reject_unauth_destination,
                reject_rbl_client dsn.rfc-ignorant.org,
                reject_rbl_client dul.dnsbl.sorbs.net,
                reject_rbl_client list.dsbl.org,
                reject_rbl_client sbl-xbl.spamhaus.org,
                reject_rbl_client bl.spamcop.net,
                reject_rbl_client cbl.abuseat.org,
                permit
    
     
  13. Reptile

    Reptile New Member

    what do you have in

    mydestination = /etc/postfix/local-host-names

    Theres not much difference between mine and yours in main.cf

    Funnily enough though, if i have that mailbox_command (procmail) my mail does not get delivered. I have to leave it blank.
     
  14. edge

    edge Active Member Moderator

    This is what I have in my local-host-names (again I've changed tje myhostname)
    Code:
    localhost
    host.myhostname.com
    localhost.myhostname.com
    localhost.host.myhostname.com
    
    all my other domain names
    
     
  15. falko

    falko Super Moderator ISPConfig Developer

    Take a look at the local_recipient_maps and smtpd_recipient_restrictions parameters on http://www.postfix.org/postconf.5.html
     

Share This Page