[wplug] help! I am relaying mail! (postfix)
Brandon Kuczenski
brandon at 301south.net
Sun Dec 11 04:09:44 EST 2005
I recently sent a letter and it came back with the following:
Diagnostic-Code: X-Postfix; host relayl.tsr.ru[213.135.64.194] said: 553
5.0.0
Spam is blocked by spam1map?209.195.172.207 (in reply to MAIL FROM
command)
I was going to send an indignant letter, but I decided to check my logs.
(I am running Postfix 2.1.5). I got a whole bunch of these:
Dec 10 00:13:49 ocean postfix/qmgr[295]: 87710FF35: from=<>, size=28208,
nrcpt=1 (queue active)
....
Dec 10 00:14:19 ocean postfix/smtp[30067]: 87710FF35:
to=<fenelia.Carmichael at free4life.usarabia.com>, relay=none, delay=97794,
status=deferred (connect to free4life.usarabia.com[195.47.247.68]:
Operation timed out)
Notice the null 'from=<>'
I can guarantee that there's no reason my server should be sending mail to
free4life.usarabia.com. There are thousands of these such entries. I'm
scared my computer may be doing bad things.
I stripped down my postfix config file and attached it. It LOOKS RIGHT.
I thought it was properly configured. Here is an excerpt:
# Global Postfix configuration file. This file lists only a subset
myhostname = 301south.net
mydomain = 301south.net
myorigin = ocean.$myhostname
inet_interfaces = all
mydestination = kuczenski.net, $myhostname, localhost.$mydomain, $myorigin
# TRUST AND RELAY CONTROL
mynetworks = 192.168.0.0/24, 127.0.0.0/8, 301south.net
# these domains are backup-mxed for a buddy
relay_domains = $mydestination
alethe.net
nfg.ca
poemranker.com
riddlery.org
A more-or-less complete file (some nonrelevant stuff stripped out) is
attached. But why would it be accepting mail From <> ????
Please help -- I depend on this mail server. For the time, I changed the
inet_interfaces to 'localhost' and will require my users to login
directly.
What gives? I thought that on postfix, the 'mynetworks' and the
'relay_domains' were all there was...
-Brandon
-------------- next part --------------
# Global Postfix configuration file. This file lists only a subset
myhostname = 301south.net
mydomain = 301south.net
myorigin = ocean.$myhostname
inet_interfaces = all
mydestination = kuczenski.net, $myhostname, localhost.$mydomain, $myorigin
# TRUST AND RELAY CONTROL
mynetworks = 192.168.0.0/24, 127.0.0.0/8, 301south.net
# these domains are backup-mxed for a buddy
relay_domains = $mydestination
alethe.net
nfg.ca
poemranker.com
riddlery.org
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
check_recipient_access hash:/usr/local/etc/postfix/access
permit_mx_backup
reject_unauth_destination
reject_unknown_sender_domain
disable_vrfy_command = yes
smtpd_reject_unlisted_sender = yes
# smtpd_sender_restrictions
smtpd_sender_restrictions = permit_sasl_authenticated
permit_mynetworks
smtpd_sasl_local_domain = ocean.301south.net
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
smtpd_sasl_security_options = noplaintext
noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
masquerade_domains = $mydomain
More information about the wplug
mailing list