Hello,
I'm having a lot of trouble with spam these days and since I'm running
our mail server administration I'm trying to figure out how to solve the
problem. Unfortunately I'm not so keen in sys administration...
To avoid receiving spam I added these lines to my main.cf configuration:
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client bl.spamcop.net,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client sbl.spamhaus.org,
permit
Now in my /var/log/mail.info I have a lot of lines like this:
Mar 25 11:35:10 athene postfix/smtpd[24933]: NOQUEUE: reject: RCPT from
unknown[92.101.112.32]: 554 5.7.1 Service unavailable; Client host
[92.101.112.32] blocked using bl.spamcop.net; Blocked - see
http://www.spamcop.net/bl.shtml?92.101.112.32;
from=<janicetyson.4...@aol.com> to=<giova...@elabor.homelinux.org>
proto=SMTP helo=<ip-032-112-101-92.pools.atnet.ru>
Good! I thougth, then I read this help on the postfix documentation page:
What is backscatter mail?
When a spammer or worm sends mail with forged sender addresses,
innocent sites are flooded with undeliverable mail notifications. This
is called backscatter mail. With Postfix, you know that you're a
backscatter victim when your logfile goes on and on like this:
Dec 4 04:30:09 hostname postfix/smtpd[58549]: NOQUEUE: reject:
RCPT from xxxxxxx[x.x.x.x]: 550 5.1.1 <yyy...@your.domain.here>:
Recipient address rejected: User unknown; from=<>
to=<yyy...@your.domain.here> proto=ESMTP helo=<zzzzzz>
What you see are lots of "user unknown" errors with "from=<>". These
are error reports from MAILER-DAEMONs elsewhere on the Internet.
-------------------
Now I fear to be source of backscatter emails. Is that my case?
I also tried to write to my domain an email to an unexistent user and I
had this reply:
-------------------
This is an automatically generated Delivery Status Notification
Delivery to the following recipient failed permanently:
ab...@elabor.homelinux.org
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the
recipient domain. We recommend contacting the other email provider for
further information about the cause of this error. The error that the
other server returned was: 550 550 5.1.1 <ab...@elabor.homelinux.org>:
Recipient address rejected: User unknown in virtual mailbox table (state
14).
----- Original message -----
MIME-Version: 1.0
Received: by 10.103.246.1 with SMTP id y1mr4093237mur.116.1237976577631;
Wed, 25 Mar 2009 03:22:57 -0700 (PDT)
Date: Wed, 25 Mar 2009 11:22:57 +0100
Message-ID: <214f10...@mail.gmail.com>
Subject: test
From: Ivan Ricotti <ivan.rico...@gmail.com>
To: ab...@elabor.homelinux.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
-------------------
So, I'm a bit confused now. Is my configuration correct or not?
What should I do?
Thanks for any help and sorry for my english,
Ivan
--
Ivan Ricotti
-------------------------------------------
eLabor sc - via G. Garibaldi 33, 56127 Pisa
tel: +39 050970363 web: http://www.elabor.biz
email: i...@elabor.homelinux.org
GnuPG KeyID: DFD581C5 - 13/11/2003
