[email protected] wrote: > Hi again > > here is my postconf output. I had configured my > smtpd_client_restrictions = > check_client_access hash:/usr/local/etc/postfix/access > and hash a file, access with the list of ip addresses that I would like to > block. But I am not sure if this is a good solution. > > Thanks in advanced! > Jessica > > ------- > > Please do not top post (Google for definition if you don't understand). It makes it harder to follow. I'm assuming bad line wrapping. If this is not the case, please fix it. > Here is my postconf -n output. > > mydestination = $myhostname, localhost, localhost.$mydomain, > gareth.brel.com, gareth.bnn.com > mydomain = brel.com > myhostname = mailhost.brel.com > mynetworks = 127.0.0.1, 165.21.73.173/32 165.21.73.174/32, 165.21.73.176/32 > 165.21.73.177/32, 165.21.73.178/32, 165.21.73.165/32 > relay_domains = $mydestination hash:/usr/local/etc/postfix/virt.access > $virtual_maps >
What is the point of this? It looks like a bad attempt at virtual aliasing. [snip] > smtpd_client_restrictions = check_client_access > hash:/usr/local/etc/postfix/access permit > smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname > smtpd_recipient_restrictions = permit_mynetworks check_client_access > btree:/usr/local/etc/dracd check_sender_access > hash:/usr/local/etc/postfix/virt.access reject_non_fqdn_hostname, > reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, > reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client > list.dsbl.org, reject_rbl_client bl.spamcop.net, > reject_rbl_client zen.spamhaus.org, reject_rbl_client > ipwhois.rfc-ignorant.org,reject_rhsbl_sender dsn.rfc-ignorant.org > This a recipe for disaster if the virt.access file includes a domain + OK. Anyone can exploit this pretending to be that sender. It MUST go after reject_unauth_destination to be safe. A spammer likely found this out and started to (ab)use your mail server. In addition, dsbl.org is dead. You should remove it. > smtpd_sender_restrictions = reject_unknown_sender_domain > smtpd_soft_error_limit = 1 > transport_retry_time = 60 > unknown_local_recipient_reject_code = 550 > > > >> [email protected] wrote: >> >>> Dear netizens >>> >>> sorry to trouble you. My server is just overloaded with too much spams. >>> >>> When I view the output of netstat -ln, there are over 400 ip addresses >>> connecting to my postfix server actively. In our mail.log, the >>> connections >>> are from these ip addresses that had nothing to do with our company. >>> >>> Would greatly appreciate if if someone can help me out... I am using an >>> old Freebsd 4.9 running postfix. >>> >>> >> Welcome to the list! >> Unfortunately, you seem to have missed the important welcome message: >> "TO REPORT A PROBLEM, PLEASE SEE >> http://www.postfix.org/DEBUG_README.html#mail"; >> >> With such a general description, no one can help you with out some basic >> information such as 'postconf -n' as noted in the README >> >> > >
