Hello, I'm adjusting my postfix configuration to try to cut down on the spam i'm getting. I have noticed an event in my maillog that has me concerned that i'm now inadvertently an open relay. If this is so i'd like to fix it. Here's the error:
Aug 4 11:18:12 <hostname> postfix/smtp[22025]: 48A91150900A8: to=<wallopingsfc...@autourdupiano.com>, relay=mail.autourdupiano.com[62.128.135.33]:25, delay=31, delays=0/0/31/0.12, dsn=2.0.0, status=deliverable (250 ok) Aug 4 11:18:12 <Hostname> postfix/qmgr[21957]: 48A91150900A8: removed And a postconf -n: address_verify_map = btree:/var/spool/postfix/verified_senders alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases biff = no broken_sasl_auth_clients = yes canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix disable_vrfy_command = yes header_checks = pcre:/etc/postfix/header_checks home_mailbox = Maildir/ html_directory = no inet_interfaces = 127.0.0.1, <External IP> invalid_hostname_reject_code = 554 local_recipient_maps = proxy:unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_size_limit = 104857600 mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 20971520 mime_header_checks = pcre:/etc/postfix/mime_header_checks multi_recipient_bounce_reject_code = 554 mydomain = example.com myhostname = mail.example.com mynetworks = 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix non_fqdn_reject_code = 554 queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES recipient_delimiter = + relay_domains_reject_code = 554 sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop show_user_unknown_table_name = no smtp_helo_timeout = 60s smtpd_banner = $myhostname ESMTP smtpd_data_restrictions = reject_unauth_pipelining smtpd_helo_required = yes smtpd_recipient_restrictions = reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unverified_sender reject_unverified_recipient reject_multi_recipient_bounce, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/recipient_checks.pcre, check_helo_access hash:/etc/postfix/helo_checks, check_helo_access pcre:/etc/postfix/helo_checks.pcre check_sender_mx_access cidr:/etc/postfix/bogus_mx reject_rbl_client zen.spamhaus.org, reject_rbl_client black.uribl.com, reject_rbl_client combined.rbl.msrbl.net, reject_rhsbl_sender dsn.rfc-ignorant.org smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/postfix/ssl/ca-cert.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/postfix/ssl/smtp.crt smtpd_tls_key_file = /etc/postfix/ssl/smtp.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache smtpd_tls_session_cache_timeout = 3600s strict_rfc821_envelopes = yes tls_random_source = dev:/dev/urandom unknown_address_reject_code = 554 unknown_client_reject_code = 554 unknown_hostname_reject_code = 554 unknown_local_recipient_reject_code = 550 unknown_relay_recipient_reject_code = 554 unknown_virtual_alias_reject_code = 554 unknown_virtual_mailbox_reject_code = 554 unverified_recipient_reject_code = 554 unverified_sender_reject_code = 554 virtual_alias_maps = hash:/etc/postfix/virtual_alias virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = /etc/postfix/vhosts virtual_mailbox_maps = hash:/etc/postfix/vmaps virtual_minimum_uid = 1000 virtual_uid_maps = static:5000 Thanks. Dave.
