On Tue, Nov 24, 2009 at 12:14 AM, Michael Orlitzky <mich...@orlitzky.com>wrote:
> Noel Jones wrote: > >> On 11/23/2009 3:25 PM, K bharathan wrote: >> >>> >>> >>> On Mon, Nov 23, 2009 at 8:02 PM, /dev/rob0 <r...@gmx.co.uk >>> <mailto:r...@gmx.co.uk>> wrote: >>> >>> On Mon, Nov 23, 2009 at 03:51:33PM +0100, Robert Schetterer wrote: >>> > > the server got a list of domains (those domains mail servers >>> use this >>> > > server as relayhost)to relay out and does only smtp out; what >>> could be >>> > > wrong in the above config; appreciate ur assistance upon this >>> > >>> > thats the reason, guess your relay clients get lots of i.e >>> spam/virus >>> > mail,perhaps they bounce after allready got the mail for >>> nonexistent >>> > domains/mailaccounts etc ( do they have catch alls, buggy virus >>> >>> Indeed, if you relay backscatter, you can expect to be listed as a >>> backscatterer! That's pretty simple. Don't do it. Get the clients to >>> fix their problems. In the meantime a check_sender_access lookup >>> will stop the abuse: >>> <> HOLD >>> and you can check mailq(1) periodically; release any that look like >>> legitimate bounces, and deal with the others as may be appropriate. >>> "man postsuper" for information. >>> -- >>> Offlist mail to this address is discarded unless >>> "/dev/rob0" or "not-spam" is in Subject: header >>> >>> i tried putting <> HOLD in allowed domains (mydomain map) but it >>> doesn't work and result in 'relay access denied'; how can i put this and >>> check ? >>> >>> >> That needs to go in a check_sender_access map. Something like: >> # main.cf >> smtpd_sender_restrictions = >> check_sender_access hash:/etc/postfix/hold_bounce >> >> # /etc/postfix/hold_bounce >> <> HOLD >> >> I expect there will be thousands of these. You don't (usually) get on a >> backscatter blacklist for sending just a few bounces. >> >> The real solution is to get the incoming gateways to stop accepting stuff >> that will be bounced. If the incoming gateways are not under your control, >> stop accepting mail from them. >> >> -- Noel Jones >> > > > That's where his 'mydomains' maps are, but I'm still very confused. > > > smtpd_sender_restrictions = > > > check_sender_access hash:/etc/postfix/mydomains > > check_recipient_access hash:/etc/postfix/allowed_forwards > > reject_unauth_destination > > Did you include both, > > example.com OK > <> HOLD > > in the access map? The first is necessary to avoid that > reject_unauth_destination. > yes i put this into the map and i'm getting the log for <> like this: Nov 24 17:59:32 smtp postfix/smtpd[22914]: NOQUEUE: hold: RCPT from example.com[192.168.20.1]: <>: Sender address trigger s HOLD action; from=<> to=<es...@marcusevanssa.com> proto=ESMTP helo=< example.com> Nov 24 17:59:32 smtp postfix/smtpd[22914]: NOQUEUE: reject: RCPT from example.com[192.168.20.1]: 554 5.7.1 <es...@marcuse vanssa.com>: Relay access denied; from=<> to=<es...@marcusevanssa.com> proto=ESMTP helo=<example.com> it's not queuing in HOLD; how can see the hold queue i tried postqueue -p but no avail -bharathan