Hi everyone, I have a problem with postfix.
I use OBM as a mail server (postfix + cyrus + ldap, etc...). My postfix is not openrelay : 220 xxxxxx ESMTP Postfix (Debian/GNU) [706 ms] EHLO keeper-us-east-1c.mxtoolbox.com 250-xxxxxx 250-PIPELINING 250-SIZE 52428800 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN [702 ms] MAIL FROM:<supert...@mxtoolbox.com> <supert...@mxtoolbox.com> 250 2.1.0 Ok [700 ms] RCPT TO:<t...@mxtoolboxsmtpdiag.com> <t...@mxtoolboxsmtpdiag.com> 454 4.7.1 <t...@mxtoolboxsmtpdiag.com> <t...@mxtoolboxsmtpdiag.com>: Relay access denied [719 ms] LookupServer 3927ms Time to time, my server is attack and he sends spam. All spam are from a specific address "cy...@mydomain.com" <cy...@mydomain.com>. I tried many things but nothing works. I have to stop postfix for some hours and attack ends until next time. Can you provide me advice or corrections to my config to ensure this attack can't success please ? Here is master.cf : smtp inet n - n - - smtpd -v -o receive_override_options=no_address_mappings -o content_filter=smtp-amavis:127.0.0.1:10024 submission inet n - n - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=$mua_client_restrictions -o smtpd_helo_restrictions=$mua_helo_restrictions -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_recipient_restrictions=$mua_recipient_restrictions -o milter_macro_daemon_name=ORIGINATING -o receive_override_options=no_address_mappings -o content_filter=smtp-amavis:127.0.0.1:10024 smtps inet n - n - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=$mua_client_restrictions -o smtpd_helo_restrictions=$mua_helo_restrictions -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_recipient_restrictions=$mua_recipient_restrictions -o milter_macro_daemon_name=ORIGINATING -o receive_override_options=no_address_mappings -o content_filter=smtp-amavis:127.0.0.1:10024 pickup unix n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache smtp-amavis unix - - y - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - y - - smtpd -o content_filter= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions=$mua_sender_restrictions Here is main.cf : smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = no myhostname = xxxxxxxx myorigin = $myhostname alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases local_recipient_maps = $alias_maps mydestination = localhost virtual_transport = error:mailbox does not exist virtual_mailbox_domains = hash:/etc/postfix/virtual_domains virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox virtual_alias_maps = hash:/etc/postfix/virtual_alias hash:/etc/postfix/virtual_alias_1pour1 pcre:/etc/postfix/virtual_alias_catchall transport_maps = hash:/etc/postfix/transport recipient_delimiter = + smtp_use_tls = yes smtpd_use_tls = yes smtpd_tls_cert_file = /etc/obm/certs/fullchain.pem smtpd_tls_key_file = /etc/obm/certs/privkey.pem smtp_tls_security_level = may smtpd_tls_security_level = may smtp_tls_note_starttls_offer = yes smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes message_size_limit = 52428800 mua_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname, check_sender_access hash:/etc/postfix/sender_access smtpd_helo_required = yes mua_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname mua_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_sender_login_mismatch, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rbl_client zen.spamhaus.org smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname, check_sender_access hash:/etc/postfix/sender_access smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_sender_login_mismatch, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rbl_client zen.spamhaus.org smtp_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname, check_sender_access hash:/etc/postfix/sender_access smtp_helo_required = yes smtp_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname smtp_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_sender_login_mismatch, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rbl_client zen.spamhaus.org Thanks for your help Michaux Julien Courriel : jul...@michaux.name