Preventing mail from one address

Mon, 25 Nov 2013 01:43:26 -0800 

Hi

I've taken over a postfix mailserver which has the main.cf shown below

The server is sheltered behind a reasonably good commercial antispam service so 
the config is light on many of the usual things discussed on this list. The 
protection afforded by the antispam service seems to have been good enough over 
the last few years, but in the last few days the server has been compromised. 
Spam is being sent in volumes in the name of one user. Deleting the user from 
the service had no effect.

The log shows mail being sent consistently from one address

    from= < u...@domain.com > 

and I have tried to stop this with an extra line in main.cf

    smtpd_sender_restrictions=check_sender_access 
hash:/etc/postfix/sender_access 

with  u...@domain.com  REJECT in the sender_access file

This rejects mail when I try to send it as u...@domain.com but spam from 
u...@domain.com is still being sent with corresponding entries in the log.

Can anyone advise:

- what I can do to stop mail from u...@domain.com being sent?

- and what I should do generally to tighten up the config?

main.cf:
-----------

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix

mydestination = $myhostname, localhost.$mydomain
unknown_local_recipient_reject_code = 450

mynetworks_style = host


debug_peer_level = 2

debugger_command =
  PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
  ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix

newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.3.3/samples

readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
alias_database = hash:/etc/postfix/aliases

virtual_maps = hash:/etc/postfix/virtual
transport_maps = hash:/etc/postfix/transport
virtual_mailbox_domains = $transport_maps
local_destination_concurrency_limit=1
maildrop_destination_concurrency_limit=1
maildrop_destination_recipient_limit=1
relay_domains=$mydestination

mynetworks = 127.0.0.1

smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_auth_enable=yes
smtpd_sasl_security_options=noanonymous

 
Thanks

RE

Reply via email to