NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-08

RE: Asking Open Relay

From: Marky Yehezkiel (markysatnetcom.com)
Date: Wed Aug 01 2007 - 13:23:04 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Here is result after postconf main.cf :
address_verify_map = btree:/var/verifier/verify
alias_database = hash:/usr/local/etc/postfix/aliases
alias_maps = hash:/usr/local/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
content_filter = smtp-amavis:127.0.0.1:10024
daemon_directory = /usr/local/libexec/postfix
debug_peer_level = 2
header_checks = regexp:/usr/local/etc/postfix/header_checks.regexp
html_directory = no
inet_interfaces = $myhostname, localhost
mail_owner = postfix
mailbox_size_limit = 115343360
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 80971520
mydestination = $myhostname,localhost
mydomain = ....
myhostname = ...
mynetworks = ...
myorigin = $mydomain
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains = $mydestination, example.com, example2.com
relay_recipient_maps = hash:/usr/local/etc/postfix/relay_recipients
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtp_connect_timeout = 300s
smtp_tls_note_starttls_offer = no
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_helo_restrictions = permit_mynetworks,
              check_helo_access,
              hash:/usr/local/etc/postfix/helo_access,
                  reject_non_fqdn_hostname,
              reject_invalid_hostname,
              permit
smtpd_recipient_restrictions = permit_mynetworks,
                               reject_unauth_pipelining,
                                            reject_non_fqdn_recipient,

reject_unknown_recipient_domain,

                                        reject_unauth_destination,
                                         check_sender_access
hash:/usr/local/etc/postfix/sender_checks,
                                           check_client_access
hash:/usr/local/etc/postfix/client_checks,
reject_invalid_hostname,
                                       reject_unknown_hostname,

                                         reject_non_fqdn_hostname,
                                     reject_rbl_client dnsbl.njabl.org,
                                   reject_rbl_client sbl.spamhaus.org,

reject_rbl_client list.dsbl.org,

reject_rbl_client bl.spamcop.net,

                                       reject_rhsbl_client
blackhole.securitysage.com,
                                     reject_rhsbl_sender
blackhole.securitysage.com,
                                     reject_rbl_client
blackholes.easynet.nl,
                               reject_rbl_client cbl.abuseat.org,
                                   reject_rbl_client
proxies.blackholes.wirehub.net,
                               reject_rbl_client multihop.dsbl.org,
                               reject_rbl_client dsn.rfc-ignorant.org,

reject_rbl_client blackholes.mail-abuse.org,

                               permit
smtpd_sender_restrictions = permit_mynetworks,
                                   hash:/usr/local/etc/postfix/access,
                                   reject_unknown_sender_domain,
                                   reject_non_fqdn_sender,
                                  reject_unverified_sender
                                   permit
smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = no
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/usr/local/etc/postfix/transport
unknown_local_recipient_reject_code = 550

and here is log from my mailserver :

Aug 2 01:21:12 NS3 postfix/smtpd[12836]: DFB3946CC22:
client=www.abuse.net[208.31.42.77]
Aug 2 01:21:14 NS3 postfix/cleanup[12834]: DFB3946CC22:
message-id=<rlytest-1185992343-63628abuse.net>
Aug 2 01:21:14 NS3 postfix/qmgr[12823]: DFB3946CC22:
from=<spamtestabuse.net>, size=1117, nrcpt=1 (queue active)

Please advice. Thank you,

-----Original Message-----
From: owner-postfix-userspostfix.org
[mailto:owner-postfix-userspostfix.org] On Behalf Of Noel Jones
Sent: Thursday, August 02, 2007 1:50 AM
To: postfix-userspostfix.org
Subject: Re: Asking Open Relay

At 12:36 PM 8/1/2007, Marky Yehezkiel wrote:
>Dear All,
>Firstly sorry for my bad english, I have Mailserver and the
>function as MX, If I test from spamtest via abuse.net my MX can
>become open relay and I know if I delete relay_domain it would be
>work I mean spamtest won't get through but of course the MX won't
>able to deliver email to back-end mailserver. And my main.cf configuration
is :

You didn't provide enough information to give a proper diagnosis or
solution.
Please show us unaltered "postconf -n" output and unaltered log
entries from the relay test.
http://www.postfix.org/DEBUG_README.html#mail

--
Noel Jones

__________ NOD32 2430 (20070731) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]