From: Noel Jones (njonesmegan.vbhcs.org)
Date: Sat Aug 02 2008 - 07:37:33 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tait Grove wrote:
>> -----Original Message-----
>
> I am not sure about hacking, 95% of the domains look pretty legitimate. And
> I should have that type of traffic. We have over thirteen thousand email
> accounts sending email by the second. Our clients receive even more. I have
> been watching the multi-RBL's and nothing yet. I have also ran every type of
> open relay program checker and I am watching the traffic on the server and
> it looks normal too. Usually this happens after my SAN reboots and then the
> backup happens for a few days.

OK, that's good information to share. Your previous mails
implied that the number of mails in your queue was unusual and
unexpected, so I withdraw my wild guesses. You need to
examine your mail logs to see where the delay is. Maybe some
of the recipient domains are throttling you.

Is the postfix queue on a SAN? I don't have experience with
that, but I understand it can cause problems. Maybe someone
else will comment on that issue.

>
> Can you tell me if I am making the same types of mistakes in my master.cf
> too?
>
> MASTER.CF:
> smtp inet n - n - - smtpd
> -o content_filter=smtp-amavis:[127.0.0.1]:10024
> pickup fifo n - n 60 1 pickup
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> tlsmgr unix - - n 1000? 1 tlsmgr
> rewrite unix - - n - - trivial-rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> trace unix - - n - 0 bounce
> verify unix - - n - 1 verify
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - n - 500 smtp
> relay unix - - n - 275 smtp
> -o fallback_relay=
> -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq unix n - n - - showq
> error unix - - n - - error
> retry unix - - n - - error
> discard unix - - n - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
> scache unix - - n - 1 scache
> dovecot unix - n n - - pipe
> flags=DRhu user=dovecot:dovecot argv=/usr/local/libexec/dovecot/deliver -d
> ${recipient}
> vacation unix - n n - - pipe
> flags=DRhu user=vacation argv=/var/spool/vacation/vacation.pl
> 8080 inet n - n - - smtpd
> smtp-amavis unix - - n - 30 smtp
> -o smtp_data_done_timeout=1200
> -o disable_dns_lookups=yes
> 127.0.0.1:10025 inet n - n - 30 smtpd
> -o content_filter=
> -o local_recipient_maps=
> -o relay_recipient_maps=
> -o smtpd_restriction_classes=
> -o smtpd_client_restrictions=
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o mynetworks=127.0.0.0/8,10.0.0.0/8,38.119.86.0/25

on the amavis reinjection port, usually one has
   mynetworks=127.0.0.1
since there is no reason for others to connect directly to
that port.

> -o smtpd_recipient_restrictions=permit_mynetworks,
> $transport_maps,reject

$transport_maps doesn't belong here.

> -o strict_rfc821_envelopes=yes

what? you want to reject mail from amavis if the envelope is
botched? remove this.

--
Noel Jones

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]