Dwi Nugroho
Thu, 18 Mar 2010 19:14:28 -0700
Mas Cygnus dan Mas Asfik,
Terima kasih informasinya. Saya sudah coba saran Mas Cugnus dan Mas Asfik
tetapi masih tetap email bounce. Saya juga sudah berusaha menghubungi pihak IT
mereka, tetapi sudah 2 hari masih belum ada jawaban.
Mungkinkah saya salah dalam penerapan ? berikut log filenya semalem :
Mar 18 20:23:16 senomail postfix/policyd-weight[25950]: decided action=550
temporarily blocked because of previous errors - retrying too fast. penalty: 30
seconds x 0 retries.; <client=209.123.8.148> <helo=sif.com2go.ws>
<from=glad...@actionprgroup.com> <to=i...@domainku.com>; delay: 0s
Mar 18 20:23:16 senomail postfix/smtpd[23400]: NOQUEUE: reject: RCPT from
35222.ds.nac.net[209.123.8.148]: 550 5.7.1 <i...@domainku.com>: Recipient
address rejected: temporarily blocked because of previous errors - retrying too
fast. penalty: 30 seconds x 0 retries.; from=<glad...@actionprgroup.com>
to=<i...@domainku.com> proto=ESMTP helo=<sif.com2go.ws>
Dan berikut hasil postconf -n saya :
r...@senomail:/home/dwi# postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
always_bcc = test.s...@domainku.com
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
local_recipient_maps = unix:passwd.byname $alias_maps
mail_owner = postfix
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 2050000000
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 6300000
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = domainku.com
myhostname = mail.domainku.com
mynetworks = 192.168.1.0/24, 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
receive_override_options = no_address_mappings
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_helo_required = yes
smtpd_recipient_restrictions = check_client_access
hash:/etc/postfix/client_access check_recipient_access
hash:/etc/postfix/access permit_mynetworks
reject_unauth_destination reject_unlisted_recipient
reject_invalid_hostname reject_non_fqdn_recipient
reject_non_fqdn_sender reject_unknown_recipient_domain
reject_unknown_sender_domain reject_unauth_pipelining
reject_non_fqdn_hostname check_recipient_access
hash:/etc/postfix/bypass-domain check_client_access
hash:/etc/postfix/whitelist_policyd check_policy_service
inet:127.0.0.1:12525 check_policy_service inet:127.0.0.1:60000
reject_rbl_client zen.spamhaus.org
smtpd_restriction_classes = check_inke
smtpd_sender_restrictions = permit_mynetworks, warn_if_reject
reject_non_fqdn_sender, reject_unknown_sender_domain,
reject_unauth_pipelining, permit
strict_rfc821_envelopes = yes
Dan isi dari /etc/postfix/whitelist_policyd :
64.21.33.179 OK
actionprgroup OK
209.123.8.148 OK
Demikian. Mohon pencerahannya.
Salam,
DN
--- On Thu, 3/18/10, as...@its.ac.id <as...@its.ac.id> wrote:
> From: as...@its.ac.id <as...@its.ac.id>
> Subject: Re: [tanya-jawab] Email Klien bouncing
> To: tanya-jawab@linux.or.id
> Date: Thursday, March 18, 2010, 5:01 AM
> On Mar 17, 2010, at 4:54 PM, - Cygnus
> - wrote:
>
> > Berikan check_recipient_access sebelum perintah
> check_policy_service di dalam smtpd_recipient_restrictions
> .
> >
> > smtpd_recipient_restrictions =
> > .............
> >
> check_recipient_access
> hash:/etc/postfix/bypass-domain
> >
> check_policy_service inet:127.0.0.1:12525
> >
> > /etc/postfix/bypass-domain :
> > actionprgroup.com
> OK
> >
> > Jangan lupa postmap.
> >
> > - Cygnus -
>
> Mungkin maksudnya check_sender_access kali ya, karena kalau
> saya lihat actionprgroup.com adalah pengirimnya. Tapi kalau
> bisa hal ini dihindari, karena bisa disalahgunakan untuk
> spamming menggunakan sender domain ybs. Menurut saya, lebih
> baik whitelist menggunakan check_client_access untuk IP
> mailserver ybs. Dan tentunya langkah yg paling benar ya
> memberikan informasi ke pengirim bahwa servernya openrelay
> :).
>
> Karena saya lihat menggunakan policyd, sebenarnya bisa
> dilakukan whitelist disisi policydnya. YMMV.
>
> Asfihani
> --
> FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
> Unsubscribe: kirim email ke tanya-jawab-unsubscr...@linux.or.id
> Arsip dan info milis selengkapnya di http://linux.or.id/milis
>
>
--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke tanya-jawab-unsubscr...@linux.or.id
Arsip dan info milis selengkapnya di http://linux.or.id/milis