>Could some please post a current main.cf and a header_check_regexp & >body_checks.regexp?
# config file works with postfix-2.0.16-20030917.tar.gz # and recent versions around there, or later. But, NOT with "release", # only with the "experimental" snapshots. # # IMGate BASIC configuration file # Copyright 2003, Len Conrad ( [EMAIL PROTECTED]) # # Below, when a "parameter =" list extends over multiple lines, DO NOT # comment with a "#" in mid-list, as this truncates the list at that point. # #always_bcc = [EMAIL PROTECTED] queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix mail_owner = postfix # IMGate: fill in the blanks # suggestion: mx1.mydomain.com myhostname = # mydomain.com mydomain = myorigin = $myhostname append_at_myorigin = yes mydestination = $myhostname, localhost.$mydomain # IMGate: add your networks and ip here, and only with "a.b.c.d/n," syntax # one ip or subnet per line, starting with a space in first column # mynetworks = 127.0.0.0/8, transport_maps = hash:/etc/postfix/transport.map relay_domains = $mynetworks, hash:/etc/postfix/transport.map alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, hash:/etc/postfix/to_recipients_bw.map, reject_unverified_sender, reject_unverified_recipient, reject_unknown_sender_domain, permit_mynetworks, reject_unauth_destination, hash:/etc/postfix/to_recipients_bw.map, check_client_access hash:/etc/postfix/mta_clients_bw.map, pcre:/etc/postfix/to_recipients_bw.regexp, check_helo_access hash:/etc/postfix/helo_hostnames.regexp, check_sender_access regexp:/etc/postfix/from_senders.regexp, check_sender_access hash:/etc/postfix/from_senders_bw.map, reject_invalid_hostname, reject_non_fqdn_hostname, check_helo_access hash:/etc/postfix/helo_hostnames.map, check_sender_access hash:/etc/postfix/from_senders_slet.map, check_sender_access hash:/etc/postfix/from_senders_bogus.map, check_sender_access hash:/etc/postfix/from_senders_mybogus.map, reject_rbl_client sbl.spamhaus.org, reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client dnsbl.njabl.org, reject_rbl_client relays.ordb.org, reject_rbl_client relays.visi.com, reject_rbl_client opm.blitzed.org, reject_rbl_client bl.spamcop.net, warn_if_reject check_helo_access pcre:/etc/postfix/helo_world.regexp, permit you might also add these: reject_rhsbl_sender bulk.rhs.mailpolice.com, reject_rhsbl_sender porn.rhs.mailpolice.com, reject_rhsbl_client rhsbl.sorbs.net, reject_rhsbl_sender rhsbl.sorbs.net, reject_rbl_client dnsbl.sorbs.net, reject_rhsbl_client blackhole.securitysage.com, reject_rhsbl_sender blackhole.securitysage.com, reject_rbl_client cbl.abuseat.org, reject_unverified_sender, > I've seen tons of spam getting through both my postfix >box and my Imail box. Which has updated filters and aggressive filtering >applied. I suspect that some is passing the Postfix box by sending to both >mx records for the domain. I usuall point mx=5 to the postfix gateway and >mx=10 to the Imail box. I assume this leaves me vulnerable don't assume, your Imail will get hammered, and that's easy to see in the Imail logs, in smtpd connect lines, where the IP connecting to Imail is NOT that of IMGate box Len
