Am 05.06.2014 20:41, schrieb Gilles Chehade:
Actually:
"As you can see the spam-sender sends a mail to info@MYDOMAIN.
But info is no valid recepient on my server."
That's not right.
You have the following rule:
accept tagged erstes_eintreffen from any for domain <domains> relay via
smtp://127.0.0.1:10024 hostname localhost source 127.0.0.1
which accepts mails for domains listed in <domains> and accepts to relay them.
Since this rule eventually reenters the ruleset and matches:
accept tagged nach_spamerkennung from any for domain <domains> virtual
<vusers> deliver to lmtp "/var/run/dovecot/lmtp"
The mail gets rejected at this point, but your own mail system had already
accepted to take care of it so it must now notify someone ... and since the
spammer forged the sender address you notify an inexistant address.
[...]
The fix is to prevent the first rule from accepting to relay mail for users
that do not exist:
accept tagged erstes_eintreffen from any for domain <domains>
recipient <a_list_of_valid_email_addresses> # <- here
relay via smtp://127.0.0.1:10024 [...]
Ah OK... Thanks... So after doing the loop there is no valid
recepient... but the problem is that when entering the loop it accepts
any destination on the domain.
Thanks a lot I'll fix it :)
But the most important thing to me is: The server is still secure and
NOT hijacked :)
Cu!
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
