Neil:
>
> On 20 Oct 2008, at 18:45, Linux Addict wrote:
> >
> > On Mon, Oct 20, 2008 at 6:41 PM, Neil <[EMAIL PROTECTED]> wrote:
> >
> > On 20 Oct 2008, at 18:39, Linux Addict wrote:
> >
> >>
> >>
> >> On Mon, Oct 20, 2008 at 6:33 PM, Neil <[EMAIL PROTECTED]> wrote:
> >> On 20 Oct 2008, at 18:24, Linux Addict wrote:
> >>
> >>> Hi, Looks like our MX servers are hit hard by a specific email
> >>> address which is sending frequent mails trying to use our relay
> >>> effectively many mail servers seems to be blacklisting.
> >>>
> >>>
> >>> Oct 20 18:20:05 mx01 postfix/qmgr[6512]: DBB784BE68E: from=<[EMAIL
> >>> PROTECTED]
> >>> >, size=3309, nrcpt=1 (queue active)
> >>> Oct 20 18:20:05 mx0 postfix/error[9345]: DA960E73E11: to=<[EMAIL
> >>> PROTECTED]
> >>> >, relay=none, delay=77080, delays=76950/130/0/0.01, dsn=4.4.1,
> >>> status=deferred (delivery temporarily suspended: connect to
> >>> exchange.net Connection timed out)
> >>>
> >>> Please help me stop this. Thank you!
> >>>
> >>> ~LA
> >>
> >> Unless I'm mistaken (and I'm not the most knowledgeable person on
> >> this list), I think your server thinks it's okay to accept mail for
> >> the domain "exchange.net" (and I'm assuming "exchange.net" isn't
> >> yours). So to fix this, you need to tell postfix only to accept
> >> mail for your domains. I think you should check my_destination,
> >> relay_domains, etc.
> >>
> >> Post the output of "postconf -n".
> >>
> >> -N.
> >>
> >>
> >> Thanks for your reply.
> >>
> >>
> >> mydestination = $myhostname
> >> relay_domains = $mydestination
> >>
> >> Actually its not just exchange.net, most of the mails are being
> >> sent to bellsouth.net
> >>
> >> Oct 20 18:37:27 mx01 postfix/qmgr[6597]: 5CE74D08FE1: from=<[EMAIL
> >> PROTECTED]
> >> >, size=3237, nrcpt=1 (queue active)
> >> Oct 20 18:37:27 mx01 postfix/error[6838]: 57AD01031088: to=<[EMAIL
> >> PROTECTED]
> >> >, relay=none, delay=14928, delays=14928/0.05/0/0, dsn=4.0.0,
> >> status=deferred (delivery temporarily suspended: host gateway-
> >> f2.isp.att.net[207.115.11.16] refused to talk to me: 450 too
> >> frequent connects from 63.240.86.13, please try again later.)
> >>
> >>
> >> Thanks
> >> LA
> >
> > I don't think you need $mydestination in relay_domains. And the
> > rest of postconf -n would still be useful.
> >
> >
> >
> > [snip]
> >
> > smtpd_recipient_restrictions = permit_mynetworks,
> > permit_sasl_authenticated, reject_unauth_destination,
> > reject_invalid_hostname, reject_unauth_pipelining,
> > reject_non_fqdn_sender, reject_unknown_sender_domain,
> > reject_non_fqdn_recipient, reject_unknown_recipient_domain,
> > reject_rbl_client blackholes.easynet.nl, reject_rbl_client
> > cbl.abuseat.org, reject_rbl_client
> > proxies.blackholes.wirehub.net, reject_rbl_client
> > bl.spamcop.net, reject_rbl_client sbl.spamhaus.org,
> > reject_rbl_client dnsbl.njabl.org, reject_rbl_client
> > list.dsbl.org, reject_rbl_client multihop.dsbl.org, permit
>
> You have a lot of stuff here that I'm not sure about, but the above,
> in particular, I think is wrong.
>
> First, I don't think you should have "permit" as the last item. That
> is probably your problem. It should probably be "reject", or not
> there at all (at which point I think it defaults to "reject").
Permit at the end is OK. He has reject_unauth_destination early in
smtpd_recipient_restrictions, so Postfix will accept only mail that
matches mydestination, relay_domains or one of the virtual_*_domains
tables.
Wietse
