On 17.12.23 23:12, Kristoff via Postfix-users wrote:
I don't know if this question has already been ask, but I did not find
anything in the archive of the mailing-list.
I co-manage a postfix-server for an hobby-club. We provide
email-addresses to our members, which are linked to aliases, so we
forward the mails to the personal email-address of the member.
(The goal is to provide an email-address to the members, dedicated for
the hobby, which helps to shield-of the personal email-address of the
members).
Anycase, while looking into the log-files of postfix for another
issue, I noticed this:
---
Dec 17 04:32:05 smtp postfix/smtp[725772]: 4F58E6A10A0:
to=u...@example.com,
orig_to=SRS0=zxmM=H4=example.com=u...@ourhobbyclubdomain.com,
relay=mail.example.com[A.B.C.D]:25, delay=0.16,
delays=0.05/0/0.08/0.02, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued
as 714F7294BB2)
---
(personal information replaced for privacy-reason)
"u...@example.com" is just an email-address
"ourhobbyciubdomain.com" is the domain used by our organization.
So, it looks like somebody is sending use emails with a
foreign-email-address-in-srs-for...@ourhobbyclubdomain.com as
DESTINATION.
The net result seems to be that these mails are actually relayed by
our server, although we normally have a rule that we only relay
email-addresses of our members ("someu...@hobbyclubdomain.com")
I don't know if this is normal that the SRS is used in the destination
address? ( "SRS" does mean "SENDER rewriting Sceme" doesn't it?)
What is the configuration to block this?
These may be spams to adress gathered from someone's mail, or maybe delivery
notifications?
I guess you are reverse-rewriting those SRSed destination addresses using
postsrs to original address of the sender.
You can redirect these messages to you as an admin in
smtpd_recipient_restrictions
using regex matchin, so neither of those mails reach original recipient, but
you as admin of ourhobbyclubdomain.com domain.
I did something similar but use plussed format SRS0+... and SRS1+..., so I redirected
"SRS0" and "SRS1" address (plus is understood as address extension).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
