On 2010-05-04 Appliantologist wrote: > I had a situation where some of my users had compromised machines and > someone is brazil and indiawere able to authorize themselves to use > sendmail using the login then send scenario. Recently we changed > hosting and set up postfix. In addition we decided to eliminate any > access to our system buy email users, instead we asked them all to go > open gmail accounts and put the corresponding address in the virtual > file. > > Now it seems the spammers are back with a vengance and still able to > send spam. I set up the rules suggested but it seems they are simply > using email that exist. I was hoping someone could point me to a > solution. > > > I would like to set up postfix so that: > > It only accepts mail generated by the scripts on the server > and > It only accepts mail to a predefined list of email address > > I tried to make a CIDR file with most of the 3rd world in it, some > 30,000 ips but for some reason it doesn't seem to have the effect I > was hoping for. > Any ideas would be helpful, thanks.David
Please post a log excerpt of one full (spam) mail transaction from submission to delivery to demonstrate the issue. Also post the output of "postconf -n". Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
