I've a hunch that the following problem is not something that can be
configured away through postfix but, as I'm well aware that my config-fu
is not the strongest, I'd like any advice more experience among you
might have. I'm sure this isn't a rare problem.
I recently began supporting the website for a small organisation. One
change I suggested was to utilise a .org domain rather than .com (not
due to any trouble but simply because they're a non-comercial
organisation). The old domain points to this new server in order to
redirect web traffic. AFAIK, there were never any email addresses used
under the old domain. But, now I've set up postfix, I'm seeing thousands
of failed attempts to send to various fictitious DOMAIN.com addresses.
These are properly being blocked 554/relay access denied.
I've installed fail2ban, which seems to help. However, I'm still seeing
several attempts a second as the sender IP is changed. Is there
something more I can do to mitigate the stress on the server?
FWIW, aside from aliases for the usual postmaster, abuse, and webmaster
addresses, this domain has just 2 actual addresses to be maintained. So,
might a whitelist approach be the way to go? Or, is this something i
should leave to iptables/fail2ban?
myhostname = demeter.DOMAIN.org
mydomain = DOMAIN.org
myorigin = $mydomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
