Re: postfix open relay - Please help.
- At 10:12 PM 1/30/2007, sam wun wrote:
>> >The output of postconf -n is:The default value is usually fine. Don't adjust it without a reason.
>> >default_destination_concurrency_limit = 2
>>Rather low, isn't that? Some reason to not use the default?
>what should be the correct value?
>> >inet_interfaces = 127.0.0.1, 10.1.10.2, 10.1.99.3I wonder how you are able to receive mail with postfix listening on a
>>Some good reason to not use the default of "all" above?
>ok, I will change it to "all".
> >>smtp_bind_address = 184.108.40.206
> >Is this address available on a local interface?
>yes it is. it is the one connected to the internet.
private network address and sending mail out an internet
address. This just seems wrong.
If you are behind a NAT device postfix should only be configured with
the internal addresses, and the external IP should be listed in
>> >local_destination_concurrency_limit = 2$virtual_alias_maps does not belong in local_recipient_maps. If you
>> >local_recipient_maps = $alias_maps $virtual_maps hash:/etc/postfix/userlist
>I have the following line defined below this implementation:
>virtual_maps = hash:/etc/postfix/virtual
>should I move it to above that?
>>$virtual_maps doesn't belong in local_recipient_maps unless you have
>>been mixing address classes. Please
need it there for your mail system to operate, you have mixed up the
address classes. While postfix may work when the address classes are
mixed up, it may break next time you upgrade, or when the next guy
tries to change things. Read the ADDRESS_CLASS_README file and
figure out what you've done wrong. Start a new thread if you need
help with that.
>> >relay_domains = /etc/postfix/relay_domainsI fail to see how you can possibly be an open relay. If you still
>this file contains nothing.
think you are an open relay, post evidence of your system relaying
mail it shouldn't.
>> >smtpd_recipient_restrictions = check_recipient_accessYou should remove it from your configuration if the file is
>> >hash:/etc/postfix/recipient_access permit_mynetworks,
>>What's in recipient_access? What's the purpose of that map?
>this file is emtpy.
empty. This is not a safe place for a recipient access
If you want to continue this thread, you will need to show evidence
you are an open relay. So far all you have shown is normal mail operation.
- At 12:23 AM 2/21/2007, John wrote:
>Hi,Show us what you've done and how it's not working. Show "postconf
>I wish to restrict an internal mailing list to stop spam on one of
>our main distribution lists. I can across the following instructions
>which looked very definitive and promising:
>I'm using postfix version 2.1.5-9. The server isn't throwing any
>errors, but appears to ignore the configuration as described in the
>Any suggestions would be most welcome. Any links to good articles to
>Postfix troubleshooting would be really welcome too.
-n" output plus the definitions of your smtpd_restriction_classes and
logs demonstrating the problem.