Loading ...
Sorry, an error occurred while loading the content.

Problems with messages originating from and/or being relayed through my system

Expand Messages
  • Glen Edwards
    I have less than 100 email addresses on my mail server, only 2 of the users are physically present on location (my wife and myself). These addresses by
    Message 1 of 4 , Feb 28, 2008
    • 0 Attachment
      I have less than 100 email addresses on my mail server, only 2 of the users are physically present on location (my wife and myself).  These addresses by themselves don't see a lot of legitimate email coming in (2 or 3 letters a week at most).  Consequently I should see almost no activity on my mail server, but it's going non-stop from people sending email from addresses not on my system to addresses not on my system.  I'm no expert here, but if I'm reading the logs correctly, in most cases they're accessing my mail server directly (as opposed to through an ISP's mail server), with my mail server giving the letter a message-id.  There should be no one connecting to this machine to send outgoing email, and there should be no mail being relayed through here. 
       
      How do I stop people from connecting to my machine to send outgoing mail?
       
      How do I stop mail from being relayed through my machine?
       
      How do I bounce mail that comes in without a message-id?
       
      Glen
       
       
    • Charles Marcus
      ... You are an open relay. This is bad, bad, bad. Post output of postconf -n... and hurry. If it were me, I d pull the network cable on that machine until you
      Message 2 of 4 , Feb 28, 2008
      • 0 Attachment
        On 2/28/2008, Glen Edwards (gle@...) wrote:
        > it's going non-stop from people sending email from addresses not on
        > my system to addresses not on my system.

        You are an open relay. This is bad, bad, bad.

        Post output of postconf -n... and hurry. If it were me, I'd pull the
        network cable on that machine until you fixed this.

        --

        Best regards,

        Charles
      • Noel Jones
        ... Often this comes from an abused script on the webserver on the same machine. Turn off your webserver and see if that fixes the problem. If it does, find
        Message 3 of 4 , Feb 28, 2008
        • 0 Attachment
          Glen Edwards wrote:
          > I have less than 100 email addresses on my mail server, only 2 of the
          > users are physically present on location (my wife and myself). These
          > addresses by themselves don't see a lot of legitimate email coming in (2
          > or 3 letters a week at most). Consequently I should see almost no
          > activity on my mail server, but it's going non-stop from people sending
          > email from addresses not on my system to addresses not on my system.
          > I'm no expert here, but if I'm reading the logs correctly, in most cases
          > they're accessing my mail server directly (as opposed to through an
          > ISP's mail server), with my mail server giving the letter a message-id.
          > There should be no one connecting to this machine to send outgoing
          > email, and there should be no mail being relayed through here.
          >
          > How do I stop people from connecting to my machine to send outgoing mail?

          Often this comes from an abused script on the webserver on the
          same machine. Turn off your webserver and see if that fixes
          the problem. If it does, find the abused script and fix it.

          Otherwise, please post unmodified "postconf -n" output and
          some unmodified log entries showing the problem.


          >
          > How do I bounce mail that comes in without a message-id?

          That's the wrong solution (and not possible without a
          content_filter). Legit mail sometimes arrives without a
          message-id, or the spammer could easily start supplying his own.

          --
          Noel Jones
        • Glen Edwards
          When I posted the original message I had assumed that there was some command I was missing that would tell postfix not to relay messages. After reading the
          Message 4 of 4 , Mar 1, 2008
          • 0 Attachment
            When I posted the original message I had assumed that there was some command
            I was missing that would tell postfix not to relay messages. After reading
            the replies I received I quickly concluded that this was not the case, but
            that I likely had created a loophole through a misconfiguration error, so I
            redid the configuration file from scratch. That has fixed the problem,
            although I don't know for sure what was wrong with the old file that allowed
            the mess.

            Glen

            ----- Original Message -----
            From: "Charles Marcus" <CMarcus@...>
            To: <postfix-users@...>
            Sent: Thursday, February 28, 2008 6:25 AM
            Subject: Re: Problems with messages originating from and/or being relayed
            through my system


            > On 2/28/2008, Glen Edwards (gle@...) wrote:
            >> it's going non-stop from people sending email from addresses not on my
            >> system to addresses not on my system.
            >
            > You are an open relay. This is bad, bad, bad.
            >
            > Post output of postconf -n... and hurry. If it were me, I'd pull the
            > network cable on that machine until you fixed this.
            >
            > --
            >
            > Best regards,
            >
            > Charles
          Your message has been successfully submitted and would be delivered to recipients shortly.