Loading ...
Sorry, an error occurred while loading the content.
 

Re: How to stop these fakes?

Expand Messages
  • lists.postfix-users@duinheks.nl
    Hallo Robert, ... RS reject_unknown_reverse_client_hostname RS helps a lot here Thanks. I ve put that in and will awit and see what happens. Groeten, Hans.
    Message 1 of 7 , Aug 4, 2008
      Hallo Robert,

      Op vrijdag 01 augustus 2008 schreef Robert Schetterer aan ram:

      >>> Example:
      >>> Jul 31 15:31:02 duinheks postfix/smtpd[29511]: NOQUEUE:
      >>> reject: RCPT from unknown[218.20.152.23]: 550 5.1.0
      >>> <nqcmr@...>: Sender address rejected: User unknown in
      >>> local recipient table; from=<nqcmr@...>
      >>> to=<gongsi_pxb@...> proto=ESMTP helo=<chenzao>

      RS> reject_unknown_reverse_client_hostname
      RS> helps a lot here

      Thanks. I've put that in and will awit and see what happens.

      Groeten,

      Hans.

      jdh punt beekhuizen bij duinheks punt nl

      --- GoldED+/LNX 1.1.5/080731
      * Origin: The Wizard is using MBSE/Linux (2:280/1018)
    • ram
      On Mon, 2008-08-04 at 10:56 +0200, lists.postfix-users@duinheks.nl ... Enable smtp authentication. Allow only authenticated users of your domain to send to
      Message 2 of 7 , Aug 4, 2008
        On Mon, 2008-08-04 at 10:56 +0200, lists.postfix-users@...
        wrote:
        > Hallo ram,
        >
        > Op vrijdag 01 augustus 2008 schreef ram aan lists.postfix-users@...:
        >
        > >> Occasionally external systems are tying to send mail with a
        > >> faked sender address via my system. So far no harm is done,
        > >> ad they have not been able to create a real user name. But
        > >> I would like to stop them before they use my mail system,
        > >> as soon as they make contact. How can I do this?
        > ra> I dont see any reason for you to worry. You are doing a
        > ra> reject_unauth_destination already
        >
        > It's not the destination I'm worried about, it's the sender.
        > There is a [small] possibility that the culprit guesses a real
        > user name on my system and then sends spam or other unpleasant
        > things across the world. I would not like that...
        >
        Enable smtp authentication. Allow only authenticated users of your
        domain to send to outside world. A spammer can guess the username but
        cant get the password
        ( I am assuming you dont allow the "username=password" on your
        machine :-) )
      • lists.postfix-users@duinheks.nl
        Hallo Robert, Op maandag 04 augustus 2008 schreef lists.postfix-users@duinheks.nl aan postfix-users: RS reject_unknown_reverse_client_hostname RS helps a
        Message 3 of 7 , Aug 14, 2008
          Hallo Robert,

          Op maandag 04 augustus 2008 schreef lists.postfix-users@... aan
          postfix-users:

          RS>> reject_unknown_reverse_client_hostname
          RS>> helps a lot here
          lpu> Thanks. I've put that in and will wait and see what happens.

          It took a few days, becaus it doen'st happen every day. But this
          solution doesn't seem to work:
          Aug 11 05:12:09 duinheks postfix/smtpd[13102]: connect from
          125-225-150-228.dynamic.hinet.net[125.225.150.228]
          Aug 11 05:12:12 duinheks postfix/smtpd[13102]: lost connection after EHLO from
          125-225-150-228.dynamic.hinet.net[125.225.150.228]
          Aug 11 05:12:12 duinheks postfix/smtpd[13102]: disconnect from
          125-225-150-228.dynamic.hinet.net[125.225.150.228]
          Aug 11 05:12:26 duinheks postfix/smtpd[13102]: connect from
          125-225-150-228.dynamic.hinet.net[125.225.150.228]
          Aug 11 05:12:33 duinheks postfix/smtpd[13102]: NOQUEUE: reject: RCPT from
          125-225-150-228.dynamic.hinet.net[125.225.150.228]: 550 5.1.0
          <rxdip@...>: Sender address rejected: User unknown in local recipient
          table; from=<rxdip@...> to=<c0f2547f@...> proto=ESMTP
          helo=<ADMIN-F76C08610>
          Aug 11 05:12:34 duinheks postfix/smtpd[13102]: lost connection after DATA (0
          bytes) from 125-225-150-228.dynamic.hinet.net[125.225.150.228]
          Aug 11 05:12:34 duinheks postfix/smtpd[13102]: disconnect from
          125-225-150-228.dynamic.hinet.net[125.225.150.228]

          Or mayee I put it into the wrog place... I find it very
          difficult to find all the possible configuration options
          of Postfix and put them into the right place :(

          Groeten,

          Hans.

          jdh punt beekhuizen bij duinheks punt nl

          alias_database = hash:/etc/postfix/aliases
          alias_maps = hash:/etc/postfix/aliases,
          hash:/opt/mailman/data/aliases
          command_directory = /usr/sbin
          config_directory = /etc/postfix
          daemon_directory = /usr/libexec/postfix
          data_directory = /var/lib/postfix
          debug_peer_level = 2
          default_transport = smtp
          home_mailbox = Mailbox
          html_directory = no
          local_recipient_maps = $alias_maps unix:passwd.byname
          mail_owner = postfix
          mailbox_size_limit = 2048000000
          mailq_path = /usr/bin/mailq
          manpage_directory = /usr/local/man
          message_size_limit = 15360000
          mydestination = duinheks.nl, $myhostname, localhost.$mydomain
          mydomain = duinheks.nl
          myhostname = duinheks.nl
          mynetworks = 192.168.178.0/24, 127.0.0.0/8
          mynetworks_style = host
          myorigin = $myhostname
          newaliases_path = /usr/bin/newaliases
          queue_directory = /var/spool/postfix
          readme_directory = no
          recipient_delimiter = +
          relay_domains = $mydestination, f1018.n280.z2.fidonet.org
          relayhost = smtp.xs4all.nl
          sample_directory = /etc/postfix
          sender_canonical_maps = hash:/etc/postfix/sender_canonical
          sendmail_path = /usr/lib/sendmail
          setgid_group = postdrop
          smtpd_recipient_restrictions = reject_non_fqdn_sender
          reject_unknown_reverse_client_hostname reject_non_fqdn_recipient
          reject_unlisted_recipient reject_unlisted_sender permit_mynetworks
          reject_unauth_destination permit
          soft_bounce = no
          strict_rfc821_envelopes = yes
          transport_maps = hash:/etc/postfix/transport
          unknown_client_reject_code = 554
          unknown_local_recipient_reject_code = 550

          --- GoldED+/LNX 1.1.5/080731
          * Origin: The Wizard is using MBSE/Linux (2:280/1018)
        Your message has been successfully submitted and would be delivered to recipients shortly.