Loading ...
Sorry, an error occurred while loading the content.

block local sender

Expand Messages
  • Barbara M.
    Probably trivial, but I am in holiday and using an emergency connection, so I ask instead of searching again. Problem: a website in a multidomain server is
    Message 1 of 5 , Aug 23, 2013
    • 0 Attachment
      Probably trivial, but I am in holiday and using an emergency connection,
      so I ask instead of searching again.
      Problem: a website in a multidomain server is spamming probably due to a
      bug in the site code.
      The owners are also in holiday; I can't stop the website; I can't stop
      postfix :-(

      All mail are from or to an address like site@...

      I need to block these mails

      Tried http://www.ericmichaelstone.com/?p=4382 and similar using

      smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
      smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recipient_access

      Added
      site@... REJECT

      to both files.
      but seems not work for local sender.

      Where is my mistake?

      Thanks, B.


      # rpm -q postfix
      postfix-2.6.6-2.2.el6_1.i686

      # postconf -n
      alias_database = hash:/etc/aliases
      alias_maps = hash:/etc/aliases
      allow_percent_hack = no
      broken_sasl_auth_clients = yes
      command_directory = /usr/sbin
      config_directory = /etc/postfix
      daemon_directory = /usr/libexec/postfix
      data_directory = /var/lib/postfix
      debug_peer_level = 2
      home_mailbox = Maildir/
      html_directory = no
      inet_interfaces = all
      inet_protocols = ipv4
      mail_owner = postfix
      mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
      mailbox_size_limit = 0
      mailq_path = /usr/bin/mailq.postfix
      manpage_directory = /usr/share/man
      mydestination = $myhostname, localhost.$mydomain, localhost
      newaliases_path = /usr/bin/newaliases.postfix
      queue_directory = /var/spool/postfix
      readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
      sample_directory = /usr/share/doc/postfix-2.6.6/samples
      sender_bcc_maps = hash:/etc/postfix/bcc
      sendmail_path = /usr/sbin/sendmail.postfix
      setgid_group = postdrop
      smtpd_recipient_restrictions = check_recipient_access
      hash:/etc/postfix/recipient_access permit_mynetworks
      permit_sasl_authenticated reject_unauth_destination check_policy_service
      unix:/var/spool/postfix/postgrey/socket
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_authenticated_header = yes
      smtpd_sasl_security_options = noanonymous
      smtpd_sender_restrictions = check_sender_access
      hash:/etc/postfix/sender_access
      unknown_local_recipient_reject_code = 550
      virtual_alias_maps = hash:/etc/postfix/virtual
    • DTNX Postmaster
      ... The smtpd_sender_restrictions does not apply because it never touches that, being submitted locally. The simplest solution may be to find the offending
      Message 2 of 5 , Aug 23, 2013
      • 0 Attachment
        On Aug 23, 2013, at 10:01, Barbara M. <barbara@...> wrote:

        > Probably trivial, but I am in holiday and using an emergency connection, so I ask instead of searching again.
        > Problem: a website in a multidomain server is spamming probably due to a bug in the site code.
        > The owners are also in holiday; I can't stop the website; I can't stop postfix :-(
        >
        > All mail are from or to an address like site@...
        >
        > I need to block these mails
        >
        > Tried http://www.ericmichaelstone.com/?p=4382 and similar using
        >
        > smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
        > smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recipient_access
        >
        > Added
        > site@... REJECT
        >
        > to both files.
        > but seems not work for local sender.
        >
        > Where is my mistake?
        >
        > Thanks, B.
        >
        >
        > # rpm -q postfix
        > postfix-2.6.6-2.2.el6_1.i686

        The 'smtpd_sender_restrictions' does not apply because it never touches
        that, being submitted locally.

        The simplest solution may be to find the offending code, and comment
        out the mail function. Assuming that this is a shared hosting server
        running some control panel and PHP for the site code, that is. Or even
        revoking permissions on the page that has the abused form on it.

        All other options I can think of right now require newer Postfix
        versions. Perhaps someone else has a better idea.

        Mvg,
        Joni
      • Wietse Venema
        ... That is for mail received via SMTP. In your case use authorized_submit_users instead. http://www.postfix.org/postconf.5.html#authorized_submit_users Wietse
        Message 3 of 5 , Aug 23, 2013
        • 0 Attachment
          Barbara M.:
          > smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

          That is for mail received via SMTP.

          In your case use authorized_submit_users instead.

          http://www.postfix.org/postconf.5.html#authorized_submit_users

          Wietse
        • Barbara M.
          ... Thanks for replay. The submit is done by httpd user, so this block all not mod-cgi sites. :-( I had temporarely used a relayhost to other server where I
          Message 4 of 5 , Aug 23, 2013
          • 0 Attachment
            On Fri, 23 Aug 2013, Wietse Venema wrote:

            > Barbara M.:
            >> smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
            >
            > That is for mail received via SMTP.
            >
            > In your case use authorized_submit_users instead.
            >
            > http://www.postfix.org/postconf.5.html#authorized_submit_users

            Thanks for replay.

            The submit is done by httpd user, so this block all not mod-cgi sites. :-(

            I had temporarely used a relayhost to other server where I can filter it
            using the smtpd restrictions directives.

            Any other hints appreciated ;-)

            Thanks, B.
          • Wietse Venema
            ... That s what I was afraid of :-) ... Fix the broken web application. Filters will leak and they will block legitimate mail. Wietse
            Message 5 of 5 , Aug 23, 2013
            • 0 Attachment
              Barbara M.:
              > On Fri, 23 Aug 2013, Wietse Venema wrote:
              >
              > > Barbara M.:
              > >> smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
              > >
              > > That is for mail received via SMTP.
              > >
              > > In your case use authorized_submit_users instead.
              > >
              > > http://www.postfix.org/postconf.5.html#authorized_submit_users
              >
              > Thanks for replay.
              >
              > The submit is done by httpd user, so this block all not mod-cgi sites. :-(

              That's what I was afraid of :-)

              > I had temporarely used a relayhost to other server where I can filter it
              > using the smtpd restrictions directives.
              >
              > Any other hints appreciated ;-)

              Fix the broken web application. Filters will leak and they
              will block legitimate mail.

              Wietse
            Your message has been successfully submitted and would be delivered to recipients shortly.