Do not send mails to addresses with more than 3 dots in username part
I run a Drupal 7 website on a CentOS 6.4 server with postfix-2.6.6-2.2.el6_1.x86_64.
In the last few months the amount of fake users trying to register at my website has increased dramatically - I get 2 or 3 of such registrations per minute.
Mostly they have fake mail adresses with many dots and at gmail.com:
b.is.on.bk.h.l@...At the end those users can't register, because a mail confirmation is required.But my mailbox is filled with mail bounces and in the /var/log/maillog I see my site contacting Gmail servers again and again:Nov 17 07:05:07 www postfix/smtp: 182A6803FD2: to=<p.os.t.h.um.o.u.szd.y.o@...>, relay=alt1.gmail-smtp-in.l.google.com[126.96.36.199]:25, conn_use=6, delay=21589, delays=21586/2.6/0.11/0.5, dsn=4.2.1, status=deferred (host alt1.gmail-smtp-in.l.google.com[188.8.131.52] said: 450-4.2.1 The user you are trying to contact is receiving mail too quickly. 450-4.2.1 Please resend your message at a later time. If the user is able to 450-4.2.1 receive mail at that time, your message will be delivered. For more 450-4.2.1 information, please visit 450 4.2.1 http://support.google.com/mail/bin/answer.py?answer=6592 pw9si3558657lbb.147 - gsmtp (in reply to RCPT TO command))The latter makes me very worried (that my website will be put on a black list).I haven't found a good Drupal solution for my problem yet.My question is if there is a way (as a temporary workaround until I find a Drupal side solution) to stop my postfix information from sending mail to any users at gmail.com domain - when they have more than 3 dots in the username part of the mail address?I'm okay if I miss few false positives, since my website is just a small card game site and also I have yet to see legit users with three or more dots.Please point me to a right direction as I am a Postfix newbie and don't know where to start looking.My "postconf -n" output is below (I use virtual_alias_domains to accept mail for several Drupal sites hosted as Apache vhosts at my dedicated server).Thank youAlexpostconf -n:alias_database = hash:/etc/aliasesalias_maps = hash:/etc/aliasescommand_directory = /usr/sbinconfig_directory = /etc/postfixdaemon_directory = /usr/libexec/postfixdata_directory = /var/lib/postfixdebug_peer_level = 2html_directory = noinet_interfaces = allinet_protocols = ipv4mail_owner = postfixmailq_path = /usr/bin/mailq.postfixmanpage_directory = /usr/share/manmydestination = $myhostname, localhost.$mydomain, localhostnewaliases_path = /usr/bin/newaliases.postfixqueue_directory = /var/spool/postfixreadme_directory = /usr/share/doc/postfix-2.6.6/README_FILESsample_directory = /usr/share/doc/postfix-2.6.6/samplessendmail_path = /usr/sbin/sendmail.postfixsetgid_group = postdropsmtp_generic_maps = hash:/etc/postfix/genericunknown_local_recipient_reject_code = 550virtual_alias_domains = videoskat.de balkan-preferans.de simplex.ru preferans.de larissa-farber.de bukvy.devirtual_alias_maps = hash:/etc/postfix/virtual
- Am 23.11.2013 22:48, schrieb Peter:
> On 11/24/2013 08:25 AM, lists@... wrote:and that is why i said "in lastest releases" to point out that
>> have fun with "reject_unauth_destination" too late and
>> "check_recipient_access" says "PERMIT" instead "DUNNO"
>> a major mistake and becuase it is made too often smtpd_relay_restrictions
>> was included in the lastest releases
> From the original post:
>> I run a Drupal 7 website on a CentOS 6.4 server with postfix-2.6.6-2.2.el6_1.x86_64.
> smtpd_relay_restrictions was not introduced until postfix 2.10. At any
> rate, he should be safe as long as there are no PERMIT actions in his
> pcre_recipients file.
configure a MTA is not a game and dangerous until you don't
know exactly what you are doing *because* smtpd_relay_restrictions
did *not* exist as safety net for major mistakes in the past