Postifx security
Hi,
bei meinen Postifx (System woody) kommen in letzter Zeit Mails an nicht
existente User durch.
Eigentlich ist postfix so konfiguriert, dass nur Mails an User die in
postifx/virtual angeführt sind gehen.
Für Domain yyy.com geht alles an sammler@xxx.com und für xxx.com so wie
in /etc/postfix/virtual aufgelistet.
Hat wer eine Ahnung ob es sich ev. um ein config-Problem handeln könnte
oder mehr dahinter steht?
Hier mal das Log:
**************************************************************************
Jan 16 15:11:35 yyy postfix/smtpd[18486]: connect from
dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]
Jan 16 15:11:35 yyy postfix/smtpd[18486]: 76BB6370048:
client=dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]
Jan 16 15:11:35 yyy postfix/smtpd[18486]: reject: RCPT from
dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]: 550 <3FF2A1DE.5
010409@xxx.com>: User unknown; from=<part4.03060709.02060403@xxx.com>
to=<3FF2A1DE.5010409@xxx.com>
Jan 16 15:11:40 yyy postfix/smtpd[18486]: reject: RCPT from
dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]: 550 <part1.0305
0607.05090109@xxx.com>: User unknown;
from=<part4.03060709.02060403@xxx.com> to=<part1.03050607.05090109@xxx.com>
Jan 16 15:11:45 yyy postfix/smtpd[18486]: reject: RCPT from
dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]: 550 <part2.0803
0400.03090109@xxx.com>: User unknown;
from=<part4.03060709.02060403@xxx.com> to=<part2.08030400.03090109@xxx.com>
Jan 16 15:11:50 yyy postfix/smtpd[18486]: reject: RCPT from
dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]: 550 <part3.0907
0306.02080400@xxx.com>: User unknown;
from=<part4.03060709.02060403@xxx.com> to=<part3.09070306.02080400@xxx.com>
Jan 16 15:11:55 yyy postfix/smtpd[18486]: reject: RCPT from
dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]: 550 <part4.0306
0709.02060403@xxx.com>: User unknown;
from=<part4.03060709.02060403@xxx.com> to=<part4.03060709.02060403@xxx.com>
Jan 16 15:12:00 yyy postfix/smtpd[18486]: reject: RCPT from
dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]: 550 <0306.02080
400@xxx.com>: User unknown; from=<part4.03060709.02060403@xxx.com>
to=<0306.02080400@xxx.com>
Jan 16 15:12:06 yyy postfix/cleanup[18487]: 76BB6370048:
message-id=<f6cdbe16358ecf.aa22exsmailer@xxx.com>
Jan 16 15:12:13 yyy postfix/qmgr[472]: 76BB6370048:
from=<part4.03060709.02060403@xxx.com>, size=102815, nrcpt=2 (qu
eue active)
Jan 16 15:12:13 yyy postfix/smtpd[18486]: disconnect from
dsl-wien1-34-aaa.utaonline.at[81.189.34.aaa]
**************************************************************************
/etc/postfix/virtual
**************************************************************************
xxx.com anything
postmaster@xxx.com user
user1@xxx.com user
......
**************************************************************************
/etc/postifx/main.cf
**************************************************************************
# Do not change these directory settings - they are critical to Postfix
# operation.
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
setgid_group = postdrop
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = yes
myhostname = yyy.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = yyy.com, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
# nur auf dieser IP horchen
inet_interfaces = yyy.com
# unbekannte user nicht bouncen sondern weiterleiten an:
local_recipient_maps =
luser_relay = sammler@xxx.com
virtual_maps = hash:/etc/postfix/virtual
# MailDir-Format
home_mailbox = Maildir/
# Procmail
mailbox_command = /usr/bin/procmail -t -a $EXTENSION
# Pop-before-smtp
smtpd_recipient_restrictions = permit_mynetworks,reject_non_fqdn_recipient,
check_client_access hash:/var/lib/pop-before-smtp/hosts,
**************************************************************************
sonst alles original soweit ich mich erinnere.
Danke und gruss,
Manfred
Reply to: