Re: My post mail server is used for spam
On 11/15/2011 5:44 AM, Olivier BATARD wrote:
> Thanks for the answer, when I run a grep -e "connect from" on the
> syslog I got this :
>
> Nov 15 12:32:47 VOLTALIAMSG postfix/smtpd[31110]: disconnect from
> unknown[192.168.150.254]
> Nov 15 12:32:49 VOLTALIAMSG postfix/smtpd[31102]: connect from
> unknown[192.168.150.254]
> Nov 15 12:32:53 VOLTALIAMSG postfix/smtpd[31129]: disconnect from
> unknown[192.168.150.254]
> Nov 15 12:32:56 VOLTALIAMSG postfix/smtpd[31110]: connect from
> unknown[192.168.150.254]
No modern NAT/PAT router should ever replace the source address. If a
firmware upgrade doesn't fix this problem, chuck that router as quick as
you can and get a new one.
> the 192.168.150.254 is my router. Seems that postfix consider it like
> a internal host.
Of course Postfix does. Because it *is* an "internal" host:
mynetworks = 192.168.150.0/24 ...
> Anyway we have a router which uses NAT to forward smtp data to our
> server. How can we configure postfix and router to send mail only from
> my domain and not sending and accepting spam ?
If you do not have users submitting mail for relay from the public
internet (i.e. roaming laptop users "outside" the router), simply
rejecting smtp connections from the router's private IP address will
solve the problem. Edit main.cf with the modification below and do a
"postfix reload":
mynetworks = !192.168.150.254 192.168.150.0/24
The "!" excludes the address.
If you do not actually have a working IPv6 network, remove the IPv6 junk
from mynetworks. If you don't have webmail running on the Postfix box,
nor programs that need to inject mail into Postfix, remove the loopback
address from mynetworks as well.
P.S. I'm shocked you still have a NAT/PAT router in 2011 that rewrites
source addresses. Treat that thing like hot plutonium--replace it ASAP.
--
Stan
Reply to: