[SOLVED] Re: My post mail server is used for spam

To: debian-user@lists.debian.org
Subject: [SOLVED] Re: My post mail server is used for spam
From: Olivier BATARD <obatard@gmail.com>
Date: Tue, 15 Nov 2011 17:07:49 +0100
Message-id: <[🔎] CALvL=TOdqt9r9Y0gq3SUKWnnGof2sduhLc=rc_MipKAc--pfcA@mail.gmail.com>
In-reply-to: <[🔎] 4EC25B77.1080605@hardwarefreak.com>
References: <[🔎] CALvL=TNtZBrqQbtuXSNNOvj3445FWQtOfMZ4+_HLuCX5dsqCxg@mail.gmail.com> <[🔎] 4EC22EE4.3090801@familyross.net> <[🔎] 4EC23128.4060501@familyross.net> <CALvL=TPLtPeAZ4-qzNjHnHs59T1m2gvVwSbeDcLzPwiAhC0EHA@mail.gmail.com> <[🔎] CALvL=TMab58ntQqtBTaVCQ0T500MxNirneQKbpLqK0xvdV7FHg@mail.gmail.com> <[🔎] 4EC25B77.1080605@hardwarefreak.com>

2011/11/15 Stan Hoeppner <stan@hardwarefreak.com>:
> On 11/15/2011 5:44 AM, Olivier BATARD wrote:
>> Thanks for the answer, when I run a grep -e "connect from" on the
>> syslog I got this :
>>
>> Nov 15 12:32:47 VOLTALIAMSG postfix/smtpd[31110]: disconnect from
>> unknown[192.168.150.254]
>> Nov 15 12:32:49 VOLTALIAMSG postfix/smtpd[31102]: connect from
>> unknown[192.168.150.254]
>> Nov 15 12:32:53 VOLTALIAMSG postfix/smtpd[31129]: disconnect from
>> unknown[192.168.150.254]
>> Nov 15 12:32:56 VOLTALIAMSG postfix/smtpd[31110]: connect from
>> unknown[192.168.150.254]
>
> No modern NAT/PAT router should ever replace the source address.  If a
> firmware upgrade doesn't fix this problem, chuck that router as quick as
> you can and get a new one.
>
>> the 192.168.150.254 is my router. Seems that postfix consider it like
>> a internal host.
>
> Of course Postfix does.  Because it *is* an "internal" host:
>
> mynetworks = 192.168.150.0/24 ...
>
>> Anyway we have a router which uses NAT to forward smtp data to our
>> server. How can we configure postfix and router to send mail only from
>> my domain and not sending and accepting spam ?
>
> If you do not have users submitting mail for relay from the public
> internet (i.e. roaming laptop users "outside" the router), simply
> rejecting smtp connections from the router's private IP address will
> solve the problem.  Edit main.cf with the modification below and do a
> "postfix reload":
>
> mynetworks = !192.168.150.254 192.168.150.0/24
>
> The "!" excludes the address.

Thanks that solve my problem

>
> If you do not actually have a working IPv6 network, remove the IPv6 junk
> from mynetworks.  If you don't have webmail running on the Postfix box,
> nor programs that need to inject mail into Postfix, remove the loopback
> address from mynetworks as well.

Thanks for the advice.

>
> P.S. I'm shocked you still have a NAT/PAT router in 2011 that rewrites
> source addresses.  Treat that thing like hot plutonium--replace it ASAP.
>
Yeah I was quite shocked too, so we'll replace soon as soon as the
client sign the bill :)

Anyway thanks a lot.

Olivier

> --
> Stan
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 4EC25B77.1080605@hardwarefreak.com">http://lists.debian.org/[🔎] 4EC25B77.1080605@hardwarefreak.com
>
>

Reply to:

Follow-Ups:
- Re: [SOLVED] Re: My post mail server is used for spam
  - From: Stan Hoeppner <stan@hardwarefreak.com>

References:
- My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>
- Re: My post mail server is used for spam
  - From: Kevin Ross <kevin@familyross.net>
- Re: My post mail server is used for spam
  - From: Kevin Ross <kevin@familyross.net>
- Re: My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>
- Re: My post mail server is used for spam
  - From: Stan Hoeppner <stan@hardwarefreak.com>

Prev by Date: Re: iceweasel 8.0 www.bsi.de triggers "The connection was reset"
Next by Date: Re: update-flashplugin-nonfree issue
Previous by thread: Re: My post mail server is used for spam
Next by thread: Re: [SOLVED] Re: My post mail server is used for spam
Index(es):
- Date
- Thread