Re: [SOLVED] Re: My post mail server is used for spam

To: debian-user@lists.debian.org
Subject: Re: [SOLVED] Re: My post mail server is used for spam
From: Stan Hoeppner <stan@hardwarefreak.com>
Date: Tue, 15 Nov 2011 12:50:50 -0600
Message-id: <[🔎] 4EC2B48A.5060103@hardwarefreak.com>
Reply-to: stan@hardwarefreak.com
In-reply-to: <[🔎] CALvL=TOdqt9r9Y0gq3SUKWnnGof2sduhLc=rc_MipKAc--pfcA@mail.gmail.com>
References: <[🔎] CALvL=TNtZBrqQbtuXSNNOvj3445FWQtOfMZ4+_HLuCX5dsqCxg@mail.gmail.com> <[🔎] 4EC22EE4.3090801@familyross.net> <[🔎] 4EC23128.4060501@familyross.net> <CALvL=TPLtPeAZ4-qzNjHnHs59T1m2gvVwSbeDcLzPwiAhC0EHA@mail.gmail.com> <[🔎] CALvL=TMab58ntQqtBTaVCQ0T500MxNirneQKbpLqK0xvdV7FHg@mail.gmail.com> <[🔎] 4EC25B77.1080605@hardwarefreak.com> <[🔎] CALvL=TOdqt9r9Y0gq3SUKWnnGof2sduhLc=rc_MipKAc--pfcA@mail.gmail.com>

On 11/15/2011 10:07 AM, Olivier BATARD wrote:

>> mynetworks = !192.168.150.254 192.168.150.0/24
>>
>> The "!" excludes the address.
> 
> Thanks that solve my problem

You're welcome.  Due to the NAT source address rewrite problem, the
previous mynetworks configuration made Postfix a wide open relay.  I'm
curious, how long was this machine in production before the spammers
found the relay hole and started abusing it?  Days?  Months?

>> If you do not actually have a working IPv6 network, remove the IPv6 junk
>> from mynetworks.  If you don't have webmail running on the Postfix box,
>> nor programs that need to inject mail into Postfix, remove the loopback
>> address from mynetworks as well.
> 
> Thanks for the advice.

Sure thing.  With Postfix it's always best to configure *only* what you
need.  Having unnecessary stuff in main.cf can cause problems and/or
make troubleshooting more difficult.

>> P.S. I'm shocked you still have a NAT/PAT router in 2011 that rewrites
>> source addresses.  Treat that thing like hot plutonium--replace it ASAP.
>>
> Yeah I was quite shocked too, so we'll replace soon as soon as the
> client sign the bill :)

Heheh.  Unfortunately I know that type of client. ;)  However, even this
$20 USD router does source addressing correctly, as do just about all
cheap consumer routers do:

http://www.newegg.com/Product/Product.aspx?Item=N82E16833704016

> Anyway thanks a lot.

Glad I could help.  Postfix and spam fighting are two of my specialties.

-- 
Stan

Reply to:

Follow-Ups:
- Re: [SOLVED] Re: My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>

References:
- My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>
- Re: My post mail server is used for spam
  - From: Kevin Ross <kevin@familyross.net>
- Re: My post mail server is used for spam
  - From: Kevin Ross <kevin@familyross.net>
- Re: My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>
- Re: My post mail server is used for spam
  - From: Stan Hoeppner <stan@hardwarefreak.com>
- [SOLVED] Re: My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>

Prev by Date: Re: Skype - how to get the microphone test
Next by Date: Re: What's DE-specific, what's independent? (was: Re: KDE package manager)
Previous by thread: [SOLVED] Re: My post mail server is used for spam
Next by thread: Re: [SOLVED] Re: My post mail server is used for spam
Index(es):
- Date
- Thread