Re: [SOLVED] Re: My post mail server is used for spam

To: debian-user@lists.debian.org
Subject: Re: [SOLVED] Re: My post mail server is used for spam
From: Olivier BATARD <obatard@gmail.com>
Date: Wed, 16 Nov 2011 11:30:05 +0100
Message-id: <[🔎] CALvL=TM7bD+n0eCpL6k4VuV7H9JUyS4QP1n5KVrL=dM6NYWk1Q@mail.gmail.com>
In-reply-to: <[🔎] 4EC2B48A.5060103@hardwarefreak.com>
References: <[🔎] CALvL=TNtZBrqQbtuXSNNOvj3445FWQtOfMZ4+_HLuCX5dsqCxg@mail.gmail.com> <[🔎] 4EC22EE4.3090801@familyross.net> <[🔎] 4EC23128.4060501@familyross.net> <CALvL=TPLtPeAZ4-qzNjHnHs59T1m2gvVwSbeDcLzPwiAhC0EHA@mail.gmail.com> <[🔎] CALvL=TMab58ntQqtBTaVCQ0T500MxNirneQKbpLqK0xvdV7FHg@mail.gmail.com> <[🔎] 4EC25B77.1080605@hardwarefreak.com> <[🔎] CALvL=TOdqt9r9Y0gq3SUKWnnGof2sduhLc=rc_MipKAc--pfcA@mail.gmail.com> <[🔎] 4EC2B48A.5060103@hardwarefreak.com>

2011/11/15 Stan Hoeppner <stan@hardwarefreak.com>:
> On 11/15/2011 10:07 AM, Olivier BATARD wrote:
>
>>> mynetworks = !192.168.150.254 192.168.150.0/24
>>>
>>> The "!" excludes the address.
>>
>> Thanks that solve my problem
>
> You're welcome.  Due to the NAT source address rewrite problem, the
> previous mynetworks configuration made Postfix a wide open relay.  I'm
> curious, how long was this machine in production before the spammers
> found the relay hole and started abusing it?  Days?  Months?

The server was fine for 5 days, after was spam festival :)

>
>>> If you do not actually have a working IPv6 network, remove the IPv6 junk
>>> from mynetworks.  If you don't have webmail running on the Postfix box,
>>> nor programs that need to inject mail into Postfix, remove the loopback
>>> address from mynetworks as well.
>>
>> Thanks for the advice.
>
> Sure thing.  With Postfix it's always best to configure *only* what you
> need.  Having unnecessary stuff in main.cf can cause problems and/or
> make troubleshooting more difficult.

I'll be more careful next time :)

>
>>> P.S. I'm shocked you still have a NAT/PAT router in 2011 that rewrites
>>> source addresses.  Treat that thing like hot plutonium--replace it ASAP.
>>>
>> Yeah I was quite shocked too, so we'll replace soon as soon as the
>> client sign the bill :)
>
> Heheh.  Unfortunately I know that type of client. ;)  However, even this
> $20 USD router does source addressing correctly, as do just about all
> cheap consumer routers do:
>
> http://www.newegg.com/Product/Product.aspx?Item=N82E16833704016

Thanks for the link, I'll try to negotiate $20 with that client (not
the easiest part ;) )

>
>> Anyway thanks a lot.
>
> Glad I could help.  Postfix and spam fighting are two of my specialties.

I see that, dealing with expert is always useful and a pleasure :)

Olivier

>
> --
> Stan
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 4EC2B48A.5060103@hardwarefreak.com">http://lists.debian.org/[🔎] 4EC2B48A.5060103@hardwarefreak.com
>
>

Reply to:

Follow-Ups:
- Re: [SOLVED] Re: My post mail server is used for spam
  - From: Joel Rees <joel.rees@gmail.com>

References:
- My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>
- Re: My post mail server is used for spam
  - From: Kevin Ross <kevin@familyross.net>
- Re: My post mail server is used for spam
  - From: Kevin Ross <kevin@familyross.net>
- Re: My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>
- Re: My post mail server is used for spam
  - From: Stan Hoeppner <stan@hardwarefreak.com>
- [SOLVED] Re: My post mail server is used for spam
  - From: Olivier BATARD <obatard@gmail.com>
- Re: [SOLVED] Re: My post mail server is used for spam
  - From: Stan Hoeppner <stan@hardwarefreak.com>

Prev by Date: Re: Sound wheezy/KDE -- testing the microphone
Next by Date: Dep levels
Previous by thread: Re: [SOLVED] Re: My post mail server is used for spam
Next by thread: Re: [SOLVED] Re: My post mail server is used for spam
Index(es):
- Date
- Thread