Postfix Spam

This WebDNA talk-list message is from

2007


It keeps the original formatting.
numero = 68924
interpreted = N
texte = iTools 8.2.2 on Mac OS 10.4.9 Server Several of the websites on this server (www.realtree.com) have email functions like "send to friend" using WebDNA and PHP. I setup my Postfix configuration to push the messages to my true mail server (newmail.grayloon.com) for delivery. I have about 25 websites on this server, and only those sites should be allowed to push mail to my mail server. This was working great until last night. I'm getting thousands of spam messages per hour coming into Postfix and being sent to my mail server. I know nothing about Postfix, so I Googled the problem and tried nearly everything I could find. This page looked promising, but I didn't try everything there: http://www.akadia.com/services/postfix_uce.html I've included some relevant information below if it helps diagnose and solve the problem. Changes to the end of my /etc/postfix/main.cf file: myhostname = realtree.com mailbox_transport = cyrus #mydestination = $myhostname,localhost.$mydomain #relay_domains = $mydestination,realtree.com,realtreeoutdoors.com #virtual_alias_maps = hash:/etc/postfix/virtual mydestination = relayhost = newmail.grayloon.com mynetworks = 127.0.0.0 216.168.63.25 relay_domains = smtpd_client_restrictions = check_client_access hash:/etc/postfix/whitelist smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, permit virtual_alias_maps = hash:/etc/postfix/virtual Contents of /etc/postfix/whitelist: 216.168.63.25 OK www.realtree.com OK realtree.com OK www.realtreeoutdoors.com OK realtreeoutdoors.com OK Some lines from the /var/log/mail.log showing the spam: May 2 06:57:40 www postfix/pickup[10546]: 393F31959EE5: uid=70 from= May 2 06:57:40 www postfix/cleanup[10656]: 393F31959EE5: message-id=<20070502115740.393F31959EE5@realtree.com> May 2 06:57:40 www postfix/qmgr[10545]: 393F31959EE5: from=, size=13858, nrcpt=332 (queue active) May 2 06:57:40 www postfix/smtp[10661]: 393F31959EE5: to=, relay=newmail.grayloon.com[216.168.63.109], delay=0, status=sent (250 2.6.0 13858 bytes received in 00:00:00; Message id HGH37600 accepted for delivery) May 2 06:57:41 www postfix/smtp[10657]: 393F31959EE5: to=, relay=newmail.grayloon.com[216.168.63.109], delay=1, status=sent (250 2.6.0 13858 bytes received in 00:00:00; Message id HGH78400 accepted for delivery) May 2 06:57:41 www postfix/qmgr[10545]: 393F31959EE5: removed Output of ps aux | grep postfix: postfix 10545 0.0 -0.0 27416 852 ?? S 6:55AM 0:00.90 qmgr -l -t fifo -u postfix 10546 0.0 -0.0 27372 720 ?? S 6:55AM 0:00.06 pickup -l -t fifo -u postfix 10572 0.0 -0.0 27384 732 ?? S 6:55AM 0:03.04 trivial-rewrite -n rewrite -t unix -u postfix 12011 0.0 -0.0 27360 704 ?? S 7:26AM 0:00.01 proxymap -t unix -u root 12121 0.0 -0.0 18052 292 p2 R+ 7:29AM 0:00.00 grep postfix ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Postfix Spam ( Clint Davis 2007)
iTools 8.2.2 on Mac OS 10.4.9 Server Several of the websites on this server (www.realtree.com) have email functions like "send to friend" using WebDNA and PHP. I setup my Postfix configuration to push the messages to my true mail server (newmail.grayloon.com) for delivery. I have about 25 websites on this server, and only those sites should be allowed to push mail to my mail server. This was working great until last night. I'm getting thousands of spam messages per hour coming into Postfix and being sent to my mail server. I know nothing about Postfix, so I Googled the problem and tried nearly everything I could find. This page looked promising, but I didn't try everything there: http://www.akadia.com/services/postfix_uce.html I've included some relevant information below if it helps diagnose and solve the problem. Changes to the end of my /etc/postfix/main.cf file: myhostname = realtree.com mailbox_transport = cyrus #mydestination = $myhostname,localhost.$mydomain #relay_domains = $mydestination,realtree.com,realtreeoutdoors.com #virtual_alias_maps = hash:/etc/postfix/virtual mydestination = relayhost = newmail.grayloon.com mynetworks = 127.0.0.0 216.168.63.25 relay_domains = smtpd_client_restrictions = check_client_access hash:/etc/postfix/whitelist smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, permit virtual_alias_maps = hash:/etc/postfix/virtual Contents of /etc/postfix/whitelist: 216.168.63.25 OK www.realtree.com OK realtree.com OK www.realtreeoutdoors.com OK realtreeoutdoors.com OK Some lines from the /var/log/mail.log showing the spam: May 2 06:57:40 www postfix/pickup[10546]: 393F31959EE5: uid=70 from= May 2 06:57:40 www postfix/cleanup[10656]: 393F31959EE5: message-id=<20070502115740.393F31959EE5@realtree.com> May 2 06:57:40 www postfix/qmgr[10545]: 393F31959EE5: from=, size=13858, nrcpt=332 (queue active) May 2 06:57:40 www postfix/smtp[10661]: 393F31959EE5: to=, relay=newmail.grayloon.com[216.168.63.109], delay=0, status=sent (250 2.6.0 13858 bytes received in 00:00:00; Message id HGH37600 accepted for delivery) May 2 06:57:41 www postfix/smtp[10657]: 393F31959EE5: to=, relay=newmail.grayloon.com[216.168.63.109], delay=1, status=sent (250 2.6.0 13858 bytes received in 00:00:00; Message id HGH78400 accepted for delivery) May 2 06:57:41 www postfix/qmgr[10545]: 393F31959EE5: removed Output of ps aux | grep postfix: postfix 10545 0.0 -0.0 27416 852 ?? S 6:55AM 0:00.90 qmgr -l -t fifo -u postfix 10546 0.0 -0.0 27372 720 ?? S 6:55AM 0:00.06 pickup -l -t fifo -u postfix 10572 0.0 -0.0 27384 732 ?? S 6:55AM 0:03.04 trivial-rewrite -n rewrite -t unix -u postfix 12011 0.0 -0.0 27360 704 ?? S 7:26AM 0:00.01 proxymap -t unix -u root 12121 0.0 -0.0 18052 292 p2 R+ 7:29AM 0:00.00 grep postfix ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Clint Davis

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

RE: [sendmail]- bcc? (1998) Need relative path explanation (1997) OT-JS why it does not run on Mac (2001) Does anyone have any ideas? (2007) can WC render sites out? (1997) Conference? Heres my sniplete contribution! (1998) shipping & multiple comparisons? (2000) UPS, FEDEX TRACKING (1999) Running subtotal? (1998) Location of Webcat site in folder hierarchy (1997) Nested tags count question (1997) Updating Prices in Online Database (1999) can WC render sites out? (1997) Set Cookie Problem (2008) Help! WebCat2 bug (1997) suffix mapping for NT? (1997) Calendar (1997) many-to-one problem (1998) Nesting format tags (1997) Slightly OT web* and Web Cat crashes (2000)