Spam from myself - Postfix

Discussion in 'General' started by Hardknox, Aug 12, 2010.

  1. Hardknox

    Hardknox New Member

    It's there any option to prevent from self spam senders? Every day Im getting 5-10 email message from myself. Please help me, because I go crazy from that f*** spam

    My Postfix my.cnf

    Code:
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    delay_warning_time = 1h
    
    readme_directory = /usr/share/doc/postfix
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/courier/pop3d.pem
    smtpd_tls_key_file = $smtpd_tls_cert_file
    smtpd_use_tls = yes
    smtp_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    myhostname = atena.myhost.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = localhost, localhost.localdomain
    relayhost = 
    mynetworks = 127.0.0.0/8 [::1]/128
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains = 
    virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = static:5000
    virtual_gid_maps = static:5000
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_client_access hash:/etc/postfix/access_loc, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, reject_rbl_client zen.spamhaus.org
    smtpd_tls_security_level = may
    transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    virtual_create_maildirsize = yes
    virtual_maildir_extended = yes
    virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
    virtual_mailbox_limit_override = yes
    virtual_maildir_limit_message = "The user you are trying to reach is over quota."
    virtual_overquota_bounce = yes
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
    smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, reject_unknown_sender_domain
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = maildrop
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    message_size_limit = 0
    
    
    #Added
    
    
     
  2. virtualm

    virtualm New Member

    For spam in general I found a great article here


    Regards,
    VM
     
  3. hopoo

    hopoo New Member

  4. falko

    falko Super Moderator Howtoforge Staff

    There's not much you can do about it - the spammers probably use a remote server to send their spam, but use your email address as the sender address - it's a weakness of the SMTP protocol; it allowsyou to set whatever sender address you like.
     
  5. Morons

    Morons Member

    I have over 400 mail accounts complaining after i made them happy and used to no-spam, now this wave of phishing spam and such sellis phizer - lol

    my RBL look like this and I had more but some seem to be gone and I keep shrinking the list.
    Code:
    # smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_helo_required = yes
    disable_vrfy_command = yes
    invalid_hostname_reject_code = 554
    multi_recipient_bounce_reject_code = 554
    non_fqdn_reject_code = 554
    relay_domains_reject_code = 554
    unknown_address_reject_code = 554
    unknown_client_reject_code = 554
    unknown_hostname_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_relay_recipient_reject_code = 554
    unknown_sender_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    unverified_recipient_reject_code = 554
    unverified_sender_reject_code = 554
    smtpd_recipient_restrictions =
                reject_invalid_hostname,
                reject_unknown_recipient_domain,
                reject_unauth_pipelining,
                permit_mynetworks,
                permit_sasl_authenticated,
                reject_unauth_destination,
                reject_rbl_client multi.uribl.com,
                reject_rbl_client dsn.rfc-ignorant.org,
                reject_rbl_client sbl-xbl.spamhaus.org,
                reject_rbl_client bl.spamcop.net,
                reject_rbl_client blackholes.easynet.nl,
                reject_rbl_client cbl.abuseat.org,
                check_policy_service inet:127.0.0.1:10031
                permit
    
    smtpd_data_restrictions =
            reject_unauth_pipelining,
            permit
    
    the "check_policy_service" is postgrey!

    Any one can help ?:mad:
     
  6. falko

    falko Super Moderator Howtoforge Staff

    What exactly is the question?
     
  7. Morons

    Morons Member

    Simple question really , Did anyone find a way to stop these new spoofers spamming lately, I have had relative no spam until recently and it seem the few RBL blocks as well as greylisting does not block them,

    Do you perhaps have an better RBL list or technology to stop them?:confused:
     
  8. falko

    falko Super Moderator Howtoforge Staff

    Unfortunately no. :(
     
  9. juan_g

    juan_g New Member

    Spf

    SPF, an email anti-forgery system now used by Google, AOL, etc., could help:

    See also the link provided before by Virtualm, Tightening SPAM control on ISPConfig Server, with details on SPF, etc.
     
    Last edited: Sep 21, 2010

Share This Page