Hello, i have problem with spam on one domain, how can i disable this spaming from domain to others??? I have ispconfig 3 with postfix, spam filters are not working also i tried with restrictions files in postfix cf.... So for now i dont have mx records for this domain but the messages are still comming on mail queue! Please can somebody help me!!! THANKS
The results are the same i did postqueue -f and that is the result.... -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- 5268EC6196 1530 Tue Feb 19 14:22:04 [email protected] (host mailin-03.mx.aol.com[64.12.90.97] refused to talk to me: 421 4.7.1 : (DNS:NR) http://postmaster.info.aol.com/errors/421dnsnr.html) [email protected] -- 2 Kbytes in 1 Request. root@ns1:~# postqueue -p -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- 46CADC6199* 1505 Tue Feb 19 14:24:47 [email protected] [email protected] 4513DC6194* 929 Tue Feb 19 14:24:48 [email protected] [email protected] 5268EC6196 1530 Tue Feb 19 14:22:04 [email protected] (host mailin-03.mx.aol.com[64.12.90.97] refused to talk to me: 421 4.7.1 : (DNS:NR) http://postmaster.info.aol.com/errors/421dnsnr.html) [email protected] 510B5C6192 1499 Tue Feb 19 14:24:44 [email protected] (host alt1.gmail-smtp-in.l.google.com[74.125.141.27] said: 421-4.7.0 [89.142.198.131 4] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. t10si24055000pay.99 - gsmtp (in reply to end of DATA command)) [email protected] I dont have this email accounts on my server just domain? Can someone help me?
I have a question how can somebody sent a mail from my domain that is not a email user??? Please i need answers?????
A weakness of the smtp protocol - you can fake sender addresses. You can use whatever sender address you like.
OK i know that now! So i decided that i hardened the postfix and i close up 25 port, so for now is this a step one! Also i have found a script on my server that has sendind email from my domain called pp1.php. I have closed up my ports and the messages are still comming to my queue so i found the script that was uploaded on my server via joomla. Thanks i solved for now the problem it was not the postfix but joomla injection!!! Bye
