Something is amiss with mail. I don't have any catch-all mailboxes on my system and Postfix rejects 99% of unknown user email. But, at least 5 to 10 times a day unknown user email gets delivered to the server's root mailbox. Any ideas what causes this and any ideas how to fix this?
Please check the headers of these mails, maybe they have been sent directly to a system user and then have been redirectd to the root mailbox.
I've starred at the headers and logs to find some kind of pattern but can't find anything. I never create users such as info@ or sales@ and I advise people not to do it because they are spam magnet addresses. But these are the very addresses that are being delivered to the server root. Log example: Code: Mar 11 06:21:26 server postfix/smtpd[10937]: connect from unknown[121.7.2.161] Mar 11 06:21:27 server postfix/smtpd[10937]: 4291C1CB1EE: client=unknown[121.7.2.161] Mar 11 06:21:28 server postfix/cleanup[10940]: 4291C1CB1EE: message-id=<[email protected]> Mar 11 06:21:28 server postfix/qmgr[13032]: 4291C1CB1EE: from=<[email protected]>, size=5282, nrcpt=1 (queue active) Mar 11 06:21:28 server postfix/local[10941]: 4291C1CB1EE: to=<[email protected]>, orig_to=<[email protected]>, relay=local, delay=2, status=sent (delivered to mailbox) Mar 11 06:21:28 server postfix/qmgr[13032]: 4291C1CB1EE: removed Mar 11 06:21:28 server postfix/smtpd[10937]: disconnect from unknown[121.7.2.161] The message headers show the same thing. Original to: [email protected] and delivered to: [email protected].
Please do a: grep [email protected] /etc/postfix/virtusertable to be sure that this address is really not in there. Also have a look at /etc/postfix/alias if there is a alias for info
BINGO! /etc/aliases mail :root info : postmaster sales : postmaster The exact 3 that have been coming in. removed them and ran newaliases. Thank you Till!
Well I spoke too soon. Mail sent to unknown user mail.domain.com is now being delivered to a mailbox called mail. Mail to [email protected] is being delivered to a mailbox called sales.
Yes, because mail and sales are existing system users on your server. If you want these mails to be delivered to another mailbox, create an email address/alias for sales/mail in ISPConfig.
OK, would it be "legal" to alias those names to a non-existent mailbox so they get rejected? I know that postmaster must accept email, but the others are nothing but spam traps.
If it's only spam, remove the users, so mail is not even accepted at MTA level. Accepting mail means you are responsible. I would create those users and optionally modify the procmailrc to move all emails to /dev/null. But anything legitimate is also gone !
