Ok here is my problem, I have been reading these forums for quite a while n ow. And since this has been happening, since the beginning of Feb, I have been actively searching though these forums to find something to help me resolve this issue. here is the issue, I use a mail relay service for sending my email out. Works perfectly and I am very happy. I setup my server following the debian etch 4, with ISPConfig. So recently I have been being bombarded with requests to send emails. I have been noticing some are getting through. Below you see my mail.log of the issue. I have been noticing the sasl_username=test seems to be what there useing, but I have never setup a test account, is this standard or did I miss something on this. Code: Feb 12 18:59:58 svr2 postfix/smtpd[4283]: warning: 87.127.167.31: hostname 87-127-167-31.no-dns-yet.enta.net verification failed: Name or service not known Feb 12 18:59:58 svr2 postfix/smtpd[4283]: connect from unknown[87.127.167.31] Feb 12 18:59:59 svr2 postfix/smtpd[4283]: F24009381D5: client=unknown[87.127.167.31], sasl_method=LOGIN, sasl_username=test Feb 12 19:00:12 svr2 postfix/cleanup[4287]: F24009381D5: message-id=<20080212235959.F24009381D5@svr2.*******.com> Feb 12 19:00:12 svr2 postfix/qmgr[18713]: F24009381D5: from=<[email protected]>, size=1631, nrcpt=50 (queue active) Feb 12 19:00:12 svr2 postfix/smtp[4295]: warning: database /etc/postfix/sasl_passwd.db is older than source file /etc/postfix/sasl_passwd Feb 12 19:00:12 svr2 postfix/smtpd[4283]: disconnect from unknown[87.127.167.31] Feb 12 19:00:13 svr2 postfix/smtp[4295]: certificate verification failed for relay.*******.com: num=18:self signed certificate Feb 12 19:00:14 svr2 postfix/smtpd[4283]: warning: 87.127.167.31: hostname 87-127-167-31.no-dns-yet.enta.net verification failed: Name or service not known Feb 12 19:00:14 svr2 postfix/smtpd[4283]: connect from unknown[87.127.167.31] Feb 12 19:00:16 svr2 postfix/smtpd[4283]: 02D439381D6: client=unknown[87.127.167.31], sasl_method=LOGIN, sasl_username=test Feb 12 19:00:27 svr2 postfix/cleanup[4287]: 02D439381D6: message-id=<20080213000016.02D439381D6@svr2.*******.com> Feb 12 19:00:27 svr2 postfix/qmgr[18713]: 02D439381D6: from=<[email protected]>, size=1631, nrcpt=50 (queue active) Feb 12 19:00:27 svr2 postfix/smtp[4300]: warning: database /etc/postfix/sasl_passwd.db is older than source file /etc/postfix/sasl_passwd Feb 12 19:00:28 svr2 postfix/smtp[4300]: certificate verification failed for relay.*******.com: num=18:self signed certificate Feb 12 19:00:28 svr2 postfix/smtpd[4283]: disconnect from unknown[87.127.167.31] Feb 12 19:00:30 svr2 postfix/smtpd[4283]: warning: 87.127.167.31: hostname 87-127-167-31.no-dns-yet.enta.net verification failed: Name or service not known Feb 12 19:00:30 svr2 postfix/smtpd[4283]: connect from unknown[87.127.167.31] Feb 12 19:00:31 svr2 postfix/smtpd[4283]: B23369381D7: client=unknown[87.127.167.31], sasl_method=LOGIN, sasl_username=test Feb 12 19:00:41 svr2 postfix/smtp[4300]: 02D439381D6: to=<[email protected]>, relay=relay.*******.com[64.182.102.185]:25, delay=25, delays=12/0.07/1.1/13, dsn=2.0.0, status=sent (250 2.0.0 m1D03lCP010255 Message accepted for delivery) Feb 12 19:00:41 svr2 postfix/smtp[4300]: 02D439381D6: to=<[email protected]>, relay=relay.*******.com[64.182.102.185]:25, delay=25, delays=12/0.07/1.1/13, dsn=2.0.0, status=sent (250 2.0.0 m1D03lCP010255 Message accepted for delivery) Feb 12 19:00:41 svr2 postfix/smtp[4300]: 02D439381D6: to=<[email protected]>, relay=relay.*******.com[64.182.102.185]:25, delay=25, delays=12/0.07/1.1/13, dsn=2.0.0, status=sent (250 2.0.0 m1D03lCP010255 Message accepted for delivery) Feb 12 19:00:41 svr2 postfix/smtp[4300]: 02D439381D6: to=<[email protected]>, relay=relay.*******.com[64.182.102.185]:25, delay=25, delays=12/0.07/1.1/13, dsn=2.0.0, status=sent (250 2.0.0 m1D03lCP010255 Message accepted for delivery) Feb 12 19:00:41 svr2 postfix/smtp[4300]: 02D439381D6: to=<[email protected]>, relay=relay.*******.com[64.182.102.185]:25, delay=25, delays=12/0.07/1.1/13, dsn=2.0.0, status=sent (250 2.0.0 m1D03lCP010255 Message accepted for delivery) Also I have taken and added irs.gov to the /etc/postfix/local-host-names as well to stop them sending mail with that. But I hate to block all these domains that could potientally come in if there being spoofed. I am also noticing this line in there as well, could you tell me how to fix this please: Feb 12 19:00:27 svr2 postfix/smtp[4300]: warning: database /etc/postfix/sasl_passwd.db is older than source file /etc/postfix/sasl_passwd Any help would be appericated.
I found the issue it was me, as I did have a test account with no passoword set on this. Fix and corrected. Cheers.
