Smtp Help!

Discussion in 'Installation/Configuration' started by brownie, Mar 28, 2006.

  1. brownie

    brownie New Member

    I have ISPconfig on suse 10.0.0 for some days I must disable the service SMTP because the server crashed for many many many smtp process and cpu go to 100%!! When I start again smtp I see immediatly many and many smtp process and the cpu go up so I must stop smtp
    What has happened?
    I must reinstall postfix? or?

    thanks
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    How many messages are in your mailqueue? Execute:

    postqueue -p
     
  3. brownie

    brownie New Member


    Many many many many many :(

    I think the problem is only spam

    On this server there is only 2 domains of 1 client and the mail server in on other server so I think to disable postfix at this moment
    How I do to disable postifix without remove it?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Just stop it.

    /etc/init.d/postfix stop

    You can empty your mailqueue with the command:

    postsuper -d all

    Then check how the spam massages had come into your mailqueue. There ae two common situations.

    1) Your server is an open relay. Please psot your main.cf file, then we can check it.

    2) You have an email script, form mail program or something like that, that is not programmed securely and is used by spammers.
     
  5. brownie

    brownie New Member

    The main.cf is too big for post and also as attachment is too big

    On the server there is mambo v. 4.5.2, now I am checking if there are some security patch for mambo
     
    Last edited: Mar 28, 2006
  6. falko

    falko Super Moderator Howtoforge Staff

    Remove the comments and post the rest.
     
  7. brownie

    brownie New Member

    queue_directory = /var/spool/postfix

    command_directory = /usr/sbin
    daemon_directory = /usr/lib/postfix


    mail_owner = postfix


    unknown_local_recipient_reject_code = 550


    debug_peer_level = 2


    debugger_command =
    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
    xxgdb $daemon_directory/$process_name $process_id & sleep 5



    sendmail_path = /usr/sbin/sendmail

    newaliases_path = /usr/bin/newaliases

    mailq_path = /usr/bin/mailq


    setgid_group = maildrop


    html_directory = /usr/share/doc/packages/postfix/html


    manpage_directory = /usr/share/man


    sample_directory = /usr/share/doc/packages/postfix/samples

    readme_directory = /usr/share/doc/packages/postfix/README_FILES
    inet_protocols = all
    biff = no
    mail_spool_directory = /var/mail
    canonical_maps = hash:/etc/postfix/canonical
    #virtual_maps = hash:/etc/postfix/virtual
    relocated_maps = hash:/etc/postfix/relocated
    transport_maps = hash:/etc/postfix/transport
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    masquerade_exceptions = root
    masquerade_classes = envelope_sender, header_sender, header_recipient
    myhostname = server1.$mydomain
    program_directory = /usr/lib/postfix
    inet_interfaces = all
    masquerade_domains =
    #mydestination = $myhostname, localhost.$mydomain
    defer_transports =
    disable_dns_lookups = no
    relayhost =
    mailbox_command =
    mailbox_transport =
    strict_8bitmime = no
    disable_mime_output_conversion = no
    smtpd_sender_restrictions = hash:/etc/postfix/access
    smtpd_client_restrictions =
    smtpd_helo_required = no
    smtpd_helo_restrictions =
    strict_rfc821_envelopes = no
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_relay_domains
    smtp_sasl_auth_enable = no
    smtpd_sasl_auth_enable = yes
    smtpd_use_tls = yes
    smtp_use_tls = yes
    alias_maps = hash:/etc/aliases
    mailbox_size_limit = 0
    message_size_limit = 10240000
    mydomain = giomi.it
    smtpd_sasl_local_domain =
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_tls_auth_only = no
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom

    virtual_maps = hash:/etc/postfix/virtusertable

    mydestination = /etc/postfix/local-host-names
     
  8. brownie

    brownie New Member

    Anyway I want to thank you for your support, I think you are very helpful persons always present and this is a very useful community :)
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    Please add this line to your main.cf file:

    mynetworks = 127.0.0.0/8
     
  10. brownie

    brownie New Member

    Done!

    what is the use of this line?

    I have on other server with ispconfig on suse 10 (without mambo), do I need add this line also on main.cf of the other server?
     
  11. falko

    falko Super Moderator Howtoforge Staff

    This line assures that only localhost can send emails without authentication. If you send from another IP address, then you must authenticate. So your system shouldn't be abused by spammers anymore.

    It's a good idea to add this line to your other main.cf (if it isn't already in there).
     
  12. brownie

    brownie New Member

    OK, done also on other server

    thanks
     

Share This Page