Am Sam, den 31.01.2004 schrieb Lorenzo Prince um 17:16:
[snip]
aren't even getting through anymore. What can I do to solve the
Postfix problem?
What can I do to stop this relaying even though Postfix is configured not to
relay from remote connections at all? I started using postfix when I heard that
sendmail had a history of insecurity. Is this better now? Should I just start
using sendmail instead of Postfix?
[/snip]
Postfix and sendmail are both more or less secure, both applications,
both vulnerable....i have postfix running on my server without any
problems and IMHO secure.
I have to links, where i check my servers online as open relay:
http://www.relaycheck.com/test.asp
http://www.antispam-ufrj.pads.ufrj.br
i am not that specialist, but i think that there are possibilities, if
you have a proxy installed or mod_proxy on Apache (correct me if i am
wrong) that a spammer can relay via this proxy. so if you have open,
close the port for your proxy (if it is squid must usually be 3128) or
disable mod_proxy
btw, the spammer has his ip-adress, do you find this ip-adress somewhere
in your firewall-log (if you have)? If he hacked you, you should find in
there, how and where he did...
FYI heres the part of my main.cf for relaying protection and acl.
smtpd_helo_restrictions = reject_unauth_pipelining
smtpd_recipient_restrictions = reject_unknown_sender_domain,
reject_non_fqdn_sender,
permit_mynetworks,
check_client_access
hash:/etc/postfix/pop-before-smtp,
# permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client
bl.spamcop.net,
reject_rbl_client
relays.ordb.org,
# reject_rbl_client
proxies.relays.monkeys.com,
reject_rbl_client
sbl.spamhaus.org,
permit
HTH
Roger
Thanks for any help
PRINCE
--
Mit freundlichen Grüssen
Roger Grosswiler
------------------------
mailto:roger@gwch.net
http://www.gwch.net