postfix/dovecot, other domain is using our server to send spam











up vote
-3
down vote

favorite












Our server is being used to send spam from an account that doesn't belong to our domain. This account is sending emails to other domains and it is affecting our IP reputation.



log:



Nov 20 06:31:42 mydomain postfix/qmgr[5177]: 8C5C921014: from=<info3@samrexindia.com>, size=327666, nrcpt=1 (queue active)

Nov 20 06:31:42 mydomain opendkim[1017]: BA73821F61: no signing table match for 'info3@samrexindia.com'

Nov 20 06:31:42 mydomain postfix/qmgr[5177]: BA73821F61: from=<info3@samrexindia.com>, size=327674, nrcpt=1 (queue active)

Nov 20 06:31:42 mydomain postfix/smtp[5214]: 61964220B8: to=<info3@samrexindia.com>, relay=aspmx.l.google.com[74.125.192.26]:25, delay=0.45, delays=0.01/0/0.34/0.1, dsn=5.7.1, status=bounced (host aspmx.l.google.com[74.125.192.26] said: 550-5.7.1 [67.205.151.88      12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1  https://support.google.com/mail/?p=UnsolicitedMessageError 550 5.7.1  for more information. e12si9806509qvj.70 - gsmtp (in reply to end of DATA command))


I am trying to block these emails by using this configuration in the file main.cf of postfix:



"smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination"


but it didn't work. How can I stop this type of open relay?



postconf - output 



alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

anvil_rate_time_unit = 60s

body_checks = regexp:/etc/postfix/body_checks

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5

disable_vrfy_command = yes

dovecot_destination_recipient_limit = 1

header_checks = regexp:/etc/postfix/header_checks

html_directory = no

inet_interfaces = all

inet_protocols = all

invalid_hostname_reject_code = 554

mail_owner = postfix

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

message_size_limit = 30720000

milter_default_action = accept

milter_protocol = 2

mua_client_restrictions = permit_sasl_authenticated, reject

mua_helo_restrictions = permit_sasl_authenticated, reject

mua_sender_restrictions = permit_sasl_authenticated, reject

multi_recipient_bounce_reject_code = 554

mydestination = localhost, localhost.localdomain

myhostname = tboxplanet.com

mynetworks = 127.0.0.0/8 10.136.0.0/16

newaliases_path = /usr/bin/newaliases.postfix

non_fqdn_reject_code = 554

non_smtpd_milters = $smtpd_milters

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $virtual_mailbox_limit_maps

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf

relay_domains_reject_code = 554

sample_directory = /usr/share/doc/postfix-2.10.1/samples

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

smtp_tls_security_level = may

smtpd_client_message_rate_limit = 0

smtpd_client_recipient_rate_limit = 0

smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031

smtpd_helo_required = yes

smtpd_milters = inet:127.0.0.1:8891

smtpd_recipient_limit = 5000

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_unknown_recipient_domain, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, permit

smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_authenticated_header = yes

smtpd_sasl_path = private/auth

smtpd_sasl_type = dovecot

smtpd_sender_restrictions = reject_non_fqdn_sender, permit_mynetworks, permit_sasl_authenticated, reject_sender_login_mismatch, reject_unlisted_sender, check_sender_access pcre:/etc/postfix/access, permit

smtpd_tls_CAfile = /etc/letsencrypt/live/mail.tboxplanet.com/fullchain.pem

smtpd_tls_auth_only = yes

smtpd_tls_cert_file = /etc/letsencrypt/live/mail.tboxplanet.com/cert.pem

smtpd_tls_key_file = /etc/letsencrypt/live/mail.tboxplanet.com/privkey.pem

smtpd_tls_loglevel = 1

smtpd_use_tls = yes

strict_rfc821_envelopes = yes

unknown_address_reject_code = 554

unknown_client_reject_code = 554

unknown_hostname_reject_code = 554

unknown_local_recipient_reject_code = 554

unknown_relay_recipient_reject_code = 554

unknown_virtual_alias_reject_code = 554

unknown_virtual_mailbox_reject_code = 554

unverified_recipient_reject_code = 554

unverified_sender_reject_code = 554

virtual_alias_domains =

virtual_alias_maps = hash:/etc/postfix/blacklist, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp

virtual_gid_maps = static:12

virtual_mailbox_base = /mnt/vmail

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf

virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf

virtual_minimum_uid = 101

virtual_transport = dovecot

virtual_uid_maps = static:101





linux email smtp spam-prevention dovecot







share|improve this question









New contributor




Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Will depend on the rest of your config. Can you post output of postconf -n
    – ivanivan
    Nov 20 at 15:41










  • I edit the question whit the output of postconf -n
    – Snick MB
    Nov 20 at 15:50















up vote
-3
down vote

favorite












Our server is being used to send spam from an account that doesn't belong to our domain. This account is sending emails to other domains and it is affecting our IP reputation.



log:



Nov 20 06:31:42 mydomain postfix/qmgr[5177]: 8C5C921014: from=<info3@samrexindia.com>, size=327666, nrcpt=1 (queue active)

Nov 20 06:31:42 mydomain opendkim[1017]: BA73821F61: no signing table match for 'info3@samrexindia.com'

Nov 20 06:31:42 mydomain postfix/qmgr[5177]: BA73821F61: from=<info3@samrexindia.com>, size=327674, nrcpt=1 (queue active)

Nov 20 06:31:42 mydomain postfix/smtp[5214]: 61964220B8: to=<info3@samrexindia.com>, relay=aspmx.l.google.com[74.125.192.26]:25, delay=0.45, delays=0.01/0/0.34/0.1, dsn=5.7.1, status=bounced (host aspmx.l.google.com[74.125.192.26] said: 550-5.7.1 [67.205.151.88      12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1  https://support.google.com/mail/?p=UnsolicitedMessageError 550 5.7.1  for more information. e12si9806509qvj.70 - gsmtp (in reply to end of DATA command))


I am trying to block these emails by using this configuration in the file main.cf of postfix:



"smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination"


but it didn't work. How can I stop this type of open relay?



postconf - output 



alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

anvil_rate_time_unit = 60s

body_checks = regexp:/etc/postfix/body_checks

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5

disable_vrfy_command = yes

dovecot_destination_recipient_limit = 1

header_checks = regexp:/etc/postfix/header_checks

html_directory = no

inet_interfaces = all

inet_protocols = all

invalid_hostname_reject_code = 554

mail_owner = postfix

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

message_size_limit = 30720000

milter_default_action = accept

milter_protocol = 2

mua_client_restrictions = permit_sasl_authenticated, reject

mua_helo_restrictions = permit_sasl_authenticated, reject

mua_sender_restrictions = permit_sasl_authenticated, reject

multi_recipient_bounce_reject_code = 554

mydestination = localhost, localhost.localdomain

myhostname = tboxplanet.com

mynetworks = 127.0.0.0/8 10.136.0.0/16

newaliases_path = /usr/bin/newaliases.postfix

non_fqdn_reject_code = 554

non_smtpd_milters = $smtpd_milters

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $virtual_mailbox_limit_maps

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf

relay_domains_reject_code = 554

sample_directory = /usr/share/doc/postfix-2.10.1/samples

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

smtp_tls_security_level = may

smtpd_client_message_rate_limit = 0

smtpd_client_recipient_rate_limit = 0

smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031

smtpd_helo_required = yes

smtpd_milters = inet:127.0.0.1:8891

smtpd_recipient_limit = 5000

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_unknown_recipient_domain, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, permit

smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_authenticated_header = yes

smtpd_sasl_path = private/auth

smtpd_sasl_type = dovecot

smtpd_sender_restrictions = reject_non_fqdn_sender, permit_mynetworks, permit_sasl_authenticated, reject_sender_login_mismatch, reject_unlisted_sender, check_sender_access pcre:/etc/postfix/access, permit

smtpd_tls_CAfile = /etc/letsencrypt/live/mail.tboxplanet.com/fullchain.pem

smtpd_tls_auth_only = yes

smtpd_tls_cert_file = /etc/letsencrypt/live/mail.tboxplanet.com/cert.pem

smtpd_tls_key_file = /etc/letsencrypt/live/mail.tboxplanet.com/privkey.pem

smtpd_tls_loglevel = 1

smtpd_use_tls = yes

strict_rfc821_envelopes = yes

unknown_address_reject_code = 554

unknown_client_reject_code = 554

unknown_hostname_reject_code = 554

unknown_local_recipient_reject_code = 554

unknown_relay_recipient_reject_code = 554

unknown_virtual_alias_reject_code = 554

unknown_virtual_mailbox_reject_code = 554

unverified_recipient_reject_code = 554

unverified_sender_reject_code = 554

virtual_alias_domains =

virtual_alias_maps = hash:/etc/postfix/blacklist, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp

virtual_gid_maps = static:12

virtual_mailbox_base = /mnt/vmail

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf

virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf

virtual_minimum_uid = 101

virtual_transport = dovecot

virtual_uid_maps = static:101





linux email smtp spam-prevention dovecot







share|improve this question









New contributor




Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Will depend on the rest of your config. Can you post output of postconf -n
    – ivanivan
    Nov 20 at 15:41










  • I edit the question whit the output of postconf -n
    – Snick MB
    Nov 20 at 15:50













up vote
-3
down vote

favorite









up vote
-3
down vote

favorite











Our server is being used to send spam from an account that doesn't belong to our domain. This account is sending emails to other domains and it is affecting our IP reputation.



log:



Nov 20 06:31:42 mydomain postfix/qmgr[5177]: 8C5C921014: from=<info3@samrexindia.com>, size=327666, nrcpt=1 (queue active)

Nov 20 06:31:42 mydomain opendkim[1017]: BA73821F61: no signing table match for 'info3@samrexindia.com'

Nov 20 06:31:42 mydomain postfix/qmgr[5177]: BA73821F61: from=<info3@samrexindia.com>, size=327674, nrcpt=1 (queue active)

Nov 20 06:31:42 mydomain postfix/smtp[5214]: 61964220B8: to=<info3@samrexindia.com>, relay=aspmx.l.google.com[74.125.192.26]:25, delay=0.45, delays=0.01/0/0.34/0.1, dsn=5.7.1, status=bounced (host aspmx.l.google.com[74.125.192.26] said: 550-5.7.1 [67.205.151.88      12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1  https://support.google.com/mail/?p=UnsolicitedMessageError 550 5.7.1  for more information. e12si9806509qvj.70 - gsmtp (in reply to end of DATA command))


I am trying to block these emails by using this configuration in the file main.cf of postfix:



"smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination"


but it didn't work. How can I stop this type of open relay?



postconf - output 



alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

anvil_rate_time_unit = 60s

body_checks = regexp:/etc/postfix/body_checks

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5

disable_vrfy_command = yes

dovecot_destination_recipient_limit = 1

header_checks = regexp:/etc/postfix/header_checks

html_directory = no

inet_interfaces = all

inet_protocols = all

invalid_hostname_reject_code = 554

mail_owner = postfix

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

message_size_limit = 30720000

milter_default_action = accept

milter_protocol = 2

mua_client_restrictions = permit_sasl_authenticated, reject

mua_helo_restrictions = permit_sasl_authenticated, reject

mua_sender_restrictions = permit_sasl_authenticated, reject

multi_recipient_bounce_reject_code = 554

mydestination = localhost, localhost.localdomain

myhostname = tboxplanet.com

mynetworks = 127.0.0.0/8 10.136.0.0/16

newaliases_path = /usr/bin/newaliases.postfix

non_fqdn_reject_code = 554

non_smtpd_milters = $smtpd_milters

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $virtual_mailbox_limit_maps

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf

relay_domains_reject_code = 554

sample_directory = /usr/share/doc/postfix-2.10.1/samples

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

smtp_tls_security_level = may

smtpd_client_message_rate_limit = 0

smtpd_client_recipient_rate_limit = 0

smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031

smtpd_helo_required = yes

smtpd_milters = inet:127.0.0.1:8891

smtpd_recipient_limit = 5000

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_unknown_recipient_domain, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, permit

smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_authenticated_header = yes

smtpd_sasl_path = private/auth

smtpd_sasl_type = dovecot

smtpd_sender_restrictions = reject_non_fqdn_sender, permit_mynetworks, permit_sasl_authenticated, reject_sender_login_mismatch, reject_unlisted_sender, check_sender_access pcre:/etc/postfix/access, permit

smtpd_tls_CAfile = /etc/letsencrypt/live/mail.tboxplanet.com/fullchain.pem

smtpd_tls_auth_only = yes

smtpd_tls_cert_file = /etc/letsencrypt/live/mail.tboxplanet.com/cert.pem

smtpd_tls_key_file = /etc/letsencrypt/live/mail.tboxplanet.com/privkey.pem

smtpd_tls_loglevel = 1

smtpd_use_tls = yes

strict_rfc821_envelopes = yes

unknown_address_reject_code = 554

unknown_client_reject_code = 554

unknown_hostname_reject_code = 554

unknown_local_recipient_reject_code = 554

unknown_relay_recipient_reject_code = 554

unknown_virtual_alias_reject_code = 554

unknown_virtual_mailbox_reject_code = 554

unverified_recipient_reject_code = 554

unverified_sender_reject_code = 554

virtual_alias_domains =

virtual_alias_maps = hash:/etc/postfix/blacklist, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp

virtual_gid_maps = static:12

virtual_mailbox_base = /mnt/vmail

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf

virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf

virtual_minimum_uid = 101

virtual_transport = dovecot

virtual_uid_maps = static:101





linux email smtp spam-prevention dovecot







share|improve this question









New contributor




Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











Our server is being used to send spam from an account that doesn't belong to our domain. This account is sending emails to other domains and it is affecting our IP reputation.



log:



Nov 20 06:31:42 mydomain postfix/qmgr[5177]: 8C5C921014: from=<info3@samrexindia.com>, size=327666, nrcpt=1 (queue active)

Nov 20 06:31:42 mydomain opendkim[1017]: BA73821F61: no signing table match for 'info3@samrexindia.com'

Nov 20 06:31:42 mydomain postfix/qmgr[5177]: BA73821F61: from=<info3@samrexindia.com>, size=327674, nrcpt=1 (queue active)

Nov 20 06:31:42 mydomain postfix/smtp[5214]: 61964220B8: to=<info3@samrexindia.com>, relay=aspmx.l.google.com[74.125.192.26]:25, delay=0.45, delays=0.01/0/0.34/0.1, dsn=5.7.1, status=bounced (host aspmx.l.google.com[74.125.192.26] said: 550-5.7.1 [67.205.151.88      12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1  https://support.google.com/mail/?p=UnsolicitedMessageError 550 5.7.1  for more information. e12si9806509qvj.70 - gsmtp (in reply to end of DATA command))


I am trying to block these emails by using this configuration in the file main.cf of postfix:



"smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination"


but it didn't work. How can I stop this type of open relay?



postconf - output 



alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

anvil_rate_time_unit = 60s

body_checks = regexp:/etc/postfix/body_checks

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5

disable_vrfy_command = yes

dovecot_destination_recipient_limit = 1

header_checks = regexp:/etc/postfix/header_checks

html_directory = no

inet_interfaces = all

inet_protocols = all

invalid_hostname_reject_code = 554

mail_owner = postfix

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

message_size_limit = 30720000

milter_default_action = accept

milter_protocol = 2

mua_client_restrictions = permit_sasl_authenticated, reject

mua_helo_restrictions = permit_sasl_authenticated, reject

mua_sender_restrictions = permit_sasl_authenticated, reject

multi_recipient_bounce_reject_code = 554

mydestination = localhost, localhost.localdomain

myhostname = tboxplanet.com

mynetworks = 127.0.0.0/8 10.136.0.0/16

newaliases_path = /usr/bin/newaliases.postfix

non_fqdn_reject_code = 554

non_smtpd_milters = $smtpd_milters

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps $virtual_mailbox_limit_maps

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf

relay_domains_reject_code = 554

sample_directory = /usr/share/doc/postfix-2.10.1/samples

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

smtp_tls_security_level = may

smtpd_client_message_rate_limit = 0

smtpd_client_recipient_rate_limit = 0

smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031

smtpd_helo_required = yes

smtpd_milters = inet:127.0.0.1:8891

smtpd_recipient_limit = 5000

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_unknown_recipient_domain, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, permit

smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_authenticated_header = yes

smtpd_sasl_path = private/auth

smtpd_sasl_type = dovecot

smtpd_sender_restrictions = reject_non_fqdn_sender, permit_mynetworks, permit_sasl_authenticated, reject_sender_login_mismatch, reject_unlisted_sender, check_sender_access pcre:/etc/postfix/access, permit

smtpd_tls_CAfile = /etc/letsencrypt/live/mail.tboxplanet.com/fullchain.pem

smtpd_tls_auth_only = yes

smtpd_tls_cert_file = /etc/letsencrypt/live/mail.tboxplanet.com/cert.pem

smtpd_tls_key_file = /etc/letsencrypt/live/mail.tboxplanet.com/privkey.pem

smtpd_tls_loglevel = 1

smtpd_use_tls = yes

strict_rfc821_envelopes = yes

unknown_address_reject_code = 554

unknown_client_reject_code = 554

unknown_hostname_reject_code = 554

unknown_local_recipient_reject_code = 554

unknown_relay_recipient_reject_code = 554

unknown_virtual_alias_reject_code = 554

unknown_virtual_mailbox_reject_code = 554

unverified_recipient_reject_code = 554

unverified_sender_reject_code = 554

virtual_alias_domains =

virtual_alias_maps = hash:/etc/postfix/blacklist, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp

virtual_gid_maps = static:12

virtual_mailbox_base = /mnt/vmail

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf

virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf

virtual_minimum_uid = 101

virtual_transport = dovecot

virtual_uid_maps = static:101





linux email smtp spam-prevention dovecot




linux email smtp spam-prevention dovecot






share|improve this question









New contributor




Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited Nov 20 at 16:19









Worthwelle

2,1813724




2,1813724






New contributor




Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked Nov 20 at 15:30









Snick MB

12




12




New contributor




Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • Will depend on the rest of your config. Can you post output of postconf -n
    – ivanivan
    Nov 20 at 15:41










  • I edit the question whit the output of postconf -n
    – Snick MB
    Nov 20 at 15:50


















  • Will depend on the rest of your config. Can you post output of postconf -n
    – ivanivan
    Nov 20 at 15:41










  • I edit the question whit the output of postconf -n
    – Snick MB
    Nov 20 at 15:50
















Will depend on the rest of your config. Can you post output of postconf -n
– ivanivan
Nov 20 at 15:41




Will depend on the rest of your config. Can you post output of postconf -n
– ivanivan
Nov 20 at 15:41












I edit the question whit the output of postconf -n
– Snick MB
Nov 20 at 15:50




I edit the question whit the output of postconf -n
– Snick MB
Nov 20 at 15:50










2 Answers
2






active

oldest

votes

















up vote
0
down vote













OK, you are using MySQL to store users, domains to service, etc. You'll need to open up one of the mysql conf files, get the username/password and what database is being used, and look through the users and transport maps to figure out exactly who your server is configured to service. Then remove the accounts/domains that do not belong to your company.



Look at the file /etc/postfix/mysql-virtual_mailbox_maps.cf It should have something like



user = mailuser

password = secretword!

hosts = 127.0.0.1

dbname = mail_data

query = SELECT 1 FROM virtual_users WHERE email='%s'


In it. Username, password, and database are all listed there. Use that info to connect via mysql client, or mysql-workbench, etc. to do your exploration.



It appears that your mail server is set up similar to how this tutorial works - https://workaround.org/ispmail/jessie






share|improve this answer





















  • I'm looking for what you said, but this user info3@samrexindia.com doesn't exist in our databases(tables:alias,aliasdomains,address), that's weird in this case because this domain samrexindia.com is unfamiliar for us
    – Snick MB
    Nov 20 at 16:41


















up vote
0
down vote



accepted










After several days without incident i'm find the solution to our problem.



smtpd_relay_restrictions = check_sender_access hash:/etc/postfix/permit_domain


I create a list of domains who can send emails(relay), this list just authorizing mydomain, because the email who are sending spam is under domain gmail






share|improve this answer








New contributor




Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });






    Snick MB is a new contributor. Be nice, and check out our Code of Conduct.










     

    draft saved


    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1377012%2fpostfix-dovecot-other-domain-is-using-our-server-to-send-spam%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    0
    down vote













    OK, you are using MySQL to store users, domains to service, etc. You'll need to open up one of the mysql conf files, get the username/password and what database is being used, and look through the users and transport maps to figure out exactly who your server is configured to service. Then remove the accounts/domains that do not belong to your company.



    Look at the file /etc/postfix/mysql-virtual_mailbox_maps.cf It should have something like



    user = mailuser
    
password = secretword!
    
hosts = 127.0.0.1
    
dbname = mail_data
    
query = SELECT 1 FROM virtual_users WHERE email='%s'


    In it. Username, password, and database are all listed there. Use that info to connect via mysql client, or mysql-workbench, etc. to do your exploration.



    It appears that your mail server is set up similar to how this tutorial works - https://workaround.org/ispmail/jessie






    share|improve this answer





















    • I'm looking for what you said, but this user info3@samrexindia.com doesn't exist in our databases(tables:alias,aliasdomains,address), that's weird in this case because this domain samrexindia.com is unfamiliar for us
      – Snick MB
      Nov 20 at 16:41















    up vote
    0
    down vote













    OK, you are using MySQL to store users, domains to service, etc. You'll need to open up one of the mysql conf files, get the username/password and what database is being used, and look through the users and transport maps to figure out exactly who your server is configured to service. Then remove the accounts/domains that do not belong to your company.



    Look at the file /etc/postfix/mysql-virtual_mailbox_maps.cf It should have something like



    user = mailuser
    
password = secretword!
    
hosts = 127.0.0.1
    
dbname = mail_data
    
query = SELECT 1 FROM virtual_users WHERE email='%s'


    In it. Username, password, and database are all listed there. Use that info to connect via mysql client, or mysql-workbench, etc. to do your exploration.



    It appears that your mail server is set up similar to how this tutorial works - https://workaround.org/ispmail/jessie






    share|improve this answer





















    • I'm looking for what you said, but this user info3@samrexindia.com doesn't exist in our databases(tables:alias,aliasdomains,address), that's weird in this case because this domain samrexindia.com is unfamiliar for us
      – Snick MB
      Nov 20 at 16:41













    up vote
    0
    down vote










    up vote
    0
    down vote









    OK, you are using MySQL to store users, domains to service, etc. You'll need to open up one of the mysql conf files, get the username/password and what database is being used, and look through the users and transport maps to figure out exactly who your server is configured to service. Then remove the accounts/domains that do not belong to your company.



    Look at the file /etc/postfix/mysql-virtual_mailbox_maps.cf It should have something like



    user = mailuser
    
password = secretword!
    
hosts = 127.0.0.1
    
dbname = mail_data
    
query = SELECT 1 FROM virtual_users WHERE email='%s'


    In it. Username, password, and database are all listed there. Use that info to connect via mysql client, or mysql-workbench, etc. to do your exploration.



    It appears that your mail server is set up similar to how this tutorial works - https://workaround.org/ispmail/jessie






    share|improve this answer












    OK, you are using MySQL to store users, domains to service, etc. You'll need to open up one of the mysql conf files, get the username/password and what database is being used, and look through the users and transport maps to figure out exactly who your server is configured to service. Then remove the accounts/domains that do not belong to your company.



    Look at the file /etc/postfix/mysql-virtual_mailbox_maps.cf It should have something like



    user = mailuser
    
password = secretword!
    
hosts = 127.0.0.1
    
dbname = mail_data
    
query = SELECT 1 FROM virtual_users WHERE email='%s'


    In it. Username, password, and database are all listed there. Use that info to connect via mysql client, or mysql-workbench, etc. to do your exploration.



    It appears that your mail server is set up similar to how this tutorial works - https://workaround.org/ispmail/jessie







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Nov 20 at 15:56









    ivanivan

    1,06117




    1,06117












    • I'm looking for what you said, but this user info3@samrexindia.com doesn't exist in our databases(tables:alias,aliasdomains,address), that's weird in this case because this domain samrexindia.com is unfamiliar for us
      – Snick MB
      Nov 20 at 16:41


















    • I'm looking for what you said, but this user info3@samrexindia.com doesn't exist in our databases(tables:alias,aliasdomains,address), that's weird in this case because this domain samrexindia.com is unfamiliar for us
      – Snick MB
      Nov 20 at 16:41
















    I'm looking for what you said, but this user info3@samrexindia.com doesn't exist in our databases(tables:alias,aliasdomains,address), that's weird in this case because this domain samrexindia.com is unfamiliar for us
    – Snick MB
    Nov 20 at 16:41




    I'm looking for what you said, but this user info3@samrexindia.com doesn't exist in our databases(tables:alias,aliasdomains,address), that's weird in this case because this domain samrexindia.com is unfamiliar for us
    – Snick MB
    Nov 20 at 16:41












    up vote
    0
    down vote



    accepted










    After several days without incident i'm find the solution to our problem.



    smtpd_relay_restrictions = check_sender_access hash:/etc/postfix/permit_domain


    I create a list of domains who can send emails(relay), this list just authorizing mydomain, because the email who are sending spam is under domain gmail






    share|improve this answer








    New contributor




    Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






















      up vote
      0
      down vote



      accepted










      After several days without incident i'm find the solution to our problem.



      smtpd_relay_restrictions = check_sender_access hash:/etc/postfix/permit_domain


      I create a list of domains who can send emails(relay), this list just authorizing mydomain, because the email who are sending spam is under domain gmail






      share|improve this answer








      New contributor




      Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.




















        up vote
        0
        down vote



        accepted







        up vote
        0
        down vote



        accepted






        After several days without incident i'm find the solution to our problem.



        smtpd_relay_restrictions = check_sender_access hash:/etc/postfix/permit_domain


        I create a list of domains who can send emails(relay), this list just authorizing mydomain, because the email who are sending spam is under domain gmail






        share|improve this answer








        New contributor




        Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        After several days without incident i'm find the solution to our problem.



        smtpd_relay_restrictions = check_sender_access hash:/etc/postfix/permit_domain


        I create a list of domains who can send emails(relay), this list just authorizing mydomain, because the email who are sending spam is under domain gmail







        share|improve this answer








        New contributor




        Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        share|improve this answer



        share|improve this answer






        New contributor




        Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        answered yesterday









        Snick MB

        12




        12




        New contributor




        Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.





        New contributor





        Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






        Snick MB is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






















            Snick MB is a new contributor. Be nice, and check out our Code of Conduct.










             

            draft saved


            draft discarded


















            Snick MB is a new contributor. Be nice, and check out our Code of Conduct.













            Snick MB is a new contributor. Be nice, and check out our Code of Conduct.












            Snick MB is a new contributor. Be nice, and check out our Code of Conduct.















             


            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1377012%2fpostfix-dovecot-other-domain-is-using-our-server-to-send-spam%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

            Image
            .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 2 total noob sorry any help greatly appreciated. I keep getting this "Incorrect syntax near the keyword 'ON'." heres my codes code one CREATE TABLE supplier ( supplierID INT PRIMARY KEY, ISBN INT FOREIGN KEY REFERENCES book(ISBN), price DECIMAL (5,2), ON UPDATE CASCADE, ON DELETE CASCADE, ); code two CREATE TABLE orders ( orderID INT PRIMARY KEY, customerID INT FOREIGN KEY REFERENCES customer(customerID), ISBN INT FOREIGN KEY REFERENCES book(ISBN), orderDate date, ON UPDATE CASCADE, ON DELETE CASCADE, ); Ive run out of stuff to try other than dumbing it down to uselessness.
            Read more

            Alcedinidae

            Image
            Alcedinidae Martin-pêcheur à dos bleu ( Alcedo azurea ) Classification (COI) Règne Animalia Embranchement Chordata Sous-embr. Vertebrata Classe Aves Ordre Coraciiformes Famille Alcedinidae Rafinesque, 1815 Les Alcédinidés ou Alcedinidae forment une famille d'oiseaux plus connus sous les noms de martins-pêcheurs et martins-chasseurs. Sommaire 1 Description 2 Répartition et habitat 3 Systématique 3.1 Liste alphabétique des genres 3.2 Liste des espèces 4 Chez les Anciens : l'alcyon 4.1 Étymologie (Littré) 4.2 Oiseau « fabuleux » ? 5 Notes 6 Articles connexes 7 Liens externes 7.1 Bibliographie Description | Ce sont des oiseaux compacts de taille petite à moyenne (10 à 46 cm), au bec droit et long, en forme de poignard. Leurs pattes sont courtes, et ils portent un plumage aux couleurs vives. Répartition et habitat | Cosmopolites, ils fréquentent surtout
            Read more

            RAC Tourist Trophy

            Image
            Pour les articles homonymes, voir Tourist Trophy. Le RAC Tourist Trophy est une course automobile organisée par le Royal Automobile Club d'Angleterre. Créée en 1905, cette course a fait partie des épreuves comptant pour le championnat du monde des voitures de sport entre 1953 et 1955, en 1958 et 1959, et entre 1962 et 1965. Après une interruption de 17 ans (l'épreuve s'arrête après 1988), le RAC Tourist Trophy reprend en 2005 sous l'égide de la FIA GT. Palmarès | John Napier sur Arrol-Johnston, vainqueur du premier RAC Tourist Trophy, en 1905. L'honorable C.S. Rolls, vainqueur du RAC Tourist Trophy 1906. Ernest Curtis, sur Rover 20 hp, vainqueur du RAC Tourist Trophy 1907. William Watson, vainqueur du RAC Tourist Trophy 1908. Kenelm Lee Guinness, vainqueur du RAC Tourist Trophy 1914 sur Sunbeam. Départ du RAC Tourist Trophy 1928. Louis Gérard, vainqueur du RAC Tourist Trophy 1938 sur Delage. Année Circuit Vainqueur
            Read more