What to do if the queue is clogged with spammers?

F

fischerufa2018-01-11 09:18:48

postfix

fischerufa, 2018-01-11 09:18:48

Good afternoon, the problem is the following, the queue in postfix is clogged with spammers

like this

1C4C721A0A57 4096 Thu Jan 11 08:41:49 [email protected]
(host mx-tw.mail.gm0.yahoodns.net[27.123.206.55] said: 421 4.7.0 [TSS04] Messages from 92.50.139.110 temporarily deferred due to user complaints - 4.16.55.1; see https://help.yahoo.com/kb/postmaster/SLN3434.html (in reply to MAIL FROM command))
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

There are about 3 thousand such letters in an hour, how can you deal with this?

main.cf

mydomain = example.com
smtpd_banner = mail.example.com
biff = no
maximal_queue_lifetime = 1m
append_dot_mydomain = no
readme_directory = no
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks
header_checks = pcre:/etc/postfix/header_checks
smtpd_tls_cert_file=/etc/ssl/certs/example.crt
smtpd_tls_key_file=/etc/ssl/private/example.key
smtpd_tls_CAfile = /etc/ssl/certs/example.crt
smtpd_use_tls = yes
smtp_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_note_starttls_offer = yes
#smtpd_sasl_auth_enable = yes
#smtpd_sasl_type = dovecot
#smtpd_sasl_path = private/auth
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtp_tls_ciphers = export
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_loglevel = 1
tls_random_source = dev:/dev/urandom
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 192.168.0.0/16, 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = $myhostname
inet_protocols = ipv4
home_mailbox = Maildir/
mailbox_command =
smtp_tls_loglevel = 1
smtpd_delay_reject = yes
smtpd_helo_required = yes
policyd-spf_time_limit = 3600
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
data_directory = /var/lib/postfix
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_client_restrictions = permit_mynetworks,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client pbl.spamhaus.org,
reject_rbl_client combined.njabl.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dialups.mail-abuse.org
smtpd_recipient_restrictions =
reject_unknown_recipient_domain,
permit_mynetworks,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unverified_recipient,
check_policy_service unix:private/policyd-spf
permit
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

Vladimir Dubrovin, 2018-01-11
@z3apa3a

You now have an open relay without authorization:

C:\Downloads>telnet 92.50.139.110 25
Trying 92.50.139.110...
Connected to 92.50.139.110.
Escape character is '^]'.
220 mail.medialabufa.ru
ehlo me
250-medialabufa.ru
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: <[email protected]>
250 2.1.0 Ok
rcpt to: <[email protected]>
250 2.1.5 Ok

check what you have in master.cf