[Postfixbuch-users] POSTFIX liefert fremde Post aus? Hack?

Oliver Strixner OStrixner at web.de
Di Jan 29 21:21:45 CET 2008


Hallo,

habe seit ein paar tagen das Problem das mein Postfix-Server für Spam missbraucht wird.
Ich dachte ich hätte schon alles getan um Spam zu reduzieren.

Vielleicht kann mir jemand helfen meine Config wieder sicher zu bekommen:

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
disable_vrfy_command = yes
inet_interfaces = 555.777.888.999,127.0.0.1
invalid_hostname_reject_code = 554
mail_owner = postfix
mailbox_size_limit = 0
multi_recipient_bounce_reject_code = 554
mydestination = localhost, xxx.yyy.zzz
mydomain = yyy.zzz
myhostname = xxx.yyy.zzz
mynetworks = 555.777.888.999/8,127.0.0.1/8
myorigin = /etc/mailname
non_fqdn_reject_code = 554
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains_reject_code = 554
relayhost =
smtp_helo_name = isys01.os-vision.net
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_invalid_hostname,            reject_unknown_recipient_domain,            reject_unauth_pipelining,            permit_mynetworks,            permit_sasl_authenticated,            reject_unauth_destination,            reject_rbl_client multi.uribl.com,        reject_rhsbl_sender dsn.rfc-ignorant.org,            reject_rbl_client dul.dnsbl.sorbs.net,            reject_rbl_client list.dsbl.org,            reject_rbl_client sbl-xbl.spamhaus.org,            reject_rbl_client bl.spamcop.net,            reject_rbl_client dnsbl.sorbs.net,            reject_rbl_client cbl.abuseat.org,            reject_rbl_client ix.dnsbl.manitu.net,            reject_rbl_client combined.rbl.msrbl.net,            reject_rbl_client rabl.nuclearelephant.com,            check_policy_service inet:127.0.0.1:60000,            permit
smtpd_restriction_classes = dont_check_rbls
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
virtual_alias_domains = $virtual_alias_maps
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_uid_maps = static:5000


anbei eine zweite Variante, hatte einige Einstellungen verändert (mehr restrictionen).
Allerdings bekomme ich jetzt nicht mal mehr meine eigene Post und kann auch nicht mehr senden.
Verzweiflung macht sich breit :-(


alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
disable_vrfy_command = yes
inet_interfaces = 555.777.888.999
inet_protocols = all
invalid_hostname_reject_code = 554
mail_owner = postfix
mailbox_size_limit = 0
multi_recipient_bounce_reject_code = 554
mydestination = localhost, xxx.yyy.zzz
mydomain = yyy.zzz
myhostname = xxx.yyy.zzz
mynetworks = 555.777.888.999
myorigin = /etc/mailname
non_fqdn_reject_code = 554
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains_reject_code = 554
relayhost =
smtp_helo_name = xxx.yyy.zzz
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,            reject_non_fqdn_destination,            reject_non_fqdn_sender,            reject_non_fqdn_hostname,            reject_invalid_hostname,            reject_unknown_sender_domain,            reject_unknown_recipient_domain,            reject_unauth_pipelining,            permit_sasl_authenticated,            reject_unauth_destination,            reject_rbl_client multi.uribl.com,     reject_rhsbl_sender dsn.rfc-ignorant.org,            reject_rbl_client dul.dnsbl.sorbs.net,            reject_rbl_client list.dsbl.org,            reject_rbl_client sbl-xbl.spamhaus.org,            reject_rbl_client bl.spamcop.net,            reject_rbl_client dnsbl.sorbs.net,            reject_rbl_client cbl.abuseat.org,            reject_rbl_client ix.dnsbl.manitu.net,            reject_rbl_client combined.rbl.msrbl.net,            reject_rbl_client rabl.nuclearelephant.com,            check_policy_service inet:127.0.0.1:60000,            permit
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
virtual_alias_domains = $virtual_alias_maps
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_uid_maps = static:5000


_______________________________________________________________________
Jetzt neu! Schützen Sie Ihren PC mit McAfee und WEB.DE. 30 Tage
kostenlos testen. http://www.pc-sicherheit.web.de/startseite/?mc=022220




Mehr Informationen über die Mailingliste Postfixbuch-users