Uwe Driessen schrieb:
On Behalf Of Hans Rembeck
Ralf Hildebrandt schrieb:
- Hans Rembeck hrembec@fh-landshut.de:
mydestination = $myhostname mydomain = xxx myhostname = xxx mynetworks = 127.0.0.0/8, xxx myorigin = $myhostname
relay_domains = $mydestination relay_recipient_maps = hash:/etc/postfix/relay_recipients
Also ich weiss nicht. Ist die Domain nun in mydestination oder eine relay_domain?
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/x-employees check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions reject_non_fqdn_recipient reject_non_fqdn_sender reject_unknown_recipient_domain reject_unknown_sender_domain permit_mynetworks check_client_access hash:/var/lib/pop-before-smtp/hosts check_sender_access hash:/etc/postfix/access permit_sasl_authenticated reject_unauth_destination check_recipient_access hash:/etc/postfix/roleaccount_exeptions reject_invalid_hostname check_helo_access pcre:/etc/postfix/helo_checks check_sender_mx_access cidr:/etc/postfix/bogus_mx reject_unverified_sender c heck_policy_service inet:127.0.0.1:60000 reject_rbl_client zen.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client bogons.cymru.com permit
Würde ich umstellen zu:
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/x-employees reject_non_fqdn_recipient reject_non_fqdn_sender reject_unknown_recipient_domain reject_unknown_sender_domain permit_mynetworks check_client_access hash:/var/lib/pop-before-smtp/hosts permit_sasl_authenticated reject_unauth_destination check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions check_sender_access hash:/etc/postfix/access check_recipient_access hash:/etc/postfix/roleaccount_exeptions reject_invalid_hostname check_helo_access pcre:/etc/postfix/helo_checks check_sender_mx_access cidr:/etc/postfix/bogus_mx reject_rbl_client zen.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client bogons.cymru.com check_policy_service inet:127.0.0.1:60000 reject_unverified_sender
Wobei mir die beiden check_sender_access nicht geheuer sind.
smtpd_sasl_auth_enable = yes
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access
Weg damit, ist doppelt, höchstens das reject_unauthenticated_sender_login_mismatch und das kann auch in smtpd_recipient_restrictions
Hab mich doch zu früh gefreut;
habe jetzt die
check_sender_access
entfernt und es kommen immer noch unbekannte Mails welche über mich dann versandt werden.
Der muss doch dann über einen gültigen Account reinkommen oder?
Wo kann man noch ansetzen?
Hast du mal die Änderungen von Ralf übernommen ?
Ja
Wo ist das log dazu evtl. kannst du auch mal in der Master.cf
In der smtp Zeile -v oder -vv dahinter hängen dann kannst du den Weg den solch eine Mail nimmt genau verfolgen und welche Restriktion das ok gibt.
mynetworks = 127.0.0.0/8, xxx wofür steht das xxxx ist das genau ein Host oder ist das ein ganzes Netzwerk?
xxx ist meine IP
Du musst deine Mühle erstmal dicht machen.
Pop3 bevor SMTP ist eigentlich nicht mehr aktuell. Wer senden möchte muß sich anmelden.
brauch ich noch für alten outlook Express Anwender
Nimm mal die > > check_sender_access hash:/etc/postfix/rhsbl_sender_exeptions
check_sender_access hash:/etc/postfix/access raus und schau ob es immer noch
passiert.
Mit freundlichen Grüßen
Drießen
START Recipient address RESTRICTIONS <<<
Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_recipient_access Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_mail_access: shabazz76@hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: leave existing entry key shabazz76@hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: shabazz76@hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access: hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: shabazz76@ Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_recipient_access status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_sender_access Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_mail_access: sender@online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move existing entry key sender@online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: sender@online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access: online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_access: sender@ Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_sender_access status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_non_fqdn_recipient Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_non_fqdn_address: shabazz76@hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_non_fqdn_recipient status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_non_fqdn_sender Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_non_fqdn_address: sender@online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_non_fqdn_sender status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_unknown_recipient_domain Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_address: shabazz76@hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move existing entry key shabazz76@hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_mailhost: hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: lookup hotmail.com type 1 flags 0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_query: hotmail.com (A): OK Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A for hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A for hotmail.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_unknown_recipient_domain status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_unknown_sender_domain Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_address: sender@online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: ctable_locate: move existing entry key sender@online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: reject_unknown_mailhost: online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: lookup online.com type 1 flags 0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_query: online.com (A): OK Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A for online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: dns_get_answer: type A for online.com Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=reject_unknown_sender_domain status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=permit_mynetworks Dec 15 14:48:45 localhost postfix/smtpd[13060]: permit_mynetworks: unknown 41.217.65.4 Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostname: unknown ~? 127.0.0.0/8 Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostaddr: 41.217.65.4 ~? 127.0.0.0/8 Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostname: unknown ~? x.x.x.x Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_hostaddr: 41.217.65.4 ~? x.x.x.x Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_list_match: unknown: no match Dec 15 14:48:45 localhost postfix/smtpd[13060]: match_list_match: 41.217.65.4: no match Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=permit_mynetworks status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_client_access Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_namadr_access: name unknown addr 41.217.65.4 Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_domain_access: unknown Dec 15 14:48:45 localhost postfix/smtpd[13060]: check_addr_access: 41.217.65.4 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=check_client_access status=0 Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=permit_sasl_authenticated Dec 15 14:48:45 localhost postfix/smtpd[13060]: generic_checks: name=permit_sasl_authenticated status=1 Dec 15 14:48:45 localhost postfix/smtpd[13060]: >>> CHECKING RECIPIENT MAPS <<<
x.x.x.x meine IP
ist permit_sasl_authenticated status=1 das es durchgelassen wird?