Postfix openRelay ou pas?
Salut à tous,
J'ai des messages étranges depuis quelques jours qui traine dans ma queue de postfix
postqueue -p:
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
| 1264E1BC03B 2612 Tue Oct 27 15:55:06 bankofamerica@securesuite.com
(host gateway-f1.isp.att.net[204.127.217.16] refused to talk to me: 450 too frequent connects from monIP, please try again later.)
vg1@bellsouth.net
vga@bellsouth.net
vgalanis@bellsouth.net
vgale@bellsouth.net
vgalindo@bellsouth.net
147561BC0AB 5010 Tue Oct 27 18:15:49 MAILER-DAEMON
(mail transport unavailable)
bankofamerica@securesuite.com
1DAA51BC06B 2612 Tue Oct 27 15:56:45 bankofamerica@securesuite.com
(delivery temporarily suspended: connect to bellsouth.netbellsouth.net[82.98.86.173]:25: Connection timed out)
vietweb@bellsouth.netbellsouth.net
vietwww@bellsouth.netbellsouth.net
(host gateway-f1.isp.att.net[204.127.217.16] refused to talk to me: 450 monIP has too many connections ( 3 ) on frfwmxc11)
vietnam98@bellsouth.net
vietz@bellsouth.net
vieuxtilleul@bellsouth.net
1A58B1BC073 2612 Tue Oct 27 15:57:02 bankofamerica@securesuite.com
(host gateway-f2.isp.att.net[207.115.11.16] refused to talk to me: 450 monIP has too many connections ( 3 ) on frfwmxc09)
viking-ol@bellsouth.net
vikingpools@bellsouth.net
vikingpp@bellsouth.net
vikings.bbs@bellsouth.net
vikings@bellsouth.net
138D01BC02E 2612 Tue Oct 27 15:52:49 bankofamerica@securesuite.com
(delivery temporarily suspended: connect to bellsouth.netbellsouth.net[82.98.86.173]:25: Connection timed out)
vcxy@bellsouth.netbellsouth.net
1266D1BC04B 2612 Tue Oct 27 15:55:38 bankofamerica@securesuite.com
(delivery temporarily suspended: connect to bellsouth.netbellsouth.net[82.98.86.173]:25: Connection timed out)
vibes@bellsouth.netbellsouth.net
1A3F1114D1E 2612 Tue Oct 27 15:53:55 bankofamerica@securesuite.com
(delivery temporarily suspended: connect to bellsouth.netbellsouth.net[82.98.86.173]:25: Connection timed out)
venkir@bellsouth.netbellsouth.net
11695114D23 2612 Tue Oct 27 15:54:04 bankofamerica@securesuite.com
(delivery temporarily suspended: connect to bellsouth.netbellsouth.net[82.98.86.173]:25: Connection timed out)
venus@bellsouth.netbellsouth.net
F173D1BC090 5411 Tue Oct 27 18:12:46 MAILER-DAEMON
(mail transport unavailable)
bankofamerica@securesuite.com
F408A1BC061 5027 Tue Oct 27 18:13:26 MAILER-DAEMON
(mail transport unavailable)
bankofamerica@securesuite.com
F05B01BC084 5013 Tue Oct 27 18:13:36 MAILER-DAEMON
(mail transport unavailable)
bankofamerica@securesuite.com
F206E114D1D 2612 Tue Oct 27 15:53:52 bankofamerica@securesuite.com
(host gateway-f1.isp.att.net[204.127.217.16] refused to talk to me: 450 monIP has too many connections ( 3 ) on frfwmxc09)
venik@bellsouth.net
vening@bellsouth.net
venison@bellsouth.net
venjamin@bellsouth.net
venka@bellsouth.net
F30071BC05A 2612 Tue Oct 27 15:56:09 bankofamerica@securesuite.com
(host gateway-f1.isp.att.net[204.127.217.16] refused to talk to me: 450 MONIP has too many connections ( 3 ) on frfwmxc06)
victor.gil@bellsouth.net
victor.ivanoff@bellsouth.net
victor.kwok@bellsouth.net
victor.lee@bellsouth.net
victor.panlilio@bellsouth.net |
Je les ai par centaines!
(en sachant que je n'héberge aucun de ses noms de domaine
Je suis sous Centos 5.3. J'ai installé postfix (avec spamassassin, postgrey,clamav)
J'ai fait un test à savoir si j'etais openrelay sur ce site http://www.pagasa.net/test-smtp/ et il est dit que je ne suis pas openrelay.
Ma configuration
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
| vi /etc/postfix/main.cf
command_directory = /usr/sbin
queue_directory = /var/spool/postfix
daemon_directory = /usr/libexec/postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
sendmail_path = /usr/sbin/sendmail.postfix
mail_spool_directory = /vmail
cyrus_destination_recipient_limit=1
mail_owner = postfix
setgid_group = postdrop
mydomain = mondomaineamoi.com
myhostname = smtp.$mydomain
myorigin = $mydomain
masquerade_domains = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, www.mondomaineamoi.com
unknown_local_recipient_reject_code = 550
smtpd_recipient_limit = 500
mynetworks = 127.0.0.0/8, monip/monmasque
debug_peer_level = 1
html_directory = no
message_size_limit = 15360000
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_non_fqdn_sender, reject_rbl_client domain-name, reject_unauth_pipelining
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_policy_service inet:127.0.0.1:60000,
reject_non_fqdn_recipient,
reject_non_fqdn_sender,
reject_invalid_helo_hostname,
check_sender_access hash:/etc/postfix/sender_access
reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org,
reject_rhsbl_sender rhsbl.sorbs.net,
reject_rbl_client dnsbl.ahbl.org,
reject_rbl_client ircbl.ahbl.org,
reject_rbl_client virbl.dnsbl.bit.nl,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client,
permit
policy_time_limit = 3600
127.0.0.1:60000_time_limit = 3600
smtpd_soft_error_limit = 3
smtpd_soft_error_limit = 12
smtpd_banner = $myhostname ESMTP $mail_name (Linux For Ever)
smtpd_helo_required = yes
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:1004
virtual_mailbox_base = /vmailvirtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_mailbox_limit = 2000000000
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql-virtual_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "La boite email de votre destinataire est pleine."
virtual_mailbox_client_limit_override = no
virtual_minimum_uid = 1004
virtual_transport = virtual
virtual_uid_maps = static:1004
#soft_bounce = yes
bounce_template_file = /etc/postfix/bounce.cf
alias_maps = hash:/etc/postfix/aliases
local_recipient_maps = $alias_maps
biff = no
content_filter = smtp-amavis:[127.0.0.1]:10024
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/mbl-body-deny
mime_header_checks = regexp:/etc/postfix/mime_headers_checks.cf
readme_directory = /usr/share/doc/postfix-2.5.5/README_FILES
sample_directory = /usr/share/doc/postfix-2.5.5/samples
manpage_directory = /usr/share/man
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/certificats/smtp.mondomaineamoi.com.key
smtpd_tls_cert_file = /etc/postfix/certificats/smtp.mondomaineamoi.com.crt
#smtpd_tls_CAfile = /etc/postfix/certificats/cacert.crt
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
maximal_queue_lifetime = 3d
bounce_queue_lifetime = 2d
data_directory = /var/lib/postfix |
Si vous pouvez me confirmer que ce n'est rien, et si vous avez une solution pour bloquer ces messages ce serait super!
Merci bien
