Hi
I have a problem with my postfix server. I can´t send to some email adresses. So i take a look if the IP is blacklisted and it is listed on http://www.backscatterer.org
I have a lot of log entries like this:
8515:Dec 6 23:28:29 server1.domain.tld postfix/qmgr[2851]: 1B8F8CF0015: from=<>, size=3804, nrcpt=1 (queue active) 8563:Dec 6 23:43:35 server1.domain.tld postfix/qmgr[2851]: 5D0695C3832E: from=<>, size=3042, nrcpt=1 (queue active) 8573:Dec 6 23:45:09 server1.domain.tld postfix/qmgr[2851]: 657EF5C38327: from=<>, size=3800, nrcpt=1 (queue active) 8574:Dec 6 23:45:09 server1.domain.tld postfix/qmgr[2851]: A9400CF0011: from=<>, size=3761, nrcpt=1 (queue active)
and what I´v read maybe this is the problem. Can anybody tell what I can do to avoid this in the future.
Server CentOS 5.2 Webmin with Virtualmin 3.75 installed with the install.sh script.
thx in advance!
Are you using any catchall email aliases?
That's one way that can generate some backscatter and possibly land you on the blacklists.
-Eric
I have the same problem. I had to deactivate clamAV because of performance problems. Since then server is periodically being listed there. Where do I check this alies catchall? system is Debian 8.
could it also be to do with out of office responses set up by user on server ?
as an aside, I have modified my "Restrictions on recipient addresses" and "smtp client restrictions" by adding additional options, and it seems to help quite a bit by keeping a lot of spam at bay, but not sure if is 100%
"Restrictions on recipient addresses" permit_mynetworks permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_destination reject_non_fqdn_sender reject_non_fqdn_recipient reject_rbl_client sbl.spamhaus.org reject_rbl_client sbl-xbl.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client reject_unknown_reverse_client_hostname reject_unverified_recipient reject_unverified_recipient permit_inet_interfaces
Read the following link (it's answer) and you will see the order in which restrictions are checked and why you (usually) need more than just the recipient ones.
https://serverfault.com/questions/833499/effects-of-restrictions-in-post...
This also might be useful - https://wiki.centos.org/HowTos/postfix_restrictions
EDIT: I was for the last few months, coming off backscatterer and then going back on straight away. After tightening up the restrictions in Postfix, I can off on 4 days ago and haven't gone back on. Hopefully staying that way.