Postfix Bloking emails ??

3 posts / 0 new
Last post
#1 Sat, 09/01/2007 - 03:52
FilipeLacerda

Postfix Bloking emails ??

Hello,

So, i huge problem in hands... some body started to send SPAM out of my server, plus phishing... Lovelly, i had to hunt him down!

unfortunatly it's they, but wel...

So, i started to re configure POSTFIX in order to make DSL DNS lookups, using sbl.spamhaus.org, on the SMTP server configuration features, inside Postfix server config.

However, i'm unable to send emails, as they all get queued... even after i take RBL lookup out of STMP server config's.

I've used first zen.spamhaus.org, and then sbl-xbl.spamhaus.org DNS List's, as zen prevented me to send email's from my actual IP as, it it provided by a local ISP, and that ISP has configure a smtp policy in his network.

After zen, i've configured sbl-xbl.spamhaus.org in SMTP server.. i got no warning in the outlook express using IMAP. but the emails got all in the queue. Now i just turn of "Realtime Black Lists (RBL) lookups" in the SMTP server configs for postfix, and they are still getting queued and i can see a message in the status like:"mail transport unavailable"

So, how to solve this?

Thanks in advance

Sat, 09/01/2007 - 11:06
Joe
Joe's picture

Hey Filipe,

I'm not sure if you're saying you took care of the problem allowing people to send spam through your box? That's the priority here.

Are you enforcing smtp authentication for sending mail, or is your Postfix configured as an open relay? (i.e. was the spammer making use of an exploited account on your system, or did he just find your box open and start sending through it without having a user account?)

As for RBLs...you'll want to put them into the SpamAssassin configuration, rather than directly in Postfix. Postfix can only make yes or no decisions based on RBLs, and that's usually too dramatic and results in many false positives. SpamAssassin can assign weight to each RBL, so messages become more "spammy" based on how many RBLs the sender is listed in. You can make them quite strongly weighted (2.5 would mean that any two RBLs would always push the message into SPAM classification, if you're using the default 5.0 rank, but one false hit wouldn't do it).

--

Check out the forum guidelines!

Sat, 09/01/2007 - 05:11
ConRadical

I've had this problem after changing postfix settings, a quick restart of the postfix service usually takes care of the problem.

Topic locked