Facebook
Twitter
Filipe Silva
Basic Pleskian
Hi.
Someone is sending emails from our company postfix using non-existing accounts. Luckly the spam filter is filtering some emails and are being sent only to our employes.
I have added this in /etc/postfix/main.cf :
"
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, reject_sender_login_mismatch, reject_unauth_pipelining, reject_unknown_reverse_client_hostname, permit_mynetworks, reject_non_fqdn_sender, reject_invalid_hostname
"
But every time I found a solution in the next day the spammers find a workaround.
This is an example seen in the maillog:
"
Dec 21 10:48:09 vpsxxxxxxx postfix/smtpd[2936]: NOQUEUE: reject: RCPT from unknown[177.1.75.239]: 554 5.7.1 Service unavailable; Client host [177.1.75.239] blocked using bl.spamcop.net; Blocked - see SpamCop.net - Blocking List ( bl.spamcop.net ) from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[177.1.75.239]>
"
NOTE: I censored private information with: "ourdomain", "employeeX" and "vpsxxxxxxx"
I would appreciate any help,
Thanks.
EDIT: Just added "reject_unlisted_sender" to my "smtpd_sender_restrictions". Lets see how that goes. In the meanwhile I accept any feedback to improve the mail security.
Someone is sending emails from our company postfix using non-existing accounts. Luckly the spam filter is filtering some emails and are being sent only to our employes.
I have added this in /etc/postfix/main.cf :
"
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, reject_sender_login_mismatch, reject_unauth_pipelining, reject_unknown_reverse_client_hostname, permit_mynetworks, reject_non_fqdn_sender, reject_invalid_hostname
"
But every time I found a solution in the next day the spammers find a workaround.
This is an example seen in the maillog:
"
Dec 21 10:48:09 vpsxxxxxxx postfix/smtpd[2936]: NOQUEUE: reject: RCPT from unknown[177.1.75.239]: 554 5.7.1 Service unavailable; Client host [177.1.75.239] blocked using bl.spamcop.net; Blocked - see SpamCop.net - Blocking List ( bl.spamcop.net ) from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[177.1.75.239]>
"
NOTE: I censored private information with: "ourdomain", "employeeX" and "vpsxxxxxxx"
I would appreciate any help,
Thanks.
EDIT: Just added "reject_unlisted_sender" to my "smtpd_sender_restrictions". Lets see how that goes. In the meanwhile I accept any feedback to improve the mail security.
