Urgent: Plesk 9.5.2 and postfix accepts mail without checks

[Nikos Ioakeim]

Hi to all,
i have a very urgent matter that i need to resolve as soon as possible.

I decided to revert my mail server to postfix to gain more flexibility for fighting spam. Instead i got a bigger problem now. Everything is working fine on submission port 587 but when it comes to port 25, anyone can send an email stating that is a local user, without even forging the envelope-from. In more detail, when a mail comes to the host claiming to be a local user that sends an email to a local user, the system must require an authentication. Instead it fails only if the mail is going to an outside domain.

Is there a way to tell postfix that local users need to authenticate no matter where they send mail to?

One last thing. I have many complaints from users, that they receive mail claiming to be by their mail but instead, it's a forgery of the envelope-from and header from:. The spammer sends email from a valid email, and then forges the From: and To: in the data part, so the users see the forged sender address.

Is there any way to check using header_checks these 2 inputs to identify spam?

Please Parallels this is a very urgent call.

Thank you in advance

PS: I could give out some ip's to check it out, but it would lead to greater problems.

 

[IgorG]

You can try following:

1. rm -rf /var/spool/postfix/plesk/*
2. /usr/local/psa/admin/sbin/mchk --with-spam
3. http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain

Regarding your second question I can suggest you try to use Greylisting feature with blacklisting.

 

[fearz]

User RBL checks

RBL checks (zen.spamhaus.org) stopped the spam emails that shows it is coming from the own sender

 

[Red Paint]

Hi Igor,

Can you describe what these commands do (looks like remove folder and recreate?) and whether they can be run on a live server and if they will work on FreeBSD?

Thanks