Problem with spam and some connections not using my smtpd_recipient_restrictions

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Problem with spam and some connections not using my smtpd_recipient_restrictions

Steve Kuekes
Hello,

I have a problem with spam.  Some connections do not seem to run my smtpd_recipient_restrictions and therefore let spam into my system.  Specifically my rbl checks.  I have 2 logs from the same postfix system.  One you can see the rbl checks being done and one where it doesn't run and therefore lets spam in.  I have put the listings on a test server to keep this email a resonable size.  See the URL's for the listings.

1.  postfix log of email that does not do rbl checking (the incoming ip is in the spamhaus rbl list so this should be blocked) http://66.228.59.249/bad-rbl-check.html
2.  postfix log of email that does rbl checking http://66.228.59.249/good-rbl-check.html
3.  a listing of my postconf -n and postconf -Mf http://66.228.59.249/postconf-output.html


I'm sure I just have some configuration wrong, but I cannot figure out what.  Any assistance anyone can provide will be helpful.

Thanks


-- 
Steve Kuekes

Private Pilot: N9259R '95 Saratoga based at Sanford-Lee County Regional (TTA)
Fisherman: 2007 Sea Fox 225 Bay Fisher
email: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Problem with spam and some connections not using my smtpd_recipient_restrictions

Noel Jones-2
On 5/6/2017 10:04 AM, Steve Kuekes wrote:

> Hello,
>
> I have a problem with spam.  Some connections do not seem to run my
> smtpd_recipient_restrictions and therefore let spam into my system.
> Specifically my rbl checks.  I have 2 logs from the same postfix
> system.  One you can see the rbl checks being done and one where it
> doesn't run and therefore lets spam in.  I have put the listings on
> a test server to keep this email a resonable size.  See the URL's
> for the listings.
>
> 1.  postfix log of email that does not do rbl checking (the incoming
> ip is in the spamhaus rbl list so this should be blocked)
> http://66.228.59.249/bad-rbl-check.html
> 2.  postfix log of email that does rbl checking
> http://66.228.59.249/good-rbl-check.html
> 3.  a listing of my postconf -n and postconf -Mf
> http://66.228.59.249/postconf-output.html
>
>
> I'm sure I just have some configuration wrong, but I cannot figure
> out what.  Any assistance anyone can provide will be helpful.
>
> Thanks


A lot of the folks that might help are unwilling to visit a webpage.

Please send the information about the problem system directly to the
list.

Do not post debug logs unless specifically requested.

Thanks.


  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Problem with spam and some connections not using my smtpd_recipient_restrictions

Wietse Venema
Noel Jones:
> A lot of the folks that might help are unwilling to visit a webpage.
>
> Please send the information about the problem system directly to the
> list.
>
> Do not post debug logs unless specifically requested.

Note that your verbose logging is incomplete. For example, after
about 200 smtpd logfile records there is no smtpd logging for about
5 seconds, and therefore you're missing the logging for the RCPT
TO and DATA commands.  This is almost certainly due to some logging
rate limit in systemd etc.

        Wietse