[Postfixbuch-users] Alias Zustellung verhindern

Jim Knuth jk at jkart.de
So Jan 14 18:25:51 CET 2007 

Hallo und Guten Abend Postfixer,

neuerdings versuchen Spammer zu den Confixx Aliasen zuzustellen.
Z.B. ist web7p1 meine Adresse (jk at jkart.de). Dann wird an
web7p1 at mail.server2.art-domains.de adressiert.

--snip
Jan 14 17:56:07 server2 amavis[15252]: (15252-09) Passed SPAM,
[200.51.80.96] [200.51.80.96] <no_valido at speedy.com.ar> -> <web
7p1 at mail.server2.art-domains.de>, Message-ID:
<0JBV004W1B0XK670 at tdimso96.backend.tdata.com.ar>, mail_id:
1E5LfLsRjn7d, Hits: 1 5.635, queued_as: 803221545, 7895 ms

Jan 14 17:56:07 server2 amavis[15252]: (15252-09) Passed SPAM,
<no_valido at speedy.com.ar> -> <web7p1 at mail.server2.art-domains.d
e>, Hits: 15.635, tag=-9999.9, tag2=5.5, kill=6.5, queued_as:
803221545, 0/0/0/Y

Jan 14 17:56:07 server2 postfix/lmtp[17769]: 6362410F2:
to=<web7p1 at mail.server2.art-domains.de>,
relay=127.0.0.1[127.0.0.1]:10 024, delay=9.3,
delays=1.3/0.01/0.01/7.9, dsn=2.6.0, status=sent (250 2.6.0 Ok,
id=15252-09, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
803221545)

Jan 14 17:56:07 server2 postfix/smtp[17817]: 803221545:
to=<web7p1 at mail.server2.art-domains.de>, relay=none, delay=0.26,
delay s=0.06/0.07/0.13/0, dsn=5.4.6, status=bounced (mail for
mail.server2.art-domains.de loops back to myself)
--snap

Wird natürlich nicht zugestellt, sondern gebounced. Kann man DAS
generell verhindern? Es müsste "User unknown" kommen, bzw. ein
500er.

postconf -n

server2:~# less postconf.txt
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
always_bcc = web8p2
biff = no
body_checks = regexp:$filter/body_checks.regexp
bounce_queue_lifetime = 3d
bounce_template_file = /etc/postfix/bounce.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
default_privs = mail
delay_warning_time = 3h
disable_vrfy_command = yes
header_checks = regexp:$filter/header_checks.regexp     pcre:$filter/header_checks.pcre
home_mailbox = Maildir/
html_directory = no
local_destination_concurrency_limit = 1
local_header_rewrite_clients =
local_recipient_maps = proxy:unix:passwd.byname
mail_name = Postfix-Amavis
mail_owner = postfix
mailbox_command = /usr/bin/procmail -t /etc/procmailrc
mailbox_size_limit = 102400000
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
maximal_queue_lifetime = 3d
message_size_limit = 51200000
mime_header_checks = pcre:$filter/mime_header_checks
mydestination = $myhostname
myhostname = server2.art-domains.de
mynetworks = 127.0.0.0/8
myorigin = $myhostname
nested_header_checks = $header_checks
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
remote_header_rewrite_domain =
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
show_user_unknown_table_name = no
smtp_connect_timeout = 90s
smtp_tls_session_cache_database = btree:$cache/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 20
smtpd_client_connection_rate_limit = 100
smtpd_client_message_rate_limit = 100
smtpd_client_recipient_rate_limit = 100
smtpd_client_restrictions = permit_mynetworks
smtpd_data_restrictions = permit_mynetworks     reject_multi_recipient_bounce   reject_unauth_pipelining
smtpd_hard_error_limit = 5
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks     reject_invalid_hostname
smtpd_junk_command_limit = 50
smtpd_policy_service_max_idle = 3600s
smtpd_policy_service_max_ttl = 3600s
smtpd_recipient_restrictions =
permit_mynetworks
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unknown_recipient_domain
permit_sasl_authenticated
reject_unauth_destination
reject_unlisted_recipient
check_client_access mysql:$mysql/client_access.cf
check_sender_access mysql:$mysql/sender_access.cf
check_sender_mx_access cidr:$filter/bogon_networks.cidr
check_policy_service inet:127.0.0.1:12525
check_policy_service inet:127.0.0.1:10031
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = mail.server2.art-domains.de
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_mynetworks
smtpd_tls_CAfile = $certs/CAcert.pem
smtpd_tls_cert_file = $certs/cert.pem
smtpd_tls_key_file = $certs/key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:$cache/smtpd_scache
smtpd_tls_session_cache_timeout = 7200s
smtpd_use_tls = yes
strict_mime_encoding_domain = yes
strict_rfc821_envelopes = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains


-- 
Viele Gruesse, Kind regards,
 Jim Knuth
 jk at jkart.de
 ICQ #277289867
----------
Zufalls-Zitat
----------
Daß die Philosophie eine Frau ist, merkt man daran, daß sie
gewöhnlich an den Haaren herbeigezogen ist. (G.C. Lichtenberg)
----------
Der Text hat nichts mit dem Empfaenger der Mail zu tun
----------
Virus free. Checked by NOD32 Version 1978 Build 8774  14.01.2007

Mehr Informationen über die Mailingliste Postfixbuch-users