[Postfixbuch-users] Konfiguration Postfix Backscatter?

Susanne Kaufmann SusanneKaufmann at gmx.de
Mi Okt 20 13:03:16 CEST 2010 

Jetzt habe ich die Sorge, dass ich sogar einen Open Relay habe? Ich habe das
eigentlich getestet, auch z.B. über abuse.net, und da war nichts. Aber jetzt
habe ich von meinem Provider den Hinweis bekommen, dass ich Spam versenden
würde. Ich habe einmal die Logfile, die er mir geschickt hat angehängt,
wobei XX.XX.XX.XX für meine Server-IP steht:

Return-Path: <srs0=yunk=rv=yahoo.com=info at bounce2.pobox.com>
Delivered-To: spamcop-net-x
Received: (qmail 330 invoked from network); 19 Oct 2010 22:47:53 -0000
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on
blade2.cesmail.net
X-Spam-Level: *************************
X-Spam-Status: hits=25.0 tests=FORGED_MUA_OUTLOOK,FORGED_YAHOO_RCVD,
      JM_SOUGHT_FRAUD_1,JM_SOUGHT_FRAUD_2,JM_SOUGHT_FRAUD_3,J_CHICKENPOX_21,
 
KAM_LOTTO1,LOTTERY_PH_004470,MILLION_USD,MSOE_MID_WRONG_CASE,SARE_LOTTO_SPAM
2
      version=3.2.4
Received: from unknown (192.168.1.88)
  by blade2.cesmail.net with QMQP; 19 Oct 2010 22:47:53 -0000
Received: from cobalt.pobox.com (64.74.157.53)
  by mxin1.cesmail.net with SMTP; 19 Oct 2010 22:47:57 -0000
Received: from cobalt.pobox.com (localhost [127.0.0.1])
      by cobalt.pobox.com (Postfix) with ESMTP id E6C6840A67E
      for <x>; Tue, 19 Oct 2010 18:47:44 -0400 (EDT)
Delivered-To: x
X-Pobox-Orig-Sender: <info at yahoo.com>
X-Pobox-Delivery-ID:
E29CDA20-DBD2-11DF-B5CD-FE3A97A391DC-35821533!cobalt.pobox.com
x-pobox-client-address: XX.XX.XX.XX
x-pobox-client-name: www.MEINSERVER.de
Received: from mail.MEINSERVER.de (www.MEINSERVER.de [XX.XX.XX.XX]) by
cobalt.pobox.com (Postfix) with ESMTP id 989CE40A662 for  <x>; Tue, 19 Oct
2010 18:47:39 -0400 (EDT)
Received: by mail.MEINSERVER.de (Postfix, from userid 5000) id DC58316D03DF;
Wed,
20 Oct 2010 00:01:19 +0200 (CEST)
Received: from User (unknown [82.128.83.167]) by mail.MEINSERVER.de
(Postfix)  with ESMTPA id 3939616D03DF; Tue, 19 Oct 2010 23:36:26 +0200
(CEST)
Reply-To: <agentsamoliver at aol.com>
From: "YAHOO YAHOO"<info at yahoo.com>
Subject: Spam [48.4] YAHOO LOTTERY RESULTS 2010
Date: Tue, 19 Oct 2010 22:36:35 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <2010___________________03DF at mail.MEINSERVER.de>
To: undisclosed-recipients:;
X-Spam-Prev-Subject: YAHOO LOTTERY RESULTS 2010
X-Virus-Scanned: ClamAV using ClamSMTP
X-SpamCop-Checked: 
X-SpamCop-Disposition: Blocked SpamAssassin=25




> -----Ursprüngliche Nachricht-----
> Von: postfixbuch-users-bounces at listen.jpberlin.de [mailto:postfixbuch-
> users-bounces at listen.jpberlin.de] Im Auftrag von Susanne Kaufmann
> Gesendet: Mittwoch, 20. Oktober 2010 12:45
> An: 'Eine Diskussionsliste rund um das Postfix-Buch von Peer Heinlein.'
> Betreff: [Postfixbuch-users] Konfiguration Postfix Backscatter?
> 
> Hallo zusammen,
> 
> ich habe letztens einen Server neu aufgesetzt und habe seitdem Probleme
> mit
> Backscatter-Mails. Ich kann mir das aber nicht so ganz erklären. Evtl.
> könnte jemand einmal einen Blick auf meine Postfix-Konfiguration
> werfen.
> Vielen Dank schon einmal im Voraus.
> 
> Viele Grüße,
> Susanne
> 
> 
> 
> 
> main.cf
> 
> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> biff = no
> append_dot_mydomain = no
> readme_directory = no
> 
> smtpd_tls_cert_file=/etc/ssl/certs/smtpd.cert
> smtpd_tls_key_file=/etc/ssl/private/smtpd.key
> smtpd_use_tls=yes
> smtpd_enforce_tls = no
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtpd_tls_auth_only = no
> smtpd_tls_loglevel = 2
> 
> myhostname = xx.yy.zz
> alias_maps = hash:/etc/aliases
> alias_database = hash:/etc/aliases
> myorigin = /etc/mailname
> mydestination = aabbcc.stratoserver.net, localhost.stratoserver.net,
> localhost
> relayhost =
> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 aa.bb.cc.dd
> mailbox_size_limit = 0
> recipient_delimiter = +
> message_size_limit = 104857600
> inet_interfaces = all
> virtual_alias_domains =
> virtual_alias_maps = mysql:/etc/postfix/vms-forwardings.cf
> mysql:/etc/postfix/vms-email2email.cf
> virtual_mailbox_domains = mysql:/etc/postfix/vms-domains.cf
> virtual_mailbox_maps = mysql:/etc/postfix/vms-mailboxes.cf
> virtual_mailbox_base = /home/vmail
> virtual_uid_maps = static:5000
> virtual_gid_maps = static:5000
> sender_canonical_maps = mysql:/etc/postfix/vms-
> mysql_sender_canonical.cf
> smtpd_sasl_auth_enable = yes
> broken_sasl_auth_clients = yes
> smtpd_sasl_security_options = noanonymous
> smtpd_recipient_restrictions = reject_unknown_sender_domain,
> reject_non_fqdn_sender, permit_mynetworks, permit_sasl_authenticated,
> permit_mx_backup, reject_invalid_hostname, reject_unauth_destination,
> reject_unverified_sender
> smtpd_tls_loglevel = 1
> maildrop_destination_recipient_limit = 1
> virtual_transport = maildrop
> 
> smtp_bind_address = aa.bb.cc.dd
> 
> content_filter = scan:aa.bb.cc.dd:10025
> receive_override_options = no_address_mappings
> header_checks = regexp:/etc/postfix/maps/header_checks
> always_bcc = admin at aa.bb.cc.de
> bounce_template_file = /etc/postfix/bounce.de-DE.cf
> var_flock_tries = 40
> 
> --
> _______________________________________________
> Postfixbuch-users -- http://www.postfixbuch.de
> Heinlein Professional Linux Support GmbH
> 
> Postfixbuch-users at listen.jpberlin.de
> https://listi.jpberlin.de/mailman/listinfo/postfixbuch-users

Mehr Informationen über die Mailingliste Postfixbuch-users