[Postfixbuch-users] Hilfe bin eine Spam Schleuder geworden

Günther J. Niederwimmer gjn at gjn.priv.at
Mi Nov 30 13:03:46 CET 2011 

Hallo,

könnt Ihr mir bei meinem Problem helfen Ich bin anscheinend ein offenes Relay 
seit neuestem (hinet.net, yahoo.com.tw)?

Was mir aufgefallen ist die RBL Anfragen werden nicht mehr ausgeführt (?) und 
eine Fehlermeldung wegen SSL ist vorhanden ?

Ein Auszug daraus ?
// 
ov 30 09:42:40 smtp postfix/smtpd[25788]: connect from 189-38-240-240.static-
corp.ajato.com.br[189.38.240.240]
Nov 30 09:42:40 smtp postfix/smtpd[25758]: warning: TLS library problem: 
25758:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version 
number:s3_pkt.c:284:
Nov 30 09:42:40 smtp postfix/smtpd[25758]: lost connection after STARTTLS from 
75-139-246-166.static.ftwo.tx.charter.com[75.139.246.166]
Nov 30 09:42:40 smtp postfix/smtpd[25758]: disconnect from 
75-139-246-166.static.ftwo.tx.charter.com[75.139.246.166]
Nov 30 09:42:40 smtp postfix/smtpd[25762]: warning: TLS library problem: 
25762:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version 
number:s3_pkt.c:284:
Nov 30 09:42:40 smtp postfix/smtpd[25762]: lost connection after STARTTLS from 
unknown[168.187.87.132]
Nov 30 09:42:40 smtp postfix/smtpd[25762]: disconnect from 
unknown[168.187.87.132]
Nov 30 09:42:41 smtp postfix/smtpd[25788]: warning: TLS library problem: 
25788:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version 
number:s3_pkt.c:284:
Nov 30 09:42:41 smtp postfix/smtpd[25788]: lost connection after STARTTLS from 
189-38-240-240.static-corp.ajato.com.br[189.38.240.240]
Nov 30 09:42:41 smtp postfix/smtpd[25788]: disconnect from 
189-38-240-240.static-corp.ajato.com.br[189.38.240.240]
Nov 30 09:42:41 smtp postfix/smtpd[25758]: warning: 122.174.3.78: hostname 
ABTS-TN-dynamic-078.3.174.122.airtelbroadband.in verification failed: Name or 
service not known
Nov 30 09:42:41 smtp postfix/smtpd[25758]: connect from unknown[122.174.3.78]
//

auch die posstconf -n hänge ich an, hoffentlich fällt Euch auf, was da nicht 
mehr funktioniert ?

//
alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldapalias_maps_folder.cf, 
ldap:/etc/postfix/ldapalias_maps.cf
biff = no
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
defer_transports = 
delay_warning_time = 1h
disable_dns_lookups = no
disable_mime_output_conversion = no
home_mailbox = 
html_directory = /usr/share/doc/packages/postfix-doc/html
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mail_spool_directory = 
mailbox_command = 
mailbox_size_limit = 0
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains = ldap:/etc/postfix/ldapmasquerade_domains.cf
masquerade_exceptions = root
message_size_limit = 102400000
message_strip_characters = \0
mydestination = $myhostname, localhost.$mydomain, .$mydomain, 
ldap:/etc/postfix/ldapmydestination.cf
myhostname = smtp.xxxxxxx.xxx
mynetworks = 127.0.0.0/8, 192.xxx.xxx.0/24, 89.xxx.xxx.0/28, [::1]/128, 
[fe80::%eth0]/64, [fe80::%eth1]/64
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
relayhost = 
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix-doc/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_enforce_tls = no
smtp_sasl_auth_enable = no
smtp_sasl_security_options = noanonymous
smtp_tls_enforce_peername = yes
smtp_tls_per_site = ldap:/etc/postfix/ldapsmtp_tls_per_site.cf
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = reject_rbl_client bl.spamcop.net, 
reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client zen.spamhaus.org, 
ldap:/etc/postfix/ldapaccess.cf
smtpd_helo_required = yes
smtpd_helo_restrictions = 
smtpd_recipient_restrictions = permit_sasl_authenticated, 
permit_auth_destination, permit_mynetworks, reject_unauth_destination, reject
smtpd_sasl_auth_enable = yes
smtpd_sender_restrictions = ldap:/etc/postfix/ldapaccess.cf
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/servercerts/servercert.pem
smtpd_tls_key_file = /etc/ssl/servercerts/serverkey.pem
smtpd_use_tls = yes
strict_8bitmime = no
strict_rfc821_envelopes = no
transport_maps = ldap:/etc/postfix/ldaptransport_maps.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains = ldap:/etc/postfix/ldapvirtual_alias_domains.cf
virtual_alias_maps = ldap:/etc/postfix/ldapuser_recipient_maps.cf, 
ldap:/etc/postfix/ldapvalias_maps_both.cf, 
ldap:/etc/postfix/ldapvalias_maps_member.cf, 
ldap:/etc/postfix/ldapvalias_maps_folder.cf, 
ldap:/etc/postfix/ldapvalias_maps_forward.cf
//

Ich Danke Euch im Voraus ;)

-- 
mit freundlichen Grüßen / best Regards,

 Günther J. Niederwimmer

Mehr Informationen über die Mailingliste Postfixbuch-users