[TriLUG] postfix security

Jeff Groves jgroves at krenim.org
Sat Dec 11 04:57:20 EST 2004


Any chance you could post the headers of this email so that we could get a better idea of 
what happened?

Jeff G.

Michael Hrivnak wrote:
> I have a question that relates directly to a spamming experience I just had.
> 
> I understand what an MX record is.  I have setup multiple machines that will 
> relay for my domain in the event my primary mail server is down.  I did so by 
> adding to those machines this in /etc/postfix/main.cf
> 
> relay_domains = $mydestination mydomaincom
> 
> All machines involved run Mandrake 10.0 or 10.1.  That tends to work, but I 
> found a problem.  In theory, anyone on the internet can use these backup 
> servers to send email to my domain.  Someone could spam my domain all day and 
> all night through those servers.  In fact, tonight I received a spam email 
> that came through one of those servers and even claimed to be from two 
> accounts (which don't actually exist) on that backup server (why would an 
> email be from 2 accounts anyway?). What can I do to prevent this?
> 
> Thanks a lot,
> 
> Michael



More information about the TriLUG mailing list