I have an postfix + amavis mailserver, everything works fine except that somehow I will receive an spam email from me to me... so I dig and I make the following mods:
vi /etc/postfix/main.cf
smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination, check_sender_access hash:/etc/postfix/access/sender_access, reject_unknown_sender_domain, warn_if_reject reject_unverified_sender
mkdir /etc/postfix/access
vi /etc/postfix/access/sender_access
gigi.com 550 YOU ARE NOT ME.
postmap /etc/postfix/access/sender_access
/etc/init.d/postfix restart
Now I have to see if I receive mails from me :)
Anyway, in the /var/log/mail.log
I have the following messages that are annoying to me in the security manner, will be good, wrong?
Can I make something to stop those requests from outside? Are too many... Could be an security breach? I mean, those request are minute by minute... wt#?
I attach some of the mail.log
Oct 13 22:06:34 mail postfix/smtpd[8698]: warning: unknown[191.96.249.61]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 13 22:06:34 mail postfix/smtpd[8698]: disconnect from unknown[191.96.249.61]
Oct 13 22:06:34 mail postfix/verify[8777]: close database /var/lib/postfix/verify_cache.db: No such file or directory (possible Berkeley DB bug)
Oct 13 22:06:35 mail postfix/smtpd[8722]: warning: unknown[191.96.249.26]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 13 22:06:35 mail postfix/smtpd[8722]: disconnect from unknown[191.96.249.26]
Oct 13 22:06:35 mail postfix/smtpd[8702]: connect from unknown[191.96.249.13]
Oct 13 22:06:43 mail postfix/smtpd[8702]: warning: unknown[191.96.249.13]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 13 22:06:43 mail postfix/smtpd[8702]: disconnect from unknown[191.96.249.13]
Oct 13 22:06:56 mail postfix/smtpd[8703]: connect from unknown[191.96.249.61]
Oct 13 22:06:57 mail postfix/smtpd[8698]: connect from unknown[191.96.249.13]
Oct 13 22:06:58 mail postfix/smtpd[8702]: warning: hostname radheengineering.info does not resolve to address 191.96.249.26
Oct 13 22:06:58 mail postfix/smtpd[8702]: connect from unknown[191.96.249.26]
Oct 13 22:07:00 mail postfix/smtpd[8703]: warning: unknown[191.96.249.61]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 13 22:07:00 mail postfix/smtpd[8703]: disconnect from unknown[191.96.249.61]
Oct 13 22:07:06 mail postfix/smtpd[8698]: warning: unknown[191.96.249.13]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 13 22:07:06 mail postfix/smtpd[8698]: disconnect from unknown[191.96.249.13]
Oct 13 22:07:07 mail postfix/smtpd[8702]: warning: unknown[191.96.249.26]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 13 22:07:07 mail postfix/smtpd[8702]: disconnect from unknown[191.96.249.26]
Oct 13 22:07:20 mail postfix/smtpd[8722]: connect from unknown[191.96.249.13]
Thanks guys!