Undelivered mail returned to sender, coming in by the hundreds. Help stopping?
Allright, so I've run into a bit of a war with the spambots.. they're always out to get me.. As the title suggests, I'm getting a lot of bounced emails.. lots. I've tried a few methods of controlling this, but I'm still getting them, and I have no idea how to stop it at this point, aside from disabling an e-mail address and/or shutting down my mail service.. As of tonight, I'm getting them by the dozens every minute, and resorted to shutting it all down until I can find a solution..
So any help anyone's willing to volunteer, will make me very happy lol.
- I'll attach an example e-mail last, to save your eyes.
Steps I've taken so far. (Involved a lot of net searching and tweaks too numerous to recall.. none of which worked.)
1) Blocking by IP.
Got that from this address, followed the steps.. still getting undelivered's.
That involved setting up a client_checks file, postmapping it, and adding IP's to block to a list.
2) Same thing different guy.
That one seemed to work for about a week, but no more.. Same principle, different syntax.
3) Policy banks, I've attempted to block by domain.. no go.
4) Disabled php related phpadmin stuff.
5) Frequent rotation of passwords.
6) Changed configured ports to a different port, which did no good.
At this stage, I'm wondering if they're not somehow coming locally.. I'm not educated enough in the matter to know what to look for, or what actions I can/should take if that is the case.. My server has very little activity otherwise. It's mainly for my own e-mail and a light game server.
As promised, an example mail.
-------------------------- Lines to note email beginning
This is the mail system at host redacted.redacted.com
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
email@example.com: host mx-ha03.web.de[126.96.36.199] said: 550 Requested
action not taken: mailbox unavailable (in reply to RCPT TO command)
Reporting-MTA: dns; redacted.redacted.com
X-Postfix-Sender: rfc822; firstname.lastname@example.org
Arrival-Date: Thu, 4 Apr 2019 17:22:08 -0500 (CDT)
Final-Recipient: rfc822; email@example.com
Original-Recipient: rfc822;[email protected]
Remote-MTA: dns; mx-ha03.web.de
Diagnostic-Code: smtp; 550 Requested action not taken: mailbox unavailable
Copy of: Hey süß.eml
Copy of: Hey süß
No Net For You firstname.lastname@example.org
4/4/2019, 5:22 PM
from localhost (localhost [127.0.0.1]) by Redacted.redacted.com (Postfix) with ESMTP id 1CFE621F89 for email@example.com; Thu, 4 Apr 2019 17:22:08 -0500 (CDT)
Debian amavisd-new at
from redacted.redacted.com ([127.0.0.1]) by localhost (mail.redcated.com --fqdn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jyKkFpH7ocNL for firstname.lastname@example.org; Thu, 4 Apr 2019 17:22:07 -0500 (CDT)
from redacted.com (localhost [127.0.0.1]) by redacted.r.c (Postfix) with ESMTPS id 0FB3221F8F for email@example.com; Thu, 4 Apr 2019 17:22:07 -0500 (CDT)
This is a copy of the following message you sent to Your Name via No Net For You
Erkenne mich? Du hast gesagt, dass ich sehr schön bin. Möchten Sie sich kennenlernen? Schau mich an - https://drive.google.com/open?id=1cGW9_uB5pEqZ6IlZUEm-X5CYXVo0YqCU
--------------------------- End mail example
Sorry it's ugly, I tried to pretty it up a bit, and removed a lot of commented out stuff.
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
appending .domain is the MUA's job.
append_dot_mydomain = no
readme_directory = no
Sh I added
smtpd_helo_required = yes
Sh that was with the sh
smtpd_tls_auth_only = yes
Enabling SMTP for authenticated users, and handing off authentication to Dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
added sender restric
Added this sh
check_client_access regexp:/etc/postfix/blacklist_clients, check_client_access cidr:/etc/postfix/client_checks, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net, permit,
myhostname = Redacted
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
virtual_transport = lmtp:unix:private/dovecot-lmtp
Virtual domains, users, and aliases
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
Additional option for filtering
content_filter = smtp-amavis:[127.0.0.1]:10024