> -----Oorspronkelijk bericht----- > Van: fedora-list-admin@xxxxxxxxxx > [mailto:fedora-list-admin@xxxxxxxxxx] Namens Lorenzo Prince > Verzonden: zaterdag 31 januari 2004 17:16 > Aan: fedora-list@xxxxxxxxxx > Onderwerp: Postfix is totally fsck'd... > > I am guessing this has taken place over the last couple of > days. I first saw that I was getting fewer messages than > usual. This was not a problem, because I just thought that > fewer people were sending messages. Well, the problem got > worse. I now stopped receiving messages through fetchmail > which I know should come every day without fail. Then it > started taking a long time to receive my cron messages. I > didn't receive a message yesterday that I should have gotten > in the afternoon, and naturally, I thought it was the server > that sent it, (maybe something to do with this latest virus > slowing down the server. So I started sending test messages > through the local server. I sent about 5 tests and lost all > of them. I then checked the maillog > > grep postfix /var/log/maillog |less > > and according to the log, someone has found my postfix and is > trying to use it as a relay to try to send hundreds or > possibly thousands of messages to what looks like an > alphabetical list of AOL users. The problem is that Postfix > seems to actually be relaying these messages and then picking > up the bounces from AOL and relaying them back to the sender > who has an empty from address. I don't understand, however, > how or why this is happening, as I have postfix configured to > only accept local relays, and the log is saying the messages > are coming from a remote sender. When I do the relay test at > mail-abuse.org, it tells me that my system appears to reject > relay attempts. I ended up having to switch my MTA to > Sendmail, because Postfix is so backed up to the point that > my system takes almost 5 minutes to boot, and messages > delivered from local users to local users aren't even getting > through anymore. What can I do to solve the Postfix problem? > What can I do to stop this relaying even though Postfix is > configured not to relay from remote connections at all? I > started using postfix when I heard that sendmail had a > history of insecurity. Is this better now? Should I just > start using sendmail instead of Postfix? > > Thanks for any help > PRINCE > You can test if you are an open mail relay at www.ordb.org -- jan
