Postfix is totally fsck'd...

Jan Houtsma list at houtsma.net
Sat Jan 31 16:56:10 UTC 2004 

> -----Oorspronkelijk bericht-----
> Van: fedora-list-admin at redhat.com 
> [mailto:fedora-list-admin at redhat.com] Namens Lorenzo Prince
> Verzonden: zaterdag 31 januari 2004 17:16
> Aan: fedora-list at redhat.com
> Onderwerp: Postfix is totally fsck'd...
> 
> I am guessing this has taken place over the last couple of 
> days.  I first saw that I was getting fewer messages than 
> usual.  This was not a problem, because I just thought that 
> fewer people were sending messages.  Well, the problem got 
> worse.  I now stopped receiving messages through fetchmail 
> which I know should come every day without fail.  Then it 
> started taking a long time to receive my cron messages.  I 
> didn't receive a message yesterday that I should have gotten 
> in the afternoon, and naturally, I thought it was the server 
> that sent it, (maybe something to do with this latest virus 
> slowing down the server.  So I started sending test messages 
> through the local server.  I sent about 5 tests and lost all 
> of them.  I then checked the maillog
> 
> grep postfix /var/log/maillog |less
> 
> and according to the log, someone has found my postfix and is 
> trying to use it as a relay to try to send hundreds or 
> possibly thousands of messages to what looks like an 
> alphabetical list of AOL users.  The problem is that Postfix 
> seems to actually be relaying these messages and then picking 
> up the bounces from AOL and relaying them back to the sender 
> who has an empty from address.  I don't understand, however, 
> how or why this is happening, as I have postfix configured to 
> only accept local relays, and the log is saying the messages 
> are coming from a remote sender.  When I do the relay test at 
> mail-abuse.org, it tells me that my system appears to reject 
> relay attempts.  I ended up having to switch my MTA to 
> Sendmail, because Postfix is so backed up to the point that 
> my system takes almost 5 minutes to boot, and messages 
> delivered from local users to local users aren't even getting 
> through anymore.  What can I do to solve the Postfix problem?
> What can I do to stop this relaying even though Postfix is 
> configured not to relay from remote connections at all?  I 
> started using postfix when I heard that sendmail had a 
> history of insecurity.  Is this better now?  Should I just 
> start using sendmail instead of Postfix?
> 
> Thanks for any help
> PRINCE
> 

You can test if you are an open mail relay at www.ordb.org

-- 
jan

More information about the fedora-list mailing list