How to Stable My Postfix against Spams or Virusses

Question

I'm managing dedicated. In last days my server Ip is blocked by hotmail services. And my customer can't send any message to hotmail/live/outlook systems.

postfix ver: 2.6.6
CentOS 6.4 64 Bit
I just Installed MailScanner and Clamd latest version

And these are my open relay report:

Connecting to xx.xx.xx.xx

220 mail.domain.com ESMTP Postfix [1451 ms]
EHLO please-read-policy.mxtoolbox.com
250-mail.domain.net
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN [780 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 Ok [889 ms]
RCPT TO: <test@example.com>
454 4.7.1 <test@example.com>: Relay access denied [780 ms]
QUIT

SendSMTPCommand: You hung up on us after we connected. Please whitelist us. (connection lost)

MXTB-PWS3v2 5351ms

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
delay_warning_time = 4
disable_vrfy_command = yes
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_protocols = all
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost $mydomain, localhost, $mydomain
mydomain = mydomain.net
myhostname = mail.mydomain.net
mynetworks = all
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-2.2.2/README_FILES
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/zpanel/configs/postfix/mysql-relay_domains_maps.cf
sample_directory = /usr/share/doc/postfix-2.2.2/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_use_tls = yes
smtpd_client_restrictions =
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_recipient_domain
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions =
smtpd_tls_cert_file = /etc/pki/tls/certs/mail.crt
smtpd_tls_key_file = /etc/pki/tls/private/mail.key
soft_bounce = yes
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = proxy:mysql:/etc/zpanel/configs/postfix/mysql-virtual_alias_maps.cf,                     regexp:/etc/zpanel/configs/postfix/virtual_regexp
virtual_gid_maps = static:12
virtual_mailbox_base = /var/zpanel/vmail
virtual_mailbox_domains = proxy:mysql:/etc/zpanel/configs/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/zpanel/configs/postfix/mysql-virtual_mailbox_maps.cf
virtual_minimum_uid = 101
virtual_transport = dovecot
virtual_uid_maps = static:101

What does your postfix version have to do with Hotmail not accepting your mail? — Michael Hampton, Sep 16 '13 at 18:40
`Postfix 2.6.6` My IP is in hotmail block list. They said me "your ip is in block list cause Symantec BrightMail Filter reported your IP" — RedLEON, Sep 16 '13 at 18:47
I thought old version has security problems. And latest version must be more secure than version 2.6.6. And postfix 2.6.6 no longer supported by postfix.org. `ftp://ftp.pca.dfn.de/pub/tools/net/postfix/index.html` — RedLEON, Sep 16 '13 at 18:54

score 1 · Answer 1 · answered Sep 17 '13 at 16:35

1

Not supported since this year means not a risk. I think security fixes get backported from the CentOS maintainers.

Your mailing problem is normally a bad configured server. Do a open relay test, and configure your server to not send spam. If it doesn't get better, your server is compromised.

answered Sep 17 '13 at 16:35

Emii Khaos

522
4
15

I Just installed MailScanner with ClamAV. I think this will be fix the problem – RedLEON Sep 17 '13 at 16:45
If your server is bad configured, no mailscanner will help. do a open relay test, and fix your config – Emii Khaos Sep 17 '13 at 16:47
Thx @Pazi I will do it. – RedLEON Sep 17 '13 at 16:52

score 0 · Answer 2 · answered Sep 17 '13 at 20:55

0

There is no need to upgrade postfix-2.6.6. It stable (legacy release) version of MTA. All you need is to analyze your mail log file and configure more restrictive rules in main.cf. I would suggest to install and configure some policy service, for e.g. policyd, postfwd. You can get more info here

It would be great if you add thу output of postconf -n to the question

answered Sep 17 '13 at 20:55

ALex_hha

7,193
1
25
40

thx @Alex_hha I added – RedLEON Sep 18 '13 at 12:57
I looked at [link](http://www.senderbase.org) no black list – RedLEON Sep 18 '13 at 15:12
mynetworks should be 127.0.0.0/8 – ALex_hha Sep 18 '13 at 18:08
thak you @ALex_hha – RedLEON Sep 19 '13 at 13:53

How to Stable My Postfix against Spams or Virusses

postconf -n

2 Answers2