Find the answer to your Linux question:
Results 1 to 3 of 3
Good day, My postfix email server has been listed by dsnbl.njabl.org as an open relay, but I'm not sure why. I tested the server from another site, and it passes ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2005
    Posts
    2

    Postfix Open Relay Issue


    Good day,

    My postfix email server has been listed by dsnbl.njabl.org as an open relay, but I'm not sure why. I tested the server from another site, and it passes every test.

    My main.cf is setup with the following:

    header_checks = regexp:/etc/postfix/maps/header_checks
    mime_header_checks = regexp:/etc/postfix/maps/mime_header_checks
    body_checks = regexp:/etc/postfix/maps/body_checks

    resolve_dequoted_address = yes
    smtpd_sender_restrictions =
    check_sender_access hash:/etc/postfix/dsn_exceptions,
    reject_rhsbl_sender rhsbl.ahbl.org,
    reject_rhsbl_sender hash:/etc/postfix/access

    smtpd_recipient_restrictions =
    check_sender_access hash:/etc/postfix/dsn_exceptions,
    reject_unauth_pipelining,
    reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    permit_mynetworks,
    check_sender_access hash:/etc/postfix/access,
    check_sender_access hash:/etc/postfix/dsn_exceptions,
    reject_rbl_client relays.mail-abuse.org
    permit_sasl_authenticated,
    reject_unauth_destination,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client cn.rbl.cluecentral.net,
    reject_rbl_client

    Is there something obvious that I'm missing here?

    Thanks for your help -

  2. #2
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    did you look here
    njabl.org

    as my first line of defense I always send an email with telnet
    Send Email via Telnet
    and use bogus to's and from's so I can test for myself.

    So the question is, can you connect to your mail server and not authenticate, and send an email?

  3. #3
    Just Joined!
    Join Date
    Feb 2005
    Posts
    2

    Test results

    According to njabl.org, their test was the following:

    ______________________________________
    From postmaster@myemailserver.com Sat Oct 17 05:32:25 2009
    Return-Path: <postmaster@myemailserver.com>
    Received: from mail.myemailserver.com (mail.myemailserver.com [71.16.6.6])
    by rt.njabl.org (8.13.1/8.13.1) with ESMTP id n9H9WJJt022844
    for <relaytest@rr.njabl.org>; Sat, 17 Oct 2009 05:32:19 -0400
    Received: from localhost (localhost.localdomain [127.0.0.1])
    by mail.myemailserver.com (Postfix) with ESMTP id B229611B8534
    for <relaytest@rr.njabl.org>; Sat, 17 Oct 2009 05:32:19 -0400 (EDT)
    X-Virus-Scanned: amavisd-new at myemailserver.com
    Received: from mail.myemailserver.com ([127.0.0.1])
    by localhost (plq139.myemailserver.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id qo1fYAx8Ijq4 for <relaytest@rr.njabl.org>;
    Sat, 17 Oct 2009 05:32:14 -0400 (EDT)
    Received: from rt.njabl.org (unknown [69.28.95.130])
    by mail.myemailserver.com (Postfix) with ESMTP id DCF3411B8530
    for <relaytest@rr.njabl.org>; Sat, 17 Oct 2009 05:32:13 -0400 (EDT)
    X-RT-Subject: relaytest: 71.16.6.6
    X-RT-From: postmaster@myemailserver.com
    X-RT-To: relaytest@rr.njabl.org
    From: relaytestsend@rt.njabl.org
    To: relaytest@rr.njabl.org
    Message-id: <1255771933.22518.0@rt.njabl.org>
    Subject: relaytest: 71.16.6.6
    Date: Sat, 17 Oct 2009 05:32:13 -0400 (EDT)

    ______________________________________

    So it looks like they said they were "postmaster@myemailserver.com", and my postfix was okay with that, even though the server they connected from was not myemailserver.com.... How would I adjust my config for that?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •