Join Log in
Score:1
TinoB avatar Server

Postfix "postmaster" and double-bounce emails are causing a TON backscatter

cn flag
TinoB

.. and got the IP on a couple BLs..

This postfix server is set up to relay mail to and from an Exchange server.

I am seeing a lot of postmaster or root @mail.mydomain.com going out from postfix and NOT the proper mailing address @mydomain.com

The server is running SpamAssassin, Amavis, PostScreen, and OpenDMARC. I have triple checked that no configuration file states mail.mydomain.com except for external DNS (Cloudfare) and internal DNS (Active Directory) for obvious reasons.

the hostname file is:

mydomain.com

the hosts file is:

127.0.0.1 localhost
127.0.1.1 mydomain.com

mailname is:

mydomain.com

External and internal DNS is:

10.2.0.6 A mail.mydomain.com
my.pbl.ip.add A mail.mydomain.com
mydomain.com MX mail.mydomain.com

I have defined this:

notify_classes = bounce, delay, policy, protocol, resource, software
2bounce_notice_recipient = [email protected]
bounce_notice_recipient = [email protected]
delay_notice_recipient = [email protected]
error_notice_recipient = [email protected]

I need to know what to adjust to make it stop sending these postmaster and root emails with the @mail.mydomain.com and start using the proper @mydomain.com before I get on another list.

Please help!

Thank you in advance!

main.cf

default_process_limit = 50
smtpd_banner = mail.mydomain.com
biff = no

append_dot_mydomain = no


readme_directory = no


smtpd_tls_received_header = yes
smtpd_tls_cert_file=/etc/postfix/Alpha2022.crt
smtpd_tls_key_file=/etc/postfix/Alpha2022-nocrypt.key
smtpd_tls_CApath = /etc/ssl/certs/
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_exclude_ciphers = RC4,MD5, aNULL
smtp_tls_note_starttls_offer = yes
smtp_tls_ciphers = export
smtp_tls_cert_file=/etc/postfix/Alpha2022.crt
smtp_tls_key_file = /etc/postfix/Alpha2022-nocrypt.key
smtp_tls_CApath = /etc/ssl/certs/
smtp_tls_CAfile = /etc/postfix/AlphaSSL-IL.pem
smtp_use_tls=yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_exclude_ciphers = RC4, MD5, aNULL


smtp_dns_support_level=dnssec
smtp_host_lookup=dns
smtp_tls_security_level = dane

smtp_tls_loglevel = 1
smtpd_tls_ask_ccert =  yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_always_issue_session_ids = no
smtpd_tls_loglevel = 1

tls_ssl_options = NO_COMPRESSION

smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2 !SSLv3

smtpd_tls_mandatory_ciphers=high
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA

smtpd_tls_eecdh_grade=ultra


myhostname = mydomain.com
strict_rfc821_envelopes = yes
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4, ipv6
smtp_address_preference = any
compatibility_level = 2
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_unknown_sender_domain, check_client_access  hash:/etc/postfix/rbl_override, reject_unauth_pipelining, reject_unknown_sender_domain, reject_non_fqdn_sender,  permit


transport_maps = hash:/etc/postfix/transport_maps
relay_domains = mydomain.com otherdomain1.com otherdomain2.local otherdomain3.email otherdomain4.us otherdomain5.net
mynetworks = 127.0.0.0/8 10.2.0.0/24 192.168.0.0/16  backup.vps.host.ip4 [::1]/128 [fe80::]/10 [my:tunnelbrokerip6:addr]/64 [backup:vps:postfix:mx2]/64
relayhost =


mydestination =
local_recipient_maps =
local_transport = error:local mail delivery is disabled



smtpd_milters = local:/var/spool/postfix/opendmarc/opendmarc.sock

smtpd_sender_restrictions = hash:/etc/postfix/access


content_filter = smtp-amavis:[127.0.0.1]:10024


postscreen_dnsbl_threshold = 3
postscreen_dnsbl_sites =
  zen.spamhaus.org*3
  bl.mailspike.net*3
  b.barracudacentral.org*2
  bl.spameatingmonkey.net
  bl.spamcop.net
  spamtrap.trblspam.com
  dnsbl.sorbs.net=127.0.0.[2;3;6;7;10]
  ix.dnsbl.manitu.net
  bl.blocklist.de
  #whitelist
  list.dnswl.org=127.0.[0..255].0*-1
  list.dnswl.org=127.0.[0..255].1*-2
  list.dnswl.org=127.0.[0..255].[2..3]*-3
  iadb.isipp.com=127.0.[0..255].[0..255]*-2
  iadb.isipp.com=127.3.100.[6..200]*-2
  wl.mailspike.net=127.0.0.[17;18]*-1
  wl.mailspike.net=127.0.0.[19;20]*-2
postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply
postscreen_dnsbl_action = enforce
postscreen_dnsbl_ttl = 1h
postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr, cidr:/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = yes
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = enforce
postscreen_cache_cleanup_interval = 12h
postscreen_cache_map = btree:$data_directory/postscreen_cache
postscreen_cache_retention_time = 7d
postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit
postscreen_command_count_limit = 20
postscreen_command_filter =
postscreen_command_time_limit = ${stress?10}${stress:300}s
postscreen_disable_vrfy_command = $disable_vrfy_command
postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
postscreen_enforce_tls = $smtpd_enforce_tls
postscreen_use_tls = $smtpd_use_tls
postscreen_expansion_filter = $smtpd_expansion_filter
postscreen_forbidden_commands = $smtpd_forbidden_commands
postscreen_greet_action = enforce
postscreen_greet_banner = Please Wait for SMTP
postscreen_greet_ttl = 1d
postscreen_greet_wait = ${stress?2}${stress:6}s
postscreen_helo_required = $smtpd_helo_required
postscreen_non_smtp_command_action = enforce
postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_ttl = 30d
postscreen_pipelining_action = enforce
postscreen_pipelining_enable = yes
postscreen_pipelining_ttl = 30d
postscreen_post_queue_limit = $default_process_limit
postscreen_pre_queue_limit = $default_process_limit
postscreen_reject_footer = $smtpd_reject_footer
postscreen_tls_security_level = $smtpd_tls_security_level
postscreen_watchdog_timeout = 10s
smtpd_recipient_limit = 100
message_size_limit = 1000000000
notify_classes = bounce, delay, policy, protocol, resource, software
2bounce_notice_recipient = [email protected]
bounce_notice_recipient = [email protected]
delay_notice_recipient = [email protected]
error_notice_recipient = [email protected]


address_verify_sender = mydomain.com
180
1 + 2
Michael Hampton avatar
cz flag
Michael Hampton
Please post your `main.cf` file
0
Reply
TinoB avatar
cn flag
TinoB
Edited and posted.
0
Reply
Score:0
TinoB avatar Server
cn flag
TinoB

Aliases were not updated using the 'newaliases' command. After that it stopped trying to use @mail.mydomain.com

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.