I have a site, which relays automated emails from external system to pass on via authenticated SMTP of our provider.
Recently the external system went haywire and started to generate hundreds of emails every x minutes.
I wanted to temporary remove its ability to send me email, so I removed it from mynetworks in all the main.cf.* files (main.cf main.cf.smtps main.cf.tls). And of course restarted postfix.
So, mynetworks WAS:
mynetworks = 127.0.0.0/8 192.168.XXX.0/24 192.168.YYY.0/24 192.168.ZZZ.0/24 ANOTHER_EXTERNAL_IP/32 OFFENDING_IP/32 192.168.NNN.0/24
And now it is:
mynetworks = 127.0.0.0/8 192.168.XXX.0/24 192.168.YYY.0/24 192.168.ZZZ.0/24 ANOTHER_EXTERNAL_IP/32 192.168.NNN.0/24
However, the offending site was still able to connect and drop mail. What gives?
Every bit of help appreciated
A postcat of offending message:
named_attribute: log_ident=AEF9D22E1D
named_attribute: rewrite_context=remote
sender: info@mysite
named_attribute: log_client_name=unknown
named_attribute: log_client_address=OFFENDING_IP
named_attribute: log_client_port=50310
named_attribute: log_message_origin=unknown[OFFENDING_IP]
named_attribute: log_helo_name=[127.0.0.1]
named_attribute: log_protocol_name=ESMTP
named_attribute: client_name=unknown
named_attribute: reverse_client_name=unknown
named_attribute: client_address=OFFENDING_IP
named_attribute: client_port=50310
named_attribute: helo_name=[127.0.0.1]
named_attribute: protocol_name=ESMTP
named_attribute: client_address_type=2
named_attribute: dsn_orig_rcpt=rfc822;[email protected]
original_recipient: [email protected]
recipient: [email protected]