Hallo ich habe ein Problem mit Postfix und Plesk und hoffe ihr könnt mir helfen.
Und zwar:
Ich habe im Plesk das relaying aktiviert, mit auth via smtp.
Meine Config seht ihr hier:
Nun bekomme ich irgendwie von meiner eigenen Emailadresse Spam zugeschickt.
Via telnet habe ich das auch mal ausprobiert und es passierte folgendes:
ich kann einfach so mails an mich selbst senden oO
obwohl enforc tls aktiviert ist :-( (s.o.)
ich bin langsam am ende mit meinem Latein, hatte folgende flags auch ausprobiert:
haben leider auch nicht geholfen :'(
Ich hoffe ihr habt eine Idee
LG Krie9er
Und zwar:
Ich habe im Plesk das relaying aktiviert, mit auth via smtp.
Meine Config seht ihr hier:
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_enforce_tls = yes
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = *****
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
mydestination = localhost.vserver.de, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128 80.86.91.235/32
mailbox_size_limit = 51200000
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, check_client_access pcre:/var/spool/postfix/plesk/no_relay.re, permit_sasl_authenticated, reject_unauth_destination
smtpd_tls_auth_only = yes
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
inet_protocols = all
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = hash:/var/spool/postfix/plesk/vmailbox
transport_maps = hash:/var/spool/postfix/plesk/transport
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, check_client_access pcre:/var/spool/postfix/plesk/non_auth.re
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:110
virtual_gid_maps = static:31
smtpd_milters = , inet:127.0.0.1:12768
non_smtpd_milters = , inet:127.0.0.1:12768
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
message_size_limit = 10240000Via telnet habe ich das auch mal ausprobiert und es passierte folgendes:
Code:
220 ****** ESMTP Postfix (Debian/GNU)
mail from: test@test.de
250 2.1.0 Ok
rcpt to: user@****.de
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
.
250 2.0.0 Ok: queued as D1C22962151Aich kann einfach so mails an mich selbst senden oO
obwohl enforc tls aktiviert ist :-( (s.o.)
ich bin langsam am ende mit meinem Latein, hatte folgende flags auch ausprobiert:
Code:
smtpd_helo_required = yes
smtpd_delay_reject = no
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client unconfirmed.dsbl.org,
reject_rbl_client dynablock.njabl.org,
reject_rbl_client dialup.blacklist.jippg.org,
reject_rbl_client cbl.abuseat.org,
permit
smtpd_helo_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_non_fqdn_hostname,
reject_invalid_hostname,
reject_rhsbl_client rhsbl.sorbs.net,
reject_rhsbl_sender rhsbl.sorbs.net,
reject_rbl_client opm.blitzed.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client relays.ordb.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client unconfirmed.dsbl.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client dynablock.njabl.org,
reject_rbl_client dialup.blacklist.jippg.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client multihop.dsbl.org,
reject_unauth_pipelining
smtpd_sender_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
reject_rhsbl_client rhsbl.sorbs.net,
reject_rhsbl_sender rhsbl.sorbs.net,
reject_rbl_client relays.ordb.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client unconfirmed.dsbl.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client dynablock.njabl.org,
reject_rbl_client dialup.blacklist.jippg.org,
reject_rbl_client multihop.dsbl.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client cbl.abuseat.org,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
check_sender_access hash:/var/spool/postfix/plesk/blacklists,
permit_sasl_authenticated,
check_client_access pcre:/var/spool/postfix/plesk/non_auth.reIch hoffe ihr habt eine Idee
LG Krie9er