Hi
I have not been listed on Backscatter for more than 2.5 years as I configured the mail server to stop it but for some reason which I can’t work I have been listed again.
When I telnet into the mail server and run a test as below I get a reject status
I would be most grateful to anyone for taking at look at my conf files and to see if they can see anything.
telnet mail.mydomain.co.uk 25
helo mail.mydomain.co.uk
MAIL FROM:
250 2.1.0 Ok
RCPT TO:
550 5.1.1 : Recipient address rejected: User unknown
main.cf
biff = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_name = mail.mydomain.co.uk
smtpd_banner = ESMTP $mail_name
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtp_use_tls = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_use_tls = yes
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
myhostname = server.mydomain.co.uk
mydomain = server.mydomain.co.uk
inet_protocols = ipv4
#inet_interfaces = 127.0.0.1, my.ip.addr.ess
inet_interfaces = all
smtp_bind_address = my.ip.addr.ess
mydestination = $myhostname, localhost.$mydomain, localhost, server.mydomain.co.uk
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8, my.ip.addr.range/24, 109.123.101.0/24
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
bounce_size_limit = 2000
message_size_limit = 40960000
header_size_limit = 402400
maximal_queue_lifetime = 1d
bounce_queue_lifetime = 1d
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_delay_reject = yes
smtpd_error_sleep_time = 10
smtpd_soft_error_limit = 20
smtpd_hard_error_limit = 20
smtpd_junk_command_limit = 20
# qmgr_message_active_limit = 10000 # default 20000
strict_rfc821_envelopes = yes
show_user_unknown_table_name = no
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
home_mailbox = Maildir/
2bounce_notice_recipient = postmaster@mydomain.co.uk
error_notice_recipient = postmaster@mydomain.co.uk
bounce_notice_recipient = postmaster@mydomain.co.uk
header_checks = regexp:/etc/postfix/header_checks
#body_checks = regexp:/etc/postfix/body_checks
Reject codes
access_map_reject_code = 554
defer_code = 450
invalid_hostname_reject_code = 501
maps_rbl_reject_code = 554
non_fqdn_reject_code = 504
reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 450
unknown_client_reject_code = 450
unknown_hostname_reject_code = 450
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_sender_reject_code = 554
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_reject_code = 450
unverified_sender_reject_code = 450
SMTP Restrictions
smtpd_client_restrictions = permit_mynetworks,
permit_inet_interfaces,
permit_sasl_authenticated,
check_client_access regexp:/etc/postfix/client_restrictions,
check_policy_service unix:/var/spool/postfix/postgrey/socket,
warn_if_reject reject_unknown_reverse_client_hostname,
warn_if_reject reject_unknown_client
smtpd_helo_restrictions = permit_mynetworks,
permit_inet_interfaces,
permit_sasl_authenticated,
check_helo_access regexp:/etc/postfix/helo.regexp,
# reject_non_fqdn_helo_hostname,
warn_if_reject reject_invalid_helo_hostname,
warn_if_reject reject_non_fqdn_helo_hostname,
# warn_if_reject reject_unknown_helo_hostname,
permit
smtpd_etrn_restrictions = permit_mynetworks,
permit_inet_interfaces,
permit_sasl_authenticated,
reject
smtpd_sender_restrictions = permit_sasl_authenticated,
permit_mynetworks,
check_client_access regexp:/etc/postfix/client_restrictions,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_address,
warn_if_reject reject_unverified_sender,
permit
smtpd_recipient_restrictions = permit_mynetworks,
permit_inet_interfaces,
permit_sasl_authenticated,
reject_unauth_destination,
check_client_access regexp:/etc/postfix/client_restrictions,
check_policy_service unix:/var/spool/postfix/postgrey/socket,
# check_policy_service unix:private/policy-spf,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unverified_recipient,
# Added reject_unverified_recipient 7-5-19 for trying to stop Backscatter
reject_unlisted_recipient,
reject_multi_recipient_bounce,
reject_non_fqdn_hostname,
reject_invalid_hostname,
warn_if_reject reject_unknown_client,
# Added warn_if_reject 1st Feb 2018 for overcoming too many Client host rejected: cannot find your hostname
warn_if_reject reject_unknown_hostname,
reject_unauth_pipelining,
# check_sender_access hash:/etc/postfix/blacklisted_domains,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client zen.spamhaus.org,
permit
smtpd_data_restrictions = reject_unauth_pipelining,
reject_multi_recipient_bounce,
permit
smtpd_timeout = 300s
smtp_destination_rate_delay = 1s
smtpd_tls_cert_file = /etc/letsencrypt/live/mydomain.co.uk/cert.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
smtpd_tls_CAfile = /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
smtpd_tls_security_level = may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_ciphers = high
smtpd_tls_mandatory_ciphers = high
smtp_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2
smtpd_tls_exclude_ciphers = EXP, MEDIUM, LOW, DES, 3DES, SSLv2
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
tls_high_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
tls_medium_cipherlist = kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:+kEDH+CAMELLIA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:+kRSA+CAMELLIA:!aNULL:!eNULL:!SSLv2:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891,local:/var/run/milter-greylist/milter-greylist.sock
non_smtpd_milters = inet:localhost:8891,local:/var/run/milter-greylist/milter-greylist.sock
policy-spf_time_limit = 3600s
master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
my.ip.addr.ess:smtp inet n - n - 200 smtpd -o smtpd_sasl_auth_enable=yes
my.ip.addr.ess:submission inet n - n - - smtpd
# -o smtpd_tls_security_level=encrypt
-o smtpd_tls_security_level=may
-o tls_preempt_cipherlist=no
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
# bounce unix - - n - 0 bounce
bounce unix - - n - 0 discard
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
# policy-spf unix - n n - 0 spawn user=nobody argv=/usr/bin/perl /usr/lib/postfix/postfix-policyd-spf-perl
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop unix - n n - - pipe
# flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp unix - n n - - pipe
# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail unix - n n - - pipe
# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp unix - n n - - pipe
# flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix - n n - 2 pipe
# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
# ${nexthop} ${user} ${extension}
#
#mailman unix - n n - - pipe
# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# ${nexthop} ${user}
#submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
127.0.0.1:smtp inet n - n - 200 smtpd -o smtpd_sasl_auth_enable=yes
127.0.0.1:submission inet n - n - - smtpd
header_checks
## Header checks file
#### Checks are done in order, top to bottom.
#### /etc/postfix/header_checks
### How to check regex on command line
### echo 'mail-db5eur01on0084.outbound.protection.outlook.com' | grep -e '^\S*\.outlook\.com$'
non-RFC Compliance
/[^[:print:]]{7}/ REJECT RFC2047
/^.=20[a-z]=20[a-z]=20[a-z]=20[a-z]*/ REJECT RFC822
/(.*)?{6,}/ REJECT RFC822
/(.*)[X|x]{3,}/ REJECT RFC822
Unreadable NON-acsii un-printable text
/^Subject:.*=?(GB2312|big5|euc-kr|ks_c_5601-1987|koi8)?/ REJECT Unreadable
/^Content-Type:.*charset="?(GB2312|big5|euc-kr|ks_c_5601-1987|koi8|iso-2022-jp)/ REJECT Unreadable
Subject checks
/^Subject:.* / REJECT Space
/^Subject:.*r[ _.*-]+o[ _.*-]+l[ _.*-]+e[ _.*-]+x/ REJECT Hidden Words
/^Subject:.*p[ _.*-]+o[ _.*-]+r[ _.*-]+n/ REJECT Hidden Words
Character Set Checks
/^(Content-Type:.|\s+)charset\s=\s*"?(Windows-1251)?/ REJECT Bad Content Type
Backscatter checks
/^Content-Type: multipart/report; report-type=delivery-status;/ REJECT no third-party DSNs
/^Content-Type: message/delivery-status; / REJECT no third-party DSNs
Attachments
/^Content-(Type|Disposition):.(file)?name=..(ade|adp|asd|asf|asx|bat|bhx|chm|cil|cmd|com|cpl|dll|elm|exe|gif|hlp|hta|jse|lnk|mda|mdb|mde|mdw|mim|msi|msp|nws|ocx|pif|reg|scr|sct|shb|shm|shs|vb|vbe|vbs|vbx|vxd|wmf|wms|wmz|wmd|wsc|wsf|wsh|wsz)/
REJECT Bad Attachment .${3}
Backscatter mail from virus scanners
/^Subject:.*Anti-Virus Notification/ REJECT Virus Notification
/^Subject:.*due to virus/ REJECT Virus Notification
/^Subject:.*email contains VIRUS/ REJECT Virus Notification
/^Subject:.*InterScanMSS/ REJECT Virus Notification
/^Subject:.*ScanMail for Lotus/ REJECT Virus Notification
/^Subject:.*Symantec AntiVirus/ REJECT Virus Notification
/^Subject:.*Virus Detected by Network Associates/ REJECT Virus Notification
/^subject:.*virus found/ REJECT Virus Notification
/^subject:.*Virus Infection Alert/ REJECT Virus Notification
Known Spammers or Unsolicited Commercial Email
/^Received:.*bellevuellc.com/ REJECT Blacklisted
/^Received:.*ccsurvey.com/ REJECT Blacklisted
/^Received:.*cmptechdirect.com/ REJECT Blacklisted
/^Received:.*dartmail.net/ REJECT Blacklisted
/^Received:.*ema10.net/ REJECT Blacklisted
/^Received:.*evmailer.com/ REJECT Blacklisted
/^Received:.*netline.com/ REJECT Blacklisted