Hi,
I'm afraid because by default my Postfix main.cf set the smtpd_reject_unlisted_recipient to NO !!!
I changed with postconf -e smtpd_reject_unlisted_recipient=yes on zimbra user but if I restart Postfix this directive back to NO.
How to fix this this directive to YES definitely ?
Thanks for your help.
Sam.
[SOLVED] Change the main.cf options
[SOLVED] Change the main.cf options
Make sure that /opt/zimbra/conf/postfix_recipient_restrictions.cf has the following within itreject_unlisted_recipient
[SOLVED] Change the main.cf options
Look my postfix_recipient_restrictions.cf:Make sure that /opt/zimbra/conf/postfix_recipient_restrictions.cf has the following within itreject_unlisted_recipient
Code: Select all
reject_non_fqdn_recipient
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_unlisted_recipient
%%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%
%%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%%
%%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%%
%%contains VAR:zimbraMtaRestriction reject_unknown_client%%
%%contains VAR:zimbraMtaRestriction reject_unknown_hostname%%
%%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%%
%%explode reject_rbl_client VAR:zimbraMtaRestrictionRBLs%%
%%contains VAR:zimbraMtaRestriction check_policy_service unix:private/policy%%
permit
But on each postfix restart I have to make postconf -e smtpd_reject_unlisted_recipient=yes to set this feature otherwise Zimbra accept mails to unknown receipient !?
Sam.
[SOLVED] Change the main.cf options
I also have problems when wanting to change a directive from the postfix main.cf but does change when you restart postfix is again equal
Any idea how to do
greetings
Any idea how to do
greetings
[SOLVED] Change the main.cf options
You're looking at two different items; reject_unlisted_recipient should be listed in the smtpd_recipient_restrictions, so it's not necessary to also set smtpd_reject_unlisted_recipient.
$ postconf smtpd_recipient_restrictions
smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, permit
$ postconf smtpd_reject_unlisted_recipient
smtpd_reject_unlisted_recipient = no
If you really want to set it, edit the line for this in /opt/zimbra/conf/zmmta.cf:
POSTCONF smtpd_reject_unlisted_recipient yes
$ postconf smtpd_recipient_restrictions
smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, permit
$ postconf smtpd_reject_unlisted_recipient
smtpd_reject_unlisted_recipient = no
If you really want to set it, edit the line for this in /opt/zimbra/conf/zmmta.cf:
POSTCONF smtpd_reject_unlisted_recipient yes
[SOLVED] Change the main.cf options
Bingo, I changed zmmta.cf to set smtpd_reject_unlisted_recipient = yes (line 109) after restart Postfix this directive stay to "Yes"
If you really want to set it, edit the line for this in /opt/zimbra/conf/zmmta.cf:
POSTCONF smtpd_reject_unlisted_recipient yes
Thanks a lot.
For the history we have more than 20 000 mails with unknown user a day and perhaps to send spams, our server was blacklisted, it's the first time I have this problem after 10 years of mail server installation and managment.
Sam.
[SOLVED] Change the main.cf options
Just for information:
I had more than 20 000 rejected mails a day for unknown user who generates spam by MALER-DAEMON, and our IP was blacklisted on several RBL.
I had to install Postfix-policyd on our mail relay in front of Zimbra to fix this problem, perhaps it will be useful to integrate Postfix-policyd on Zimbra.
Sam.
I had more than 20 000 rejected mails a day for unknown user who generates spam by MALER-DAEMON, and our IP was blacklisted on several RBL.
I had to install Postfix-policyd on our mail relay in front of Zimbra to fix this problem, perhaps it will be useful to integrate Postfix-policyd on Zimbra.
Sam.
[SOLVED] Change the main.cf options
Are you saying you are greylisting now ? I have to admit I run MailScanner in-front of my Zimbra installations, which is personally choice, but a lot can be done to kick back those naughty spammers. Are you suffering from backscatter ? or spammers impersonating your domain ?
[SOLVED] Change the main.cf options
From backscatter and our IP is registered on ips.backscatter.org and they ask us to wait 4 weeks to be automatically removed from list or... send 50.00Euros for immediate removing (so nice !)Are you saying you are greylisting now ? I have to admit I run MailScanner in-front of my Zimbra installations, which is personally choice, but a lot can be done to kick back those naughty spammers. Are you suffering from backscatter ? or spammers impersonating your domain ?
We use MailScanner too on the mail relay but not as AS/AV we got the best result with Postfix-Policyd, more than 30 000 wrong mails are discarded a day.
I put some RBL in Zimbra MTA Agent (SORBS-DUL, spamcop.net, spamhaus.org) but I'm not sure if this work behind a mail relay, all mails come from only one IP...
Thanks for your help.
Sam.