Is this expected reject behavior for foreign IP connect attempt?

From: Charles Marcus (no email)
Date: Wed Nov 28 2007 - 06:37:46 EST

  • Next message: Michael Tokarev: "Re: Is this expected reject behavior for foreign IP connect attempt?"


    I run postfix (2.4.5/Gentoo Linux) on a non-public network, which relays
    all outgoing mail through our ISP, and only accepts incoming connections
    from our outsourced anti-spam provider (mxlogic).

    I just saw this this morning in my logs (substituted 'realuser' for the
    real users username):

    Nov 28 06:10:54 moria postfix/smtpd[12808]: connect from[]
    Nov 28 06:10:55 moria postfix/smtpd[12808]: NOQUEUE: reject: RCPT from[]: 554 5.7.1
    <>: Recipient address rejected: Access denied;
    from=<> to=<> proto=SMTP
    Nov 28 06:10:56 moria postfix/smtpd[12808]: lost connection after RCPT
    Nov 28 06:10:56 moria postfix/smtpd[12808]: disconnect from[]

    Why the "554 5.7.1 <>: Recipient address
    rejected: Access denied" error? Is this the expected reject message if
    the connecting IP is outside the acceptable range?

    The reason I ask is I monitor my logs consistently, and have never seen
    a connection rejection like this, and I'd have thought I'd get a lot of
    these if this is how all foreign IP rejections were handled...

    Here is postconf -n:

    moria postfix # postconf -n
    alias_database = hash:/etc/mail/aliases
    alias_maps = hash:/etc/mail/aliases, hash:/usr/local/mailman/data/aliases
    broken_sasl_auth_clients = yes
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    daemon_directory = /usr/lib64/postfix
    debug_peer_list =
    default_destination_concurrency_limit = 20
    home_mailbox = .maildir/
    local_destination_concurrency_limit = 2
    mail_owner = postfix
    manpage_directory = /usr/share/man
    message_size_limit = 51200000
    mydomain =
    myhostname =
    mynetworks =
    owner_request_special = no
    queue_directory = /var/spool/postfix
    readme_directory = /usr/share/doc/postfix-2.4.5/readme
    relayhost = []
    smtpd_client_restrictions =
    smtpd_helo_restrictions =
    smtpd_recipient_limit = 100
    smtpd_recipient_restrictions = permit_sasl_authenticated,
    check_client_access cidr:/etc/postfix/client_no_relay.cidr, reject
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_local_domain = $myhostname
    smtpd_sasl_security_options = noanonymous
    smtpd_sender_restrictions =
    smtpd_tls_auth_only = yes
    smtpd_tls_cert_file = /etc/ssl/wildcard.crt
    smtpd_tls_key_file = /etc/ssl/wildcard.key
    smtpd_tls_loglevel = 1
    smtpd_use_tls = yes
    transport_maps = hash:/etc/postfix/transport
    virtual_alias_maps = mysql:/etc/postfix/,
    virtual_gid_maps = static:207
    virtual_mailbox_base = /var/virtual
    virtual_mailbox_domains = mysql:/etc/postfix/
    virtual_mailbox_limit = 51200000
    virtual_mailbox_maps = mysql:/etc/postfix/
    virtual_minimum_uid = 207
    virtual_transport = virtual
    virtual_uid_maps = static:207
    moria postfix #

    and here is content of client_no_relay.cidr: permit permit_auth_destination permit_auth_destination permit_auth_destination permit_auth_destination permit_auth_destination

    Maybe I'm not restricting connections to my box properly? Or just not
    understanding the reject message?

    Tia for any insights...

    Best regards,

  • Next message: Michael Tokarev: "Re: Is this expected reject behavior for foreign IP connect attempt?"

    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs

    Powered By FreeBSD   Powered By FreeBSD