Linode Forum :: I need to secure my mail server

Linode Forum https://forum.linode.com/

I need to secure my mail server https://forum.linode.com/viewtopic.php?f=11&t=4777	Page 1 of 1

Author:

Pepo [ Thu Oct 29, 2009 6:40 pm ]

Post subject:

I need to secure my mail server

Hi guys.
I'm using postfix.
and I noticed that I received lots of spam emails that were sent from my domain (dd4bb.com) and when I checked the header of the spam mail I saw that it used my domain ip too..

and beside that if I send any mails it is delivered to spam box.

so is that some kind of mis-configured settings or security holes in my postfix/mx configurations?

as more information, the following is the header of one of the spam messages that I have received

Code:

Delivered-To: mymail@gmail.com
Received: by 10.216.71.75 with SMTP id q53cs185466wed;
        Thu, 29 Oct 2009 15:53:52 -0700 (PDT)
Received: by 10.220.89.221 with SMTP id f29mr855523vcm.61.1256856831624;
        Thu, 29 Oct 2009 15:53:51 -0700 (PDT)
Return-Path: <info@dd4bb.com>
Received: from dd4bb.com ([207.192.75.32])
        by mx.google.com with ESMTP id 5si4516871vws.1.2009.10.29.15.53.51;
        Thu, 29 Oct 2009 15:53:51 -0700 (PDT)
Received-SPF: pass (google.com: domain of info@dd4bb.com designates 207.192.75.32 as permitted sender) client-ip=207.192.75.32;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of info@dd4bb.com designates 207.192.75.32 as permitted sender) smtp.mail=info@dd4bb.com
Received: by dd4bb.com (Postfix)
   id F2831158035; Fri, 30 Oct 2009 00:53:50 +0200 (EET)
Delivered-To: info@dd4bb.com
Received: from [41.141.30.85] (unknown [41.250.215.191])
   by dd4bb.com (Postfix) with ESMTPS id 5DE993804B
   for <info@dd4bb.com>; Fri, 30 Oct 2009 00:53:50 +0200 (EET)
Date: Thu, 29 Oct 2009 22:53:50 -0000
To: info <info@dd4bb.com>
From: Henriette Sagal <info@dd4bb.com>

Author:	mjrich [ Thu Oct 29, 2009 7:40 pm ]
Post subject:
Looks like postfix is simply accepting mail for that address at your domain, and forwarding it onto your gmail account. Nothing unusual, though if you want your own server to be the primary mx for your domain, spam filtering at ACL/smtp time would be a good idea. Your mail server doesn't seem to be acting as an open relay, anyway. Otherwise, just point your mx records directly to google apps/gmail. Apparently it's free for the standard edition.

Author:	Pepo [ Thu Oct 29, 2009 7:43 pm ]
Post subject:
thank you. I'll try it and reply back if I get any problem.

Page 1 of 1	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/