Home server being used as an open rely

My email account got locked today because my home server was being using as an open rely so the spammers could send mail at will from brewer.me.uk. It looks like it started at Nov 28 15:33:49 and the account got locked at Nov 30 04:20:40, with a total of 5109 spam mails being sent. Doh!

What I can't understand is why my router was allowing access to the mail server i.e. port forwarding port 25. I have a vague feeling that it was another half completed project that I was playing around with years ago.

Anyway, firewall is working correctly and the mail server is configured a bit better now.  These are the changes I made to my postfix configuration file (main.cf):

smtpd_client_restrictions = permit_mynetworks, reject

smtpd_helo_restrictions = reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname 

smtpd_sender_restrictions = reject_unknown_sender_domain 

smtpd_recipient_restrictions = permit_mynetworks, reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_destination, reject_rbl_client sbl.spamhaus.org

smtpd_data_restrictions = reject_unauth_pipelining

One and one were very quick to unlock the account.

Comments

Popular posts from this blog

A census of amplified and overexpressed human cancer genes : Nature Reviews Cancer

RT @CancerInNorwich: 📢 Join us on Monday at 1pm for the next talk in our virtual seminar series. We will be hearing from Dr Wafa Al-Jamal from @QUBelfast, who will be talking about "Smart Nanomedicimes for Pancreatic Cancer". All are welcome to join via the MS Teams link: https://t.co/4xCYpjGuBZ https://t.co/EGyD4NAgeP

An excellent opportunity to join the cancer genetics team as a diagnostic lab bioinformatician in Norwich. Lots of exciting projects to get involved in. Deadline: 30/05/2023. Happy to chat about this role. https://t.co/SltGsxYF6Y https://t.co/zh08bqZFDb