Re: Using My Box to Relay Spam

From: Hal Burgiss (
Date: 05/01/02

From: Hal Burgiss <>
Date: Wed, 01 May 2002 15:49:01 GMT

On 1 May 2002 14:05:29 GMT, Marshall Lake <> wrote:
> Apr 23 19:01:03 postfix/smtpd[20820]: connect from unknown[]
> Apr 23 19:01:05 postfix/smtpd[20820]: 69A081B808: client=unknown[]
> Apr 23 19:01:07 postfix/smtpd[20820]: disconnect from unknown[]
> Can someone tell me or point me in the right direction to finding out
> how to stop this from happening?

Depending on what loglevel you are doing, I would think postfix would
have more to say if mail were actually being sent. Maybe this is a
probe of some kind (my guess)? If its always the same IP, block with
iptables. That being said, nobody likes a spammer.

So,, /usr/share/doc*/postfix*, or maybe the
lovely and talented 'grep':

[root@feenix privoxy]# grep relay /etc/postfix/
# those names via the relay_domains or permit_mx_backup settings for
# luser_relay parameters.
# This parameter has precedence over the luser_relay parameter.
# The luser_relay parameter specifies an optional destination address
# The following expansions are done on luser_relay: $user (recipient
# luser_relay = $
# luser_relay = $
# luser_relay = admin+$local
# The relay_domains parameter restricts what clients this mail system
# will relay mail from, or what destinations this system will relay
# By default, Postfix relays mail
# - from trusted clients matching $relay_domains or subdomains thereof,
# - from untrusted clients to destinations that match $relay_domains
# The default relay_domains value is $mydestination.
# These destinations do not need to be listed in $relay_domains.
relay_domains = $mydestination, /etc/postfix/relay-domains
Or, telnet to and you will get a thorough going over to
check for relaying vulnerabilites.

Hal Burgiss