LeMMiNGS

Members
  • Content count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About LeMMiNGS

  • Rank
    Newbie
  1. unless you set as null, or not to run that line from header_checks at main.cf: nested_header_checks =
  2. One thing about the header_checks rejecting the Delivered-To header is that your mailserver will reject any "foward as attachment" email.
  3. I think you could, perhaps, add the "white ips range" with a -j ACCEPT rule, and then after -j DENY anything else that tries to reach the port 25 ... As a rule of the thumb there may be less trusteable hosts than others to fit better on your iptables
  4. I also have found out that the source of my issues were not because of the Deliver-To header exploit, but because of the option parent_domain_matches_subdomain inside main.cf which would make postfix take emails from anything[at]anything.mydomain.com without checking if the mailbox does exist. Then it would store the message for deliver and reply back with an undeliverable response to the original sender. So I just had to define that option as empty in my config file, reload, and postfix came back to work 100% again
  5. Hey cfrank! I been having the same issue, my so well protected smtp server was somehow sending unauthorized bounce mailings for random people.. and researching the net I found your post, quite informative and that could explain exactly what was happening, thank you! On my side I simply added a header_check on postfix in order to stop this exploit from happening, it seems to work well as i guess the local deliver does not seem to check the headers anymore once the mail is allowed to deliver. Just in case, you could point at master.cf another header_checks option without the exploit check for the local deliver. master.cf header_checks = pcre:/etc/postfix/header_checks /etc/postfix/header_checks /^Delivered-To: .*/ REJECT Header Exploit