Gentoo Forums :: View topic - policyd-weight -- DUNNO NULL on empty 'from'.. what to do?

policyd-weight -- DUNNO NULL on empty 'from'.. what to do?

View unanswered posts
View posts from last 24 hours

Gentoo Forums Forum Index

Networking & Security

View previous topic :: View next topic

Author

Message

hanj
Veteran
Veteran

Joined: 19 Aug 2003
Posts: 1500

Posted: Sat Aug 11, 2007 4:01 pm Post subject: policyd-weight -- DUNNO NULL on empty 'from'.. what to do?

Hello

I've been getting plenty of email that is getting past my policyd-weight, due to the fact that the from is empty. When this happens a 'DUNNO NULL (<>) Sender' happens. Then it falls back to my postfix to look for the mailbox, when clearly this is not valid email. I believe I might be undergoing a backscatter attack right now, and I'm trying to minimize the affect of this. So with policy being bypassed, my postfix and mysql is working harder than normal.

Is there anything I can do with policyd-weight to score on missing 'from'? Is there something I can add to main.cf to required valide 'from'?

Below is a small snip of logs to show the behaviour of policyd and postfix.

Code:

Aug 11 09:45:05 myserver.com postfix/policyd-weight[6475]: decided action=DUNNO NULL (<>) Sender; delay: 0s
Aug 11 09:45:05 myserver.com postfix/smtpd[4193]: NOQUEUE: reject: RCPT from mail.hyundaidealer.co.uk[82.111.224.139]: 550 5.1.1 <Chasityshah@comp.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Chasityshah@comp.com> proto=ESMTP helo=<barracuda.hyundai-car.co.uk>

Aug 11 09:45:51 myserver.com postfix/policyd-weight[6475]: decided action=DUNNO NULL (<>) Sender; delay: 0s
Aug 11 09:45:51 myserver.com postfix/smtpd[29985]: NOQUEUE: reject: RCPT from unknown[xxx.xxx.xxx.xxx]: 550 5.1.1 <Charrli@comp.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Charrli@comp.com> proto=ESMTP helo=<mail.my-backup-mx.com>

Aug 11 09:48:28 myserver.com postfix/policyd-weight[5071]: decided action=DUNNO NULL (<>) Sender; delay: 0s
Aug 11 09:48:28 myserver.com postfix/smtpd[4193]: NOQUEUE: reject: RCPT from ea.95.1343.static.theplanet.com[67.19.149.234]: 550 5.1.1 <Josef.Horne@comp.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Josef.Horne@comp.com> proto=SMTP helo=<central02.i3eng.com>

Aug 11 09:50:13 myserver.com postfix/policyd-weight[5102]: decided action=DUNNO NULL (<>) Sender; delay: 0s
Aug 11 09:50:13 myserver.com postfix/smtpd[5129]: NOQUEUE: reject: RCPT from unknown[xxx.xxx.xxx.xxx]: 550 5.1.1 <Rathbun@comp.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Rathbun@comp.com> proto=ESMTP helo=<mail.my-backup-mx.com>

I was going to attempt to use fail2ban to stop some of these:
https://forums.gentoo.org/viewtopic-t-575365.html

But it seems like policyd-weight is what I need to get dialed.

Here are my packages/versions

Code:

[ebuild R ] mail-filter/policyd-weight-0.1.14.5 49 kB
[ebuild R ] mail-mta/postfix-2.3.6 USE="mysql pam sasl ssl vda -cdb -dovecot-sasl (-hardened) -ipv6 -ldap -mailwrapper -mbox -nis -postgres (-selinux)" 2,727 kB

Thanks!
hanji
_________________
Server Admin Blog - Uno-Code.com

Display posts from previous:

	Gentoo Forums Forum Index Networking & Security	All times are GMT
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy