==== Required information ====
- iRedMail version (check /etc/iredmail-release):0.8.6
- Linux/BSD distribution name and version: Debian 3.2.68-1+deb7u5 i686 GNU/Linux
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx):Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====
I don't know what happened but my mail server wdrk began to send spam
http://mxtoolbox.com/SuperTool.aspx?act … n=toolpage
SMTP Open Relay
==================
clogged postfix queue
#postqueue -p
18EF814C0268* 49017 Mon Jan 18 16:02:37 kofanov@code-2-reduction.fr
info@lainer.ru
info@lak.spb.ru
info@lakoniatour.ru
info@lakyverf.spb.ru
info@lambreken.ru
info@lambumiz.ru
info@lamir.ru
info@lamourtour.ru
info@lan-service.ru
info@lanamedica.ru
info@lanark.ru
info@lanck.ru
info@land-art.ru
info@land-group.ru
info@land-kv.com.ua
info@land-rostov.ru
info@landata.ru
info@landhaus.spb.ru
info@landia.ru
info@landl.ru
info@lando-club.ru
info@landrover.spb.ru
info@landroverclub.ru
info@lands.ru
info@landscape-school.ru
info@landshaft-spb.ru
info@lanfactory.ru
info@language.ru
info@language4you.com
info@languagelink.ru
info@languageprofi.ru
info@languardia.ru
info@lanix.ru
info@lannakamilina.ru
info@lans-group.ru
info@lanscom.ru
info@lansmedia.ru
info@lanta.biz
info@lanta.ru
info@lantanclinic.ru
info@lantanlaser.ru
info@lantech.ru
info@lantep.ru
info@lanterm.ru
info@lapinhonka.ru
info@laplabel.ru
info@laptev.ru
info@laptop.ru
info@larga.ru
info@largus.ru
info@laria.ru
info@laross-t.ru
info@las.ru
info@lasante.spb.ru
info@laser-nt.ru
info@laser-unit.com
info@laserdoctor.ru
info@laserline.ru
-- 10818 Kbytes in 454 Requests.
=============
cluebringer.conf
# File to log to instead of stdout
log_file=/var/log/cbpolicyd.log
# Log destination for mail logs...
# main - Default. Log to policyd's main log mechanism, accepts NO args
# syslog - log mail via syslog
# format: log_mail=facility@method,args
#
# Valid methods for syslog:
# native - Let Sys::Syslog decide
# unix - Unix socket
# udp - UDP socket
# stream - Stream (for Solaris)
#
# Example: unix native
#log_mail=mail@syslog:native
#
# Example: unix socket
#log_mail=mail@syslog:unix
#
# Example: udp
#log_mail=mail@syslog:udp,127.0.0.1
#
# Example: Solaris
#log_mail=local0@syslog:stream,/dev/log
#log_mail=maillog
log_mail=mail@syslog:native
# Things to log in extreme detail
# modules - Log detailed module running information
# tracking - Log detailed tracking information
# policies - Log policy resolution
# protocols - Log general protocol info, but detailed
# bizanga - Log the bizanga protocol
#
# There is no default for this configuration option. Options can be
# separated by commas. ie. protocols,modules
#
#log_detail=
# IP to listen on, * for all
host=127.0.0.1
host=127.0.0.1
# Port to run on
port=10031
# Timeout in communication with clients
#timeout=120
# cidr_allow/cidr_deny
# Comma, whitespace or semi-colon separated. Contains a CIDR block to
# compare the clients IP to. If cidr_allow or cidr_deny options are
# given, the incoming client must match a cidr_allow and not match a
# cidr_deny or the client connection will be closed.
#cidr_allow=0.0.0.0/0
#cidr_deny=
[database]
#DSN=DBI:SQLite:dbname=policyd.sqlite
DSN=DBI:mysql:host=127.0.0.1;database=cluebringer;user=cluebringer;password=aXnZYQZaaX2D4fFTUSqTBREvj9pWeY
#DSN=DBI:Pg:database=policyd;host=localhost
#DSN=DBI:_DBC_DBTYPE_:dbname=_DBC_DBNAME_;host=_DBC_DBSERVER_
## Debian
# DB_Type can be one of - pgsql, mysql or sqlite3
# DB_Host is ignored for sqlite3. For pgsql and mysql it should be left
# unset or as 'localhost' if you wish to use unix sockets to communicate
# with the database. To use TCP/IP to connect to a local database set
# '127.0.0.1' as the value. Otherwise use the hostname or IP address of
# the database server.
# DB_Port is ignored for sqlite3. For pgsql it will default to '5432' and
# for mysql the default is '3306'. If you are running your database server
# on a non-standard port you should set it's value here.
# DB_Name defaults to '/var/lib/cluebringer/cluebringer.db' for sqlite3, if you
# wish to use another file for the database set it's full path here and
# ensure that the cluebringer user can read and write not only the file
# but the directory it lives in. For pgsql and mysql this will
# default to 'cluebringer', otherwise you should set the name of the
# database here.
DB_Type=mysql
DB_Host=127.0.0.1
DB_Port=3306
DB_Name=cluebringer
Username=cluebringer
Password=aXnZYQZaaX2D4fFTUSqTBREvj9pWeY
# What do we do when we have a database connection problem
# tempfail - Return temporary failure
# pass - Return success
bypass_mode=pass
# How many seconds before we retry a DB connection
bypass_timeout=10
# Access Control module
[AccessControl]
enable=1
# Greylisting module
[Greylisting]
enable=0
# CheckHelo module
[CheckHelo]
enable=0
# CheckSPF module
[CheckSPF]
enable=0
# Quotas module
[Quotas]
enable=1
=====================
main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA.pem
smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mail.piramida74.ru
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
myorigin = mail.piramida74.ru
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
relayhost =
mynetworks = 127.0.0.0/8,
192.168.X.0/24,
X.X.X.X,
X.X.X.X,
X.X.X.
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
virtual_alias_domains =
allow_percent_hack = no
swap_bangpath = no
mydomain = piramida74.ru
mynetworks_style = host
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtp_tls_security_level = may
smtp_tls_CAfile = $smtpd_tls_CAfile
#smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated
delay_warning_time = 0h
maximal_queue_lifetime = 4h
bounce_queue_lifetime = 4h
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtpd_helo_required = yes
#smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, check_helo_access pcre:/etc/postfix/helo_access.pcre
queue_run_delay = 300s
minimal_backoff_time = 300s
maximal_backoff_time = 4000s
enable_original_recipient = no
disable_vrfy_command = yes
home_mailbox = Maildir/
allow_min_user = no
message_size_limit = 36700160
virtual_minimum_uid = 2000
virtual_uid_maps = static:2000
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/vmail
transport_maps = proxy:ldap:/etc/postfix/ldap/transport_maps_user.cf, proxy:ldap:/etc/postfix/ldap/transport_maps_domain.cf
virtual_alias_maps = proxy:ldap:/etc/postfix/ldap/virtual_alias_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_members_maps.cf, proxy:ldap:/etc/postfix/ldap/catchall_maps.cf
virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_maps.cf
sender_bcc_maps = proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_user.cf, proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_domain.cf
recipient_bcc_maps = proxy:ldap:/etc/postfix/ldap/recipient_bcc_maps_user.cf, proxy:ldap:/etc/postfix/ldap/recipient_bcc_maps_domain.cf
relay_domains = $mydestination, proxy:ldap:/etc/postfix/ldap/relay_domains.cf
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap/sender_login_maps.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = no
smtpd_recipient_restrictions = reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unlisted_recipient,
check_policy_service inet:127.0.0.1:7777,
check_policy_service inet:127.0.0.1:10031,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
reject_non_fqdn_sender
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
smtpd_tls_security_level = may
smtpd_tls_loglevel = 0
smtpd_tls_CAfile = /etc/ssl/certs/iRedMail_CA.pem
tls_random_source = dev:/dev/urandom
mailbox_command = /usr/lib/dovecot/deliver
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = ./dovecot-auth
content_filter = smtp-amavis:[127.0.0.1]:10024
smtp-amavis_destination_recipient_limit = 1
###################
=======================
I didn't do anything and did not change suddenly just became clogged queue of the mail server and emails are sent for a very long time and a long time coming , but the???? What do I do???7 Help!!!!
========================