I have Postfix mail server. The mail server was spamming from an unexisting mail address so i used sender_restrictions in main.cf and sender_access (to discard mail from that mail address). Now the spam mail is sent through sendmail. See the log below.
May 17 17:21:50 ABC postfix/smtpd[1220]: connect from localhost.localdomain[127.0.0.1]
May 17 17:21:50 ABC postfix/smtpd[1220]: setting up TLS connection from localhost.localdomain[127.0.0.1]
May 17 17:21:50 ABC postfix/smtpd[1220]: TLS connection established from localhost.localdomain[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
May 17 17:21:50 ABC sendmail[1235]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
May 17 17:21:50 ABC postfix/smtpd[1220]: NOQUEUE: discard: RCPT from
localhost.localdomain[127.0.0.1]: <software@ABC>: Sender address triggers DISCARD action; from=<software@ABC> to=<hcoommontest@rubop.com> proto=ESMTP helo=<ABC>
May 17 17:21:50 ABC postfix/smtpd[1220]: 623C21770846:
client=localhost.localdomain[127.0.0.1], sasl_sender=software@ABC
May 17 17:21:50 ABC sendmail[1235]: q4HBpl9d001235:
to=hcoommontest@rubop.com, ctladdr=software (504/504), delay=00:00:03, xdelay=00:00:00, mailer=relay, pri=30120, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as 623C21770846)
I want to block this mail.
Best Answer
You have not fully uninstalled Eric Allman's
sendmailpackage.This is evidenced by the fact that the log still shows you using the sendmail package's
sendmailbinary - this should have been replaced with the postfixsendmailbinary.Revisit your installation procedure and correct this error.
Moreover, you should never DISCARD mail unless there is no other option.
In this case, you should REJECT the sender instead.