[TriLUG] postfix security

Sat Dec 11 03:03:27 EST 2004

I have a question that relates directly to a spamming experience I just had.

I understand what an MX record is.  I have setup multiple machines that will 
relay for my domain in the event my primary mail server is down.  I did so by 
adding to those machines this in /etc/postfix/main.cf

relay_domains = $mydestination mydomaincom

All machines involved run Mandrake 10.0 or 10.1.  That tends to work, but I 
found a problem.  In theory, anyone on the internet can use these backup 
servers to send email to my domain.  Someone could spam my domain all day and 
all night through those servers.  In fact, tonight I received a spam email 
that came through one of those servers and even claimed to be from two 
accounts (which don't actually exist) on that backup server (why would an 
email be from 2 accounts anyway?). What can I do to prevent this?

Thanks a lot,

Michael