I have a fairly standard Postfix configuration to forward mail to several domains (the setup includes postsrsd and spamassassin/spamass-milter, which works fine):
myhostname = mail.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_domains = mydomain.com, otherdomain.com, thirddomain.com
virtual_alias_maps = hash:/etc/postfix/virtual
But instead of receiving (and forwarding) mail only for the addresses defined in virtual_alias_maps, Postfix tries to send fraudulent messages to various mail servers like so:
Jan 29 15:52:41 localhost postfix/qmgr[354872]: D07D97F95E: from=<>, size=12267, nrcpt=1 (queue active)
Jan 29 15:52:41 localhost postfix/qmgr[354872]: 9C1C77F952: from=<>, size=11583, nrcpt=1 (queue active)
Jan 29 15:52:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[2606:4700:3032::ac43:8c58]:25: No route to host
Jan 29 15:52:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[2606:4700:3033::6815:369f]:25: No route to host
Jan 29 15:52:41 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[2606:4700:3031::6815:efe]:25: No route to host
Jan 29 15:52:42 localhost postfix/smtp[362944]: 9C1C77F952: to=<[email protected]>, relay=mail.gethoys.me[137.184.49.234]:25, delay=139007, delays=139006/0.03/0.76/0.1, dsn=4.7.1, status=deferred (host mail.gethoys.me[137.184.49.234] said: 454 4.7.1 <[email protected]>: Relay access denied (in reply to RCPT TO command))
Jan 29 15:53:11 localhost postfix/smtp[362942]: connect to mail.visceration.co[172.67.140.88]:25: Connection timed out
Jan 29 15:53:11 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[104.21.14.254]:25: Connection timed out
Jan 29 15:53:11 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[2606:4700:3033::ac43:a0d9]:25: No route to host
Jan 29 15:53:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[104.21.54.159]:25: Connection timed out
How can I keep my mail server from reacting to these connections? And why is smtpd not involved (as it is in legitimate mail forwarding)?
Thanks, Jan
I checked the postqueue and realized these log entries were created by bounce messages to non-existent or forged mail servers. Sorry!