Hi, I am hosting just under fifty domains on my virtualmin server. ALL their email is sent via ANOTHER server (that I call trimmail) that runs a pretty savage and effective spam/virus/junk filter - then the email is sent over to my Virtualmin server where users pop off the mail. This has worked really well for quite a few years, but recently, my users (including myself) are getting a ton of junk and crap mail - which is actually coming from my virtualmin server. Spammers are spoofing from our server - so I was wondering if it was possible to setup Postfix so it ONLY ever answers my 'trimmail' server on port 25 and rejects everyone else that tries? I have googled high and low, but can't find the answer - which I think must be pretty easy - but I can't work it out and don't want to stuff up my server!
Are you able to help me on this please? Here is my current main.cf regards steve
command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix myorigin = itginternet.net.au mynetworks = 127.0.0.0/8, 188.8.131.52/16 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain local_recipient_maps = unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES message_size_limit = 10485760 relay_recipient_maps = hash:/etc/postfix/relay_recipients transport_maps = hash:/etc/postfix/transport smtpd_helo_required = yes smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access,reject_non_fqdn_sender,reject_unknown_sender_domain smtpd_data_restrictions = reject_unauth_pipelining header_checks = pcre:/etc/postfix/header_checks body_checks = pcre:/etc/postfix/body_checkscontent_filter = smtp-amavis:[127.0.0.1]:10024
unverified_recipient_reject_code = 550 smtpd_recipient_restrictions = reject_invalid_hostname,reject_non_fqdn_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_pipelining, permit_mynetworks,reject_unauth_destination, maps_rbl_domains = zen.spamhaus.org, relays.ordb.org, opm.blitzed.org, dun.dnsrbl.net, spam.dnsrbl.net smtpd_banner = Welcome to ITG Internet Trimmail Spam Filtering System home_mailbox = Maildir/ swap_bangpath = no append_dot_mydomain = no sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail html_directory = no setgid_group = postdrop manpage_directory = /usr/share/man newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME masquerade_domains = $mydomain ; append_at_myorigin = no queue_directory = /var/spool/postfix mail_owner = postfix default_destination_concurrency_limit = 200 #check_client_access regexp:/etc/postfix/white_list #check_client_access regexp:/etc/postfix/rejections smtp_connect_timeout = 300s smtp_helo_timeout = 30s smtp_data_xfer_timeout = 120s smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem smtpd_tls_key_file = /etc/postfix/postfix.key.pem smtpd_tls_security_level = may smtpd_recipient_limit = 100 alias_maps = hash:/etc/aliases smtpd_client_restrictions = check_client_access cidr:/etc/postfix/sinokorea.cidr