Voicemail to Email Postfix local delivery relay spam issue

FreePBX voicemail to email spamming issue.

I’ve gone over this a lot, and can not find the problem. Email is using the standard Postfix Mail server. The Postfix appears to be setup, like all the other boxes i’ve done. It is setup to relay email. It does authentication, and everything works fine with the authentication, and emailing.

The Problem
It is sending all messages to the forwarding host, so all the garbage messages - like root and asterisk messages. So the relaying host gets spammed from the server ~ 1000 emails a day, when only a few are actual voicemails. It would seem there’s a local delivery option or something I’ve overlooked, but I can not find it, and I’ve done this several times.

I have Webmin installed, for ease of management.

FreePBX 12 is no longer supported but yes like any server it’s going to send more than just the voicemail emails. It’s going to send update alerts, backup alerts, user notices, cronjob logs and other items.

What does the maillog show as far as the amount and what type of emails are going out?

I’ve never had this problem before, and not sure why I’m just noticing this now on this box, but …

99% of all the messages are either:
root to root
root to asterisk

e.g. of root to root

From root (Cron Daemon)

To root
Subject Cron [email protected] /usr/local/bin/trunk-check.sh

Message text
/usr/local/bin/trunk-check.sh: line 1: Rejected’: command not found

e.g. of root to asterisk

From root (Cron Daemon)
To asterisk
Subject Cron [email protected] [ -e /var/www/html/admin/modules/qxact_reports/import_queue_data.php ] && php /var/www/html/admin/modules/qxact_reports/import_queue_data.php 2>/dev/null

Message text
Not licenced

I think they have always been there and sent, but If you care not to read the sometimes informative emails to root or asterisk, you can redirect in /etc/aliases them to /dev/null


root: /dev/null
asterisk: /dev/null

and run newaliases

but then you will never get any warnings, ideally you would read the warnings and fix them as they come up

obviously in this specific case you have an unlicensed module active, delete it if you don’t need it , pay for it if you do :wink:

(I think we are gonna tumble down the rabbit hole with this…)

My thoughts, I’ve not confirmed this on other boxes, were that the local mailboxes: root, asterisk, etc… would have those mail messages delivered locally, not sent out. Why would it send them out? On my other boxes if I need to I pull up those mail boxes and look through the 1000’s of messages. This box, those mailboxes are empty. It appears all mailboxes are empty. There are ~ 30 system mail boxes, none have anything in them. That’s why I think this is a postfix confirg error. (Ive even looked through the main.cf)

Yea your right - I uninstalled the Queue Reporting module, I must have been playing with it, at somepoint, and forgot it - dunno, it’s removed. And, yes, having these messages are good for that reason, but at this point I’m not getting any, because they are being sent outta the box, and getting dropped by the relay mail server. The only reason I see them now, is I’ve stopped Postfix and look in the mail queue.

Very simply, postfix delivers email to the final destination as defined basically in /etc/aliases that can be an email address, a list, a pipe or any other linux device you care to define, by default, root will be the local root user, asterisk the local asterisk user. There are no rabbit holes; just rules defined by whatever that might later re-define post /etc/aliases

Subverting /dev/null would be hard

The local delivery for the aliases is:

looks fine, almost all the system accounts are aliases to root

The recurring error message appears to be this:
/usr/local/bin/trunk-check.sh: line 1: Rejected’: command not found

havn’t spent the time, to see this. Maybe this just started, but this error looks to be causing the spam, every few moments.

A) is the root: account itself aliased?
B) did you investigate the trunk-check script?

a) there is an alias root but it is disabled
b) I did remove the trunk-check script.

So now 99.5 of all messages are cleared. Funtionally my problem is solved, but I never addressed the original issue: why are root emails being sent out for delivery and not being sent to the root mailbox locally? This doesn’t appear to be impacting anything besides not being able to see those messages, and unless my Relay exceeds its 24hr limit I’ll never know there’s a problem.

your mail.log/maillog log file should show where the emails ro root are going are sent to

(removing actual - FQDN)

Nov 18 21:05:02 localhost postfix/pickup[3428]: 07D4E2822D2: uid=0 from=<root>
Nov 18 21:05:02 localhost postfix/cleanup[3509]: 07D4E2822D2: message-id=<[email protected]>
Nov 18 21:05:02 localhost postfix/qmgr[2780]: 07D4E2822D2: from=<[email protected]>, size=655, nrcpt=1 (queue active)
Nov 18 21:05:02 localhost postfix/sendmail[3514]: warning: the Postfix sendmail command has set-uid root file permissions
Nov 18 21:05:02 localhost postfix/sendmail[3514]: warning: or the command is run from a set-uid root process
Nov 18 21:05:02 localhost postfix/sendmail[3514]: warning: the Postfix sendmail command must be installed without set-uid root file permissions
Nov 18 21:05:02 localhost postfix/pickup[3428]: 2B6612822F2: uid=498 from=<root>
Nov 18 21:05:02 localhost postfix/cleanup[3509]: 2B6612822F2: message-id=<[email protected]>
Nov 18 21:05:02 localhost postfix/qmgr[2780]: 2B6612822F2: from=<[email protected]
Nov 18 21:05:02 localhost postfix/smtp[3513]: 07D4E2822D2: to=<[email protected]>, orig_to=<root>, relay:80=smtpout.FQDN.net, delay=0.95, delays=0.12/0.02/0.64/0.17, dsn=2.0.0, status=sent (250 OYvugHZ79uYbJ mail accepted for delivery)
Nov 18 21:05:02 localhost postfix/qmgr[2780]: 07D4E2822D2: removed
Nov 18 21:05:03 localhost postfix/smtp[3516]: 2B6612822F2: to=<[email protected]>, orig_to=<asterisk>, relay:80=smtpout.FQDN.net, delay=0.91, delays=0.09/0.01/0.62/0.18, dsn=2.0.0, status=sent (250 OYvugMpapfqD0 mail accepted for delivery)
Nov 18 21:05:03 localhost postfix/qmgr[2780]: 2B6612822F2: removed

so why does it send mail out? When it’s sending to itself.

The mail logs on pbx.FQDN.com should show you what happened to mail to users asterisk and root. It accepted it and your local machine is happy. It looks like you need to fix your postfix permissions though. How did you install this machine ?

I have had this problem before on Freepbx 13.
Those local emails to [email protected] being relayed through our external SMTP server instead of locally, essentially spamming it with thousands of emails every day.
Is that what’s happening to you?

Apr 27 08:35:02 freepbx-a postfix/smtp[134542]: 84B26102CB8: to=&lt;[email protected]&gt;, orig_to=&lt;asterisk&gt;, relay= *ourmailserver* []:25, delay=0.72, delays=0.23/0/0/0.49, dsn=2.6.0, status=sent (250 2.6.0 &lt;[email protected]&gt; [InternalId=7235115]Queued mail for delivery)

I’m a bit confused… thousands of emails a day? About what? O_o

I get maybe 4… and those are status reports and hylafax usage reports.

If you edit




Your emails to user will be delivered directly to the file


Yes, that is what’s happening

I corrected the script that was causing an error every 30 seconds, and the asterisk error.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.