Prevent Spammer From Creating New Directory Under /var/mail - Postfix

A spammer can send spam emails to "", and Postfix will created a new directory /var/mail/mail to hold the emails. This has happened a couple of times before with similar names. For example, a spammer sends an email to "", and when I look at Ubuntu, I see a new directory /var/mail/test has been created to hold the spam emails.

How can I prevent this? Di I have Ubuntu configured wrong or Postfix or both?
Who is Participating?
MysidiaConnect With a Mentor Commented:
smtpd_reject_unlisted_recipient = yes
Means reject mail for unknown recipient addresses.

# postconf |grep virtual_mai

check for entries related to a virtual mailbox maps table...

_something_  is  mapping the messages to be delivered locally,
if they're being accepted.

If not by local user, and not by the mailbox name existing in /etc/aliases    as given in the local_recipient_maps  line, then most likely by a virtual mailbox recipient

It sounds as if your mail server has been reconfigured to allow _any_  mail without checking if the user exists or not


# postconf local_recipient_maps

And see what the output looks like...
some fairly standard settings are

local_recipient_maps = proxy:unix:passwd.byname $alias_maps
alias_maps = hash:/etc/aliases
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_reject_unlisted_recipient = yes
recipient_canonical_maps =
recipient_delimiter =
relay_recipient_maps =

LarryZAuthor Commented:
I only have the first line above. I looked at and and didn't see any lines similar to the the others listed in Mysidia's comment. Should I add the line smtpd_reject_unlisted_recipient=yes?
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

LarryZAuthor Commented:
I have these Postfix files in /etc/postfix
LarryZAuthor Commented:
Thanks Mysidia. Forgive me as I am an IT guy and programmer, but a Linux newbie. My initial post might not be accurate. Incoming emails to valid recipients go to thier mailbox. Incoming emails to aliases seem to work also. An email to gets rejected with 554 error (good). But an incoming email to gets delivered to a new directory /var/mail/mail. I don't know how to prevent this special case. I bought "The Book of Postfix" by Ralf Hildebrandt to help me to learn Postfix.
It may be that there actually is a default user on the system named "mail"
try  ls -ld /var/mail/mail

And see if the file isn't owned by a "mail"  user
I suppose what I would do is edit /etc/aliases

make sure there isn't already an alias for 'mail'

then try adding a

mail: bitbucket

finish editing the file
run the 'newaliases'    command to refresh the aliases database

Which goes along  with a line like

bitbucket:  /dev/null

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.