Postfix 拒绝未知的本地收件人

Postfix 拒绝未知的本地收件人

我遇到了反向散射问题。垃圾邮件发送者向我服务器上托管的不存在的用户名@存在的域发送电子邮件。我试图中止会话,而不是将退回邮件发送回伪造的发件人地址。我尝试添加reject_unverified_recipient,但似乎不起作用。

当我检查 mailq 时,我可以看到许多卡住的“用户不存在”电子邮件从 MAILER_DAEMON 退回到不存在的收件人。

这是我的 postconf -n

append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
dovecot_destination_recipient_limit = 1
inet_interfaces = all
inet_protocols = ipv4
mailbox_size_limit = 0
message_size_limit = 102400000
milter_default_action = accept
milter_protocol = 2
mydestination = localhost
myhostname = domain.com
mynetworks = 127.0.0.0/8
non_smtpd_milters = inet:localhost:8891
readme_directory = no
recipient_delimiter = +
relay_domains =
relayhost =
resolve_numeric_domain = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_milters = inet:localhost:8891
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain, reject_unverified_recipient, permit_auth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/ssl/certs/domain.com.chain.crt
smtpd_tls_cert_file = /etc/ssl/certs/domain.com.crt
smtpd_tls_key_file = /etc/ssl/private/domain.com.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_domains = mysql:/etc/postfix/sqlconf/virtual_alias_domains.cf
virtual_alias_maps = mysql:/etc/postfix/sqlconf/virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/sqlconf/mydestination.cf
virtual_transport = dovecot

这是 master.cf 文件

smtp      inet  n       -       -       -       -       smtpd
  -o content_filter=spamassassin
  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
smtps     inet  n       -       -       -       -       smtpd
  -o content_filter=checkhook
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
pickup    unix  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
spamassassin unix -     n       n       -       -       pipe
  user=spamfilter argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
checkhook unix  -       n       n       -       -       pipe
  user=www-data argv=/etc/postfix/scripts/send ${sender} ${recipient}

以下是我尝试发送给无效的本地收件人时生成的一些日志。

Jan 22 19:09:34 ip-12345 postfix/qmgr[19938]: CF96B20013B: from=<[email protected]>, size=249, nrcpt=1 (queue active)
Jan 22 19:09:35 ip-12345 postfix/pickup[19939]: 982D320013D: uid=5007 from=<[email protected]>
Jan 22 19:09:35 ip-12345 postfix/pipe[21485]: CF96B20013B: to=<[email protected]>, relay=spamassassin, delay=18, delays=16/0/0/1.2, dsn=2.0.0, status=sent (delivered via spamassassin service)                           
Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: CF96B20013B: removed
Jan 22 19:09:35 ip-12345 postfix/cleanup[21477]: 982D320013D: message-id=<[email protected]>
Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: 982D320013D: from=<[email protected]>, size=1333, nrcpt=1 (queue active)
Jan 22 19:09:35 ip-12345 dovecot: auth: Debug: master in: USER#0111#[email protected]#011service=lda
Jan 22 19:09:35 ip-12345 dovecot: auth-worker(14636): Debug: sql([email protected]): SELECT '/var/vmail/[email protected]' as home, 'vmail' as uid, 'vmail' as gid, concat('*:storage=', quota_kb) AS quota_rule, concat('*:messages=', quota_msg) AS quota_rule2 FROM users WHERE username = 'nonexistentx' AND domain = 'localdomain.com' and active=1                          
Jan 22 19:09:35 ip-12345 dovecot: auth-worker(14636): sql([email protected]): unknown user                                                  
Jan 22 19:09:35 ip-12345 dovecot: auth: Debug: userdb out: NOTFOUND#0111       
Jan 22 19:09:35 ip-12345 postfix/pipe[21400]: 982D320013D: to=<[email protected]>, relay=dovecot, delay=0.07, delays=0.05/0/0/0.02, dsn=5.1.1, status=bounced (user unknown)                                              
Jan 22 19:09:35 ip-12345 postfix/cleanup[21396]: A8B0720013C: message-id=<[email protected]>
Jan 22 19:09:35 ip-12345 postfix/bounce[21474]: 982D320013D: sender non-delivery notification: A8B0720013C                                                   
Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: A8B0720013C: from=<>, size=3394, nrcpt=1 (queue active)                                                  
Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: 982D320013D: removed      
Jan 22 19:09:35 ip-12345 postfix/smtp[21496]: A8B0720013C: to=<[email protected]>, relay=none, delay=0.03, delays=0/0.01/0.02/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=sender.ocm type=A: Host not found)                                                              
Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: A8B0720013C: removed

答案1

查看您的共享配置,看起来您的 milter(spamassassin?)默认接受。您的 postfix 最好在前门拒绝更多垃圾邮件。

这是我在一台服务器上使用的 postfix 配置的一部分,旨在将垃圾邮件挡在门外,并试图防止垃圾邮件泛滥。不要只是复制它。阅读更多关于 postfix 配置、操作指南、wiki 等的信息(就像我过去做的那样)。不过,您可以盲目地复制它,但首先删除 helo_access 和提到的访问文件的行。如果这些文件不存在,postfix 会抗议,并且不会启动。

还请注意,在“段落”中顺序非常重要,例如 smtpd_helo_restrictions、smtpd_recipient_restrictions 等。例如,smtpd_recipient_restrictions 块应该将 RBL 服务器作为最后一个,以尽量减少网络请求,方法是让 postfix 首先进行初始检查。然后,在 postfix 完成该部分的工作后,RBL 可以查看还剩下哪些内容需要检查以查找垃圾邮件发送者。

smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 60
smtpd_error_sleep_time = 1s
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_helo_restrictions = 
 permit_mynetworks, 
 permit_sasl_authenticated,
 check_helo_access hash:/etc/postfix/helo_access,
 reject_non_fqdn_hostname, 
 reject_invalid_hostname, 
 reject_unauth_pipelining, 
 permit
smtpd_recipient_restrictions = 
 permit_mynetworks, 
 permit_sasl_authenticated, 
 reject_unauth_destination, 
 reject_unauth_pipelining, 
 reject_non_fqdn_sender, 
 reject_non_fqdn_recipient, 
 reject_invalid_hostname, 
 reject_unknown_sender_domain, 
 reject_unknown_recipient_domain, 
 reject_unlisted_recipient, 
 reject_rbl_client psbl.surriel.com, 
 reject_rbl_client ix.dnsbl.manitu.net, 
 reject_rbl_client zen.spamhaus.org, 
 reject_rbl_client bl.spamcop.net, 
 permit
smtpd_sender_restrictions = 
 check_sender_access hash:/etc/postfix/access, 
 permit_mynetworks, 
 permit_sasl_authenticated, 
 reject_non_fqdn_sender, 
 reject_unknown_sender_domain
smtpd_soft_error_limit = 10

提示一下,安装 pfqueue :

sudo apt-get install pfqueue

这样,您就可以快速浏览队列中的电子邮件,并删除要删除的电子邮件。如果您确定所有电子邮件都是不相关的、不重要的电子邮件,您还可以删除 Postfix 队列中的所有电子邮件:

sudo postsuper -d ALL

再次强调,使用后一个命令时要小心。另请参阅:

man postsuper

相关内容