考虑以下收到的垃圾邮件,其中收件人地址与发件人的地址相同,但该用户并没有向自己发送电子邮件,因此它是垃圾邮件;
(出于隐私考虑,所有主机名和 IP 均已更改):
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: from mx1.mailplatform.net (mx1.mailplatform.net [1.2.3.47])
by mx1.mailplatform.net (Postfix) with ESMTP id 9F7DB8406E6;
Thu, 21 Jun 2012 08:11:54 +0100 (BST)
Received: from localhost (localhost [127.0.0.1])
by mx1.mailplatform.net (Postfix) with ESMTP id 66B6C27C6D1;
Thu, 21 Jun 2012 08:11:54 +0100 (BST)
X-Virus-Scanned: by Mailplatform Anti-Virus
Received: from mx1.mailplatform.net ([1.2.3.47])
by localhost (mx1.mailplatform.net [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id rOsEgrThepcJ; Thu, 21 Jun 2012 08:11:52 +0100 (BST)
Received: from dialup.user.some.isp.net (dialup.user.some.isp.net [5.5.5.5])
by mx1.mailplatform.net (Postfix) with ESMTP id 3AA3127C6C1;
Thu, 21 Jun 2012 08:11:51 +0100 (BST)
Message-ID: <[email protected]>
Date: Thu, 21 Jun 2012 08:11:51 +0100
From: <[email protected]>,
<[email protected]>,
<[email protected]>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en; rv:1.9.2.12) Gecko/20101027 Thunderbird/3.1.6
MIME-Version: 1.0
To: <[email protected]>,
<[email protected]>,
<[email protected]>
Subject: Vacancy - apply online
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Antivirus: avast! (VPS 120621-0, 21/06/2012), Inbound message
X-Antivirus-Status: Clean
正如我们在此处看到的,该电子邮件最初由拨号用户提交到 MX 主机 mx1(如反向 PTR 记录所示,因此这很好地表明了垃圾邮件!)。我不明白的是,为什么 postfix 没有进行 SPF 查找,发现发件人不是此域(realdomain.com)的授权来源,并相应地调整分数。mx1 是最终用户域“realdomain.com”的发送和接收主机。这在 postfix 日志中;
Jun 21 08:11:51 mx1 meta-greylist[4080]: 5.5.5.5:dialup.user.some.isp.net is not in DB
Jun 21 08:11:51 mx1 meta-greylist[4080]: has_A_or_MX (A): dialup.user.some.isp.net RR A
Jun 21 08:11:52 mx1 meta-greylist[4080]: SPF result neutral/Please see http://www.openspf.org/[email protected]&ip=5.5.5.5&receiver=mx1.mailplatform.net
Jun 21 08:11:52 mx1 meta-greylist[4080]: suspect level 0
Jun 21 08:11:52 mx1 meta-greylist[4080]: 5.5.5.5:dialup.user.some.isp.net:lala.net set to whitelisted
Jun 21 08:11:52 mx1 meta-greylist[4080]: action=DUNNO
Jun 21 08:11:52 mx1 postfix/smtpd[3800]: 3AA3127C6C1: client=dialup.user.some.isp.net[5.5.5.5]
Jun 21 08:11:52 mx1 postfix/trivial-rewrite[3934]: warning: do not list domain readldomain.com in BOTH virtual_alias_domains and relay_domains
抱歉,这听起来有点荒谬,我是 Postfix 的新手。如果我没有发布一些显然应该发布的内容(例如,日志的一部分),请告诉我,我会的。谢谢。
编辑更新: 我的意思是,这是否因为发送用户使用了“[电子邮件保护]' 返回路径值以某种方式抛出了 postfix/amavis/spamassassin?
答案1
嗯,首先,postfix 不是垃圾邮件检测工具,它是一个 MTA。因此,您需要与 postfix 一起运行一些软件,例如 spamassassin,以进行检查。此外,postfix 不会自动检查 spf,您必须启用该功能,例如postfix-policyd-spf-perl在 ubuntu 中。然后,您必须配置 postfix 以使用它进行检查。