/var/log/邮件日志

tag-icon tag-icon centos postfix spam spam-filter
/var/log/邮件日志

我在服务器上安装了 Centos 7 并使用 postfix 作为 MTA。以下是我的反垃圾邮件 postfix 附加配置:

# main.cf ANTI SPAM
disable_vrfy_command = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes

smtpd_helo_restrictions = permit_mynetworks,
   reject_non_fqdn_hostname,
   reject_invalid_hostname,
   permit

smtpd_recipient_restrictions =
   permit_sasl_authenticated,
   reject_invalid_hostname,
   reject_non_fqdn_hostname,
   reject_non_fqdn_sender,
   reject_non_fqdn_recipient,
   reject_unknown_sender_domain,
   reject_unknown_recipient_domain,
   permit_mynetworks,
   reject_rbl_client sbl.spamhaus.org,
   reject_rbl_client cbl.abuseat.org,
   reject_rbl_client dul.dnsbl.sorbs.net,
   reject_rbl_client recent.spam.dnsbl.sorbs.net,
   reject_rbl_client spam.dnsbl.sorbs.net,
   reject_rbl_client dnsbl.sorbs.net,
   reject_rbl_client ubl.unsubscore.com,
   reject_rbl_client b.barracudacentral.org,
   permit

smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 60

它确实有效并且过滤了任何可能的垃圾邮件尝试,不幸的是,我在通过reject_rbl_client查找垃圾邮件黑名单时遇到了postfix的不可预测的行为。

/var/log/邮件日志

垃圾邮件发送者 IP 122.172.50.104 列在 SBL 中,邮件被 postfix 过滤

Feb  9 07:24:09 lax postfix/smtpd[20209]: connect from unknown[122.172.50.104]
Feb  9 07:24:10 lax postfix/smtpd[20209]: NOQUEUE: reject: RCPT from unknown[122.172.50.104]: 554 5.7.1 Service unavailable; Client host [122.172.50.104] blocked using dul.dnsbl.sorbs.net; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?122.172.50.104; from=<[email protected]> to=<MYEMAIL> proto=ESMTP helo=<abts-kk-dynamic-104.50.172.122.airtelbroadband.in>
Feb  9 07:24:11 lax postfix/smtpd[20209]: lost connection after RCPT from unknown[122.172.50.104]
Feb  9 07:24:11 lax postfix/smtpd[20209]: disconnect from unknown[122.172.50.104]

垃圾邮件发送者 IP 66.199.240.242 此 IP 已列入多个黑名单也包含在我的 postfix 配置中但 Postfix 并未过滤邮件。为什么?Postfix 破坏了与 SBL 的查找链接,还是什么?

Feb  8 16:17:37 lax postfix/smtpd[10346]: connect from m1.churneo.eu[66.199.240.242]
Feb  8 16:17:38 lax postfix/smtpd[10346]: DD95A101CE93D: client=m1.churneo.eu[66.199.240.242]
Feb  8 16:17:41 lax postfix/cleanup[10351]: DD95A101CE93D: message-id=<[email protected]>
Feb  8 16:17:42 lax postfix/qmgr[7998]: DD95A101CE93D: from=<bounces+c11978i204195321b19047u25533832+MYUSER=MYDIOMAIN@HoeHOdGArAal.R1.CHurNeO.eu>, size=26 401, nrcpt=1 (queue active)
Feb  8 16:17:42 lax postfix/local[10353]: DD95A101CE93D: to=<MYEMAIL>, orig_to=<MYEMAIL>, relay=local, delay=4.2, delays=4.2/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
Feb  8 16:17:42 lax postfix/qmgr[7998]: DD95A101CE93D: removed
Feb  8 16:17:42 lax postfix/smtpd[10346]: disconnect from m1.churneo.eu[66.199.240.242]

这是我的手动 SBL 检查在线工具:

1. http://rblcheck.at/
2. http://www.dnsbl.info/dnsbl-database-check.php
3. http://www.tcpiputils.com/dns-blackhole-list

我的问题是:Postfix 实际上如何通过 Reject_rbl_client 指令获取垃圾邮件确认?我该如何修复配置以使其正常运行?

相关内容