Postfix 邮件服务器上没有垃圾邮件标头

Postfix 邮件服务器上没有垃圾邮件标头

我确实遵循了本教程: https://help.ubuntu.com/lts/serverguide/mail-filtering.html

但是当我发送测试电子邮件时,我没有看到任何垃圾邮件或病毒检查标头。

我的邮件名称是:example.com 我的主机名是:ubuntu

/etc/amavis/conf.d/15-content_filter_mode:

use strict;

# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.

#
# Default antivirus checking mode
# Please note, that anti-virus checking is DISABLED by 
# default.
# If You wish to enable it, please uncomment the following lines:


@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);


#
# Default SPAM checking mode
# Please note, that anti-spam checking is DISABLED by 
# default.
# If You wish to enable it, please uncomment the following lines:


@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

1;  # ensure a defined return

/etc/amavis/conf.d/20-debian_defaults:

use strict;

# ADMINISTRATORS:
# Debian suggests that any changes you need to do that should never
# be "updated" by the Debian package should be made in another file,
# overriding the settings in this file.
#
# The package will *not* overwrite your settings, but by keeping
# them separate, you will make the task of merging changes on these
# configuration files much simpler...

#   see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for
#       a list of all variables with their defaults;
#   see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for
#       a traditional-style commented file  
#   [note: the above files were not converted to Debian settings!]
#
#   for more details see documentation in /usr/share/doc/amavisd-new
#   and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html

$QUARANTINEDIR = "$MYHOME/virusmails";
$quarantine_subdir_levels = 1; # enable quarantine dir hashing

$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$DO_SYSLOG = 1;              # log via syslogd (preferred)
$syslog_ident = 'amavis';    # syslog ident tag, prepended to all messages
$syslog_facility = 'mail';
$syslog_priority = 'debug';  # switch to info to drop debug output, etc

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1

$inet_socket_port = 10024;   # default listening socket

$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt  = -9999;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent

$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?

# Quota limits to avoid bombs (like 42.zip)

$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes

# You should:
#   Use D_DISCARD to discard data (viruses)
#   Use D_BOUNCE to generate local bounces by amavisd-new
#   Use D_REJECT to generate local or remote bounces by the calling MTA
#   Use D_PASS to deliver the message
#
# Whatever you do, *NEVER* use D_REJECT if you have other MTAs *forwarding*
# mail to your account.  Use D_BOUNCE instead, otherwise you are delegating
# the bounce work to your friendly forwarders, which might not like it at all.
#
# On dual-MTA setups, one can often D_REJECT, as this just makes your own
# MTA generate the bounce message.  Test it first.
#
# Bouncing viruses is stupid, always discard them after you are sure the AV
# is working correctly.  Bouncing real SPAM is also useless, if you cannot
# D_REJECT it (and don't D_REJECT mail coming from your forwarders!).

$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
$final_banned_destiny     = D_DISCARD;   # D_REJECT when front-end MTA
$final_spam_destiny       = D_DISCARD;
$final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)

$enable_dkim_verification = 0; #disabled to prevent warning

$virus_admin = "postmaster\@$mydomain"; # due to D_DISCARD default

# Set to empty ("") to add no header
$X_HEADER_LINE = "Debian $myproduct_name at $mydomain";

# REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS

#
# DO NOT SEND VIRUS NOTIFICATIONS TO OUTSIDE OF YOUR DOMAIN. EVER.
#
# These days, almost all viruses fake the envelope sender and mail headers.
# Therefore, "virus notifications" became nothing but undesired, aggravating
# SPAM.  This holds true even inside one's domain.  We disable them all by
# default, except for the EICAR test pattern.
#

@viruses_that_fake_sender_maps = (new_RE(
  [qr'\bEICAR\b'i => 0],            # av test pattern name
  [qr/.*/ => 1],  # true for everything else
));

@keep_decoded_original_maps = (new_RE(
# qr'^MAIL$',   # retain full original message for virus checking (can be slow)
  qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
# qr'^Zip archive data',     # don't trust Archive::Zip
));


# for $banned_namepath_re, a new-style of banned table, see amavisd.conf-sample

$banned_filename_re = new_RE(
# qr'^UNDECIPHERABLE$',  # is or contains any undecipherable components

  # block certain double extensions anywhere in the base name
  qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,

  qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?$'i, # Windows Class ID CLSID, strict

  qr'^application/x-msdownload$'i,                  # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,

# qr'^application/x-msmetafile$'i,  # Windows Metafile MIME type
# qr'^\.wmf$',              # Windows Metafile file(1) type

# qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME types

# [ qr'^\.(Z|gz|bz2)$'           => 0 ],  # allow any in Unix-compressed
# [ qr'^\.(rpm|cpio|tar)$'       => 0 ],  # allow any in Unix-type archives
# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any within such archives
# [ qr'^application/x-zip-compressed$'i => 0],  # allow any within such archives

  qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|
#        inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
#        ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
#        wmf|wsc|wsf|wsh)$'ix,  # banned ext - long

# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i,  # banned extension - WinZip vulnerab.

  qr'^\.(exe-ms)$',                       # banned file(1) types
# qr'^\.(exe|lha|tnef|cab|dll)$',         # banned file(1) types
);
# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
# and http://www.cknow.com/vtutor/vtextensions.htm


# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING

@score_sender_maps = ({ # a by-recipient hash lookup table,
                        # results from all matching recipient tables are summed

# ## per-recipient personal tables  (NOTE: positive: black, negative: white)
# '[email protected]'  => [{'[email protected]' => 10.0}],
# '[email protected]'  => [{'.ebay.com'                 => -3.0}],
# '[email protected]'  => [{'[email protected]' => -7.0,
#                           '.cleargreen.com'           => -5.0}],

  ## site-wide opinions about senders (the '.' matches any recipient)
  '.' => [  # the _first_ matching sender determines the score boost

   new_RE(  # regexp-type lookup table, just happens to be all soft-blacklist
    [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         => 5.0],
    [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
    [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
    [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   => 5.0],
    [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  => 5.0],
    [qr'^(your_friend|greatoffers)@'i                                => 5.0],
    [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    => 5.0],
   ),

#  read_hash("/var/amavis/sender_scores_sitewide"),

# This are some examples for whitelists, since envelope senders can be forged
# they are not enabled by default. 
   { # a hash-type lookup table (associative array)
     #'[email protected]'                        => -3.0,
     #'[email protected]'              => -3.0,
     #'[email protected]'                    => -3.0,
     #'[email protected]'                  => -3.0,
     #'securityfocus.com'                      => -3.0,
     #'[email protected]'       => -3.0,
     #'[email protected]'      => -3.0,
     #'[email protected]'      => -3.0,
     #'[email protected]'=> -3.0,
     #'[email protected]' => -3.0,
     #'spamassassin.apache.org'                => -3.0,
     #'[email protected]'   => -3.0,
     #'[email protected]'        => -3.0,
     #'[email protected]'     => -3.0,
     #'[email protected]'   => -3.0,
     #'[email protected]' => -3.0,
     #'[email protected]'                => -3.0,
     #'[email protected]'               => -3.0,
     #'[email protected]'                  => -3.0,
     #'[email protected]'          => -3.0,
     #'[email protected]'           => -3.0,
     #'[email protected]'       => -3.0,
     #'[email protected]'          => -3.0,
     #'[email protected]'            => -3.0,
     #'[email protected]'            => -3.0,
     #'[email protected]'                => -5.0,
     #'[email protected]'           => -3.0,
     #'returns.groups.yahoo.com'               => -3.0,
     #'[email protected]'           => -3.0,
     #lc('[email protected]')    => -3.0,
     #lc('[email protected]') => -5.0,

     # soft-blacklisting (positive score)
     #'[email protected]'                     =>  3.0,
     #'.example.net'                           =>  1.0,

   },
  ],  # end of site-wide tables
});

1;  # ensure a defined return

/etc/postfix/master.cf:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (no)    (never) (100)
# ==========================================================================
smtp      inet  n       -       y       -       -       smtpd
#smtp      inet  n       -       y       -       1       postscreen
#smtpd     pass  -       -       y       -       -       smtpd
#dnsblog   unix  -       -       y       -       0       dnsblog
#tlsproxy  unix  -       -       y       -       0       tlsproxy
#submission inet n       -       y       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       y       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
   -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       y       -       -       qmqpd
pickup    unix  n       -       y       60      1       pickup
  -o content_filter= 
  -o recieve_override_options=no_header_body_checks
cleanup   unix  n       -       y       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       y       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       y       -       0       bounce
verify    unix  -       -       y       -       1       verify
flush     unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       y       -       -       smtp
relay     unix  -       -       y       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
retry     unix  -       -       y       -       -       error
discard   unix  -       -       y       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       y       -       1       anvil
scache    unix  -       -       y       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -   n   n   -   2   pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}


smtp-amavis  unix  -     -    -   -   2     smtp
  -o smtp_data-done-timeout=1200
  -o smtp_send_xformward_command=yes
  -o disable_dns_lookups=yes
  -o max_use=20 

127.0.0.1:10025  inet   n -    -    -   -  smtpd 
  -o content_filter= 
  -o local-recipient_maps= 
  -o relay_recipient_maps= 
  -o smtpd_restriction_classes= 
  -o smtpd_delay_reject-no 
  -o smtpd_client_restrictions=permit_mynetworks, reject 
  -o smtpd_helo-restrictions= 
  -o smtpd_sender_restrictions= 
  -o smtpd_recipient_restrictions=permit_mynetworks,reject 
  -o smtpd_data_restrictions=reject_unauth_pipelining 
  -o smtpd_end_of_data_restrictions= 
  -o mynetworks=127.0.0.0/8 
  -o smtpd_error_sleep_time=0 
  -o smtpd_soft_error_limit=1001 
  -o smtpd_hard_error_limit=1001 
  -o smtpd_client_connection_count_limit=0 
  -0 smtpd_client_connection_rate_limit=0 
  -o recieve _override_options=no_header_body_checks, no_unknown_recipient_checks, no_milters 

当我发送测试邮件时,我看到了如下输出:

Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: by server1.example.com (Postfix, from userid 0)
    id 98E2A3809D6; Tue, 25 Apr 2017 08:53:08 +0200 (CEST)
To: [email protected]
Subject: This is a test-mail
Message-Id: <[email protected]>
Date: Tue, 25 Apr 2017 08:53:08 +0200 (CEST)
From: [email protected] (root)

This is a test body

当我查看 mail.log 时,我看到了以下内容:

   Apr 25 08:53:02 ubuntu amavis[25277]: Using primary internal av scanner code for ClamAV-clamd
Apr 25 08:53:02 ubuntu amavis[25277]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Apr 25 08:53:02 ubuntu amavis[25277]: Deleting db files __db.002,snmp.db,nanny.db,__db.003,__db.001 in /var/lib/amavis/db
Apr 25 08:53:02 ubuntu amavis[25277]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.55, libdb 5.3
Apr 25 08:53:02 ubuntu amavis[25277]: initializing Mail::SpamAssassin (0)
Apr 25 08:53:02 ubuntu amavis[25277]: SpamAssassin debug facilities: info
Apr 25 08:53:03 ubuntu amavis[25277]: SA info: zoom: able to use 353/353 'body_0' compiled rules (100%)
Apr 25 08:53:04 ubuntu amavis[25277]: SpamAssassin loaded plugins: AskDNS, AutoLearnThreshold, Bayes, BodyEval, Check, DKIM, DNSEval, FreeMail, HTMLEval, HTTPSMismatch, Hashcash, HeaderEval, ImageInfo, MIMEEval, MIMEHeader, Pyzor, Razor2, RelayEval, ReplaceTags, Rule2XSBody, SPF, SpamCop, URIDNSBL, URIDetail, URIEval, VBounce, WLBLEval, WhiteListSubject
Apr 25 08:53:04 ubuntu amavis[25277]: SpamControl: init_pre_fork on SpamAssassin done
Apr 25 08:53:04 ubuntu amavis[25277]: extra modules loaded after daemonizing/chrooting: /etc/perl/Net/libnet.cfg, /usr/lib/x86_64-linux-gnu/perl5/5.22/auto/Net/SSLeay/autosplit.ix, /usr/lib/x86_64-linux-gnu/perl5/5.22/auto/Net/SSLeay/randomize.al, IO/Socket/SSL.pm, IO/Socket/SSL/PublicSuffix.pm, Mail/SpamAssassin/CompiledRegexps/body_0.pm, Mail/SpamAssassin/Plugin/FreeMail.pm, Mail/SpamAssassin/Plugin/SpamCop.pm, Net/Cmd.pm, Net/Config.pm, Net/SMTP.pm, Net/SSLeay.pm
Apr 25 08:53:08 ubuntu postfix/pickup[25049]: 98E2A3809D6: uid=0 from=<root>
Apr 25 08:53:08 ubuntu postfix/cleanup[25285]: 98E2A3809D6: message-id=<[email protected]>
Apr 25 08:53:08 ubuntu postfix/qmgr[25050]: 98E2A3809D6: from=<[email protected]>, size=331, nrcpt=1 (queue active)
Apr 25 08:53:08 ubuntu postfix/virtual[25287]: 98E2A3809D6: to=<[email protected]>, relay=virtual, delay=0.03, delays=0.02/0.01/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
Apr 25 08:53:08 ubuntu postfix/qmgr[25050]: 98E2A3809D6: removed

有人知道为什么我看不到垃圾邮件和病毒检查吗

编辑1:

当我执行 telnet 127.0.0.1 10024 时,我看到以下输出:

Trying 127.0.0.1
Connecting to 127.0.0.1
Escape character is '^]'
220 [127.0.0.1] ESMTP amavis-new service ready 

日志重启 amavis (systemctl restart amavis)

 Authentication is required to restart amavis 
 Authentication as : xxxx 
 password : 
 Authentication complete 

这里是整个 mail.log:www.termbin.com/7ri7

答案1

摘自精美手册(https://www.ijs.si/software/amavisd/):

没有插入垃圾邮件相关标头?以下是一些原因:

  • @local_domains_acl 设置不正确。这些标头仅插入到与 @local_domains_acl 查找(或 SQL 查找中的 local_domains 或 $local_domains_re 或字段“local”)匹配的收件人;
  • 仅当邮件通过 amavisd-new 时才可以添加或编辑标题。目前 sendmail milter 设置中还不支持此操作(使用辅助程序 amavis-milter.c);
  • 标签级别设置得太高($sa​​_tag_level_defl);*当未调用 SpamAssassin(已禁用、邮件大于 $sa_mail_body_size_limit、发件人列入白名单/黑名单)或 SA 返回空分数时,例如,当超时时,垃圾邮件分数为空(未定义);*为了使垃圾邮件分数高于 kill_level 的邮件仍然通过,可以全局设置:$final_spam_destiny=D_PASS,或声明收件人为 spam_lover。

我认为第一个是让你头疼的问题。你需要在文件夹中的某个位置用虚拟域信息填充 @local_domains_acl 数组。

相关内容