我想配置 Postfix 以拒绝来自互联网的垃圾邮件。我找到了以下示例这里:
smtpd_client_restrictions = permit_mynetworks, reject
smtpd_helo_restrictions = reject_unknown_helo_hostname
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_relay_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
reject_rbl_client zen.spamhaus.org,
reject_rhsbl_reverse_client dbl.spamhaus.org,
reject_rhsbl_helo dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org
smtpd_data_restrictions = reject_unauth_pipelining
但当我从 Gmail 帐户向我的域名发送电子邮件时,它被阻止了。然后我更改了:
smtpd_client_restrictions = permit_mynetworks, reject
到:
smtpd_client_restrictions = permit_mynetworks, reject_unknown_client_hostname
现在我的邮件服务器似乎可以正常工作了。
postfix.org 提供的这个示例是否是最佳实践,还是我应该加强/削弱它?
答案1
那是
简单限制列表示例
它甚至没有尝试成为一个良好的整体配置示例来防止垃圾邮件。您删除了明确说明每个示例正在做什么的注释行,例如
# Allow connections from trusted networks only.
smtpd_client_restrictions = permit_mynetworks, reject
它确实这样做了,因此它拒绝了来自互联网的所有邮件。