vim /etc/postfix/main.cf
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/access
在 /etc/postfix/access 中添加一些 ip
vim /etc/postfix/access
86.111.171.141 REJECT
191.96.249.63 REJECT
重新启动 postfix。
postmap hash:/etc/postfix/access
systemctl restart postfix
经过几次。
tail /var/log/maillog
Oct 30 10:18:45 localhost postfix/smtpd[3491]: connect from unknown[86.111.171.141]
Oct 30 10:18:45 localhost postfix/smtpd[3491]: warning: unknown[86.111.171.141]: SASL LOGIN authentication failed: authentication failure
Oct 30 10:18:46 localhost postfix/smtpd[3491]: disconnect from unknown[86.111.171.141]
Oct 30 10:18:45 localhost postfix/smtpd[3491]: connect from unknown[191.96.249.63]
Oct 30 10:18:45 localhost postfix/smtpd[3491]: warning: unknown[191.96.249.63]: SASL LOGIN authentication failed: authentication failure
Oct 30 10:18:46 localhost postfix/smtpd[3491]: disconnect from unknown[191.96.249.63]
为什么不能使用 postfix 黑名单禁止该 ip?
答案1
因为check_sender_access是smtpd_sender_restriction因此,
对于
MAIL FROM地址、域、父域或localpart@,并执行相应的操作。
如果你想使用 Postfix 阻止 IP 地址,请查看smtpd_helo_restrictions,而不是。有可能是/主机名check_helo_a_access的 IP 地址。请记住,也可能添加。HELOEHLOsmtpd_helo_required = yesreject_unknown_helo_hostname