邮件服务器允许向托管邮箱发送垃圾邮件

我的两台服务器 (Postfix + Dovecot 和 Zimbra 上的一台) 都出现了问题。我的问题是，一些机器人使用相同的FROM/向我们托管的邮箱发送垃圾邮件，而无需登录RCPT。Google 似乎也遇到了同样的问题： https://www.theverge.com/2018/4/22/17268740/gmail-spam-email-spoofed-header-google

所以这意味着我们的邮箱会收到来自他们自己的垃圾邮件。但这些垃圾邮件发送者无法从外部邮箱（不由我们的服务器托管的邮箱）发送。

这些垃圾邮件发送者不使用远程 SMTP发送电子邮件，如果他们这样做，我们的 SPF 策略将会阻止他们。

这些垃圾邮件发送者使用我们的 SMTP发送到我们当地的邮箱相同的 FROM和RCPT

该服务器不是开放中继。

例如，我们托管以下邮箱：

1. [电子邮件保护]
2. [电子邮件保护]

机器人使用我们的 SMTP 发送 [email protected]垃圾[email protected]邮件

但这项工作也： [email protected]通过[email protected]使用我们的SMTP

无需任何密码。

我该如何预防？

我的main.cf https://pastebin.com/V1KYuKTk

我的 telnet 测试：

Connection: opening to mail2test.domain.tld:25, timeout=300, options=array ()
Connection: opened
SERVER -> CLIENT: 220 mail2test.domain.tld ESMTP Postfix (Debian/GNU)
CLIENT -> SERVER: EHLO tools.test.com
SERVER -> CLIENT: 250-mail2test.domain.tld
                 250-PIPELINING
                 250-SIZE 50240000
                 250-VRFY
                 250-ETRN
                 250-STARTTLS
                 250-AUTH PLAIN LOGIN
                 250-AUTH=PLAIN LOGIN
                 250-ENHANCEDSTATUSCODES
                 250-8BITMIME
                 250 DSN
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
CLIENT -> SERVER: EHLO tools.test.com
SERVER -> CLIENT: 250-mail2test.domain.tld
                 250-PIPELINING
                 250-SIZE 50240000
                 250-VRFY
                 250-ETRN
                 250-AUTH PLAIN LOGIN
                 250-AUTH=PLAIN LOGIN
                 250-ENHANCEDSTATUSCODES
                 250-8BITMIME
                 250 DSN
CLIENT -> SERVER: MAIL FROM: <[email protected]>
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO: <[email protected]>
SERVER -> CLIENT: 250 2.1.5 Ok
CLIENT -> SERVER: DATA
SERVER -> CLIENT: 354 End data with .
CLIENT -> SERVER: Date: Thu, 19 Apr 2018 15:13:20 +0000
CLIENT -> SERVER: To: [email protected]
CLIENT -> SERVER: From: Test SMTP Test 
CLIENT -> SERVER: Subject: Test SMTP Test Message
CLIENT -> SERVER: Message-ID: <[email protected]>
CLIENT -> SERVER: MIME-Version: 1.0
CLIENT -> SERVER: Content-Type: text/plain; charset=iso-8859-1
CLIENT -> SERVER:
CLIENT -> SERVER: This message was sent using the Test SMTP testing tool by this user:
CLIENT -> SERVER: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.124 Safari/537.36
CLIENT -> SERVER: xxx.xxx.xxx.xxx
CLIENT -> SERVER:
CLIENT -> SERVER: .
SERVER -> CLIENT: 250 2.0.0 Ok: queued as A86F61383C
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 Bye
Connection: closed

我的邮件日志

Apr 19 17:13:21 mail2 postfix/smtpd[26584]: A86F61383C: client=tools.test.com[96.126.113.160]
Apr 19 17:13:22 mail2 postfix/cleanup[26589]: A86F61383C: message-id=<[email protected]>
Apr 19 17:13:22 mail2 postfix/qmgr[26511]: A86F61383C: from=<[email protected]>, size=795, nrcpt=1 (queue active)
Apr 19 17:13:25 mail2 postfix/smtp[26591]: A86F61383C: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=0.49/0.01/0.01/3, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=02360-01, from MTA: 250 2.0.0 Ok: queued as ED1FF1383D)
Apr 19 17:13:25 mail2 postfix/qmgr[26511]: A86F61383C: removed

我目前的防晒指数：

mail2test.domain.tld.   299 IN  TXT "v=spf1 a mx -all"

A 或 MX 没有指向 96.126.113.160

我收到的电子邮件：

Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from localhost (localhost [127.0.0.1])
    by mail2test.domain.tld (Postfix) with ESMTP id 1421713802
    for <[email protected]>; Thu, 19 Apr 2018 17:13:45 +0200 (CEST)
Received: from mail2test.domain.tld ([xxx.xxx.xxx.xxx])
 by localhost (mail2test.domain.tld [127.0.0.1]) (amavisd-maia, port 10024)
 with ESMTP id 02355-01 for <[email protected]>;
 Thu, 19 Apr 2018 17:13:25 +0200 (CEST)
Received: from tools.test.com (tools.test.com [96.126.113.160])
    by mail2test.domain.tld (Postfix) with ESMTP id A86F61383C
    for <[email protected]>; Thu, 19 Apr 2018 17:13:25 +0200 (CEST)
Date: Thu, 19 Apr 2018 15:13:23 +0000
To: [email protected]
From: Wormly SMTP Test <[email protected]>
Subject: Wormly SMTP Test Message
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
X-Virus-Scanned: Test Mail 0.1

This message was sent using the Wormly SMTP testing tool by this user:
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.124 Safari/537.36
xxx.xxx.xxx.xxx