过去几周,有人一直将我的服务器/postfix 用作中继邮件服务器。我尝试了数百篇有关此主题的帖子中发布的所有方法,但他们却一次又一次地这样做。我不确定我配置错了什么。我尝试了多个测试您的服务器是否开放中继的网站,他们还说我已经关闭了所有漏洞,但这些人仍然可以通过它收到邮件。
这是我的 /etc/postfix/main.cf
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_tls_cert_file=/var/www/mydomain.com/ssl/fullchain.pem
smtpd_tls_key_file=/var/www/mydomain.com/ssl/privkey.pem
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
#Enabling SMTP for authenticated users, and handing off authentication to Dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions =
reject_non_fqdn_recipient,
reject_unlisted_recipient
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining
smtpd_sender_restrictions =
reject_sender_login_mismatch,
reject_non_fqdn_sender,
reject_unlisted_sender,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_sender_domain,
reject_unauth_pipelining
smtp_host_lookup = native
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $mydomain, localhost.$mydomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
我只希望来自我自己域的帐户发送电子邮件。所有其他未经我的帐户验证的发送和中继都应被阻止。有人有想法吗?
下面是我的 mail.log 中的一段代码,其中包含一些通过我的服务器发送的垃圾邮件
Jun 24 12:32:33 mydomain postfix/anvil[7463]: statistics: max connection rate 1/60s for (smtp:200.60.36.35) at Jun 24 12:29:12
Jun 24 12:32:33 mydomain postfix/anvil[7463]: statistics: max connection count 1 for (smtp:200.60.36.35) at Jun 24 12:29:12
Jun 24 12:32:33 mydomain postfix/anvil[7463]: statistics: max cache size 1 at Jun 24 12:29:12
Jun 24 12:32:34 mydomain postfix/smtpd[7684]: connect from unknown[37.49.224.134]
Jun 24 12:32:34 mydomain postfix/smtpd[7684]: disconnect from unknown[37.49.224.134] ehlo=1 quit=1 commands=2
Jun 24 12:35:14 mydomain postfix/smtpd[8020]: connect from unknown[201.187.101.222]
Jun 24 12:35:15 mydomain postfix/smtpd[8020]: disconnect from unknown[201.187.101.222] helo=1 auth=0/1 quit=1 commands=2/3
Jun 24 12:38:35 mydomain postfix/anvil[7686]: statistics: max connection rate 1/60s for (smtp:37.49.224.134) at Jun 24 12:32:34
Jun 24 12:38:35 mydomain postfix/anvil[7686]: statistics: max connection count 1 for (smtp:37.49.224.134) at Jun 24 12:32:34
Jun 24 12:38:35 mydomain postfix/anvil[7686]: statistics: max cache size 1 at Jun 24 12:32:34
Jun 24 12:40:59 mydomain postfix/smtpd[8289]: connect from fa137.63.fix-addr.vsi.ru[80.82.63.137]
Jun 24 12:40:59 mydomain postfix/smtpd[8289]: disconnect from fa137.63.fix-addr.vsi.ru[80.82.63.137] helo=1 auth=0/1 quit=1 commands=2/3
Jun 24 12:44:19 mydomain postfix/anvil[8291]: statistics: max connection rate 1/60s for (smtp:80.82.63.137) at Jun 24 12:40:59
Jun 24 12:44:19 mydomain postfix/anvil[8291]: statistics: max connection count 1 for (smtp:80.82.63.137) at Jun 24 12:40:59
Jun 24 12:44:19 mydomain postfix/anvil[8291]: statistics: max cache size 1 at Jun 24 12:40:59
Jun 24 12:46:14 mydomain postfix/pickup[4558]: 2B8C71321632: uid=0 from=<root>
Jun 24 12:46:14 mydomain postfix/cleanup[8529]: 2B8C71321632: message-id=<[email protected]>
Jun 24 12:46:14 mydomain postfix/qmgr[15111]: 2B8C71321632: from=<[email protected]>, size=590, nrcpt=1 (queue active)
Jun 24 12:46:14 mydomain postfix/trivial-rewrite[8530]: warning: do not list domain mydomain.com in BOTH virtual_mailbox_domains and relay_domains
Jun 24 12:46:14 mydomain postfix/lmtp[8531]: 2B8C71321632: to=<[email protected]>, orig_to=<root>, relay=mydomain.com[private/dovecot-lmtp], delay=0.1, delays=0.05/0.01/0.03/0.02, dsn=2.0.0, status=sent (250 2.0.0 <[email protected]> bTFmD5aSL1tUIQAARIBmVg Saved)
Jun 24 12:46:14 mydomain postfix/qmgr[15111]: 2B8C71321632: removed
Jun 24 12:46:37 mydomain postfix/smtpd[8548]: connect from unknown[82.214.127.122]
Jun 24 12:46:37 mydomain postfix/smtpd[8548]: disconnect from unknown[82.214.127.122] helo=1 auth=0/1 quit=1 commands=2/3
Jun 24 12:49:57 mydomain postfix/anvil[8550]: statistics: max connection rate 1/60s for (smtp:82.214.127.122) at Jun 24 12:46:37
Jun 24 12:49:57 mydomain postfix/anvil[8550]: statistics: max connection count 1 for (smtp:82.214.127.122) at Jun 24 12:46:37
Jun 24 12:49:57 mydomain postfix/anvil[8550]: statistics: max cache size 1 at Jun 24 12:46:37
Jun 24 12:52:45 mydomain postfix/smtpd[8782]: warning: hostname static-181-143-57-98.une.net.co does not resolve to address 181.143.57.98: Name or service not known
Jun 24 12:52:45 mydomain postfix/smtpd[8782]: connect from unknown[181.143.57.98]
Jun 24 12:52:45 mydomain postfix/smtpd[8782]: disconnect from unknown[181.143.57.98] helo=1 auth=0/1 quit=1 commands=2/3
Jun 24 12:56:05 mydomain postfix/anvil[8784]: statistics: max connection rate 1/60s for (smtp:181.143.57.98) at Jun 24 12:52:45
Jun 24 12:56:05 mydomain postfix/anvil[8784]: statistics: max connection count 1 for (smtp:181.143.57.98) at Jun 24 12:52:45
Jun 24 12:56:05 mydomain postfix/anvil[8784]: statistics: max cache size 1 at Jun 24 12:52:45
Jun 24 12:57:22 mydomain postfix/smtpd[8984]: connect from unknown[37.49.224.134]
Jun 24 12:57:22 mydomain postfix/smtpd[8984]: disconnect from unknown[37.49.224.134] ehlo=1 quit=1 commands=2
Jun 24 12:58:33 mydomain postfix/smtpd[8984]: connect from unknown[184.71.152.86]
Jun 24 12:58:33 mydomain postfix/smtpd[8984]: disconnect from unknown[184.71.152.86] helo=1 auth=0/1 quit=1 commands=2/3
Jun 24 13:01:13 mydomain postfix/pickup[8799]: E32A71321633: uid=0 from=<root>
Jun 24 13:01:13 mydomain postfix/cleanup[9206]: E32A71321633: message-id=<[email protected]>
Jun 24 13:01:13 mydomain postfix/qmgr[15111]: E32A71321633: from=<[email protected]>, size=590, nrcpt=1 (queue active)
Jun 24 13:01:13 mydomain postfix/trivial-rewrite[9207]: warning: do not list domain mydomain.com in BOTH virtual_mailbox_domains and relay_domains
Jun 24 13:01:14 mydomain postfix/lmtp[9208]: E32A71321633: to=<[email protected]>, orig_to=<root>, relay=mydomain.com[private/dovecot-lmtp], delay=0.12, delays=0.07/0.01/0.03/0.02, dsn=2.0.0, status=sent (250 2.0.0 <[email protected]> doqtARqWL1v5IwAARIBmVg Saved)
Jun 24 13:01:14 mydomain postfix/qmgr[15111]: E32A71321633: removed
我已经通过 AppRiver 进行了开放中继测试。大多数测试表明服务器已针对开放中继进行了保护,但有几项测试失败:
Test #1
S: RSET
R: 250 2.0.0 Ok
S: MAIL FROM: <[email protected]>
R: 250 2.1.0 Ok
S: RCPT TO: <[email protected]>
R: 250 2.1.5 Ok
Relay Accepted
Test #3
S: RSET
R: 250 2.0.0 Ok
S: MAIL FROM: <>
R: 250 2.1.0 Ok
S: RCPT TO: <[email protected]>
R: 250 2.1.5 Ok
Relay Accepted
Test #8
S: RSET
R: 250 2.0.0 Ok
S: MAIL FROM: <[email protected]>
R: 250 2.1.0 Ok
S: RCPT TO: <relaytest%appriver.com@[88.201.58.183]>
R: 250 2.1.5 Ok
Relay Accepted
答案1
我会先修复:
6 月 24 日 13:01:13 mydomain postfix/trivial-rewrite[9207]: 警告:请勿在 virtual_mailbox_domains 和 reply_domains 中列出域 mydomain.com
并且设置“myhostname = mydomain.com”似乎也不正确;因为从本地主机发送的邮件看起来像是被中继或接收的邮件。