我在基于 Ubuntu 的 VPS 上使用 postfix+dovecot+amavis-new+clamav+spamassassin+postgrey。最近几天我收到了很多垃圾邮件,邮件头的垃圾邮件分数很低。所有垃圾邮件的共同点是:
Authentication-Results: xxx.xxx.xx (amavisd-new);
dkim=pass (1024-bit key) header.d=bivaiatia.com;
domainkeys=fail (1024-bit key)
reason="fail (message has been altered)"
[email protected] header.d=bivaiatia.com
域名正在随机变化,但始终存在“domainkeys=fail(1024 位密钥)reason=“fail(消息已被更改)”。
我按照以下说明配置了我的服务器: https://www.exratione.com/2019/02/a-mailserver-on-ubuntu-18-04-postfix-dovecot-mysql/
完整标题:
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from localhost (localhost [127.0.0.1])
by my.host (Postfix) with ESMTP id 3178B3F859
for <[email protected]>; Thu, 5 Sep 2019 02:02:10 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at my.host
X-Spam-Flag: NO
X-Spam-Score: 0.838
X-Spam-Level:
X-Spam-Status: No, score=0.838 tagged_above=-9999 required=5
tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_20=0.7, HTML_MESSAGE=0.001,
HTML_SHORT_LINK_IMG_3=0.328, NO_RECEIVED=-0.001, NO_RELAYS=-0.001,
T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001]
autolearn=no autolearn_force=no
Authentication-Results: my.host (amavisd-new);
dkim=pass (1024-bit key) header.d=suickjunk.com;
domainkeys=fail (1024-bit key)
reason="fail (message has been altered)"
[email protected] header.d=suickjunk.com
Received: from my.host ([127.0.0.1])
by localhost (my.host [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id HBZSDG9Mpc9S for <[email protected]>;
Thu, 5 Sep 2019 02:02:08 +0200 (CEST)
Received-SPF: Permerror (mailfrom) identity=mailfrom; client-ip=63.83.73.155; helo=driving.suickjunk.com; [email protected]; receiver=<UNKNOWN>
X-Greylist: delayed 675 seconds by postgrey-1.36 at my.host; Thu, 05 Sep 2019 02:02:07 CEST
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=dkim; d=suickjunk.com;
h=Date:From:Message-ID:List-Unsubscribe:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding; [email protected];
bh=ukoN66cAIBhuG6MFGHB7ssd4v2g=;
b=AOccOlPGVsgDcCHWP0BzRjCdzYCYn5EesnGqKME8KRHbxlB2FKrP/rZ+yx4WJDhuU9QUgzJjxYud
S1Jgqk2FEqv3lInKEPXjDyfVBh5HzADQJJ7FMYktU7J8lv4F/59znh4GZ8GQNhPh+IUL4VtpYzEM
NCpNl13IYZo+q29uVmA=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=dkim; d=suickjunk.com;
b=lamzIt1CR6acLJGyNXIrmE3KThzEp8GHXtUUVbjEchF3AMzUcCVdwILqfd3Nm8rxwFv+cK3jfaZh
nbyqvzixMi6DMfzD52rpc8DMQPJX17AxOPEZ0pRivQ651qym0wDU1RSsx5dDB0URF299l02PIdfs
u1PNsA4oef9GakE+t/E=;
Date: Thu, 5 Sep 2019 01:48:13 +0200
From: =?UTF-8?Q?Damian?= <[email protected]>
X-Report-Abuse: <http://suickjunk.com/aa.php?a=7m8f314174206kfypxje3chh5exs33m5g1fusq>
Message-ID: <[email protected]>
List-Unsubscribe: <http://suickjunk.com/ub.php?b=7m8f314174206kfypxje3chh5exs33m5g1fusq>
MIME-Version: 1.0
To: <[email protected]>
Subject: =?UTF-8?Q?M=C4=99cz=C4=85_Ci=C4=99_reflektory_aut_w_nocy=3F_Chro=C5=84_oczy,_teraz_masz_te=C5=BC_okulary_przeciws=C5=82oneczne?=
Precedence: bulk
答案1
不要使用这堆混乱的混合器。使用垃圾邮件- 它已经内置了所有旧的反垃圾邮件过滤器(贝叶斯分析器、灰名单模块、opendkim 模块、clamav 连接器)以及一堆新过滤器(神经网络分析器、DCC、模糊模块),如今已成为一种新的(好吧,我实际上不能称其为新的 - 我已经使用它 5 年了)行业标准。配置更加严格,性能更强。内部没有 Perl(但是,如果您愿意,可以使用 Lua 进行自定义脚本编写)。
至于 SpamAssassin - 它早已不存在了。仍然不支持 UTF-8,因此不支持正确的贝叶斯分析和自写自定义规则。