如何阻止从 exim 邮件服务器发送垃圾邮件?

如何阻止从 exim 邮件服务器发送垃圾邮件?

我最近尝试设置一个邮件服务器,尝试托管一些邮件列表。顺便说一句,我确实添加了 DMARC、DKIM 和 SPF 记录。

最近,我发现我的服务器发送了大量(非常多)垃圾邮件(队列增长到数千封,电子邮件被发送到许多随机电子邮件地址)。有什么办法可以只允许 mailman 从我的服务器发送邮件吗?我希望能够向任何服务器发送电子邮件,但我想只有 mailman 才应该负责发送?如果我没有理解它的工作原理,请告诉我。

我的配置在这里:

# File /etc/exim4/conf.d/main/00_local_macros

DKIM_DOMAIN = lists.domain.name
DKIM_SELECTOR = default
DKIM_PRIVATE_KEY = /etc/exim4/dkim/privatekey.pem
DKIM_CANON = relaxed

#-------
# File /etc/exim4/conf.d/main/25_mm3_macros

domainlist mm3_domains=lists.domain.name
MM3_LMTP_HOST=172.25.195.2
MM3_LMTP_PORT=8024
MM3_HOME=/opt/mailman/core/var

################################################################
# The configuration below is boilerplate:
# you should not need to change it.

# The path to the list receipt (used as the required file when
# matching list addresses)
MM3_LISTCHK=MM3_HOME/lists/${local_part}.${domain}

# Place this file at
# /etc/exim4/conf.d/router/455_mm3_router

mailman3_router:
  driver = accept
  domains = +mm3_domains
  require_files = MM3_LISTCHK
  local_part_suffix_optional
  local_part_suffix = -admin : \
     -bounces   : -bounces+* : \
     -confirm   : -confirm+* : \
     -join      : -leave     : \
     -owner     : -request   : \
     -subscribe : -unsubscribe
  transport = mailman3_transport

  # Place this file at

#-------
# File /etc/exim4/conf.d/transport/55_mm3_transport

mailman3_transport:
  debug_print = "Email for mailman"
  driver = smtp
  protocol = lmtp
  allow_localhost
  hosts = MM3_LMTP_HOST
  port = MM3_LMTP_PORT
  rcpt_include_affixes = true

#-------
# File /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to generate
# exim configuration macros for the configuration file.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file

dc_eximconfig_configtype='internet'
dc_other_hostnames=''
dc_local_interfaces='0.0.0.0 ; ::0'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets='0.0.0.0/0'
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
IGNORE_SMTP_LINE_LENGTH_LIMIT='true'

我的邮递员配置:

[mta]
incoming: mailman.mta.exim4.LMTP
outgoing: mailman.mta.deliver.deliver
lmtp_host: 172.25.195.2
lmtp_port: 8024
smtp_host: 172.25.195.4
smtp_port: 25
configuration: python:mailman.config.exim4

[mailman]
# This address is the "site owner" address.  Certain messages which must be
# delivered to a human, but which can't be delivered to a list owner (e.g. a
# bounce from a list owner), will be sent to this address.  It should point to
# a human.
site_owner: [email protected]

答案1

允许dc_relay_nets='0.0.0.0/0'从任何 IP 地址进行中继,从而使您的邮件服务器成为开放中继. 您应该将其限制在您的内部/受信任的网络中。

SPF/DKIM/DMARC 无法保护您免受内部配置错误的影响。最糟糕的情况是服务器 DKIM 会签署未经授权的邮件。最终您的 IP 地址会被列入黑名单。

答案2

正如 Esa 指出的那样,dc_relay_nets问题就在这里。运行dpkg-reconfigure exim4-config配置向导并再次更改值,或者编辑文件并重新加载 Exim 以将其重新处理为新的 Exim 配置文件。

Exim 有一个方便的exim4 -d -bh 1.2.3.4命令,可以模拟 SMTP 会话并详细显示如何处理 ACL,从而导致所有邮件被接受进行中继或本地交付或被拒绝。每当您想询问 Exim“为什么允许(或拒绝)这样做”时,它都是一个非常有用的工具。

相关内容