今天发现了这个邮件服务器的问题,因为我自己没有写过exim,所以没法调试它XD
另外:这是正常的吗?
host zen.spamhaus.org
ping zen.spamhaus.org
ping: zen.spamhaus.org: No address associated with hostname
spamhaus.org 仍然存在,
但 zen.spamhaus.org 似乎已被删除?
===== trying to receive mail =====
==> /var/log/exim/main.log <==
2020-07-20 10:39:51 DNS list lookup defer (probably timeout) for 9.67.15.31.zen.spamhaus.org: assumed not in list
2020-07-20 10:39:51 Tainted filename for search: '/etc/exim/domains/sendingDomain.com/aliases'
2020-07-20 10:39:51 H=berlin.freifunk.net [31.15.67.9] F=<[email protected]> temporarily rejected RCPT <[email protected]>:
failed to expand "${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
2020-07-20 10:39:51 Tainted filename for search: '/etc/exim/domains/sendingDomain.com/aliases'
2020-07-20 10:39:51 H=ip-109-42-0-98.web.vodafone.de ([192.168.0.222]) [109.42.0.98] sender verify defer for <[email protected]>: failed to expand "${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
2020-07-20 10:39:51 H=ip-109-42-0-98.web.vodafone.de ([192.168.0.222]) [109.42.0.98] X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<[email protected]> A=dovecot_plain:[email protected] temporarily rejected RCPT <[email protected]>: Could not complete sender verify
==> /var/log/exim/panic.log <==
2020-07-20 10:39:51 Tainted filename for search: '/etc/exim/domains/sendingDomain.com/aliases'
2020-07-20 10:39:51 Tainted filename for search: '/etc/exim/domains/sendingDomain.com/aliases'
==> /var/log/exim/reject.log <==
2020-07-20 10:39:51 H=berlin.freifunk.net [31.15.67.9] F=<[email protected]> temporarily rejected RCPT <[email protected]>: failed to expand "${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
2020-07-20 10:39:51 H=ip-109-42-0-98.web.vodafone.de ([192.168.0.222]) [109.42.0.98] sender verify defer for <[email protected]>: failed to expand "${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
2020-07-20 10:39:51 H=ip-109-42-0-98.web.vodafone.de ([192.168.0.222]) [109.42.0.98] X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<[email protected]> A=dovecot_plain:[email protected] temporarily rejected RCPT <[email protected]>: Could not complete sender verify
这是邮件世界的末日吗?
毕竟:邮件是如此重要(仍然是最常用的通讯服务)但又容易出错和安全的系统(许多黑客/特洛伊木马都以附件形式出现:word.doc)
# searching exim config dir
grep -r -i -E --color=auto /etc/exim/ "zen.spamhaus.org"
# found this
/etc/exim/dnsbl.conf
# reveals:
cat /etc/exim/dnsbl.conf
bl.spamcop.net
zen.spamhaus.org
# removed the zen.spamhaus.org
vim /etc/exim/dnsbl.conf
# reboot
# trying again
... 没有运气,无法发送或接收邮件,仍然存在“验证发件人”的问题。
vim /etc/exim/exim.conf
aliases:
driver = redirect
headers_add = X-redirected: yes
data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
require_files = /etc/exim/domains/$domain/aliases
redirect_router = dnslookup
pipe_transport = address_pipe
unseen
答案1
https://jedi.school.nz/eximfix.html说正确的格式是:
data = ${lookup{$local_part}lsearch{/etc/exim4/virtual/$domain_data}}
Exim 4.94(例如 Ubuntu 20.04)引入了变量的“污染”。在抱怨“污染”的地方,您可能需要将 _data 添加到 local_part 或域的末尾:
{$local_part} -> {$local_part_data}
{$domain} -> {$domain_data}
但是,在这种情况下,只需要更改域名。更多信息来自 https://mox.sh/sysadmin/tainted-filename-errors-in-exim-4.94/
答案2
zen.spamhaus.org没有 IP 地址,这是意料之中的事情。要检查某个地址是否被列入黑名单,您应该进行查询(ip address).zen.spamhaus.org(IP 地址部分反转),然后检查是否产生结果。
日志显示查询超时,这意味着您对 进行了过多的查询spamhaus.org。然而,此失败并不意味着邮件被拒绝(如“假定不在列表中”所示)。
您的问题是,您尝试从收到的邮件的各个部分构建一个文件名,并使用此文件进行查询,但是,由于exim认为它已“被污染”,因此从未打开该文件。在 中exim,“被污染”的任何内容都是来自发件人的直接扩展。发件人直接提供的任何东西都被认为是不可靠的,因此在路由器中,禁止打开由被污染数据扩展指向的文件。
您可以通过使用受污染的数据进行某种查找来规避它,这会产生未受污染的数据,进而可用于寻址文件。
另一个解决方案是只使用一个aliases文件,它是固定的,您不需要使用发送方提供的字符串来定位它。或者也许将别名存储在某种数据库中,然后从数据库中查找。