我目前正尝试阻止从 Postfix 转发到我的个人电子邮件的特定“发件人”域。
在 mail.log 文件中我得到了类似的内容:
Apr 29 14:42:49 <censored> postfix/qmgr[7509]: 19F743F71E: from=<n07411ac6de-c3fc1a24b4404633-<name>===<domain>[email protected]>, size=106187, nrcpt=1 (queue active)
我尝试通过
/^From:.*bounce.twitter.com/ REJECT
/etc/postfix/header_check 中的标头检查以及 main.cf 文件中的以下行来防止这种情况
header_checks = regexp:/etc/postfix/header_checks
在邮局地图和重新加载之后,邮件仍然会被转发。
我尝试在 /etc/postfix/sender_access 中使用以下bounce.twitter.com REJECT
更改以及 main.cf 中的更改:
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
[...]
smtpd_recipient_restrictions =
reject_unauth_destination,
check_policy_service unix:private/policyd-spf,
check_sender_access hash:/etc/postfix/sender_access
在网上关注各种事情。尽管发生了这些变化,我仍然能收到转发。
我显然不明白这里的一些事情,但我不太明白为什么尽管如此,这些邮件仍然能通过。当前完整的 main.cf(减去评论)如下。为了以防万一,我对域名进行了轻微审查:
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
#delay_warning_time = 4h
readme_directory = no
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
header_checks = regexp:/etc/postfix/header_checks
smtpd_recipient_restrictions =
reject_unauth_destination,
check_sender_access hash:/etc/postfix/sender_access,
check_policy_service unix:private/policyd-spf
milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:/opendkim/opendkim.sock
non_smtpd_milters = local:/opendkim/opendkim.sock
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = <mydomain>.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, <mydomain>.com, localhost.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_domains = <anotherDomain>.com <yetAnotherDomain>.com
virtual_alias_maps = hash:/etc/postfix/virtual
答案1
或许可以尝试smtp_header_checks
代替header_checks
(由 完成cleanup
)。