Postfix 限制似乎被忽略了

tag-icon tag-icon postfix email-server
Postfix 限制似乎被忽略了

我目前正尝试阻止从 Postfix 转发到我的个人电子邮件的特定“发件人”域。

在 mail.log 文件中我得到了类似的内容:
Apr 29 14:42:49 <censored> postfix/qmgr[7509]: 19F743F71E: from=<n07411ac6de-c3fc1a24b4404633-<name>===<domain>[email protected]>, size=106187, nrcpt=1 (queue active)

我尝试通过 /^From:.*bounce.twitter.com/ REJECT
/etc/postfix/header_check 中的标头检查以及 main.cf 文件中的以下行来防止这种情况
header_checks = regexp:/etc/postfix/header_checks

在邮局地图和重新加载之后,邮件仍然会被转发。

我尝试在 /etc/postfix/sender_access 中使用以下bounce.twitter.com REJECT更改以及 main.cf 中的更改:

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

[...]

smtpd_recipient_restrictions =
        reject_unauth_destination,
        check_policy_service unix:private/policyd-spf,
        check_sender_access hash:/etc/postfix/sender_access

在网上关注各种事情。尽管发生了这些变化,我仍然能收到转发。

我显然不明白这里的一些事情,但我不太明白为什么尽管如此,这些邮件仍然能通过。当前完整的 main.cf(减去评论)如下。为了以防万一,我对域名进行了轻微审查:

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

append_dot_mydomain = no

#delay_warning_time = 4h

readme_directory = no

smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
header_checks = regexp:/etc/postfix/header_checks

smtpd_recipient_restrictions =
        reject_unauth_destination,
        check_sender_access hash:/etc/postfix/sender_access,
        check_policy_service unix:private/policyd-spf


milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:/opendkim/opendkim.sock
non_smtpd_milters = local:/opendkim/opendkim.sock

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = <mydomain>.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, <mydomain>.com, localhost.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

virtual_alias_domains = <anotherDomain>.com <yetAnotherDomain>.com
virtual_alias_maps = hash:/etc/postfix/virtual

答案1

或许可以尝试smtp_header_checks代替header_checks(由 完成cleanup)。

相关内容