我有一个相当标准的 Postfix 配置,可以将邮件转发到多个域(该设置包括 postsrsd 和 spamassassin/spamass-milter,运行良好):
myhostname = mail.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_domains = mydomain.com, otherdomain.com, thirddomain.com
virtual_alias_maps = hash:/etc/postfix/virtual
但是,Postfix 并不只是接收(和转发)virtual_alias_maps 中定义的地址的邮件,而是尝试向各种邮件服务器发送欺诈性邮件,如下所示:
Jan 29 15:52:41 localhost postfix/qmgr[354872]: D07D97F95E: from=<>, size=12267, nrcpt=1 (queue active)
Jan 29 15:52:41 localhost postfix/qmgr[354872]: 9C1C77F952: from=<>, size=11583, nrcpt=1 (queue active)
Jan 29 15:52:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[2606:4700:3032::ac43:8c58]:25: No route to host
Jan 29 15:52:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[2606:4700:3033::6815:369f]:25: No route to host
Jan 29 15:52:41 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[2606:4700:3031::6815:efe]:25: No route to host
Jan 29 15:52:42 localhost postfix/smtp[362944]: 9C1C77F952: to=<[email protected]>, relay=mail.gethoys.me[137.184.49.234]:25, delay=139007, delays=139006/0.03/0.76/0.1, dsn=4.7.1, status=deferred (host mail.gethoys.me[137.184.49.234] said: 454 4.7.1 <[email protected]>: Relay access denied (in reply to RCPT TO command))
Jan 29 15:53:11 localhost postfix/smtp[362942]: connect to mail.visceration.co[172.67.140.88]:25: Connection timed out
Jan 29 15:53:11 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[104.21.14.254]:25: Connection timed out
Jan 29 15:53:11 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[2606:4700:3033::ac43:a0d9]:25: No route to host
Jan 29 15:53:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[104.21.54.159]:25: Connection timed out
我怎样才能阻止我的邮件服务器对这些连接做出反应?为什么 smtpd 不参与(因为它参与了合法的邮件转发)?
谢谢,Jan
答案1
我检查了邮件队列,发现这些日志条目是由向不存在或伪造的邮件服务器退回邮件而创建的。抱歉!