神秘/未知 IP 不断被 spamd 列入白名单

神秘/未知 IP 不断被 spamd 列入白名单

我有一个运行带有 spamd 的 OpenSMTPD 的 OpenBSD 7.1 邮件服务器。

我注意到 /var/log/maillog 中存在神秘的 IP 地址,例如:

smtp connected address=162.142.125.222 host=scanner-25.ch1.censys-scanner.com

这些 IP 不断被列入 spamdb 的白名单,我不希望发生这种情况。它们是否应该先与 spamd 通信,而不是直接与 SMTPD 通信?

我的 /etc/pf.conf 内容如下:

emailserver = "192.168.7.5"
email = "{ smtp, imaps }"

set skip on lo

block all
block return    # block stateless traffic
pass            # establish keep-state

# By default, do not permit remote connections to X11
block return in on ! lo0 proto tcp to port 6000:6010

# Port build user does not need network
block return out log proto {tcp udp} user _pbuild

#pass in on egress proto tcp to any port smtp
pass in on egress proto tcp to any port submission

table <badhosts> persist file "/etc/badhosts"
table <sshguard> persist
table <spamd-white> persist
table <nospamd> persist file "/etc/mail/nospamd"

block in quick from <sshguard>
block in quick from <badhosts>
pass in log on egress proto tcp to any port smtp \
 divert-to 127.0.0.1 port spamd
pass in log on egress proto tcp from <nospamd> to any port smtp
pass in log on egress proto tcp from <spamd-white> to any port smtp
pass out log on egress proto tcp to any port smtp
pass log (to pflog1) proto tcp to $emailserver port $email
pass log (to pflog1) proto tcp from $emailserver to port smtp

我不明白为什么这些 IP 会被列入白名单。它们没有出现在 /etc/mail/nospamd 白名单中。

这和下面两条陈述有关系吗?

pass log (to pflog1) proto tcp to $emailserver port $email
pass log (to pflog1) proto tcp from $emailserver to port smtp

在阅读了《PF 之书》后,我尝试将外发电子邮件的 IP 添加到白名单,并添加了这两个语句并创建了 pflog1 接口。

相关内容