在 Postfix MTA 中,我已使用 DISCARD 策略设置了 helo 和客户端限制。但自从设置以来,delay_reject=no我刚从某些客户端连接后就收到此错误(不知道它们是真正的还是垃圾邮件发送者):
warning: access table hash:/etc/postfix/badrcpt_helo: with smtpd_delay_reject=no, action DISCARD is always skipped in Client host or Helo command restrictions
我的配置:
myhostname = mg1.ecsar.com
mydomain = ecsar. com
myorigin = $mydomain
mynetworks = 127.0.0.0/8, 192.168.100.12
inet_interfaces = all
relay_domains = escar. com
mydestination =
local_recipient_maps =
local_transport = error:local mail delivery is disabled
relayhost = 192.168.200.12
smtpd_relay_before_recipient_restrictions = yes
smtpd_helo_required = yes
message_size_limit = 15728640
smtpd_recipient_limit = 122
smtpd_tls_security_level = may
smtpd_tls_protocols = <=TLSv1.2
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_delay_reject = no
smtpd_etrn_restrictions = permit_mynetworks, reject
fast_flush_domains = $relay_domains
smtp_host_lookup = dns, native
smtpd_sasl_auth_enable = no
biff = no
authorized_mailq_users = static:root
authorized_flush_users = static:root
smtpd_client_port_logging = yes
parent_domain_matches_subdomains = smtpd_access_maps
postscreen_access_list = permit_mynetworks,
cidr:/etc/postfix/postscreen_access.cidr
smtpd_relay_restrictions =
reject_unauth_destination
permit_mynetworks
smtpd_recipient_restrictions =
reject_unauth_destination
reject_non_fqdn_recipient
check_recipient_access hash:/etc/postfix/recipient_reject
check_recipient_access hash:/etc/postfix/recipient_allow
check_recipient_access hash:/etc/postfix/recipient_drop
reject
smtpd_sender_restrictions =
check_helo_access hash:/etc/postfix/badrcpt_helo
check_sender_access hash:/etc/postfix/badrcpt_sender,
check_sender_access hash:/etc/postfix/honeypot_senders,
check_sender_access regexp:/etc/postfix/badrcpt_sender_regex
check_sender_access hash:/etc/postfix/white_list,
reject_non_fqdn_sender
check_policy_service unix:private/policy-spf
permit_dnswl_client list.dnswl.org=127.0.[0..255].[1..3]
reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org
permit
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/client_white
check_client_access cidr:/etc/postfix/badrcpt_ip
check_client_access cidr:/etc/postfix/honeypot_ip
reject_rhsbl_reverse_client zen.spamhaus.org,
reject_rhsbl_client zen.spamhaus.org,
permit
smtpd_data_restrictions =
reject_multi_recipient_bounce
reject_unauth_pipelining
permit
smtpd_helo_restrictions =
check_helo_access hash:/etc/postfix/badrcpt_helo
check_helo_access hash:/etc/postfix/helo_white
reject_invalid_helo_hostname
permit
default_process_limit = 500
smtp_destination_concurrency_limit = 100
smtpd_soft_error_limit = 4
smtpd_client_connection_count_limit = 45
smtpd_client_connection_rate_limit = 200
smtpd_client_message_rate_limit = 200
smtpd_client_recipient_rate_limit = 500
header_checks = regexp:/etc/postfix/header_checks
smtpd_command_filter = pcre:/etc/postfix/smtpd_cmd_filter
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_command_filter = pcre:/etc/postfix/smtpd_cmd_filter
smtpd_milters = inet:localhost:12301,inet:localhost:12345
non_smtpd_milters = inet:localhost:12301,inet:localhost:12345
其原因何在?