尽pipe所有的努力过滤垃圾邮件,即使我已经设置main.cf不允许它,并检查DNS等,我还是从未知的垃圾邮件。即使添加一个pcre:REJECT /.unknown./一些他们仍然通过,我不明白为什么! 这是我的日志文件。 第一块是好的,它被拒绝了,这是从未知的。 第二块是相同的,从未知,但它通过,并没有被拒绝。 我希望拒绝所有的“连接来自未知”,不只是其中的一部分。 在Centos上的postfix v2.8.4。 任何想法我做错了什么? 谢谢。
该块被拒绝
Nov 24 12:00:30 sof postfix/smtpd[4632]: connect from unknown[91.99.51.137] Nov 24 12:00:30 sof postfix/smtpd[4632]: connect from unknown[91.99.51.137] Nov 24 12:00:31 sof postfix/smtpd[4632]: NOQUEUE: reject: RCPT from unknown[91.99.51.137]: 450 4.7.1 <91.99.51.137.parsonline.net>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<91.99.51.137.parsonline.net> Nov 24 12:00:31 sof postfix/smtpd[4632]: NOQUEUE: reject: RCPT from unknown[91.99.51.137]: 450 4.7.1 <91.99.51.137.parsonline.net>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<91.99.51.137.parsonline.net> Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted. Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted. Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted. Nov 24 12:00:31 sof postfix/smtpd[4632]: disconnect from unknown[91.99.51.137] Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted. Nov 24 12:00:31 sof postfix/smtpd[4632]: disconnect from unknown[91.99.51.137] 这个块不会被拒绝
Nov 24 14:16:09 sof postfix/smtpd[8221]: connect from unknown[190.237.252.197] Nov 24 14:16:09 sof postfix/smtpd[8221]: connect from unknown[190.237.252.197] Nov 24 14:16:18 sof postfix/smtpd[8221]: 9467B848368A: client=unknown[190.237.252.197] Nov 24 14:16:18 sof postfix/smtpd[8221]: 9467B848368A: client=unknown[190.237.252.197] Nov 24 14:16:23 sof postfix/cleanup[8428]: 9467B848368A: message-id=<[email protected]> Nov 24 14:16:23 sof postfix/cleanup[8428]: 9467B848368A: message-id=<[email protected]> Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: handlers_stderr: SKIP Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: handlers_stderr: SKIP Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: SKIP during call 'check-quota' handler Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: SKIP during call 'check-quota' handler Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: from=<[email protected]>, size=5285, nrcpt=1 (queue active) Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: from=<[email protected]>, size=5285, nrcpt=1 (queue active) Nov 24 14:16:25 sof postfix-local[8481]: postfix-local: [email protected], [email protected], dirname=/var/qmail/mailnames Nov 24 14:16:25 sof postfix-local[8481]: postfix-local: [email protected], [email protected], dirname=/var/qmail/mailnames Nov 24 14:16:25 sof spamc[8483]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: No such file or directory Nov 24 14:16:25 sof spamc[8483]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: No such file or directory Nov 24 14:16:25 sof postfix-local[8481]: handlers_stderr: PASS Nov 24 14:16:25 sof postfix-local[8481]: handlers_stderr: PASS Nov 24 14:16:25 sof postfix-local[8481]: PASS during call 'spam' handler Nov 24 14:16:25 sof postfix-local[8481]: PASS during call 'spam' handler Nov 24 14:16:25 sof postfix/pipe[8435]: 9467B848368A: to=<[email protected]>, orig_to=<[email protected]>, relay=plesk_virtual, delay=7.9, delays=7.9/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service) Nov 24 14:16:25 sof postfix/pipe[8435]: 9467B848368A: to=<[email protected]>, orig_to=<[email protected]>, relay=plesk_virtual, delay=7.9, delays=7.9/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service) Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: removed Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: removed Nov 24 14:16:27 sof postfix/smtpd[8221]: disconnect from unknown[190.237.252.197] Nov 24 14:16:27 sof postfix/smtpd[8221]: disconnect from unknown[190.237.252.197]
这是我的main.cf文件的一部分
smtpd_tls_cert_file = /etc/postfix/domain.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_security_level = may smtpd_use_tls = yes smtp_tls_security_level = may smtp_use_tls = no smtpd_timeout = 3600s smtpd_proxy_timeout = 3600s disable_vrfy_command = yes smtpd_helo_required = yes smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access pcre:/etc/postfix/rejected_domains, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unlisted_sender, permit smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, permit smtpd_recipient_restrictions = permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_rbl_client regexp:/etc/postfix/postfix_client_blacklist, reject_unauth_destination, reject_unknown_sender_domain, check_client_access hash:/etc/postfix/rbl_whitelist, check_client_access pcre:/var/spool/postfix/plesk/no_relay.re, reject_rbl_client bl.spamcop.net, permit
这是postfix_client_blacklist文件
/^.*unknown.*$/ REJECT FCrDNS # I tried all kinds of ways found on the Internet.
您正在查找reject_unknown_client_hostname 。
从文档 :
reject_unknown_client_hostname (使用Postfix <2.3:reject_unknown_client)
当1)客户端IP地址 – >名称映射失败,2)名称 – >地址映射失败,或者3)名称 – >地址映射与客户端IP地址不匹配时,拒绝请求。 这是一个比reject_unknown_reverse_client_hostnamefunction更强的限制,它只在上面的条件1)下触发。 unknown_client_reject_code参数指定拒绝的请求的响应代码(默认值:450)。 如果地址 – >名称或名称 – >地址查找由于临时问题而失败,则答复总是450。
示例用法:(如在我的实时邮件服务器上所见)
smtpd_client_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_unknown_client_hostname, permit