服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 在发件人是@mydomain的情况下接收垃圾邮件
Intereting Posts
在debian的鬼用户? 需要帮助find这些电缆标签 在Win 2k8 R2中定期完全无法访问文件(无法获得所有权) 如何在docker集装箱中的OMS中读取自定义日志? gcloud beta计算磁盘创build示例磁盘 – csek-key-file example-file.json“失败 正确的build模方式,使执行顺序正确 – Ansible 添加一个mysql检查haproxy VPS上的SSL与共享主机上的SSL 移动一个SQL 2000 32位数据库 如何将邮箱从一个Exchange 2010移动到另一个(不同的域)? 理想情况下,HSTS / SSL Everywhere /让我们encryption工作与专属Wifi门户网站? 与Windows Server 2008 R2捆绑在一起的SharePoint? 如何确保使用spacewalk-create-channel创build的频道? 使用AD集成DNS将networking服务器移出networking 列出,添加,编辑,从命令行中删除Windows计划任务

在发件人是@mydomain的情况下接收垃圾邮件

可能重复:
如何阻止用户使用我的域名发送垃圾邮件

我正在使用Ubuntu + Postfix + Maia Mailguard + Dovecot运行邮件服务器,直到最近人们已经开始接收似乎从我的域名发送的垃圾邮件。

例如: 

From: [email protected] To: [email protected] Subject: Fwd: Re: Scan from a Hewlett-Packard ScanJet 1234

但是,返回路线是: 

 Return-Path: <[email protected]>

(有关详细信息,请参阅下面的邮件服务器的header和main.cf。)

有没有人有任何build议作为阻止这种types的电子邮件的最佳途径? 一些可能重要的信息,我们的一些用户远程工作,因此可以连接到运行Dovecot的网关,并从世界上任何地点接收(IMAPS)/发送(SMTP)(已authentication)。 我不确定这是否会阻止垃圾邮件。

垃圾邮件的示例标题: 

 Return-Path: <[email protected]> Delivered-To: [email protected] Received: from mail.example.com (gateway.localhost [10.0.0.1]) by mail-int (Postfix) with ESMTP id 59CC1211180 for <[email protected]>; Tue, 01 Aug 2012 12:00:00 +0100 (IST) Received: from localhost (localhost [127.0.0.1]) by mail.example.com (Postfix) with ESMTP id 43EE4C0F5 for <[email protected]>; Tue, 01 Aug 2012 12:00:00 +0100 (IST) Received: from mail.example.com ([127.0.0.1]) by localhost (mail.example.com [127.0.0.1]) (amavisd-maia, port 20004) with ESMTP id 21183-01-6 for <[email protected]>; Tue, 01 Aug 2012 12:00:00 +0100 (IST) Received: from [xx.xx.xx.xx] (unknown [xx.xx.xx.xx]) by mail.example.com (Postfix) with ESMTP id 946DBC0EB for <[email protected]>; Tue, 01 Aug 2012 12:00:00 +0100 (IST) Received: from by mx1.optonline.net; Tue, 01 Aug 2012 12:00:00 +0100 Date: Tue, 01 Aug 2012 12:00:00 +0100 From: <[email protected]> Reply-To: <[email protected]> X-Priority: 3 (Normal) Message-ID: <[email protected]> To: [email protected] Subject: Fwd: Re: Scan from a Hewlett-Packard ScanJet 8702 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----------27AF424950946E7" X-Virus-Scanned: Maia Mailguard 1.0.2

网关上的postfix的main.cf 

 # See /usr/share/postfix/main.cf.dist for a commented, more complete version ### relayhost = www.example.com smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no ### from previous confing file: soft_bounce = no queue_directory = /var/spool/postfix mydomain = example.com # debug_peer_level = 2 # SPAM Processing content_filter = amavis:[127.0.0.1]:20004 ## content_filter = smtp-amavis:[127.0.0.1]:20004 ##queue_minfree = 24000000 notify_classes = 2bounce,resource,software address_verify_negative_expire_time = 30h bounce_queue_lifetime = 48h maximal_queue_lifetime = 50h delay_warning_time = 20h ### new things: alias_maps = hash:/etc/aliases myorigin = $mydomain myhostname = mail.example.com mynetworks = 127.0.0.0/8, 10.0.0.0/24, xx.xx.xx.xx message_size_limit = 20971520 local_transport = error:No local mail delivery mydestination = # mydestination = $myhostname, localhost.$mydomain, mail.$mydomain, local.$mydomain local_recipient_maps = # local_recipient_maps = hash:/etc/postfix/recipients virtual_maps = hash:/etc/postfix/virtual virtual_alias_maps = $virtual_maps relay_recipient_maps = hash:/etc/postfix/relay_recipients transport_maps = hash:/etc/postfix/transport relay_domains = hash:/etc/postfix/relay_domains recipient_delimiter = smtpd_helo_required = yes smtpd_sender_login_maps = pcre:/etc/postfix/senders_map, hash:/etc/postfix/senders_map_other smtpd_sender_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauthenticated_se nder_login_mismatch ## smtpd_recipient_restrictions = check_client_access, hash:/etc/postfix/relay_clients smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_unknown_recipient_domain, reject_unverifie d_recipient smtpd_data_restrictions = reject_unauth_pipelining ### 2012-03-27 # add header for authenticated mail to strip IP smtpd_sasl_authenticated_header = yes header_checks = regexp:/etc/postfix/header_checks.regexp header_checks = pcre:/etc/postfix/header_checks.pcre body_checks = pcre:/etc/postfix/body_checks unverified_recipient_reject_code = 550 ##smtpd_client_connection_count_limit = 5 #default_process_limit = 4 disable_vrfy_command = yes ##### SASL smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous ##smtpd_sasl_local_domain = $mydomain smtpd_sasl_application_name = smtpd #broken_sasl_auth_clients = yes ##### TLS parameters smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_security_level = may smtpd_tls_security_level = may smtpd_tls_auth_only = yes smtp_tls_note_starttls_offer = yes smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom smtpd_tls_cert_file=/etc/ssl/private/mail_example_com.crt smtpd_tls_key_file=/etc/ssl/private/mail_example_com.key smtp_tls_CAfile = /etc/ssl/private/comodo-bundle.crt smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

**** main.cf用于内部邮件服务器上的postfix **** 

 # See /usr/share/postfix/main.cf.dist for a commented, more complete version myorigin = example.com #### mydestination = example.com, localhost ### mydestination = mynetworks = 127.0.0.0/8, 10.0.0.0/24 myhostname = mail-int mydomain = example.com relayhost = 10.0.0.1 smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no ## Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h message_size_limit = 20971520 smtpd_helo_required = yes ## TLS parameters #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key #smtpd_use_tls=yes #smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache #smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache ## See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for ## information on enabling SSL in the smtp client. mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all ### mailbox_transport = dovecot virtual_transport = dovecot virtual_mailbox_base = /home/MAIL virtual_mailbox_maps = ldap:/etc/postfix/ldap-accounts.cf virtual_mailbox_domains = example.com virtual_domain = example.com virtual_minimum_uid = 30000 virtual_uid_maps = static:500 virtual_gid_maps = static:500 virtual_alias_maps = hash:/etc/postfix/aliases-virtual, ldap:/etc/postfix/ldap-aliases.cf #allow_mail_to_files = alias allow_mail_to_commands = alias #alias_maps = hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases ## Dovecot Deliver: #mailbox_command = /usr/local/libexec/dovecot/deliver mailbox_command = /usr/lib/dovecot/deliver dovecot_destination_recipient_limit = 1

巧合的是,我们正在研究打击垃圾邮件的规范问题:

战斗垃圾邮件 – 我可以做什么:电子邮件pipe理员,域名所有者或用户?

我认为这是通过为您的域名设置SPF和DKIM来识别的垃圾邮件types。 Amavis中的反垃圾邮件扫描器将能够更好地将这些邮件选为垃圾邮件,因为在SPF中,您将只指定特定的服务器作为允许为mydomain.com发送邮件的服务器,并且与DKIM一起为发送邮件你的域名。

我build议访问我们关于如何提高垃圾邮件阻止function的更详细的想法的垃圾邮件的规范线程 ,但我会build议一个规则, from地址过滤from服务器的位置接收或设置发件人为您的域build立您的域的有效邮件服务器列表的策略框架。 毕竟,你不应该接收来自你的域名的电子邮件,除非它来自内部地址或网关,对吧? 因此,如果它来自您的域,并且由外部邮件服务器发送,则可能应该分配较高的垃圾邮件值或拒绝。