我有一个我自己的几个域的小型后缀服务器(与mydestination = pcre:/ etc / postfix / mydestinations匹配)。 我设置了一些非虚拟的别名
alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases 在这个文件中,我定义了通用的别名
generic: someuser
而用一个recipient_delimiter = -我现在可以使用[email protected]作为一次性电子邮件地址。 由于这些通用地址中的一些垃圾邮件,我可以根据别名放弃所有电子邮件:
generic-spammed: /dev/null
这工作很好,但这意味着我不断接受这些电子邮件。 相反,我想拒绝他们。 阅读别名文件,似乎我应该能够做到以下拒绝“用户未知”错误的电子邮件 :
generic-spammed: |"exit 67"
不幸的是,电子邮件被反弹,而不是被拒绝,造成反向散射。 这意味着他们最初被接受,在被反弹之前, 250 OK返回给发送者。
这与此问题类似,除了我使用本地目的地,而不是虚拟的。 我有smtpd_reject_unlisted_recipient作为默认,我怀疑我的问题是由于从doc下面的句子 :
The recipient domain matches $mydestination, $inet_interfaces or $proxy_interfaces, but the recipient is not listed in $local_recipient_maps, and $local_recipient_maps is not null.
是收件人被列出的问题吗? 有没有办法拒绝这些电子邮件,而不是popup它们?
postconf -n返回以下内容:
alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all mailbox_size_limit = 0 milter_default_action = accept milter_protocol = 2 mua_client_restrictions = permit_sasl_authenticated, reject mua_helo_restrictions = permit mua_sender_restrictions = permit mydestination = pcre:/etc/postfix/mydestinations mydomain = xavasite.net myhostname = dent.xavasite.net mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 185.26.124.183 [2001:4b98:dc2:47:216:3eff:fe3f:43d3] myorigin = /etc/mailname non_smtpd_milters = local:/var/run/opendkim/opendkim.sock policy-spf_time_limit = 3600s readme_directory = no recipient_delimiter = - relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_junk_command_limit = 1 smtpd_milters = local:/var/run/opendkim/opendkim.sock smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/policy-spf, reject_rbl_client bl.spamcop.net, reject_rbl_client psbl.surriel.com, reject_rbl_client cbl.abuseat.org, reject_rbl_client zen.spamhaus.org, smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_tls_CAfile = /etc/ssl/2015/GandiStandardSSLCA2.pem smtpd_tls_cert_file = /etc/ssl/2015/xavier.robin.name.crt smtpd_tls_key_file = /etc/ssl/2015/xavier.robin.name.key smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_exclude_ciphers = RC4 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes
我认为你在别名文件上有不正确的引用
generic-spammed: |"exit 67"
它应该是
generic-spammed: "|exit 67"
另外,默认情况下,postfix将不允许传递给“|命令”,所以你还需要包含以下内容
allow_mail_to_commands = alias,forward,include
http://www.postfix.org/postconf.5.html#allow_mail_to_commands
我find了一个解决办法,使用check_recipient_accessconfiguration来拒绝这些电子邮件。 它允许创build包含特定电子邮件地址的REJECT语句的散列数据库文件。
我使用以下内容创build了一个名为/etc/postfix/alias_disable的文件:
[email protected] REJECT
然后我运行postmap alias_disable并在smtpd_recipient_restrictions范围内的main.cf添加一行:
smtpd_recipient_restrictions = [...] **check_recipient_access hash:/etc/postfix/alias_disable**
现在邮件被拒绝,没有反弹:
554 5.7.1 <[email protected]>: Recipient address rejected: Access denied;
显然应该可以自定义拒绝邮件 ,包括几个后缀的操作,但我还没有尝试过。