.. und habe die IP auf ein paar BLs bekommen..
Dieser Postfix-Server ist für die Weiterleitung von E-Mails zu und von einem Exchange-Server eingerichtet.
Ich sehe viele Postmaster- oder Root-Adressen von @mail.mydomain.com aus Postfix und NICHT die richtige Mailingadresse @mydomain.com
Auf dem Server laufen SpamAssassin, Amavis, PostScreen und OpenDMARC. Ich habe dreimal überprüft, dass aus offensichtlichen Gründen keine Konfigurationsdatei mail.mydomain.com angibt, außer für externe DNS (Cloudfare) und interne DNS (Active Directory).
die Hostnamendatei lautet:
mydomain.com
die Hosts-Datei ist:
127.0.0.1 localhost
127.0.1.1 mydomain.com
Mailname ist:
mydomain.com
Externes und internes DNS ist:
10.2.0.6 A mail.mydomain.com
my.pbl.ip.add A mail.mydomain.com
mydomain.com MX mail.mydomain.com
Ich habe folgendes definiert:
notify_classes = bounce, delay, policy, protocol, resource, software
2bounce_notice_recipient = [email protected]
bounce_notice_recipient = [email protected]
delay_notice_recipient = [email protected]
error_notice_recipient = [email protected]
Ich muss wissen, was ich anpassen muss, damit diese Postmaster- und Root-E-Mails nicht mehr mit @mail.mydomain.com gesendet werden und stattdessen das richtige @mydomain.com verwendet wird, bevor ich auf eine andere Liste komme.
Bitte helfen Sie!
Vielen Dank im Voraus!
main.cf
default_process_limit = 50
smtpd_banner = mail.mydomain.com
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_tls_received_header = yes
smtpd_tls_cert_file=/etc/postfix/Alpha2022.crt
smtpd_tls_key_file=/etc/postfix/Alpha2022-nocrypt.key
smtpd_tls_CApath = /etc/ssl/certs/
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_exclude_ciphers = RC4,MD5, aNULL
smtp_tls_note_starttls_offer = yes
smtp_tls_ciphers = export
smtp_tls_cert_file=/etc/postfix/Alpha2022.crt
smtp_tls_key_file = /etc/postfix/Alpha2022-nocrypt.key
smtp_tls_CApath = /etc/ssl/certs/
smtp_tls_CAfile = /etc/postfix/AlphaSSL-IL.pem
smtp_use_tls=yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_exclude_ciphers = RC4, MD5, aNULL
smtp_dns_support_level=dnssec
smtp_host_lookup=dns
smtp_tls_security_level = dane
smtp_tls_loglevel = 1
smtpd_tls_ask_ccert = yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_always_issue_session_ids = no
smtpd_tls_loglevel = 1
tls_ssl_options = NO_COMPRESSION
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_mandatory_ciphers=high
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
smtpd_tls_eecdh_grade=ultra
myhostname = mydomain.com
strict_rfc821_envelopes = yes
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4, ipv6
smtp_address_preference = any
compatibility_level = 2
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_unknown_sender_domain, check_client_access hash:/etc/postfix/rbl_override, reject_unauth_pipelining, reject_unknown_sender_domain, reject_non_fqdn_sender, permit
transport_maps = hash:/etc/postfix/transport_maps
relay_domains = mydomain.com otherdomain1.com otherdomain2.local otherdomain3.email otherdomain4.us otherdomain5.net
mynetworks = 127.0.0.0/8 10.2.0.0/24 192.168.0.0/16 backup.vps.host.ip4 [::1]/128 [fe80::]/10 [my:tunnelbrokerip6:addr]/64 [backup:vps:postfix:mx2]/64
relayhost =
mydestination =
local_recipient_maps =
local_transport = error:local mail delivery is disabled
smtpd_milters = local:/var/spool/postfix/opendmarc/opendmarc.sock
smtpd_sender_restrictions = hash:/etc/postfix/access
content_filter = smtp-amavis:[127.0.0.1]:10024
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_sites =
zen.spamhaus.org*3
bl.mailspike.net*3
b.barracudacentral.org*2
bl.spameatingmonkey.net
bl.spamcop.net
spamtrap.trblspam.com
dnsbl.sorbs.net=127.0.0.[2;3;6;7;10]
ix.dnsbl.manitu.net
bl.blocklist.de
#whitelist
list.dnswl.org=127.0.[0..255].0*-1
list.dnswl.org=127.0.[0..255].1*-2
list.dnswl.org=127.0.[0..255].[2..3]*-3
iadb.isipp.com=127.0.[0..255].[0..255]*-2
iadb.isipp.com=127.3.100.[6..200]*-2
wl.mailspike.net=127.0.0.[17;18]*-1
wl.mailspike.net=127.0.0.[19;20]*-2
postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply
postscreen_dnsbl_action = enforce
postscreen_dnsbl_ttl = 1h
postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr, cidr:/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = yes
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = enforce
postscreen_cache_cleanup_interval = 12h
postscreen_cache_map = btree:$data_directory/postscreen_cache
postscreen_cache_retention_time = 7d
postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit
postscreen_command_count_limit = 20
postscreen_command_filter =
postscreen_command_time_limit = ${stress?10}${stress:300}s
postscreen_disable_vrfy_command = $disable_vrfy_command
postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
postscreen_enforce_tls = $smtpd_enforce_tls
postscreen_use_tls = $smtpd_use_tls
postscreen_expansion_filter = $smtpd_expansion_filter
postscreen_forbidden_commands = $smtpd_forbidden_commands
postscreen_greet_action = enforce
postscreen_greet_banner = Please Wait for SMTP
postscreen_greet_ttl = 1d
postscreen_greet_wait = ${stress?2}${stress:6}s
postscreen_helo_required = $smtpd_helo_required
postscreen_non_smtp_command_action = enforce
postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_ttl = 30d
postscreen_pipelining_action = enforce
postscreen_pipelining_enable = yes
postscreen_pipelining_ttl = 30d
postscreen_post_queue_limit = $default_process_limit
postscreen_pre_queue_limit = $default_process_limit
postscreen_reject_footer = $smtpd_reject_footer
postscreen_tls_security_level = $smtpd_tls_security_level
postscreen_watchdog_timeout = 10s
smtpd_recipient_limit = 100
message_size_limit = 1000000000
notify_classes = bounce, delay, policy, protocol, resource, software
2bounce_notice_recipient = [email protected]
bounce_notice_recipient = [email protected]
delay_notice_recipient = [email protected]
error_notice_recipient = [email protected]
address_verify_sender = mydomain.com
Antwort1
Aliase wurden mit dem Befehl „newaliases“ nicht aktualisiert. Danach wurde der Versuch, @mail.mydomain.com zu verwenden, eingestellt.