可能的重複:
如何阻止人們使用我的網域發送垃圾郵件?
我正在使用 Ubuntu + Postfix + Maia Mailguard + Dovecot 來運行郵件伺服器,一切都運作良好,直到最近人們開始收到似乎是從我的網域發送的垃圾郵件。
例如:
From: [email protected]
To: [email protected]
Subject: Fwd: Re: Scan from a Hewlett-Packard ScanJet 1234
但返迴路徑是這樣的:
Return-Path: <[email protected]>
(有關詳細信息,請參閱下面的郵件伺服器 header 和 main.cf。)
有人可以提出阻止此類電子郵件的最佳方法嗎?一些可能很重要的訊息,我們的一些用戶遠端工作,因此可以連接到運行 Dovecot 的網關,並從世界任何位置接收 (IMAPS)/發送 (SMTP)(經過身份驗證)。我不確定這是否會使阻止垃圾郵件變得更加困難。
垃圾郵件標題範例:
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from mail.example.com (gateway.localhost [10.0.0.1])
by mail-int (Postfix) with ESMTP id 59CC1211180
for <[email protected]>; Tue, 01 Aug 2012 12:00:00 +0100 (IST)
Received: from localhost (localhost [127.0.0.1])
by mail.example.com (Postfix) with ESMTP id 43EE4C0F5
for <[email protected]>; Tue, 01 Aug 2012 12:00:00 +0100 (IST)
Received: from mail.example.com ([127.0.0.1])
by localhost (mail.example.com [127.0.0.1]) (amavisd-maia, port 20004)
with ESMTP id 21183-01-6 for <[email protected]>;
Tue, 01 Aug 2012 12:00:00 +0100 (IST)
Received: from [xx.xx.xx.xx] (unknown [xx.xx.xx.xx])
by mail.example.com (Postfix) with ESMTP id 946DBC0EB
for <[email protected]>; Tue, 01 Aug 2012 12:00:00 +0100 (IST)
Received: from by mx1.optonline.net; Tue, 01 Aug 2012 12:00:00 +0100
Date: Tue, 01 Aug 2012 12:00:00 +0100
From: <[email protected]>
Reply-To: <[email protected]>
X-Priority: 3 (Normal)
Message-ID: <[email protected]>
To: [email protected]
Subject: Fwd: Re: Scan from a Hewlett-Packard ScanJet 8702
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------27AF424950946E7"
X-Virus-Scanned: Maia Mailguard 1.0.2
網關上 postfix 的 main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
### relayhost = www.example.com
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
### from previous confing file:
soft_bounce = no
queue_directory = /var/spool/postfix
mydomain = example.com
# debug_peer_level = 2
# SPAM Processing
content_filter = amavis:[127.0.0.1]:20004
## content_filter = smtp-amavis:[127.0.0.1]:20004
##queue_minfree = 24000000
notify_classes = 2bounce,resource,software
address_verify_negative_expire_time = 30h
bounce_queue_lifetime = 48h
maximal_queue_lifetime = 50h
delay_warning_time = 20h
### new things:
alias_maps = hash:/etc/aliases
myorigin = $mydomain
myhostname = mail.example.com
mynetworks = 127.0.0.0/8, 10.0.0.0/24, xx.xx.xx.xx
message_size_limit = 20971520
local_transport = error:No local mail delivery
mydestination =
# mydestination = $myhostname, localhost.$mydomain, mail.$mydomain, local.$mydomain
local_recipient_maps =
# local_recipient_maps = hash:/etc/postfix/recipients
virtual_maps = hash:/etc/postfix/virtual
virtual_alias_maps = $virtual_maps
relay_recipient_maps = hash:/etc/postfix/relay_recipients
transport_maps = hash:/etc/postfix/transport
relay_domains = hash:/etc/postfix/relay_domains
recipient_delimiter =
smtpd_helo_required = yes
smtpd_sender_login_maps = pcre:/etc/postfix/senders_map, hash:/etc/postfix/senders_map_other
smtpd_sender_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauthenticated_se
nder_login_mismatch
## smtpd_recipient_restrictions = check_client_access, hash:/etc/postfix/relay_clients
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_unknown_recipient_domain, reject_unverifie
d_recipient
smtpd_data_restrictions = reject_unauth_pipelining
### 2012-03-27
# add header for authenticated mail to strip IP
smtpd_sasl_authenticated_header = yes
header_checks = regexp:/etc/postfix/header_checks.regexp
header_checks = pcre:/etc/postfix/header_checks.pcre
body_checks = pcre:/etc/postfix/body_checks
unverified_recipient_reject_code = 550
##smtpd_client_connection_count_limit = 5
#default_process_limit = 4
disable_vrfy_command = yes
##### SASL
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
##smtpd_sasl_local_domain = $mydomain
smtpd_sasl_application_name = smtpd
#broken_sasl_auth_clients = yes
##### TLS parameters
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_tls_cert_file=/etc/ssl/private/mail_example_com.crt
smtpd_tls_key_file=/etc/ssl/private/mail_example_com.key
smtp_tls_CAfile = /etc/ssl/private/comodo-bundle.crt
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
****內部郵件伺服器上的 postfix 的 main.cf ****
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
myorigin = example.com
#### mydestination = example.com, localhost
### mydestination =
mynetworks = 127.0.0.0/8, 10.0.0.0/24
myhostname = mail-int
mydomain = example.com
relayhost = 10.0.0.1
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
## Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
message_size_limit = 20971520
smtpd_helo_required = yes
## TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
## See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
## information on enabling SSL in the smtp client.
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
### mailbox_transport = dovecot
virtual_transport = dovecot
virtual_mailbox_base = /home/MAIL
virtual_mailbox_maps = ldap:/etc/postfix/ldap-accounts.cf
virtual_mailbox_domains = example.com
virtual_domain = example.com
virtual_minimum_uid = 30000
virtual_uid_maps = static:500
virtual_gid_maps = static:500
virtual_alias_maps = hash:/etc/postfix/aliases-virtual, ldap:/etc/postfix/ldap-aliases.cf
#allow_mail_to_files = alias
allow_mail_to_commands = alias
#alias_maps = hash:/etc/postfix/aliases
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
## Dovecot Deliver:
#mailbox_command = /usr/local/libexec/dovecot/deliver
mailbox_command = /usr/lib/dovecot/deliver
dovecot_destination_recipient_limit = 1
答案1
巧合的是,我們正在研究一個關於打擊垃圾郵件的規範問題:
打擊垃圾郵件 - 作為電子郵件管理員、網域所有者或用戶,我可以做什麼?
我認為這是透過為您的網域設定 SPF 和 DKIM 來識別的垃圾郵件類型。 Amavis 中的反垃圾郵件掃描程式將能夠更好地將這些郵件視為垃圾郵件,因為使用SPF,您將僅指定特定伺服器作為允許為mydomain.com 發送郵件的伺服器,並使用DKIM,為外寄郵件簽名你的網域。
答案2
我建議訪問我們的關於打擊垃圾郵件的規範主題有關如何提高垃圾郵件攔截功能的更詳細的想法,但我建議from
根據接收伺服器的位置過濾地址的規則,或為您的網域設置寄件者策略框架以建立有效郵件伺服器的清單為您的網域名稱。畢竟,您不應該從您的網域接收電子郵件,除非它來自內部地址或網關,對嗎?因此,如果它來自您的網域,並由外部郵件伺服器發送,則可能應該為其分配更高的垃圾郵件值或被拒絕。