Postfix lehnt unbekannten lokalen Empfänger ab

Question

Postfix lehnt unbekannten lokalen Empfänger ab

595

J. Doe 2017-01-22 в 20:37

Ich habe ein Problem mit der Rückstreuung. Spammer senden E-Mails an eine auf meinem Server gehostete nicht existente Domäne @ Benutzername. Ich versuche, die Sitzung abzubrechen, anstatt Bounce-Nachrichten an gefälschte Absenderadressen zu senden. Ich habe versucht, reject_unverified_recipient hinzuzufügen, aber das scheint nicht zu funktionieren.

Wenn ich mailq überprüfe, kann ich feststellen, dass viele steckengebliebene "Benutzer nicht vorhanden" -E-Mails von MAILER_DAEMON an nicht vorhandene Empfänger bouncen.

Hier ist meine postconf -n

append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix dovecot_destination_recipient_limit = 1 inet_interfaces = all inet_protocols = ipv4 mailbox_size_limit = 0 message_size_limit = 102400000 milter_default_action = accept milter_protocol = 2 mydestination = localhost myhostname = domain.com mynetworks = 127.0.0.0/8 non_smtpd_milters = inet:localhost:8891 readme_directory = no recipient_delimiter = + relay_domains = relayhost = resolve_numeric_domain = yes smtp_tls_session_cache_database = btree:$/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_milters = inet:localhost:8891 smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain, reject_unverified_recipient, permit_auth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/ssl/certs/domain.com.chain.crt smtpd_tls_cert_file = /etc/ssl/certs/domain.com.crt smtpd_tls_key_file = /etc/ssl/private/domain.com.key smtpd_tls_session_cache_database = btree:$/smtpd_scache smtpd_use_tls = yes virtual_alias_domains = mysql:/etc/postfix/sqlconf/virtual_alias_domains.cf virtual_alias_maps = mysql:/etc/postfix/sqlconf/virtual_mailbox_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/sqlconf/mydestination.cf virtual_transport = dovecot

Dies ist die master.cf-Datei

smtp inet n - - - - smtpd -o content_filter=spamassassin -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters smtps inet n - - - - smtpd -o content_filter=checkhook -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f $ -d $ pickup unix n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr unix n - n 300 1 qmgr #qmgr unix n - n 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp relay unix - - - - - smtp showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d $ uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store $ $ $ mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py $ $ spamassassin unix - n n - - pipe user=spamfilter argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f $ $ checkhook unix - n n - - pipe user=www-data argv=/etc/postfix/scripts/send $ $

Hier sind einige Protokolle, die gemacht wurden, als ich versuchte, an einen ungültigen lokalen Empfänger zu senden.

Jan 22 19:09:34 ip-12345 postfix/qmgr[19938]: CF96B20013B: from=<invalid@sender.ocm>, size=249, nrcpt=1 (queue active) Jan 22 19:09:35 ip-12345 postfix/pickup[19939]: 982D320013D: uid=5007 from=<invalid@sender.ocm> Jan 22 19:09:35 ip-12345 postfix/pipe[21485]: CF96B20013B: to=<nonexistentx@localdomain.com>, relay=spamassassin, delay=18, delays=16/0/0/1.2, dsn=2.0.0, status=sent (delivered via spamassassin service)  Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: CF96B20013B: removed Jan 22 19:09:35 ip-12345 postfix/cleanup[21477]: 982D320013D: message-id=<20170122190935.982D320013D@maindomain.com> Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: 982D320013D: from=<invalid@sender.ocm>, size=1333, nrcpt=1 (queue active) Jan 22 19:09:35 ip-12345 dovecot: auth: Debug: master in: USER#0111#011nonexistentx@localdomain.com#011service=lda Jan 22 19:09:35 ip-12345 dovecot: auth-worker(14636): Debug: sql(nonexistentx@localdomain.com): SELECT '/var/vmail/nonexistentx@localdomain.com' as home, 'vmail' as uid, 'vmail' as gid, concat('*:storage=', quota_kb) AS quota_rule, concat('*:messages=', quota_msg) AS quota_rule2 FROM users WHERE username = 'nonexistentx' AND domain = 'localdomain.com' and active=1  Jan 22 19:09:35 ip-12345 dovecot: auth-worker(14636): sql(nonexistentx@localdomain.com): unknown user  Jan 22 19:09:35 ip-12345 dovecot: auth: Debug: userdb out: NOTFOUND#0111  Jan 22 19:09:35 ip-12345 postfix/pipe[21400]: 982D320013D: to=<nonexistentx@localdomain.com>, relay=dovecot, delay=0.07, delays=0.05/0/0/0.02, dsn=5.1.1, status=bounced (user unknown)  Jan 22 19:09:35 ip-12345 postfix/cleanup[21396]: A8B0720013C: message-id=<20170122190935.A8B0720013C@maindomain.com> Jan 22 19:09:35 ip-12345 postfix/bounce[21474]: 982D320013D: sender non-delivery notification: A8B0720013C  Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: A8B0720013C: from=<>, size=3394, nrcpt=1 (queue active)  Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: 982D320013D: removed  Jan 22 19:09:35 ip-12345 postfix/smtp[21496]: A8B0720013C: to=<invalid@sender.ocm>, relay=none, delay=0.03, delays=0/0.01/0.02/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=sender.ocm type=A: Host not found)  Jan 22 19:09:35 ip-12345 postfix/qmgr[19938]: A8B0720013C: removed

1

Ist dies Ihr eigener Mail-Server oder erfolgt ein Austausch? DeerSpotter vor 7 Jahren 0

Nein, es geht nicht um den Austausch, es ist mein eigener Server J. Doe vor 7 Jahren 0

1 Antwort auf die Frage

0

Accepted Answer · 2017-01-22 21:55:59

Wie Sie Domänen ohne gültige Empfängerliste übergeben, erfahren Sie hier: http://www.postfix.org/postconf.5.html#relay_recipient_maps

Verwenden Sie zur Verwendung von reject_unverified_recipient mit einer bestimmten Liste von Domänen eine check_recipient_access-Zuordnung.

# main.cf smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_recipient_access hash:/etc/postfix/verify_recipients

...

# verify_recipients domain1.tld reject_unverified_recipient domain2.tld reject_unverified_recipient

Credit: http://www.textndata.com/forums/reject_unverified_recipient-timeout-188012.html

Postfix lehnt unbekannten lokalen Empfänger ab

1 Antwort auf die Frage

Verwandte Probleme