主页 / server / 问题 / 811128
Accepted
Захар Joe
Asked: 2016-10-26 02:09:58 +0800 CST

Postfix 队列前垃圾邮件拒绝与 amavis 没有在 OS X 服务器上发送反弹

  • 772

这是一个库存的 OS X 5.2 服务器邮件配置,我正在尝试更改它以使其拒绝带有“554 5.7.0 Reject”的垃圾邮件,然后再接受它而不向发件人发送任何额外的未送达通知。它被配置为接受带有“250 2.7.0 Ok”的垃圾邮件,然后将其丢弃或隔离开箱。这通常是用

$final_spam_destiny       = D_REJECT;
$warnspamsender = 0; (probably not necessary)

并且可以使用微调

$sa_dsn_cutoff_level = X;
$sa_crediblefrom_dsn_cutoff_level = X;

我遇到的问题是,尽管这些截止级别远低于特定邮件的实际垃圾邮件分数,但 DSN/退回仍然可以通过。它看起来像这样:

Oct 25 11:52:18 mailbox postfix/smtpd[52962]: 1CD504D13C96: client=mail.informark.co.ua[85.25.13.92]
Oct 25 11:52:18 mailbox postfix/cleanup[53010]: 1CD504D13C96: message-id=<11a201d22e97$126f7740$2adb3d4f@ynmyfnj>
Oct 25 11:52:19 mailbox postfix/qmgr[52740]: 1CD504D13C96: from=<[email protected]>, size=145530, nrcpt=1 (queue active)
Oct 25 11:52:20 mailbox postfix/smtp[53011]: 1CD504D13C96: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.2, delays=1.1/0/0.02/1, dsn=5.7.0, status=bounced (host 127.0.0.1[127.0.0.1] said: 554 5.7.0 Reject, id=52765-01 - spam (in reply to end of DATA command))
Oct 25 11:52:20 mailbox postfix/bounce[53022]: 1CD504D13C96: sender non-delivery notification: 4B9804D13CB0
Oct 25 11:52:20 mailbox postfix/qmgr[52740]: 1CD504D13C96: removed

Oct 25 11:52:20 mailbox postfix/cleanup[53010]: 4B9804D13CB0: message-id=<[email protected]>
Oct 25 11:52:20 mailbox postfix/qmgr[52740]: 4B9804D13CB0: from=<>, size=3019, nrcpt=1 (queue active)
Oct 25 11:52:20 mailbox postfix/bounce[53022]: 1CD504D13C96: sender non-delivery notification: 4B9804D13CB0
Oct 25 11:52:20 mailbox postfix/smtp[53015]: 4B9804D13CB0: to=<[email protected]>, relay=mail.informark.co.ua[85.25.13.92]:25, delay=0.58, delays=0/0/0.26/0.32, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 9145D8C8CCC)
Oct 25 11:52:20 mailbox postfix/qmgr[52740]: 4B9804D13CB0: removed

amavis.log(调试级别 5)中的相关部分如下所示:

lookup [forward_method] => true,  "[email protected]" matches, result="smtp:[127.0.0.1]:10025", matching_key="(opaque:smtp:[127.0.0.1]:10025)"
delivery method is 1, recips: [email protected]
get_deadline quar+notif - deadline in 479.0 s, set to 288.000 s
prolong_timer quar+notif: timer 288, was 288, deadline in 479.0 s
DSN: sender NOT credible, SA: 15.417, <[email protected]>
lookup: (scalar) matches, result="-100"
lookup [spam_dsn_cutoff_level_bysender] => true,  "[email protected]" matches, result="-100", matching_key="(constant:-100)"
dsn: . 554 Spam <[email protected]> -> <[email protected]>: on_succ=0, on_dly=1, on_fail=1, never=0, warn_sender=, DSN_passed_on=, destiny=-3, mta_resp: "554 5.7.0 Reject, id=52765-01 - spam"
DSN: FAIL . 554 Spam, status propagated back: <[email protected]> -> <[email protected]>
delivery_status_notification: notif 0 bytes, suppressed: no
one_response_for_all, per_recip_capable: N, suppressed: N
one_response_for_all <[email protected]>: REJECTs, '554 5.7.0 Reject, id=52765-01 - spam'
notif=N, suppressed=0, ndn_needed=, exit=69, 554 5.7.0 Reject, id=52765-01 - spam
get_deadline delivery-notification - deadline in 479.0 s, set to 288.000 s
prolong_timer delivery-notification: timer 288, was 288, deadline in 479.0 s
status counters: InMsgsStatus{Rejected,RejectedInbound}
get_deadline snmp-counters - deadline in 479.0 s, set to 288.000 s
prolong_timer snmp-counters: timer 288, was 288, deadline in 479.0 s
orcpt_encode rfc822, [email protected], smtputf8
oldest_public_ip_addr_from_received: 178.17.170.60
Blocked SPAM {RejectedInbound}, [85.25.13.92]:44462 [178.17.170.60] <[email protected]> -> <[email protected]>, Queue-ID: 1CD504D13C96, Message-ID: <11a201d22e97$126f7740$2adb3d4f@ynmyfnj>, mail_id: N0710n9hpdxw, Hits: 15.417, size: 145530, 1021 ms
get_deadline main_log_entry - deadline in 479.0 s, set to 288.000 s
prolong_timer main_log_entry: timer 288, was 288, deadline in 479.0 s
TIMING-SA total 817 ms - parse: 8 (1.0%), extract_message_metadata: 55 (6.7%), get_uri_detail_list: 1.42 (0.2%), tests_pri_-1000: 32 (3.9%), tests_pri_-950: 1.05 (0.1%), tests_pri_-900: 1.13 (0.1%), tests_pri_-400: 26 (3.1%), check_bayes: 24 (2.9%), b_tokenize: 11 (1.3%), b_tok_get_all: 3.5 (0.4%), b_comp_prob: 4.4 (0.5%), b_tok_touch_all: 0.80 (0.1%), b_finish: 1.12 (0.1%), tests_pri_0: 665 (81.4%), check_dkim_adsp: 479 (58.6%), check_spf: 43 (5.3%), poll_dns_idle: 0.28 (0.0%), check_pyzor: 0.25 (0.0%), tests_pri_500: 5 (0.7%), get_report: 0.77 (0.1%)
updating snmp variables in BDB
get_deadline check done - deadline in 479.0 s, set to 288.000 s
prolong_timer check done: timer 288, was 288, deadline in 479.0 s
sending SMTP response: "554 5.7.0 Reject, id=52765-01 - spam"
ESMTP> 554 5.7.0 Reject, id=52765-01 - spam
...
ESMTP< QUIT\r\n
...
ESMTP> 221 2.0.0 [127.0.0.1] amavisd-new closing transmission channel

结果,尽管明确告诉 amavis/postfix 不要向伪造的电子邮件地址发送退回邮件,甚至 amavis 在那里承认了我的愿望,但退回邮件仍然会被发送出去。我认为日志中的关键是单词“suppressed”,即“no”和“0”而不是“yes”和“1”,正如我在互联网上其他地方的 amavis 日志中看到的那样。

所以问题是我做错了什么以及是否可能有其他东西干扰设置,我也想知道调试它的最佳方法。显然,amavis 日志中的陈述是矛盾的。

mac-osx-server postfix dsn email-bounces amavis

2 个回答

  1. Best Answer

    这里的问题是拒绝消息的是 amavis,而不是 postfix。这是传入消息的标准流程:

    1. postfix 接收来自发送 MTA(或垃圾邮件机器人)的消息
    2. 后缀将消息转发(或尝试转发)到 amaviz(在端口 10024 上)
    3. amaviz 将消息转发回 postfix
    4. postfix 将消息传递给 cyrus(它处理 OS X 服务器上的邮箱)

    您的情况是 postfix 正在接收消息(步骤 1),但 amaviz 拒绝它(在步骤 2),因此 postfix 生成退回消息。查看日志条目,例如“to=<[email protected]>, relay=127.0.0.1[127.0.0.1]: 10024 , delay=2.2, delays=1.1/0/0.02/1, dsn=5.7.0, status =反弹主机 127.0.0.1[127.0.0.1] 说:554 5.7.0 拒绝,id=52765-01 - 垃圾邮件(回复 DATA 命令的结尾))”。请注意,它是发送到 localhost:10024 (amaviz) 的后缀,而后缀是获得 554 拒绝的 MTA。

    一旦 postfix 收到消息,再拒绝就太迟了;你真的只能放弃它或通过它。这就是为什么黑名单和灰名单很有用;它们不像内容扫描器那样精确,但它们在收到消息之前就被后缀应用,因此允许真正的拒绝。

    • 2

  2. 在 OS X 10.11 上使用 amavisd-new 启用队列前过滤的解决方案非常简单,因为大部分工作已经由 Apple 完成,所以如果有人想在他们自己的 OS X 服务器上实现它,可以在这里实现。这个页面帮助我度过了难关。

    需要做三件事,但首先,备份您的配置文件!你可以这样做

    cp -Rp /Library/Server/Mail/config /Library/Server/Mail/config_backup

    1. /Library/Server/Mail/config/postfix/master.cf 需要编辑。找到包含的行

    smtpd pass - - n - - smtpd

    在该行下方,您应该添加:

    -o smtpd_proxy_filter=127.0.0.1:10024

    1. /Library/Server/Mail/config/amavisd/amavisd.conf 需要编辑。

    找到线

    $final_spam_destiny = D_DISCARD;

    并将其替换为

    $final_spam_destiny = D_REJECT;

    您也可以为 $final_virus_destiny 设置 D_REJECT。

    1. 在 master.cf 上设置 user-immutable 标志,因为 OS X 的 serveradmin 将在下次邮件服务器重新启动时重写该文件:

    chflags uchg /Library/Server/Mail/config/postfix/master.cf

    之后重新启动邮件服务器

    serveradmin stop mail; serveradmin start mail并观察你的邮件日志一段时间,以确保你做的一切都是正确的:

    tail -f /var/log/mail.log

    并且仅在您想要更改/调整配置的情况下:

    chflags nouchg /Library/Server/Mail/config/postfix/master.cf

    希望这对在 OS X 上运行 postfix 邮件服务器的人有所帮助。

    • 1

相关问题