我不断收到来自“ional.co.uk”的垃圾邮件。我有一个基于地址的阻止解决方案,可以很好地处理所有其他电子邮件,但不知何故,该域不断通过。
我可以添加的完整文件如下,但在我的 main.cf 中我有:
smtpd_sender_restrictions =
permit_mynetworks,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
check_sender_access mysql:/etc/postfix/mariadb-vblocklist.cf
它链接到包含查询的 mariadb-vblocklist.cf 文件:
SELECT Action FROM Blocklist where INSTR('%s', Email) > 0
并且数据库包含行:
52 | ional.co.uk | REJECT
当我跑步时:
postmap -q "[email protected]" mysql:/etc/postfix/mariadb-vblocklist.cf
它按预期返回 REJECT,但不知何故,这些电子邮件仍在发送。
我所有其他被阻止的域名和电子邮件似乎都工作正常,但这个却以某种方式通过了。
完整文件:main.cf:
# Global Postfix configuration file. This file lists only a subset
# of all parameters. For the syntax, and for a complete parameter
# list, see the postconf(5) manual page (command: "man 5 postconf").
#
# For common configuration examples, see BASIC_CONFIGURATION_README
# and STANDARD_CONFIGURATION_README. To find these documents, use
# the command "postconf html_directory readme_directory", or go to
# http://www.postfix.org/BASIC_CONFIGURATION_README.html etc.
#
# For best results, change no more than 2-3 parameters at a time,
# and test if Postfix still works after every change.
# COMPATIBILITY
#
# The compatibility_level determines what default settings Postfix
# will use for main.cf and master.cf settings. These defaults will
# change over time.
#
# To avoid breaking things, Postfix will use backwards-compatible
# default settings and log where it uses those old backwards-compatible
# default settings, until the system administrator has determined
# if any backwards-compatible default settings need to be made
# permanent in main.cf or master.cf.
#
# When this review is complete, update the compatibility_level setting
# below as recommended in the RELEASE_NOTES file.
#
# The level below is what should be used with new (not upgrade) installs.
#
compatibility_level = 3.6
# LOCAL PATHNAME INFORMATION
#
# The queue_directory specifies the location of the Postfix queue.
# This is also the root directory of Postfix daemons that run chrooted.
# See the files in examples/chroot-setup for setting up Postfix chroot
# environments on different UNIX systems.
#
queue_directory = /var/spool/postfix
# The command_directory parameter specifies the location of all
# postXXX commands.
#
command_directory = /usr/bin
# The daemon_directory parameter specifies the location of all Postfix
# daemon programs (i.e. programs listed in the master.cf file). This
# directory must be owned by root.
#
daemon_directory = /usr/lib/postfix/bin
# The data_directory parameter specifies the location of Postfix-writable
# data files (caches, random numbers). This directory must be owned
# by the mail_owner account (see below).
#
data_directory = /var/lib/postfix
# QUEUE AND PROCESS OWNERSHIP
#
# The mail_owner parameter specifies the owner of the Postfix queue
# and of most Postfix daemon processes. Specify the name of a user
# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In
# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
# USER.
#
mail_owner = postfix
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#
mydomain = digiperimide.co.uk
# The unknown_local_recipient_reject_code specifies the SMTP server
# response code when a recipient domain matches $mydestination or
# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty
# and the recipient address or address local-part is not found.
#
# The default setting is 550 (reject mail) but it is safer to start
# with 450 (try again later) until you are certain that your
# local_recipient_maps settings are OK.
#
unknown_local_recipient_reject_code = 550
# ALIAS DATABASE
#
# The alias_maps parameter specifies the list of alias databases used
# by the local delivery agent. The default list is system dependent.
#
# On systems with NIS, the default is to search the local alias
# database, then the NIS alias database. See aliases(5) for syntax
# details.
#
# If you change the alias database, run "postalias /etc/aliases" (or
# wherever your system stores the mail alias file), or simply run
# "newaliases" to build the necessary DBM or DB file.
#
# It will take a minute or so before changes become visible. Use
# "postfix reload" to eliminate the delay.
#
alias_maps = hash:/etc/postfix/aliases
# DEBUGGING CONTROL
#
# The debug_peer_level parameter specifies the increment in verbose
# logging level when an SMTP client or server host name or address
# matches a pattern in the debug_peer_list parameter.
#
debug_peer_level = 2
# The debugger_command specifies the external command that is executed
# when a Postfix daemon program is run with the -D option.
#
# Use "command .. & sleep 5" so that the debugger can attach before
# the process marches on. If you use an X-based debugger, be sure to
# set up your XAUTHORITY environment variable before starting Postfix.
#
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
# sendmail_path: The full pathname of the Postfix sendmail command.
# This is the Sendmail-compatible mail posting interface.
#
sendmail_path = /usr/bin/sendmail
# newaliases_path: The full pathname of the Postfix newaliases command.
# This is the Sendmail-compatible command to build alias databases.
#
newaliases_path = /usr/bin/newaliases
# mailq_path: The full pathname of the Postfix mailq command. This
# is the Sendmail-compatible mail queue listing command.
#
mailq_path = /usr/bin/mailq
# setgid_group: The group for mail submission and queue management
# commands. This must be a group name with a numerical group ID that
# is not shared with other accounts, not even with the Postfix account.
#
setgid_group = postdrop
# html_directory: The location of the Postfix HTML documentation.
#
html_directory = no
# manpage_directory: The location of the Postfix on-line manual pages.
#
manpage_directory = /usr/share/man
# sample_directory: The location of the Postfix sample configuration files.
# This parameter is obsolete as of Postfix 2.1.
#
sample_directory = /etc/postfix
# readme_directory: The location of the Postfix README files.
#
readme_directory = /usr/share/doc/postfix
inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix
# Other features
message_size_limit = 40960000
append_dot_mydomain = no
biff = no
#stmp is outgoing
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_security_level = may
#stmpd is incoming
stmpd_usr_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_application_name = smtpd
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sender_restrictions =
permit_mynetworks,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
check_sender_access mysql:/etc/postfix/mariadb-vblocklist.cf
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination
smtpd_tls_received_header = yes
non_smtpd_milters = unix:/run/opendkim/opendkim.sock, unix:/run/opendmarc/opendmarc.sock
smtpd_milters = unix:/run/opendkim/opendkim.sock, unix:/run/opendmarc/opendmarc.sock
milter_default_action = accept;
smtpd_banner = $myhostname ESMTP $mail_name (Arch)
smtpd_tls_cert_file = /etc/letsencrypt/live/digiperimide.co.uk/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/digiperimide.co.uk/privkey.pem
virtual_transport = dovecot
virtual_mailbox_domains = mysql:/etc/postfix/mariadb-vdomains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mariadb-vusers.cf
virtual_alias_maps = mysql:/etc/postfix/mariadb-vcancel.cf, mysql:/etc/postfix/mariadb-valias.cf
mariadb-vblocklist.cf:
user = email
password = [REDACTED]
hosts = 127.0.0.1
dbname = EmailServer
query = SELECT Action FROM Blocklist where INSTR('%s', Email) > 0
当这样的电子邮件到达时,journalctl 日志:
May 25 01:14:42 vps001 postfix/smtpd[3579620]: 4C4AE43A13: client=unknown[27.112.78.186]
May 25 01:14:42 vps001 postfix/submission/smtpd[3580579]: connect from unknown[194.169.175.10]
May 25 01:14:42 vps001 postfix/cleanup[3581337]: 4C4AE43A13: message-id=<INX.O5S99jifjjCTdNibIYki8GNal6JVo8aw.5d0.439.77.1876b25039016@news.ional.co.uk>
May 25 01:14:42 vps001 opendkim[316]: 4C4AE43A13: [27.112.78.186] [27.112.78.186] not internal
May 25 01:14:42 vps001 opendkim[316]: 4C4AE43A13: not authenticated
May 25 01:14:42 vps001 opendkim[316]: 4C4AE43A13: no signature data
May 25 01:14:42 vps001 postfix/qmgr[3345802]: 4C4AE43A13: from=<>, size=12509, nrcpt=1 (queue active)
May 25 01:14:42 vps001 spamd[3329823]: spamd: connection from ::1 [::1]:54688 to port 783, fd 6
May 25 01:14:42 vps001 spamd[3329823]: spamd: processing message <INX.O5S99jifjjCTdNibIYki8GNal6JVo8aw.5d0.439.77.1876b25039016@news.ional.co.uk> for spamd:182
May 25 01:14:42 vps001 spamd[3329823]: dns: reply to 11834/IN/TXT/netflix.com truncated (EDNS 4096 bytes), 0 answer records
May 25 01:14:42 vps001 postfix/smtpd[3580000]: connect from unknown[45.129.14.128]
May 25 01:14:42 vps001 sshd[3581329]: Connection closed by authenticating user root 103.252.4.139 port 54148 [preauth]
May 25 01:14:43 vps001 spamd[3329823]: check: dns_block_rule URIBL_BLOCKED hit, creating /var/lib/spamassassin/.spamassassin/dnsblock_multi.uribl.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny multi.uribl.com" to disable queries)
May 25 01:14:43 vps001 spamd[3329823]: spamd: clean message (-1.0/5.0) for spamd:182 in 0.4 seconds, 12192 bytes.
May 25 01:14:43 vps001 spamd[3329823]: spamd: result: . -1 - DKIM_ADSP_NXDOMAIN,FROM_EXCESS_BASE64,GOOG_STO_IMG_HTML,HTML_MESSAGE,MIME_HTML_ONLY,RCVD_IN_DNSWL_HI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED,URIBL_DBL_BLOCKED_OPENDNS scantime=0.4,size=12192,user=spamd,uid=182,required_score=5.0,rhost=::1,raddr=::1,rport=54688,mid=<INX.O5S99jifjjCTdNibIYki8GNal6JVo8aw.5d0.439.77.1876b25039016@news.ional.co.uk>,autolearn=ham autolearn_force=no
May 25 01:14:43 vps001 postfix/pickup[3578184]: 187DB43A15: uid=182 from=<MAILER-DAEMON>
May 25 01:14:43 vps001 postfix/pipe[3581339]: 4C4AE43A13: to=<[email protected]>, relay=spamassassin, delay=0.81, delays=0.36/0.01/0/0.44, dsn=2.0.0, status=sent (delivered via spamassassin service)
May 25 01:14:43 vps001 postfix/qmgr[3345802]: 4C4AE43A13: removed
May 25 01:14:43 vps001 postfix/cleanup[3581337]: 187DB43A15: message-id=<INX.O5S99jifjjCTdNibIYki8GNal6JVo8aw.5d0.439.77.1876b25039016@news.ional.co.uk>
May 25 01:14:43 vps001 opendkim[316]: 187DB43A15: no signing table match for '[email protected]'
May 25 01:14:43 vps001 opendkim[316]: 187DB43A15: no signature data
May 25 01:14:43 vps001 postfix/qmgr[3345802]: 187DB43A15: from=<>, size=13116, nrcpt=1 (queue active)
May 25 01:14:43 vps001 spamd[3329823]: spamd: connection from ::1 [::1]:54702 to port 783, fd 6
May 25 01:14:43 vps001 spamd[3329823]: spamd: processing message <INX.O5S99jifjjCTdNibIYki8GNal6JVo8aw.5d0.439.77.1876b25039016@news.ional.co.uk> for spamd:182
May 25 01:14:43 vps001 spamd[3329823]: dns: reply to 13160/IN/TXT/netflix.com truncated (EDNS 4096 bytes), 0 answer records
May 25 01:14:43 vps001 spamd[3329823]: spamd: clean message (-1.0/5.0) for spamd:182 in 0.1 seconds, 12718 bytes.
May 25 01:14:43 vps001 spamd[3329823]: spamd: result: . -1 - DKIM_ADSP_NXDOMAIN,FROM_EXCESS_BASE64,GOOG_STO_IMG_HTML,HTML_MESSAGE,MIME_HTML_ONLY,RCVD_IN_DNSWL_HI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE,URIBL_DBL_BLOCKED_OPENDNS scantime=0.1,size=12718,user=spamd,uid=182,required_score=5.0,rhost=::1,raddr=::1,rport=54702,mid=<INX.O5S99jifjjCTdNibIYki8GNal6JVo8aw.5d0.439.77.1876b25039016@news.ional.co.uk>,autolearn=unavailable autolearn_force=no
May 25 01:14:43 vps001 postfix/pipe[3581345]: 187DB43A15: to=<[email protected]>, relay=dovecot, delay=0.2, delays=0.01/0.01/0/0.18, dsn=2.0.0, status=sent (delivered via dovecot service (lda([email protected]): Error: net_connect_unix(/run/dovecot/stats-writer) failed: Permission de))
May 25 01:14:43 vps001 postfix/qmgr[3345802]: 187DB43A15: removed
May 25 01:14:43 vps001 postfix/smtpd[3579620]: disconnect from unknown[27.112.78.186] ehlo=1 mail=1 rcpt=1 bdat=2 quit=1 commands=6
此电子邮件的标头:
Return-Path: <MAILER-DAEMON>
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on vps001
X-Spam-Level:
X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_ADSP_NXDOMAIN,
FROM_EXCESS_BASE64,GOOG_STO_IMG_HTML,HTML_MESSAGE,MIME_HTML_ONLY,
RCVD_IN_DNSWL_HI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE,
URIBL_DBL_BLOCKED_OPENDNS autolearn=unavailable autolearn_force=no
version=4.0.0
Delivered-To: [email protected]
Received: by vps001.digiperimide.co.uk (Postfix, from userid 182)
id 187DB43A15; Sat, 25 May 2024 01:14:43 +0100 (BST)
Received: from netflix.com (unknown [27.112.78.186])
by vps001.digiperimide.co.uk (Postfix) with ESMTP id 4C4AE43A13
for <[email protected]>; Sat, 25 May 2024 01:14:42 +0100 (BST)
Authentication-Results: vps001.digiperimide.co.uk; dmarc=none (p=none dis=none) header.from=ional.co.uk
Date: Sat, 25 May 2024 01:09:39 +0200
From: =?UTF-8?B?U2NyZXdpZng=?= <[email protected]>
Reply-To: =?UTF-8?B?QXNzaXN0ZW56YS5jbGllbnRpLUxpZGw=?= <[email protected]>
To: [email protected]
Message-ID: <INX.O5S99jifjjCTdNibIYki8GNal6JVo8aw.5d0.439.77.1876b25039016@news.ional.co.uk>
Subject: =?UTF-8?B?V2UgaGF2ZSBhIHN1cnByaXNlIGZvciBTY3Jld2ZpeCBjdXN0b21lcnMu?=
MIME-Version: 1.0
Content-Type: text/html; charset="UTF-8"
List-Id: "0" <4.O5S99jifjjCTdNibIYki8GNal6JVo8aw.localhost.sarazil>
List-Unsubscribe: <https://news.ional.co.uk/d?o000bcmq0000vg00l0000pv00000000000w3iiv4xnx253ztfis443hhjqe4>, <mailto:[email protected]?subject=unsubscribesarazil@sarazil.me.uk3Db00000b00000vg0000xi000000000000fw3snrk45>
List-Unsubscribe-Post: List-Unsubscribe=One-Click
Feedback-ID: xpro-9985-1488:xpro-9985:MAILING:inxmailde
X-CSA-Complaints: [email protected]
X-Mailer: Inxmail EE 4.8.48.825