Postfix,如何拒绝来自未知 IP 的垃圾邮件(无 DNS)

Ali*_*zer 10 postfix spam centos

尽管尽一切努力过滤垃圾邮件,但即使在我将 main.cf 设置为不允许它并检查 DNS 等之后,我仍然收到来自未知的垃圾邮件。即使在添加了 pcre: to REJECT /.unknown./ some of他们仍然通过,我不明白为什么!这是我的日志文件。第一个块没问题,它被拒绝了,它来自未知。第二个块是相同的,来自未知但它通过并且没有被拒绝。我希望拒绝所有“来自未知的连接”,而不仅仅是其中的一些。Centos 上的 postfix v2.8.4。任何想法我做错了什么?谢谢。

该区块被拒绝

Nov 24 12:00:30 sof postfix/smtpd[4632]: connect from unknown[91.99.51.137]
Nov 24 12:00:30 sof postfix/smtpd[4632]: connect from unknown[91.99.51.137]
Nov 24 12:00:31 sof postfix/smtpd[4632]: NOQUEUE: reject: RCPT from unknown[91.99.51.137]: 450 4.7.1 <91.99.51.137.parsonline.net>: Helo command rejected: Host not found; from=<emailsend@urbangroup.kz> to=<name@domain.com> proto=ESMTP helo=<91.99.51.137.parsonline.net>
Nov 24 12:00:31 sof postfix/smtpd[4632]: NOQUEUE: reject: RCPT from unknown[91.99.51.137]: 450 4.7.1 <91.99.51.137.parsonline.net>: Helo command rejected: Host not found; from=<emailsend@urbangroup.kz> to=<name@domain.com> proto=ESMTP helo=<91.99.51.137.parsonline.net>
Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted.
Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted.
Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted.
Nov 24 12:00:31 sof postfix/smtpd[4632]: disconnect from unknown[91.99.51.137]
Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted.
Nov 24 12:00:31 sof postfix/smtpd[4632]: disconnect from unknown[91.99.51.137]
Run Code Online (Sandbox Code Playgroud)

这个块不会被拒绝

Nov 24 14:16:09 sof postfix/smtpd[8221]: connect from unknown[190.237.252.197]
Nov 24 14:16:09 sof postfix/smtpd[8221]: connect from unknown[190.237.252.197]
Nov 24 14:16:18 sof postfix/smtpd[8221]: 9467B848368A: client=unknown[190.237.252.197]
Nov 24 14:16:18 sof postfix/smtpd[8221]: 9467B848368A: client=unknown[190.237.252.197]
Nov 24 14:16:23 sof postfix/cleanup[8428]: 9467B848368A: message-id=<9186950014.574880.74670.SendMail@domain.com>
Nov 24 14:16:23 sof postfix/cleanup[8428]: 9467B848368A: message-id=<9186950014.574880.74670.SendMail@domain.com>
Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: handlers_stderr: SKIP
Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: handlers_stderr: SKIP
Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: SKIP during call 'check-quota' handler
Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: SKIP during call 'check-quota' handler
Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: from=<Garcia.Ryan@iter.ru>, size=5285, nrcpt=1 (queue active)
Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: from=<Garcia.Ryan@iter.ru>, size=5285, nrcpt=1 (queue active)
Nov 24 14:16:25 sof postfix-local[8481]: postfix-local: from=Garcia.Ryan@iter.ru, to=name@domain.com, dirname=/var/qmail/mailnames
Nov 24 14:16:25 sof postfix-local[8481]: postfix-local: from=Garcia.Ryan@iter.ru, to=name@domain.com, dirname=/var/qmail/mailnames
Nov 24 14:16:25 sof spamc[8483]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: No such file or directory
Nov 24 14:16:25 sof spamc[8483]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: No such file or directory
Nov 24 14:16:25 sof postfix-local[8481]: handlers_stderr: PASS
Nov 24 14:16:25 sof postfix-local[8481]: handlers_stderr: PASS
Nov 24 14:16:25 sof postfix-local[8481]: PASS during call 'spam' handler
Nov 24 14:16:25 sof postfix-local[8481]: PASS during call 'spam' handler
Nov 24 14:16:25 sof postfix/pipe[8435]: 9467B848368A: to=<name@domain.com>, orig_to=<name@domain.com>, relay=plesk_virtual, delay=7.9, delays=7.9/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
Nov 24 14:16:25 sof postfix/pipe[8435]: 9467B848368A: to=<name@domain.com>, orig_to=<name@domain.com>, relay=plesk_virtual, delay=7.9, delays=7.9/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: removed
Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: removed
Nov 24 14:16:27 sof postfix/smtpd[8221]: disconnect from unknown[190.237.252.197]
Nov 24 14:16:27 sof postfix/smtpd[8221]: disconnect from unknown[190.237.252.197]
Run Code Online (Sandbox Code Playgroud)

这是我main.cf文件的一部分

smtpd_tls_cert_file = /etc/postfix/domain.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_helo_required = yes

smtpd_sender_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        check_sender_access pcre:/etc/postfix/rejected_domains,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        reject_unlisted_sender,
        permit

smtpd_helo_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_non_fqdn_helo_hostname,
        reject_invalid_helo_hostname,
        reject_unknown_helo_hostname,
        permit

smtpd_recipient_restrictions =
        permit_sasl_authenticated,
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        permit_mynetworks,
        reject_rbl_client regexp:/etc/postfix/postfix_client_blacklist,
        reject_unauth_destination,
        reject_unknown_sender_domain,
        check_client_access hash:/etc/postfix/rbl_whitelist,
        check_client_access pcre:/var/spool/postfix/plesk/no_relay.re,
        reject_rbl_client bl.spamcop.net,
        permit
Run Code Online (Sandbox Code Playgroud)

这是postfix_client_blacklist文件

/^.*unknown.*$/         REJECT FCrDNS # I tried all kinds of ways found on the Internet.
Run Code Online (Sandbox Code Playgroud)

Mic*_*ton 17

您正在寻找reject_unknown_client_hostname.

文档

reject_unknown_client_hostname (with Postfix < 2.3: reject_unknown_client)
当 1) 客户端 IP 地址->名称映射失败,2) 名称->地址映射失败,或 3) 名称->地址映射与客户端 IP 不匹配时,拒绝请求地址。这是一个比 reject_unknown_reverse_client_hostname 功能更强的限制,它仅在上述条件 1) 下触发。unknown_client_reject_code 参数指定被拒绝请求的响应代码(默认值:450)。如果地址->名称或名称->地址查找由于临时问题而失败,则回复始终为 450。

示例用法:(如在我的实时邮件服务器上所见)

smtpd_client_restrictions =
        permit_mynetworks,
        reject_unauth_pipelining,
        reject_unknown_client_hostname,
        permit
Run Code Online (Sandbox Code Playgroud)