- 论坛徽章:
- 1
|
本帖最后由 qulei1 于 2012-3-27 19:30 编辑
邮件队列里面大量的,收发都非本域的垃圾邮件 。有人利用我的服务器发送大量的垃圾邮件,收发全部都是雅虎台湾的邮件 大概几分钟时间队列里就塞入了 几千多封邮件,现在正常的邮件几乎收发不了,都被这些请求阻塞队列了。
在网上找了很多文档做了很多修改 但是还是不行
1 怀疑中毒被中继 使用relay test 网站测试 本域服务器是不能中继的
2 做了 认证 在main.cf 里进行了修改
3 sasl 也已经开启 还是不行。
4 把雅虎台湾放到发送黑名单还是不行
现在贴出 maillog postcat 中继垃圾邮件详情 main.cf mysql_virtual_sender_maps.cf 麻烦大家帮忙看下
本域 是 mail.xx.cn
1 maillog
t@mailserver postfix]# tail -100 /var/log/maillog
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<janacylin@yahoo.com.tw>, relay=none, delay=0.29, delays=0.27/0.02/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<jerry83618@yahoo.com.tw>, relay=none, delay=0.29, delays=0.27/0.02/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<jessica751012@yahoo.com.tw>, relay=none, delay=0.3, delays=0.27/0.03/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<jing8634@yahoo.com.tw>, relay=none, delay=0.3, delays=0.27/0.03/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<johnsale5@yahoo.com.tw>, relay=none, delay=0.3, delays=0.27/0.04/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<jun19831105@yahoo.com.tw>, relay=none, delay=0.31, delays=0.27/0.04/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<june7863121@yahoo.com.tw>, relay=none, delay=0.31, delays=0.27/0.04/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<k8sjbdhk@yahoo.com.tw>, relay=none, delay=0.32, delays=0.27/0.05/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
Mar 27 12:31:12 mailserver postfix/qmgr[2831]: CADEBD47201E: to=<kang12.tw@yahoo.com.tw>, relay=none, delay=0.32, delays=0.27/0.05/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.1 [TS03] All messages from 116.228.89.169 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
2 postcat -q DA491D471EB6
*** ENVELOPE RECORDS deferred/D/DA491D471EB6 ***
message_size: 3502 1913 15 0 3502
message_arrival_time: Tue Mar 27 12:28:59 2012
create_time: Tue Mar 27 12:28:59 2012
named_attribute: rewrite_context=local
sender: postmaster@xx.cn
named_attribute: encoding=7bit
named_attribute: log_client_name=unknown
named_attribute: log_client_address=127.0.0.1
named_attribute: log_client_port=33398
named_attribute: log_message_origin=unknown[127.0.0.1]
named_attribute: log_helo_name=localhost
named_attribute: log_protocol_name=ESMTP
named_attribute: client_name=unknown
named_attribute: reverse_client_name=unknown
named_attribute: client_address=127.0.0.1
named_attribute: client_port=33398
named_attribute: helo_name=localhost
named_attribute: protocol_name=ESMTP
named_attribute: client_address_type=2
named_attribute: dsn_orig_rcpt=rfc822;ivy345xx@yahoo.com.tw
original_recipient: ivy345xx@yahoo.com.tw
recipient: ivy345xx@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;iy_foo@yahoo.com.tw
original_recipient: iy_foo@yahoo.com.tw
recipient: iy_foo@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;iyichun1102@yahoo.com.tw
original_recipient: iyichun1102@yahoo.com.tw
recipient: iyichun1102@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;j10236y@yahoo.com.tw
original_recipient: j10236y@yahoo.com.tw
recipient: j10236y@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;j52001kimo@yahoo.com.tw
original_recipient: j52001kimo@yahoo.com.tw
recipient: j52001kimo@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;j66314@yahoo.com.tw
original_recipient: j66314@yahoo.com.tw
recipient: j66314@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;janeyu992002@yahoo.com.tw
original_recipient: janeyu992002@yahoo.com.tw
recipient: janeyu992002@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;jason54005400@yahoo.com.tw
original_recipient: jason54005400@yahoo.com.tw
recipient: jason54005400@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;jenny30919@yahoo.com.tw
original_recipient: jenny30919@yahoo.com.tw
recipient: jenny30919@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;jenny6165@yahoo.com.tw
original_recipient: jenny6165@yahoo.com.tw
recipient: jenny6165@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;jess711129@yahoo.com.tw
original_recipient: jess711129@yahoo.com.tw
recipient: jess711129@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;jill2899@yahoo.com.tw
original_recipient: jill2899@yahoo.com.tw
recipient: jill2899@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;joeliao33@yahoo.com.tw
original_recipient: joeliao33@yahoo.com.tw
recipient: joeliao33@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;jouelin@yahoo.com.tw
original_recipient: jouelin@yahoo.com.tw
recipient: jouelin@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;judyhao211@yahoo.com.tw
original_recipient: judyhao211@yahoo.com.tw
recipient: judyhao211@yahoo.com.tw
*** MESSAGE CONTENTS deferred/D/DA491D471EB6 ***
Received: from localhost (unknown [127.0.0.1])
by mail.vavchina.cn (EMOS V1.5 (Postfix)) with ESMTP id DA491D471EB6;
Tue, 27 Mar 2012 12:28:59 +0800 (CST)
X-Virus-Scanned: amavisd-new at vavchina.cn
X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "From"
X-Spam-Flag: YES
X-Spam-Score: 10.48
X-Spam-Level: **********
X-Spam-Status: Yes, score=10.48 tagged_above=-10 required=5
tests=[DSPAM_ERROR=0.1, FH_DATE_PAST_20XX=3.384,
FORGED_MUA_OUTLOOK=4.199, MISSING_MID=0.001, TRACKER_ID=2.696,
TVD_SPACE_RATIO=0.1] autolearn=no
Received: from mail.xx.cn ([127.0.0.1])
by localhost mail.xx.cn [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id hO5Azjjkt4Wm; Tue, 27 Mar 2012 12:28:59 +0800 (CST)
Received: from f-225224966f204 (unknown [125.230.60.235])
by mail.vavchina.cn (EMOS V1.5 (Postfix)) with ESMTPA id 84832D471EAF;
Tue, 27 Mar 2012 12:28:58 +0800 (CST)
Authentication-Results: from 54.90.191.177 (HELO 203.188.197.9) (237.7.39.221) by mta198.mail.tp2.yahoo.com with SMTP; Mon, 12 Jul 2010 13:02:18 +0800
Received: from (none-3hrejerhree) (102.249.143.84) (EHLO m103.smail.tp2.yahoo.com) [47.216.134.41]) by mta166.mail.tp2.yahoo.com with SMTP; Mon, 12 Jul 2010 13:02:18 +0800
Receivedfrom yahoo@localhost) by m102.ac.tp2.yahoo.com (8.14.2/8.14.2) id o1M0mGPI008166; Mon, 12 Jul 2010 13:02:18 +0800 (CST) (envelope-from tw-auctions-sys@yahoo-inc.com)
From: "mdrjbrzdeytk" <noreply@email.yahoo-inc.com>
From: "lhq" <noreply@email.yahoo-inc.com>
To: jess711129@yahoo.com.tw
Subject: =?BIG5?B?OK3TpKOoRKRIvlCw4qpr?=
Date: Tue, 27 Mar 2012 12:28:33 +0800
MIME-Version: 1.0
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Content-Type: text/html;
charset="Big5"
Content-Transfer-Encoding: base64
X-Priority: 1
X-MSMail-Priority: Highest
X-Mailer: Microsoft Outlook Express 6.00.3790.0
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Message-Id: <20120327042859.DA491D471EB6@mail.xx.cn>
3 vi main.cf
[root@mailserver ~]# vi /etc/postfix/main.cf
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
# hostname
mynetworks = 127.0.0.1
myhostname = mail.xx.cn
mydomain = xx.cn
mydestination = $mynetworks, $myhostname
# banner
mail_name = EMOS V1.5 (Postfix)
smtpd_banner = $myhostname ESMTP $mail_name
# response immediately
smtpd_error_sleep_time = 0s
unknown_local_recipient_reject_code = 550
# extmail config here
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = maildrop:
# maildrop setting
maildrop_destination_recipient_limit = 1
smtpd_client_restrictions =
permit_sasl_authenticated,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_pipelining,
reject_unknown_client,
reject_invalid_hostname,
reject_unauth_destination,
reject_rbl_client cdl.anti-spam.org.cn,
reject_rbl_client cblless.anti-spam.org.cn,
reject_rbl_client cbl.anti-spam.org.cn
# smtpd related config
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_recipient_domain,
reject_unknown_reverse_client_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
check_policy_service inet:127.0.0.1:10030
header_checks = regexp:/etc/postfix/dspam_header_checks
# SMTP sender login matching config
smtpd_sender_restrictions =
permit_mynetworks,
reject_sender_login_mismatch,
reject_authenticated_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch
smtpd_sender_login_maps =
mysql:/etc/postfix/mysql_virtual_sender_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
# SMTP AUTH config here
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options = noanonymous
# Content-Filter
content_filter = smtp-amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
# Message and return code control
message_size_limit = 31457280
mailbox_size_limit = 31457280
show_user_unknown_table_name = no
# Queue lifetime control
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 1d
# Other settings
# TLS configuration
smtpd_use_tls = yes
smtpd_tls_auth_only = no
smtp_tls_CAfile = /etc/postfix/tls/smtpd.pem
smtp_tls_cert_file = /etc/postfix/tls/smtpd.pem
smtp_tls_key_file = /etc/postfix/tls/smtpd.pem
smtpd_tls_CAfile = /etc/postfix/tls/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/tls/smtpd.pem
smtpd_tls_key_file = /etc/postfix/tls/smtpd.pem
smtpd_tls_received_header = yes
smtpd_tls_loglevel = 0
smtpd_starttls_timeout = 60s
default_process_limit=500
smtpd_peername_lookup = no
vi mysql_virtual_sender_maps.cf
user = extmail
password = extmail
hosts = 127.0.0.1
dbname = extmail
table = mailbox
select_field = username
where_field = username
additional_conditions = and active = '1'
<<< 220 mail.xx.cn ESMTP EMOS V1.5 (Postfix)
>>> HELO mailradar.com
<<< 250 mail.xx.cn
>>> MAIL FROM: <antispam@mailradar.com>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest@mailradar.com>
<<< 450 4.7.1 Client host rejected: cannot find your hostname, [193.230.245.6]
>>> QUIT
<<< 221 2.0.0 Bye
已经把所有详情都帖全了 并非想不劳而获 实在是找了好久都没有解决方案
还是不行 麻烦 大家 帮忙看下 我已经 搜索解决方案 2天了 还是 不行 |
|
免费注册
发表于 2012-03-27 19:35
