垃圾郵件

Question

我已經創造了自己與後綴，達夫科特，spamasasin .. 一個郵件服務器我的郵件服務器上今天是看在日誌中，發現了大量的這種

Mar 7 15:38:30 chillihorse postfix/postscreen[16678]: CONNECT from [167.57.146.98]:65189 to [85.25.109.218]:25 
Mar 7 15:38:30 chillihorse postfix/postscreen[16678]: WHITELISTED [167.57.146.98]:65189 
Mar 7 15:38:30 chillihorse postfix/smtpd[16679]: connect from r167-57-146-98.dialup.adsl.anteldata.net.uy[167.57.146.98] 
Mar 7 15:38:30 chillihorse amavis[16660]: (16660-07) Blocked SPAM {RejectedOpenRelay}, AM.PDP-SOCK [114.41.245.133] [114.41.245.133] <security@confirmation.net> -> <laxmi.s@vedainformatics.com>,<laxmi.sanitary@yahoo.in>,<laxmi.sbelal@ymail.com>,<laxmi.shaw@rediffmail.com>,<laxmi.shrestha@ntc.net.np>,<laxmi.singh911@yahoo.in>,<laxmi.soni@cmcltd.com>,<laxmi.srinivas@talentsprint.com>,<laxmi.thammisetti@tcs.com>,<laxmi.upadhyay@vodafone.com>,<laxmi.varajidas@sapo.pt>,<laxmi.vemaraju@cmcltd.com>,<laxmi1020@yahoo.co.in>,<laxmi1@rediffmail.com>,<laxmi2010@att.net>,<laxmi206@yahoo.co.in>,<laxmi214@yahoo.co.in>,<laxmi2906@bbox.fr>,<laxmi2_2005@yahoo.co.in>, Queue-ID: DCD211140503, Message-ID: <9afb09ce7510fef97257cee8fead42fdsecurity@confirmation.net>, mail_id: ynqCA95iv26B, Hits: 15.057, size: 48365, 784 ms 
Mar 7 15:38:30 chillihorse postfix/cleanup[16833]: DCD211140503: milter-reject: END-OF-MESSAGE from 114-41-245-133.dynamic.hinet.net[114.41.245.133]: 5.7.0 Reject, id=16660-07 - spam; from=<security@confirmation.net> to=<laxmi2_2005@yahoo.co.in> proto=ESMTP helo=<220.152.56.78> 
Mar 7 15:38:31 chillihorse postfix/smtpd[16824]: disconnect from 114-41-245-133.dynamic.hinet.net[114.41.245.133] 
Mar 7 15:38:34 chillihorse postfix/smtpd[16679]: 7D7CB1140488: client=r167-57-146-98.dialup.adsl.anteldata.net.uy[167.57.146.98] 
Mar 7 15:38:43 chillihorse postfix/smtpd[16679]: 7D7CB1140488: reject: RCPT from r167-57-146-98.dialup.adsl.anteldata.net.uy[167.57.146.98]: 450 4.1.2 <gunhild.jansson@kungsholmen.stockholm.se>: Recipient address rejected: Domain not found; from=<customers@payee.net> to=<gunhild.jansson@kungsholmen.stockholm.se> proto=ESMTP helo=<190.179.48.65> 
Mar 7 15:38:46 chillihorse postfix/postscreen[16678]: CONNECT from [123.56.194.22]:59162 to [85.25.109.218]:25 
Mar 7 15:38:46 chillihorse postfix/postscreen[16678]: WHITELISTED [123.56.194.22]:59162 
Mar 7 15:38:46 chillihorse postfix/smtpd[16692]: connect from unknown[123.56.194.22] 
Mar 7 15:38:52 chillihorse postfix/cleanup[16689]: 7D7CB1140488: message-id=<0385d5ce1708ef90563c0a70ac57e1e4customers@payee.net> 
Mar 7 15:38:53 chillihorse postfix/smtpd[16692]: lost connection after MAIL from unknown[123.56.194.22] 
Mar 7 15:38:53 chillihorse postfix/smtpd[16692]: disconnect from unknown[123.56.194.22] 
Mar 7 15:38:54 chillihorse amavis[16659]: (16659-08) Blocked SPAM {RejectedOpenRelay}, AM.PDP-SOCK [167.57.146.98] [167.57.146.98] <customers@payee.net> -> <gunhandenizhan@yahoo.com>,<gunhanemrahsonmez@yahoo.com>,<gunhankutluk@yahoo.com.tr>,<gunhanlar@yahoo.com>,<gunhann@windowslive.com>,<gunhano@yahoo.com>,<gunhantatman@hotmail.com>,<gunhild.bjerre@live.dk>,<gunhild.bognaes@posten.no>,<gunhild.buestad@nordialaw.com>,<gunhild.claesson@home.se>,<gunhild.dahle@mrfylke.no>,<gunhild.dokkedal@yahoo.dk>,<gunhild.eriksson@tekniskamuseet.se>,<gunhild.h.synnestvedt@avinor.no>,<gunhild.haugnes@aftenposten.no>,<gunhild.holm@stofanet.dk>,<gunhild.johansen@utviklingssenteret.no>,<gunhild.ledang@alvdal.kommune.no>,<gunhild.melhuus@adecco.no>,<gunhild.nedal@stromstangen.no>,<gunhild.sallvin@swipnet.se>,<gunhild.stein@ezi.net>,<gunhild.vatn@ntnu.no>,<gunhild.viden@class.gu.se>,<gunhild79@hotmail.com>,<gunhild@brafolk.no>,<gunhild@hum.ku.dk>,<gunhild@ofir.dk>, Queue-ID: 7D7CB1140488, Message-ID: <0385d5ce1708ef90563c0a70... 
Mar 7 15:38:54 chillihorse amavis[16659]: (16659-08) ...ac57e1e4customers@payee.net>, mail_id: is6lNnFaXjWt, Hits: 15.951, size: 48715, 1031 ms 
Mar 7 15:38:54 chillihorse postfix/cleanup[16689]: 7D7CB1140488: milter-reject: END-OF-MESSAGE from r167-57-146-98.dialup.adsl.anteldata.net.uy[167.57.146.98]: 5.7.0 Reject, id=16659-08 - spam; from=<customers@payee.net> to=<gunhild@ofir.dk> proto=ESMTP helo=<190.179.48.65> 
Mar 7 15:38:55 chillihorse postfix/smtpd[16679]: disconnect from r167-57-146-98.dialup.adsl.anteldata.net.uy[167.57.146.98] 

也有郵件在MAILQ 。因爲這個，我的IP已經被列入黑名單。 但是這怎麼可能呢？我的意思是這些郵件地址不適合我的域名，在我的系統上沒有用戶帳戶。 感謝您提供有關如何阻止此垃圾郵件的幫助。

POSTCONF-N

alias_maps = hash:/etc/aliases 
append_dot_mydomain = no 
biff = no 
bounce_queue_lifetime = 5m 
config_directory = /etc/postfix 
content_filter = smtp-amavis:[127.0.0.1]:10024 
inet_interfaces = 127.0.0.1, 85.25.109.218 
local_recipient_maps = $virtual_mailbox_maps 
mailbox_size_limit = 0 
maximal_backoff_time = 15m 
maximal_queue_lifetime = 15m 
message_size_limit = 52428800 
milter_default_action = accept 
milter_protocol = 2 
minimal_backoff_time = 5m 
myhostname = mail.chillihorse.de 
mynetworks = 0.0.0.0/0 [::ffff:127.0.0.0]/104 [::1]/128 
non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock 
postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access 
postscreen_blacklist_action = drop 
postscreen_dnsbl_action = drop 
postscreen_dnsbl_sites = dnsbl.sorbs.net*1, bl.spamcop.net*1, ix.dnsbl.manitu.net*2, zen.spamhaus.org*2 
postscreen_dnsbl_threshold = 2 
postscreen_greet_action = drop 
queue_run_delay = 5m 
recipient_delimiter = + 
smtp_dns_support_level = dnssec 
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt 
smtp_tls_ciphers = high 
smtp_tls_policy_maps = mysql:/etc/postfix/sql/tls-policy.cf 
smtp_tls_protocols = !SSLv2, !SSLv3 
smtp_tls_security_level = dane 
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 
smtpd_client_restrictions = permit_mynetworks check_client_access hash:/etc/postfix/without_ptr reject_unknown_client_hostname 
smtpd_data_restrictions = reject_unauth_pipelining 
smtpd_milters = unix:/var/run/amavis/amavisd-milter.sock, unix:/var/run/opendkim/opendkim.sock 
smtpd_recipient_restrictions = check_recipient_access mysql:/etc/postfix/sql/recipient-access.cf 
smtpd_relay_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks reject_unauth_destination 
smtpd_tls_cert_file = /etc/letsencrypt/live/chillihorse.de/fullchain.pem 
smtpd_tls_ciphers = high 
smtpd_tls_dh1024_param_file = /etc/myssl/dh2048.pem 
smtpd_tls_key_file = /etc/letsencrypt/live/chillihorse.de/privkey.pem 
smtpd_tls_protocols = !SSLv2, !SSLv3 
smtpd_tls_security_level = may 
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 
tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA 
tls_ssl_options = NO_COMPRESSION 
virtual_alias_maps = mysql:/etc/postfix/sql/aliases.cf 
virtual_mailbox_domains = mysql:/etc/postfix/sql/domains.cf 
virtual_mailbox_maps = mysql:/etc/postfix/sql/accounts.cf 
virtual_transport = lmtp:unix:private/dovecot-lmtp 

Answer 1

刪除此
mynetworks = 0.0.0.0/0 [::ffff:127.0.0.0]/104 [::1]/128
並提出只有你的網絡
您的服務器正在爲開放中繼

Answer 2

行： mynetworks中= 0.0.0.0/ 0 [::ffff:127.0.0.0]/104 [:: 1]/128

0.0。 0.0/0是不好的部分。 如果你的本地網絡是192.168.1.0那麼： mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [:: 1]/128 192.168.1.0/24 會工作的更好，其他地址用於回送和內部通信。