postfix 2.6.6
Dovecot 2.0.9
SpamAssassin 3.3.1
Настроено и все работает! Но, что интересно приходят такие спамы:
Return-Path: <[email protected]>
X-Original-To: [email protected]
Received: from mail.pochta.ru (localhost [127.0.0.1])
by mail.pochta.ru (Postfix) with ESMTP id 87857A4003B
for <[email protected]>; Thu, 11 Apr 2019 12:13:18 +0600 (+06)
Received: by mail.pochta.ru (Postfix, from userid 5001)
id 6FAE7A40039; Thu, 11 Apr 2019 12:13:18 +0600 (+06)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on bitrix.pochta.ru
X-Spam-Level: ****
X-Spam-Status: No, score=4.8 required=5.0 tests=BAYES_50,DEAR_SOMETHING,
FREEMAIL_FROM,HK_RANDOM_ENVFROM,HTML_MESSAGE,MIME_HTML_ONLY,MISSING_MID,
RDNS_NONE autolearn=no version=3.3.1
Received: from enmh.com (unknown [49.81.198.142])
by mail.pochta.ru (Postfix) with ESMTP id 241FFA40039
for <[email protected]>; Thu, 11 Apr 2019 12:13:16 +0600 (+06)
Received: from vps11416 ([127.0.0.1]) by localhost via TCP with ESMTPA; Thu, 11 Apr 2019 14:12:59 +0800
MIME-Version: 1.0
From: May <[email protected]>
Sender: May <[email protected]>
To: [email protected]
Reply-To: May <[email protected]>
Date: 11 Apr 2019 14:12:59 +0800
Subject: =?utf-8?B?UmU6IEFsbCBraW5kcyBvZiBpbmR1c3RyeSB3aXRoIGFsdW1pbml1bSBwcm9maWxl?=
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
Message-Id: <[email protected]>
X-Virus-Scanned: ClamAV using ClamSMTP
Т.е. постоянно меняется адрес Sender: а From: не меняется.
И запрет в файле sender_access не работает.
в sender_access:
aliyun.com REJECT # заперт не действует.
enmh.com REJECT # запрет на него действует.
есть еще такие хосты 126.com, 163.com и т.д.
Что не так? Больше всего интересует как хост от sender запертит?
Вот настройки:
# Dovecot
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_helo_required = yes.
content_filter = scan:127.0.0.1:10025
receive_override_options = no_address_mappings
### Virtual Domains:
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains =
mysql:/etc/postfix/./virtual_mailbox_domains.cf
virtual_alias_maps =
mysql:/etc/postfix/./virtual_alias_maps.cf
virtual_mailbox_maps =
mysql:/etc/postfix/./virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_minimum_gid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
transport_maps = hash:/etc/postfix/transport
### Restrictions
smtpd_client_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
permit
smtpd_helo_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname,
reject_unknown_helo_hostname,
permit
smtpd_sender_restrictions =
# permit_mynetworks,
# permit_sasl_authenticated,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
<------>check_sender_access hash:/etc/postfix/sender_access
# reject
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_data_restrictions =
permit_mynetworks,
reject_unauth_pipelining,
reject_multi_recipient_bounce,
permit
smtpd_etrn_restrictions = reject
smtpd_helo_required = yes
smtpd_discard_ehlo_keywords = etrn, silent-discard
smtpd_forbidden_commands = CONNECT GET POST
disable_vrfy_command = yes
### TLS
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
smtp_tls_security_level=may
smtpd_tls_security_level=may
smtp_tls_loglevel = 1
smtpd_tls_loglevel = 1
tls_ssl_options = NO_COMPRESSION
tls_high_cipherlist=ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-
smtpd_tls_protocols=!SSLv2
smtp_tls_protocols=!SSLv2
#smtpd_tls_mandatory_ciphers = high
#smtp_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = !SSLv2
smtp_tls_mandatory_protocols = !SSLv2
#smtpd_tls_exclude_ciphers = aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, eNULL
#smtp_tls_exclude_ciphers = aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, eNULL
message_size_limit = 20971250
#readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
#sample_directory = /usr/share/doc/postfix-2.6.6/samples
html_directory = no
setgid_group = postdrop
command_directory = /usr/sbin
manpage_directory = /usr/share/man
mail_owner = postfix