2017-01-09 41 views
0

發送垃圾郵件,我收到一封電子郵件的濫用報告由AOL,下面的電子郵件消息被觸發爲垃圾郵件:Postfix的非上市發件人

Return-Path: <[email protected]> 
Received: from my.domain.com (my.domain.com [xxx.xxx.xxx.xxx]) 
    by mtaig-mae04.mx.aol.com (Internet Inbound) with SMTP id AB7CB7000008A 
    for <redacted>; Mon, 9 Jan 2017 05:08:15 -0500 (EST) 
Received: (qmail 8052 invoked by uid 3465); 09 Jan 2017 10:08:12 +0000 
Date: 09 Jan 2017 10:08:12 +0000 
Message-ID: <[email protected]> 
Subject: Order Cheap Meds. Save up to 70%. New 12 products. Deliver to your home. 
Reply-To: [email protected] 
MIME-Version: 1.0 
Content-Type: text/html; charset="iso-8859-1" 
Content-Transfer-Encoding: 8bit 
From: <[email protected]> 
To: 
X-Priority: 3 
x-aol-global-disposition: G 
Authentication-Results: mx.aol.com; 
    spf=none (aol.com: the domain www.dealbroker.nl appears to have no SPF Record.) smtp.mailfrom=www.dealbroker.nl; 
x-aol-sid: 3039ac1afe865873610f2eb3 
X-AOL-IP: xxx.xxx.xxx.xxx 
X-AOL-SPF: domain : www.dealbroker.nl SPF : none 

可以很容易地看到他們在他們的評估是正確的。

我在使用Postfix設置的專用Debian 7.11服務器上。我不主機提到的域www.dealbroker.nl

我已經搜索郵件ID和「dealbroker」的mail.log和phpmail.log(配置在php.ini記錄通過PHP發送的所有郵件)但無法找到任何事件。

服務器上的每個域都通過Rackspace的mailgun服務中繼其郵件。我也瀏覽了他們的日誌,空了。

我確信我已經設置的Postfix的main.cf配置不允許這樣做。

postconf -n

alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases 
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases 
anvil_rate_time_unit = 60s 
append_dot_mydomain = no 
biff = no 
body_checks = regexp:/etc/postfix/body_checks 
bounce_queue_lifetime = 12h 
broken_sasl_auth_clients = yes 
config_directory = /etc/postfix 
content_filter = amavis:[127.0.0.1]:10024 
greylisting = check_policy_service inet:127.0.0.1:10023 
header_checks = regexp:/etc/postfix/header_checks 
html_directory = /usr/share/doc/postfix/html 
inet_interfaces = all 
inet_protocols = all 
local_recipient_maps = $virtual_mailbox_maps 
local_transport = virtual 
mailbox_size_limit = 0 
maildrop_destination_concurrency_limit = 1 
maildrop_destination_recipient_limit = 1 
maximal_queue_lifetime = 12h 
message_size_limit = 0 
mime_header_checks = regexp:/etc/postfix/mime_header_checks 
mydestination = my.domain.com, localhost, localhost.localdomain 
myhostname = my.domain.com 
mynetworks = 127.0.0.0/8 [::1]/128 
myorigin = /etc/mailname 
nested_header_checks = regexp:/etc/postfix/nested_header_checks 
owner_request_special = no 
policy-spf_time_limit = 3600s 
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps 
readme_directory = /usr/share/doc/postfix 
receive_override_options = no_address_mappings 
recipient_delimiter = + 
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf 
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf 
relayhost = 
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf 
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay 
smtp_sasl_auth_enable = yes 
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd 
smtp_sasl_security_options = noanonymous 
smtp_sender_dependent_authentication = yes 
smtp_tls_exclude_ciphers = RC4, aNULL 
smtp_tls_protocols = !SSLv2,!SSLv3 
smtp_tls_security_level = may 
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache 
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) 
smtpd_client_message_rate_limit = 100 
smtpd_client_recipient_rate_limit = 50 
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname, check_client_access mysql:/etc/postfix/mysql-virtual_client.cf, reject_rbl_client cbl.abuseat.org 
smtpd_data_restrictions = reject_unauth_pipelining 
smtpd_delay_reject = yes 
smtpd_hard_error_limit = 20 
smtpd_helo_required = yes 
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo 
smtpd_recipient_limit = 50 
smtpd_recipient_overshoot_limit = 51 
smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, check_policy_service unix:private/policy-spf 
smtpd_reject_unlisted_sender = yes 
smtpd_restriction_classes = greylisting 
smtpd_sasl_auth_enable = yes 
smtpd_sasl_authenticated_header = yes 
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf 
smtpd_sender_restrictions = reject_unknown_sender_domain, reject_non_fqdn_sender, check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re 
smtpd_tls_CApath = /etc/postfix 
smtpd_tls_cert_file = /etc/postfix/smtpd.cert 
smtpd_tls_exclude_ciphers = RC4, aNULL 
smtpd_tls_key_file = /etc/postfix/smtpd.key 
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 
smtpd_tls_protocols = !SSLv2,!SSLv3 
smtpd_tls_security_level = may 
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache 
smtpd_use_tls = yes 
strict_rfc821_envelopes = yes 
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf 
virtual_alias_domains = 
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf 
virtual_mailbox_base = /var/vmail 
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf 
virtual_mailbox_limit = 0 
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf 
virtual_transport = maildrop 

如何找出這封電子郵件起源?

除了Postfix發送郵件外,還可以有其他的東西嗎?

任何幫助,非常感謝。

回答

0

它看起來像垃圾郵件是使用qmail而不是postfix發送的。

它可能來自您的網絡,但您確定它來自您的服務器?你的服務器是否有直接的互聯網IP,還是正在通過防火牆?如果你有一個防火牆,然後檢查它的日誌,看看你能否知道電子郵件來自哪裏。

您的網絡上是否有WiFi接入點?這可能是有人從另一臺計算機連接到您的網絡並使用它發送垃圾郵件。

0

行:

Authentication-Results: mx.aol.com; 
    spf=none (aol.com: the domain www.dealbroker.nl appears to have no SPF Record.) smtp.mailfrom=www.dealbroker.nl; 

表明電子郵件被標記爲垃圾郵件,因爲它沒有SPF記錄