主题: 伪造from为空绕过iredapd的别名策略限制问题
==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:iRedAdmin-Pro v1.6.0 (MySQL)
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):
- 使用的 Linux/BSD 发行版名称及版本号:CentOS 6.4 X64
- 与您的问题相关的日志信息:
====
用Advanced Direct Remailer 本地建一个SMTP Server
telnet localhost 25
250 OK
ehlo example.com
250 OK
mail from:< > ##中间有个空格
250 OK
rcpt to:lishixin@example.cn
250 OK
data
354 Start mail input; end with <CRLF>.<CRLF>
test
.
250 OK
####
### maillog ###########################################################################3
Jun 18 13:49:54 mail postfix/smtpd[23083]: connect from unknown[124.65.12.4]
Jun 18 13:49:54 mail policyd: connection from: 127.0.0.1 port: 34520 slots: 0 of 2044 used
Jun 18 13:49:54 mail policyd: rcpt=1, module=bypass, host=124.65.12.4 (unknown), from=<>, to=lishixin@example.cn, size=0
Jun 18 13:49:54 mail postfix/smtpd[23083]: 59105619AC: client=unknown[124.65.12.4]
Jun 18 13:49:54 mail postfix/cleanup[23201]: 59105619AC: message-id=<>
Jun 18 13:49:54 mail postfix/qmgr[3713]: 59105619AC: from=<>, size=181, nrcpt=1 (queue active)
Jun 18 13:49:54 mail postfix/smtpd[23083]: disconnect from unknown[124.65.12.4]
Jun 18 13:49:54 mail postfix/pipe[23203]: 59105619AC: to=<lishixin@example.cn>, relay=dovecot, delay=0.19, delays=0.1/0.01/0/0.08, dsn=2.0.0, status=sent (delivered via dovecot service)
##### iredapd log ########
2013-06-18 13:56:42 DEBUG Connect from 127.0.0.1, port 40108.
2013-06-18 13:56:42 DEBUG smtp session: request=smtpd_access_policy
2013-06-18 13:56:42 DEBUG smtp session: protocol_state=RCPT
2013-06-18 13:56:42 DEBUG smtp session: protocol_name=ESMTP
2013-06-18 13:56:42 DEBUG smtp session: client_address=124.65.12.4
2013-06-18 13:56:42 DEBUG smtp session: client_name=unknown
2013-06-18 13:56:42 DEBUG smtp session: reverse_client_name=unknown
2013-06-18 13:56:42 DEBUG smtp session: helo_name=baidu.com
2013-06-18 13:56:42 DEBUG smtp session: sender=
2013-06-18 13:56:42 DEBUG smtp session: recipient=lishixin@example.cn
2013-06-18 13:56:42 DEBUG smtp session: recipient_count=0
2013-06-18 13:56:42 DEBUG smtp session: queue_id=
2013-06-18 13:56:42 DEBUG smtp session: instance=5a2b.51bff69a.74d3d.0
2013-06-18 13:56:42 DEBUG smtp session: size=0
2013-06-18 13:56:42 DEBUG smtp session: etrn_domain=
2013-06-18 13:56:42 DEBUG smtp session: stress=
2013-06-18 13:56:42 DEBUG smtp session: sasl_method=
2013-06-18 13:56:42 DEBUG smtp session: sasl_username=
2013-06-18 13:56:42 DEBUG smtp session: sasl_sender=
2013-06-18 13:56:42 DEBUG smtp session: ccert_subject=
2013-06-18 13:56:42 DEBUG smtp session: ccert_issuer=
2013-06-18 13:56:42 DEBUG smtp session: ccert_fingerprint=
2013-06-18 13:56:42 DEBUG smtp session: encryption_protocol=
2013-06-18 13:56:42 DEBUG smtp session: encryption_cipher=
2013-06-18 13:56:42 DEBUG smtp session: encryption_keysize=0
2013-06-18 13:56:42 INFO [124.65.12.4] -> lishixin@example.cn, DUNNO
2013-06-18 13:56:42 DEBUG Connection closed
2013-06-18 13:56:42 DEBUG Closed SQL connection.
####问题关键所在############
/opt/iredapd/libs/sql/modeler.py
# Not a valid email address.
if len(smtp_session_data['sender']) < 6:
return 'DUNNO'
sender 小于6的最后都dunno了。然后这个就直接返回了。
#### 暂时解决方法############
开启垃圾邮件,直接隔离
等待 张工处理吧