1 youliang发表

(0 篇回复,发表在 iRedMail 技术支持)

zhang**用户被别人盗用发邮件,以下日志是改成强密码后的日志。

May 23 14:10:46 vm-mail postfix/postscreen[3227]: CONNECT from [121.232.16.58]:50220 to [61.*.*.*]:25
May 23 14:10:46 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.01 from [121.232.16.58]:50220: EHLO ylmf-pc\r\n
May 23 14:10:46 vm-mail postfix/postscreen[3227]: HANGUP after 0.05 from [121.232.43.53]:50128 in tests after SMTP handshake
May 23 14:10:46 vm-mail postfix/postscreen[3227]: DISCONNECT [121.232.43.53]:50128
May 23 14:10:47 vm-mail postfix/postscreen[3227]: CONNECT from [121.232.18.230]:50282 to [61.*.*.*]:25
May 23 14:10:47 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.03 from [121.232.18.230]:50282: EHLO ylmf-pc\r\n
May 23 14:10:47 vm-mail postfix/postscreen[3227]: HANGUP after 0.04 from [121.232.16.58]:50220 in tests after SMTP handshake
May 23 14:10:47 vm-mail postfix/postscreen[3227]: DISCONNECT [121.232.16.58]:50220
May 23 14:10:47 vm-mail postfix/postscreen[3227]: CONNECT from [180.125.131.244]:50356 to [61.*.*.*]:25
May 23 14:10:47 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.01 from [180.125.131.244]:50356: EHLO ylmf-pc\r\n
May 23 14:10:47 vm-mail postfix/postscreen[3227]: HANGUP after 0.05 from [180.125.131.244]:50356 in tests after SMTP handshake
May 23 14:10:47 vm-mail postfix/postscreen[3227]: DISCONNECT [180.125.131.244]:50356
May 23 14:10:47 vm-mail postfix/postscreen[3227]: CONNECT from [49.67.138.250]:50456 to [61.*.*.*]:25
May 23 14:10:47 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.03 from [49.67.138.250]:50456: EHLO ylmf-pc\r\n
May 23 14:10:47 vm-mail postfix/postscreen[3227]: HANGUP after 0.03 from [121.232.18.230]:50282 in tests after SMTP handshake
May 23 14:10:47 vm-mail postfix/postscreen[3227]: DISCONNECT [121.232.18.230]:50282
May 23 14:10:47 vm-mail postfix/postscreen[3227]: CONNECT from [117.86.116.191]:50523 to [61.*.*.*]:25
May 23 14:10:47 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.02 from [117.86.116.191]:50523: EHLO ylmf-pc\r\n
May 23 14:10:47 vm-mail postfix/postscreen[3227]: HANGUP after 0.03 from [49.67.138.250]:50456 in tests after SMTP handshake
May 23 14:10:47 vm-mail postfix/postscreen[3227]: DISCONNECT [49.67.138.250]:50456
May 23 14:10:47 vm-mail postfix/postscreen[3227]: CONNECT from [114.232.192.185]:50704 to [61.*.*.*]:25
May 23 14:10:47 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.02 from [114.232.192.185]:50704: EHLO ylmf-pc\r\n
May 23 14:10:47 vm-mail postfix/postscreen[3227]: HANGUP after 0.07 from [117.86.116.191]:50523 in tests after SMTP handshake
May 23 14:10:47 vm-mail postfix/postscreen[3227]: DISCONNECT [117.86.116.191]:50523
May 23 14:10:47 vm-mail postfix/postscreen[3227]: HANGUP after 0.04 from [114.232.192.185]:50704 in tests after SMTP handshake
May 23 14:10:47 vm-mail postfix/postscreen[3227]: DISCONNECT [114.232.192.185]:50704
May 23 14:10:47 vm-mail postfix/postscreen[3227]: CONNECT from [121.226.62.59]:50808 to [61.*.*.*]:25
May 23 14:10:47 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.01 from [121.226.62.59]:50808: EHLO ylmf-pc\r\n
May 23 14:10:47 vm-mail postfix/postscreen[3227]: CONNECT from [218.91.224.155]:50836 to [61.*.*.*]:25
May 23 14:10:47 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.01 from [218.91.224.155]:50836: EHLO ylmf-pc\r\n
May 23 14:10:48 vm-mail postfix/postscreen[3227]: HANGUP after 0.15 from [218.91.224.155]:50836 in tests after SMTP handshake
May 23 14:10:48 vm-mail postfix/postscreen[3227]: DISCONNECT [218.91.224.155]:50836
May 23 14:10:48 vm-mail postfix/postscreen[3227]: CONNECT from [114.232.195.170]:51025 to [61.*.*.*]:25
May 23 14:10:48 vm-mail postfix/postscreen[3227]: HANGUP after 0.13 from [121.226.62.59]:50808 in tests after SMTP handshake
May 23 14:10:48 vm-mail postfix/postscreen[3227]: DISCONNECT [121.226.62.59]:50808
May 23 14:10:48 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.03 from [114.232.195.170]:51025: EHLO ylmf-pc\r\n
May 23 14:10:48 vm-mail postfix/postscreen[3227]: CONNECT from [121.226.57.38]:51074 to [61.*.*.*]:25
May 23 14:10:48 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.08 from [121.226.57.38]:51074: EHLO ylmf-pc\r\n
May 23 14:10:48 vm-mail postfix/postscreen[3227]: HANGUP after 0.09 from [121.226.57.38]:51074 in tests after SMTP handshake
May 23 14:10:48 vm-mail postfix/postscreen[3227]: DISCONNECT [121.226.57.38]:51074
May 23 14:10:48 vm-mail postfix/postscreen[3227]: CONNECT from [221.227.164.167]:51132 to [61.*.*.*]:25
May 23 14:10:48 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.03 from [221.227.164.167]:51132: EHLO ylmf-pc\r\n
May 23 14:10:48 vm-mail postfix/postscreen[3227]: HANGUP after 0.04 from [114.232.195.170]:51025 in tests after SMTP handshake
May 23 14:10:48 vm-mail postfix/postscreen[3227]: DISCONNECT [114.232.195.170]:51025
May 23 14:10:48 vm-mail postfix/postscreen[3227]: CONNECT from [117.86.116.222]:51249 to [61.*.*.*]:25
May 23 14:10:48 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.03 from [117.86.116.222]:51249: EHLO ylmf-pc\r\n
May 23 14:10:48 vm-mail postfix/postscreen[3227]: HANGUP after 0.06 from [117.86.116.222]:51249 in tests after SMTP handshake
May 23 14:10:48 vm-mail postfix/postscreen[3227]: DISCONNECT [117.86.116.222]:51249
May 23 14:10:48 vm-mail postfix/postscreen[3227]: CONNECT from [121.232.125.154]:51363 to [61.*.*.*]:25
May 23 14:10:48 vm-mail postfix/postscreen[3227]: HANGUP after 0.03 from [221.227.164.167]:51132 in tests after SMTP handshake
May 23 14:10:48 vm-mail postfix/postscreen[3227]: DISCONNECT [221.227.164.167]:51132
May 23 14:10:48 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.01 from [121.232.125.154]:51363: EHLO ylmf-pc\r\n
May 23 14:10:48 vm-mail postfix/postscreen[3227]: CONNECT from [121.232.17.173]:51400 to [61.*.*.*]:25
May 23 14:10:48 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.01 from [121.232.17.173]:51400: EHLO ylmf-pc\r\n
May 23 14:10:49 vm-mail postfix/postscreen[3227]: HANGUP after 0.03 from [121.232.125.154]:51363 in tests after SMTP handshake
May 23 14:10:49 vm-mail postfix/postscreen[3227]: DISCONNECT [121.232.125.154]:51363
May 23 14:10:49 vm-mail postfix/postscreen[3227]: CONNECT from [180.121.150.86]:51560 to [61.*.*.*]:25
May 23 14:10:49 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.01 from [180.121.150.86]:51560: EHLO ylmf-pc\r\n
May 23 14:10:49 vm-mail postfix/postscreen[3227]: HANGUP after 0.05 from [180.121.150.86]:51560 in tests after SMTP handshake
May 23 14:10:49 vm-mail postfix/postscreen[3227]: DISCONNECT [180.121.150.86]:51560
May 23 14:10:49 vm-mail postfix/postscreen[3227]: CONNECT from [49.67.166.184]:51682 to [61.*.*.*]:25
May 23 14:10:49 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.02 from [49.67.166.184]:51682: EHLO ylmf-pc\r\n
May 23 14:10:49 vm-mail postfix/postscreen[3227]: HANGUP after 0.05 from [121.232.17.173]:51400 in tests after SMTP handshake
May 23 14:10:49 vm-mail postfix/postscreen[3227]: DISCONNECT [121.232.17.173]:51400
May 23 14:10:49 vm-mail postfix/postscreen[3227]: CONNECT from [49.67.166.184]:51723 to [61.*.*.*]:25
May 23 14:10:49 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.01 from [49.67.166.184]:51723: EHLO ylmf-pc\r\n
May 23 14:10:49 vm-mail postfix/postscreen[3227]: HANGUP after 0.03 from [49.67.166.184]:51723 in tests after SMTP handshake
May 23 14:10:49 vm-mail postfix/postscreen[3227]: DISCONNECT [49.67.166.184]:51723
May 23 14:10:49 vm-mail postfix/postscreen[3227]: HANGUP after 0.04 from [49.67.166.184]:51682 in tests after SMTP handshake
May 23 14:10:49 vm-mail postfix/postscreen[3227]: DISCONNECT [49.67.166.184]:51682
May 23 14:10:49 vm-mail postfix/postscreen[3227]: CONNECT from [180.121.141.254]:51805 to [61.*.*.*]:25
May 23 14:10:49 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.03 from [180.121.141.254]:51805: EHLO ylmf-pc\r\n
May 23 14:10:49 vm-mail postfix/postscreen[3227]: CONNECT from [114.232.216.17]:51833 to [61.*.*.*]:25
May 23 14:10:49 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.02 from [114.232.216.17]:51833: EHLO ylmf-pc\r\n
May 23 14:10:49 vm-mail postfix/postscreen[3227]: HANGUP after 0.05 from [114.232.216.17]:51833 in tests after SMTP handshake
May 23 14:10:49 vm-mail postfix/postscreen[3227]: DISCONNECT [114.232.216.17]:51833
May 23 14:10:49 vm-mail postfix/postscreen[3227]: CONNECT from [180.120.191.173]:51942 to [61.*.*.*]:25
May 23 14:10:49 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.02 from [180.120.191.173]:51942: EHLO ylmf-pc\r\n
May 23 14:10:49 vm-mail postfix/postscreen[3227]: HANGUP after 0.05 from [180.121.141.254]:51805 in tests after SMTP handshake
May 23 14:10:49 vm-mail postfix/postscreen[3227]: DISCONNECT [180.121.141.254]:51805
May 23 14:10:49 vm-mail postfix/postscreen[3227]: CONNECT from [180.121.190.127]:51989 to [61.*.*.*]:25
May 23 14:10:49 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.02 from [180.121.190.127]:51989: EHLO ylmf-pc\r\n
May 23 14:10:50 vm-mail postfix/postscreen[3227]: HANGUP after 0.04 from [180.121.190.127]:51989 in tests after SMTP handshake
May 23 14:10:50 vm-mail postfix/postscreen[3227]: DISCONNECT [180.121.190.127]:51989
May 23 14:10:50 vm-mail postfix/postscreen[3227]: HANGUP after 0.04 from [180.120.191.173]:51942 in tests after SMTP handshake
May 23 14:10:50 vm-mail postfix/postscreen[3227]: DISCONNECT [180.120.191.173]:51942
May 23 14:10:50 vm-mail postfix/postscreen[3227]: CONNECT from [121.232.18.144]:52189 to [61.*.*.*]:25
May 23 14:10:50 vm-mail postfix/postscreen[3227]: CONNECT from [121.232.17.173]:52195 to [61.*.*.*]:25
May 23 14:10:50 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.04 from [121.232.18.144]:52189: EHLO ylmf-pc\r\n
May 23 14:10:50 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.05 from [121.232.17.173]:52195: EHLO ylmf-pc\r\n
May 23 14:10:50 vm-mail postfix/smtpd[13258]: connect from unknown[219.145.208.126]
May 23 14:10:50 vm-mail postfix/postscreen[3227]: HANGUP after 0.05 from [121.232.18.144]:52189 in tests after SMTP handshake
May 23 14:10:50 vm-mail postfix/postscreen[3227]: DISCONNECT [121.232.18.144]:52189
May 23 14:10:50 vm-mail postfix/postscreen[3227]: HANGUP after 0.08 from [121.232.17.173]:52195 in tests after SMTP handshake
May 23 14:10:50 vm-mail postfix/postscreen[3227]: DISCONNECT [121.232.17.173]:52195
May 23 14:10:50 vm-mail postfix/postscreen[3227]: CONNECT from [121.226.126.120]:52376 to [61.*.*.*]:25
May 23 14:10:50 vm-mail postfix/postscreen[3227]: CONNECT from [221.227.136.52]:52387 to [61.*.*.*]:25
May 23 14:10:50 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.02 from [121.226.126.120]:52376: EHLO ylmf-pc\r\n
May 23 14:10:50 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.02 from [221.227.136.52]:52387: EHLO ylmf-pc\r\n
May 23 14:10:50 vm-mail postfix/smtpd[13258]: Anonymous TLS connection established from unknown[219.145.208.126]: TLSv1 with cipher AES128-SHA (128/128 bits)
May 23 14:10:50 vm-mail postfix/postscreen[3227]: HANGUP after 0.03 from [121.226.126.120]:52376 in tests after SMTP handshake
May 23 14:10:50 vm-mail postfix/postscreen[3227]: DISCONNECT [121.226.126.120]:52376
May 23 14:10:50 vm-mail postfix/postscreen[3227]: CONNECT from [121.232.18.230]:52512 to [61.*.*.*]:25
May 23 14:10:50 vm-mail postfix/smtpd[13258]: NOQUEUE: reject: RCPT from unknown[219.145.208.126]: 450 4.7.1 <EXBDC.cement.local>: Helo command rejected: Host not found; from=<jinqingming@jlcement.com> to=<wanghui@sincesh.com> proto=ESMTP helo=<EXBDC.cement.local>
May 23 14:10:50 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.03 from [121.232.18.230]:52512: EHLO ylmf-pc\r\n
May 23 14:10:50 vm-mail postfix/smtpd[13258]: disconnect from unknown[219.145.208.126]
May 23 14:10:50 vm-mail postfix/postscreen[3227]: HANGUP after 0.04 from [221.227.136.52]:52387 in tests after SMTP handshake
May 23 14:10:50 vm-mail postfix/postscreen[3227]: DISCONNECT [221.227.136.52]:52387
May 23 14:10:50 vm-mail postfix/postscreen[3227]: CONNECT from [49.67.167.250]:52612 to [61.*.*.*]:25
May 23 14:10:50 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.03 from [49.67.167.250]:52612: EHLO ylmf-pc\r\n
May 23 14:10:50 vm-mail postfix/postscreen[3227]: HANGUP after 0.04 from [121.232.18.230]:52512 in tests after SMTP handshake
May 23 14:10:50 vm-mail postfix/postscreen[3227]: DISCONNECT [121.232.18.230]:52512
May 23 14:10:50 vm-mail postfix/postscreen[3227]: CONNECT from [121.232.18.230]:52637 to [61.*.*.*]:25
May 23 14:10:51 vm-mail postfix/postscreen[3227]: PREGREET 14 after 0.05 from [121.232.18.230]:52637: EHLO ylmf-pc\r\n
May 23 14:10:51 vm-mail postfix/10025/smtpd[13839]: 2D1D742FAD73: client=vm-mail.poocan.com[127.0.0.1]
May 23 14:10:51 vm-mail postfix/cleanup[15292]: 2D1D742FAD73: message-id=<xxkm7k2-iet852-10@sincesh.com>
May 23 14:10:51 vm-mail amavis[15636]: (15636-20) Passed CLEAN {RelayedInbound}, [92.52.207.55]:3858 [92.52.207.55] <zhang**@sincesh.com> -> <ecs162@aol.com>, Queue-ID: D75BA4291CE6, Message-ID: <xxkm7k2-iet852-10@sincesh.com>, mail_id: JLLaTx5g5uce, Hits: 3.669, size: 899, queued_as: 2D1D742FAD73, 6441 ms, Tests: [ALL_TRUSTED=-1,BAYES_00=-1.9,RAZOR2_CF_RANGE_51_100=1.886,RAZOR2_CHECK=0.922,URIBL_BLOCKED=0.001,URIBL_CR_SURBL=1.263,URI_WP_HACKED_2=2.497]
May 23 14:10:51 vm-mail postfix/smtp-amavis/smtp[15731]: D75BA4291CE6: to=<ecs162@aol.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=19141, delays=9169/9966/0/6.4, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2D1D742FAD73)


以下是邮件能发不能收日志
May 23 13:23:14 vm-mail postfix/smtpd[8435]: 07CD242E994A: client=unknown[116.*.*.*], sasl_method=LOGIN, sasl_username=zuo**@r**.com
May 23 13:45:33 vm-mail postfix/smtpd[13255]: 1D10442F630A: client=unknown[116.*.*.*], sasl_method=LOGIN, sasl_username=zuo**@r**.com
May 23 14:10:17 vm-mail postfix/smtpd[13255]: 2EEB242FAD62: client=unknown[116.*.*.*], sasl_method=LOGIN, sasl_username=zuo**@r**.com
May 23 14:16:51 vm-mail postfix/smtpd[13258]: B931C42FEB62: client=unknown[116.*.*.*], sasl_method=LOGIN, sasl_username=zuo**@r**.com

前往版面: iRedMail 技术支持

2 youliang发表

(2 篇回复,发表在 iRedMail 技术支持)

May 23 13:45:27 vm-mail postfix/qmgr[2917]: 862AF4292473: removed
May 23 13:45:27 vm-mail postfix/qmgr[2917]: 58D4241F8997: from=<zh***@s***.com>, size=1091, nrcpt=1 (queue active)
May 23 13:45:29 vm-mail postfix/10025/smtpd[10073]: 230DF42F6309: client=vm-mail.poocan.com[127.0.0.1]
May 23 13:45:29 vm-mail postfix/cleanup[13479]: 230DF42F6309: message-id=<5E67B0AB-9C8E-8B26-C45B-DB17BEAEB2FF@s***.com>
May 23 13:45:29 vm-mail amavis[13648]: (13648-18) Passed CLEAN {RelayedInbound}, [92.52.207.55]:3858 [92.52.207.55] <zh***@s***.com> -> <cleonmck1@bellsouth.net>, Queue-ID: 0CC49413714A, Message-ID: <5E67B0AB-9C8E-8B26-C45B-DB17BEAEB2FF@s***.com>, mail_id: hoZVlaU-GWtU, Hits: 3.819, size: 1129, queued_as: 230DF42F6309, 1759 ms, Tests: [ALL_TRUSTED=-1,BAYES_00=-1.9,MORE_SEX=1.413,RAZOR2_CF_RANGE_51_100=1.886,RAZOR2_CHECK=0.922,URIBL_BLOCKED=0.001,URI_WP_HACKED_2=2.497]
May 23 13:45:29 vm-mail postfix/smtp-amavis/smtp[13647]: 0CC49413714A: to=<cleonmck1@bellsouth.net>, relay=127.0.0.1[127.0.0.1]:10024, delay=17699, delays=9248/8449/0/1.8, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 230DF42F6309)
May 23 13:45:32 vm-mail postfix/postscreen[3227]: CONNECT from [116.*.*.*]:64970 to [61.*.*.*]:25
May 23 13:45:32 vm-mail postfix/postscreen[3227]: WHITELISTED [116.*.*.*]:64970
May 23 13:45:32 vm-mail postfix/smtpd[13255]: connect from unknown[116.*.*.*]
May 23 13:45:33 vm-mail postfix/smtpd[13255]: 1D10442F630A: client=unknown[116.*.*.*], sasl_method=LOGIN, sasl_username=zuowenqi@ruwii.com
May 23 13:45:33 vm-mail postfix/cleanup[13605]: 1D10442F630A: message-id=<2018052313452979692015@ruwii.com>
May 23 13:45:33 vm-mail postfix/smtpd[13255]: disconnect from unknown[116.*.*.*]

前往版面: iRedMail 技术支持

3 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous

因为某些原因一定要开启这2行注释。请问下章工,如果再次前提下,我只想让某一个IP,或者某一个域名转发邮件,其他连接进来直接拒绝,要如何设置。。。

前往版面: iRedMail 技术支持

4 youliang发表

(0 篇回复,发表在 iRedMail 技术支持)

章工,好。

在demo1.com的域下开了10个邮箱。
现在这10个人要迁移到demo2.com下,这个是否只要把原来邮箱删了,然后重新新建就可以了?
如果这样操作,还有一个问题,因为这些员工名片已经发出去了,以后不排除有人向demo1下发邮件,请问demo1的邮件如何转发到demo2?

centos7
iredmail 0.9.6
mysql

前往版面: iRedMail 技术支持

5 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

centos 7
mysql
iredmail 0.9.6

查数据库,mailbox记录就是邮箱里存在的2封邮件,都只有几十k
然后used_quota却又477M
页面行看也是如此,邮箱占用95%,但是没邮件,好像空间被吃掉了一样。
请问章总如何查。(另外不知道怎么发图,页面图像发不上来。)

MariaDB [vmail]> select * from used_quota where username like "%zh****%";
+--------------------+-----------+----------+-------------+
| username           | bytes     | messages | domain      |
+--------------------+-----------+----------+-------------+
| zh****@sh****.com   |    378180 |        9 | sh****.com   |
| zh****@si*****.com | 496544874 |      799 | si*****.com |
+--------------------+-----------+----------+-------------+
2 rows in set (0.00 sec)

MariaDB [vmail]> select * from used_quota where username like "%zh****%";
+--------------------+-----------+----------+-------------+
| username           | bytes     | messages | domain      |
+--------------------+-----------+----------+-------------+
| zh****@sh***.com   |    378180 |        9 | sh***.com   |
| zh****@sin****.com | 496544874 |      799 | si****.com |
+--------------------+-----------+----------+-------------+
2 rows in set (0.00 sec)

前往版面: iRedMail 技术支持

6 youliang发表

(0 篇回复,发表在 iRedMail 技术支持)

邮件发送拒绝,客户注册完成后,由PHP程序自动发送的注册成功邮件。

Jan 18 15:17:11 mail postfix/smtpd[1963]: NOQUEUE: reject: RCPT from unknown[180.x.x.x]: 554 5.7.1 <192.168.1.180>: Helo command rejected: ACCESS DENIED. Your email was rejected because the sending mail server sent non RFC compliant HELO identity (192.168.1.180); from=<test@aaaaa.com> to=<test@outlook.com> proto=ESMTP helo=<192.168.1.180>

请问,如何设置?
连接主机没域名,只有IP,另外此网段上foxmail是可以的。

请告诉我如何加白名单。需要加的,有一个域名,一个IP

前往版面: iRedMail 技术支持

7 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

iredmail:0.9.6
OS: centos 7
DB: mysql

现在情况是这样:(截图太麻烦,我简单手写下iRedAdmin页面的情况)
Domain           Users
a.com                 10
b.com                  2

现在需求是这样,要把a.com已经存在的部分用户(大概6个人)转移到b.com下。请问要怎么操作。。。

前往版面: iRedMail 技术支持

8 youliang回复

(5 篇回复,发表在 iRedMail 技术支持)

没有使用中转。这2个ip都是一样的。

前往版面: iRedMail 技术支持

9 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

章工,你好。
我们公司准备使用的是阿里云主机作为邮件服务器,但是阿里云主机现在只开放30001-30005五个端口。请问如何将25端口改成30001。需要在哪里改。

在/ect/service里面修改完之后,邮件就发不出去了。请问还有其他配套的地方需要一起修改的。

系统centos7.3
iredmail:0.9.7

前往版面: iRedMail 技术支持

10 youliang发表

(4 篇回复,发表在 iRedMail 技术支持)

请帮忙看下,谢谢。

Dec 14 14:43:48 email postfix/postscreen[15396]: CONNECT from [180.x.x.x]:35789 to [121.x.x.x]:25
Dec 14 14:43:48 email postfix/dnsblog[15397]: addr 180.x.x.x listed by domain zen.spamhaus.org as 127.0.0.11
Dec 14 14:43:48 email postfix/postscreen[15396]: DNSBL rank 3 for [180.x.x.x]:35789
Dec 14 14:43:48 email postfix/postscreen[15396]: BARE NEWLINE from [180.x.x.x]:35789 after EHLO 192.168.1.172
Dec 14 14:43:48 email postfix/postscreen[15396]: DISCONNECT [180.x.x.x]:35789

前往版面: iRedMail 技术支持

11 youliang回复

(5 篇回复,发表在 iRedMail 技术支持)

ZhangHuangbin 写道:
youliang 写道:

Dec 12 16:33:37 email postfix/smtp[13366]: 11626123B49: to=<tom@aaabbb.com>, relay=61.XX.XX.XX[61.XX.XX.XX]:25, delay=0.53, delays=0.02/0.01/0.32/0.19, dsn=5.7.1, status=bounced (host 61.XX.XX.XX[61.XX.XX.XX] said: 554 5.7.1 <tom@aaabbb.com>: Recipient address rejected: Policy rejection not logged in (in reply to RCPT TO command))

FYI: https://docs.iredmail.org/errors.html#s … -logged-in

你好,章工
此错误并非是由客户端程序发起的,而是直接通过iredmail一键安装的web端发起。
具体操作是:执行脚本安装后,直接发邮件遇到此问题。
请问是否安装完成后,还有配置需要修改。

前往版面: iRedMail 技术支持

12 youliang发表

(5 篇回复,发表在 iRedMail 技术支持)

centos7.3     iredmail:0.9.7


Dec 12 16:33:36 email postfix/submission/smtpd[13335]: connect from localhost[127.0.0.1]
Dec 12 16:33:36 email postfix/submission/smtpd[13335]: Anonymous TLS connection established from localhost[127.0.0.1]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Dec 12 16:33:36 email postfix/submission/smtpd[13335]: warning: numeric domain name in resource data of MX record for aaabbb.com: 61.XX.XX.XX
Dec 12 16:33:36 email postfix/submission/smtpd[13335]: 304AF123B3F: client=localhost[127.0.0.1], sasl_method=LOGIN, sasl_username=emp@test.com
Dec 12 16:33:36 email postfix/cleanup[13350]: 304AF123B3F: message-id=<121fb87b8b51472f5a10b1acc851a8f2@test.com>
Dec 12 16:33:36 email postfix/qmgr[12074]: 304AF123B3F: from=<emp@test.com>, size=518, nrcpt=1 (queue active)
Dec 12 16:33:36 email roundcube: <k2vp6krc> User emp@test.com [180.173.65.112]; Message for tom@aaabbb.com; 250: 2.0.0 Ok: queued as 304AF123B3F
Dec 12 16:33:36 email postfix/submission/smtpd[13335]: disconnect from localhost[127.0.0.1]
Dec 12 16:33:36 email clamd[1005]: SelfCheck: Database status OK.
Dec 12 16:33:37 email postfix/10025/smtpd[13365]: connect from localhost[127.0.0.1]
Dec 12 16:33:37 email postfix/10025/smtpd[13365]: 11626123B49: client=localhost[127.0.0.1]
Dec 12 16:33:37 email postfix/cleanup[13350]: 11626123B49: message-id=<121fb87b8b51472f5a10b1acc851a8f2@test.com>
Dec 12 16:33:37 email postfix/10025/smtpd[13365]: disconnect from localhost[127.0.0.1]
Dec 12 16:33:37 email postfix/qmgr[12074]: 11626123B49: from=<emp@test.com>, size=1586, nrcpt=1 (queue active)
Dec 12 16:33:37 email amavis[1705]: (01705-01) Passed CLEAN {RelayedInternal}, ORIGINATING/MYNETS LOCAL [127.0.0.1]:53026 <emp@test.com> -> <tom@aaabbb.com>, Queue-ID: 304AF123B3F, Message-ID: <121fb87b8b51472f5a10b1acc851a8f2@test.com>, mail_id: Ehmx6wsOqyot, Hits: -1, size: 518, queued_as: 11626123B49, dkim_new=dkim:test.com, 826 ms, Tests: [ALL_TRUSTED=-1]
Dec 12 16:33:37 email postfix/amavis/smtp[13355]: 304AF123B3F: to=<tom@aaabbb.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.96, delays=0.11/0.01/0.01/0.83, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 11626123B49)
Dec 12 16:33:37 email postfix/qmgr[12074]: 304AF123B3F: removed
Dec 12 16:33:37 email postfix/smtp[13366]: warning: numeric domain name in resource data of MX record for aaabbb.com: 61.XX.XX.XX
Dec 12 16:33:37 email postfix/smtp[13366]: Untrusted TLS connection established to 61.XX.XX.XX[61.XX.XX.XX]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Dec 12 16:33:37 email postfix/smtp[13366]: 11626123B49: to=<tom@aaabbb.com>, relay=61.XX.XX.XX[61.XX.XX.XX]:25, delay=0.53, delays=0.02/0.01/0.32/0.19, dsn=5.7.1, status=bounced (host 61.XX.XX.XX[61.XX.XX.XX] said: 554 5.7.1 <tom@aaabbb.com>: Recipient address rejected: Policy rejection not logged in (in reply to RCPT TO command))
Dec 12 16:33:37 email postfix/cleanup[13350]: 978E4123B4A: message-id=<20171212083337.978E4123B4A@email.test.com>
Dec 12 16:33:37 email postfix/bounce[13376]: 11626123B49: sender non-delivery notification: 978E4123B4A
Dec 12 16:33:37 email postfix/qmgr[12074]: 978E4123B4A: from=<>, size=3669, nrcpt=1 (queue active)
Dec 12 16:33:37 email postfix/qmgr[12074]: 11626123B49: removed
Dec 12 16:33:37 email postfix/pipe[13377]: 978E4123B4A: to=<emp@test.com>, relay=dovecot, delay=0.07, delays=0.01/0.01/0/0.05, dsn=2.0.0, status=sent (delivered via dovecot service)
Dec 12 16:33:37 email postfix/qmgr[12074]: 978E4123B4A: removed

前往版面: iRedMail 技术支持

13 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
====
Sep 29 16:21:53 vm-mail postfix/smtpd[27329]: disconnect from unknown[x.x.x.x]
Sep 29 16:21:55 vm-mail postfix/smtpd[27122]: NOQUEUE: reject: RCPT from unknown[x.x.x.x]: 550 5.1.1 <021-

51350292service@XXXXsh.com>: Recipient address rejected: User unknown in virt
ual mailbox table; from=<snogfgwpy@flvr.com> to=<021-51350292service@XXXXsh.com> proto=ESMTP helo=<flvr.com>
Sep 29 16:21:55 vm-mail postfix/smtpd[27122]: disconnect from unknown[x.x.x.x]
Sep 29 16:22:13 vm-mail postfix/postscreen[23750]: CONNECT from [213.219.101.226]:16610 to [x.x.x.x]:25
Sep 29 16:22:13 vm-mail postfix/postscreen[23750]: PASS OLD [213.219.101.226]:16610
Sep 29 16:22:13 vm-mail postfix/smtpd[27329]: connect from 226.101.219.213.sta.estpak.ee[213.219.101.226]
Sep 29 16:22:14 vm-mail postfix/postscreen[23750]: CONNECT from [x.x.x.x]:51008 to [x.x.x.x]:25
Sep 29 16:22:14 vm-mail postfix/postscreen[23750]: PASS OLD [x.x.x.x]:51008
Sep 29 16:22:14 vm-mail postfix/smtpd[27122]: connect from unknown[x.x.x.x]
Sep 29 16:22:15 vm-mail postfix/smtpd[27122]: Anonymous TLS connection established from unknown[x.x.x.x]:

TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Sep 29 16:22:16 vm-mail postfix/smtpd[27329]: warning: 226.101.219.213.sta.estpak.ee[213.219.101.226]: SASL

LOGIN authentication failed: UGFzc3dvcmQ6
Sep 29 16:22:16 vm-mail postfix/smtpd[27329]: disconnect from 226.101.219.213.sta.estpak.ee[213.219.101.226]
Sep 29 16:22:20 vm-mail postfix/smtpd[27122]: 41ECF41BADC7: client=unknown[x.x.x.x]
Sep 29 16:22:20 vm-mail postfix/cleanup[27987]: 41ECF41BADC7: message-id=<20170929162212244261@ba836.com>
Sep 29 16:22:20 vm-mail postfix/qmgr[2321]: 41ECF41BADC7: from=<post1@ba836.com>, size=39663, nrcpt=1 (queue

active)
Sep 29 16:22:20 vm-mail postfix/smtpd[27122]: disconnect from unknown[x.x.x.x]
Sep 29 16:22:29 vm-mail postfix/10025/smtpd[28004]: connect from vm-mail.poocan.com[127.0.0.1]
Sep 29 16:22:29 vm-mail postfix/10025/smtpd[28004]: 5135141BADC8: client=vm-mail.poocan.com[127.0.0.1]
Sep 29 16:22:29 vm-mail postfix/cleanup[27987]: 5135141BADC8: message-id=<20170929162212244261@ba836.com>
Sep 29 16:22:29 vm-mail postfix/10025/smtpd[28004]: disconnect from vm-mail.poocan.com[127.0.0.1]
Sep 29 16:22:29 vm-mail postfix/qmgr[2321]: 5135141BADC8: from=<post1@ba836.com>, size=40478, nrcpt=1 (queue

active)
Sep 29 16:22:29 vm-mail amavis[25801]: (25801-12) Passed CLEAN {RelayedInbound}, [x.x.x.x]:51008 [x.x.x.x]

<post1@ba836.com> -> <meganliu@XXXXsh.com>, Queue-ID: 41ECF41BADC7, M
essage-ID: <20170929162212244261@ba836.com>, mail_id: lzZA7BhQctcy, Hits: 6.031, size: 39663, queued_as:

5135141BADC8, 8942 ms, Tests: [HTML_FONT_FACE_BAD=0.289,HTML_MESSAGE=0.001,NO_RDNS_DOT
COM_HELO=0.433,RCVD_FAKE_HELO_DOTCOM=2.389,RCVD_IN_BRBL_LASTEXT=1.644,RDNS_NONE=1.274,URIBL_BLOCKED=0.001]
Sep 29 16:22:29 vm-mail postfix/smtp-amavis/smtp[27989]: 41ECF41BADC7: to=<meganliu@XXXXsh.com>,

relay=127.0.0.1[127.0.0.1]:10024, delay=14, delays=5.3/0.02/0.01/9, dsn=2.0.0, status=sent (2
50 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5135141BADC8)
Sep 29 16:22:29 vm-mail postfix/qmgr[2321]: 41ECF41BADC7: removed
Sep 29 16:22:29 vm-mail postfix/pipe[28005]: 5135141BADC8: to=<meganliu@XXXXsh.com>, relay=dovecot,

delay=0.18, delays=0.07/0.02/0/0.09, dsn=2.0.0, status=sent (delivered via dovecot service
)
Sep 29 16:22:29 vm-mail postfix/qmgr[2321]: 5135141BADC8: removed

前往版面: iRedMail 技术支持

14 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
====
张工,你好
     目前邮箱配置知识简单开启垃圾邮件拦截功能,并未对其做配置,现在我公司一个新上的应用程序对本系统的邮箱发邮件,会被当成垃圾邮件处理,现在的处理办法是直接注释以下两条来使邮件通过,但是我们希望可以开启垃圾邮件拦截功能,请问要如何配置,有没有相关文档。
/etc/amavisd/amavisd.conf:
# @bypass_virus_checks_maps = (1);  # controls running of anti-virus code
# @bypass_spam_checks_maps  = (1);  # controls running of anti-spam code

前往版面: iRedMail 技术支持

15 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
====
张工,你好
现在有2个需求,先问下要怎么设置。

1.想给邮箱设定一个别名。
比如aaa@domain.com这个邮箱,想给他设置一个bbb@domain.com,然后通过bbb可以收发所有aaa,同时aaa也可以收发bbb。类似一个邮箱,有2个用户名,请问这要怎么做。

2.延迟删除邮箱
设定10天后删除一个邮箱,如果这个邮箱如果10天内没人登陆就删除。有人登陆则取消删除,或者给管理员发系统邮件。

前往版面: iRedMail 技术支持

16 youliang回复

(3 篇回复,发表在 iRedMail 技术支持)

ZhangHuangbin 写道:
youliang 写道:

client [124.205.116.200] blocked using b.barracudacentral.org

这个 IP 地址被 b.barracudacentral.org 这个 DNSBL 服务给拦截了。去这里申请移除:
http://barracudacentral.org/rbl/removal-request

这个问题,后来发现/etc/postfix/main.cf里面
postscreen_dnsbl_sites =
    zen.spamhaus.org=127.0.0.[2..11]*3
#    b.barracudacentral.org=127.0.0.[2..11]*2   #注销此记录就可以发送成功。
关于此我还有2个问题:
1.我理解这个问题应该是邮件服务器配置的吧。那能否设置b.barracudacentral.org的白名单来避免拦截。
2.注销此行会有什么风险。
张工,请一定要回复我,万分感谢!!!

前往版面: iRedMail 技术支持

17 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
====
http://www.iredmail.com/docs/manage.ire … completely
看了这个文档设置白名单,还有一些疑问
1.python wblist_admin.py --add  和--account 设置的白名单,名单保存在哪里。
2.python wblist_admin.py和greylisting_admin.py设置的白名单有何区别

谢谢张工,有空帮忙看下。

前往版面: iRedMail 技术支持

18 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
May  5 11:50:37 vm-mail postfix/smtp[3125]: E942140BC94E: to=<openplatform@dangdang.com>, relay=barracuda.dangdang.com[219.142.192.153]:25, delay=2.6, delays=0.02/0.03/2.4/0.11, dsn=5.0.0, status=bounced (host barracuda.dangdang.com[219.142.192.153] said: 554 Service unavailable; Client host [vm-mail.poocan.com] blocked using Barracuda Reputation; http://www.barracudanetworks.com/reputa … mp;ip=MYIP (in reply to RCPT TO command))
May  5 11:50:37 vm-mail postfix/smtp[3125]: E942140BC94E: lost connection with barracuda.dangdang.com[219.142.192.153] while sending DATA command
May  5 11:50:37 vm-mail postfix/cleanup[3113]: 8889B40BC94D: message-id=<20170505035037.8889B40BC94D@vm-mail.poocan.com>
May  5 11:50:37 vm-mail postfix/bounce[3126]: E942140BC94E: sender non-delivery notification: 8889B40BC94D
May  5 11:50:37 vm-mail postfix/qmgr[19073]: 8889B40BC94D: from=<>, size=5867, nrcpt=1 (queue active)
May  5 11:50:37 vm-mail postfix/qmgr[19073]: E942140BC94E: removed
May  5 11:50:37 vm-mail postfix/pipe[3127]: 8889B40BC94D: to=<my@myemail.com>, relay=dovecot, delay=0.13, delays=0.02/0.02/0/0.09, dsn=2.0.0, status=sent (delivered via dovecot service)
May  5 11:50:37 vm-mail postfix/qmgr[19073]: 8889B40BC94D: removed
May  5 11:51:20 vm-mail postfix/postscreen[2996]: CONNECT from [125.121.233.83]:56086 to [MYIP]:25
May  5 11:51:20 vm-mail postfix/postscreen[2996]: PASS OLD [125.121.233.83]:56086
May  5 11:51:21 vm-mail postfix/smtpd[3027]: connect from unknown[125.121.233.83]
May  5 11:51:23 vm-mail postfix/smtpd[3027]: warning: unknown[125.121.233.83]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
May  5 11:51:23 vm-mail postfix/smtpd[3027]: lost connection after AUTH from unknown[125.121.233.83]
May  5 11:51:23 vm-mail postfix/smtpd[3027]: disconnect from unknown[125.121.233.83]
====
发送邮件给dangdang,发现被梭子鱼拦截。但是进入http://www.barracudanetworks.com/reputation/?r=1&ip=MYIP准备申诉,确发现我们并不在他们的拦截名单里,请帮忙看下,是否是邮件服务器有配置错误,万分谢谢!!!

前往版面: iRedMail 技术支持

19 youliang回复

(3 篇回复,发表在 iRedMail 技术支持)

我知道很危险,但是没办法,领导是这么要求的。。。

前往版面: iRedMail 技术支持

20 youliang发表

(3 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
May  5 06:54:24 vm-mail postfix/postscreen[31322]: DNSBL rank 2 for [124.205.116.200]:41502
May  5 06:54:24 vm-mail postfix/tlsproxy[31330]: CONNECT from [124.205.116.200]:41502
May  5 06:54:24 vm-mail postfix/tlsproxy[31330]: Anonymous TLS connection established from [124.205.116.200]:41502: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
May  5 06:54:24 vm-mail postfix/postscreen[31322]: NOQUEUE: reject: RCPT from [124.205.116.200]:41502: 550 5.7.1 Service unavailable; client [124.205.116.200] blocked using b.barracudacentral.org; from=<aaaa@aaaa.com>, to=<bbb@bbb.dk>, proto=ESMTP, helo=<Cody-PC>
May  5 06:54:24 vm-mail postfix/postscreen[31322]: DISCONNECT [124.205.116.200]:41502
May  5 06:54:24 vm-mail postfix/tlsproxy[31330]: DISCONNECT [124.205.116.200]:41502
====
各位大神帮忙看下这个问题,是iredmail邮件服务器问题,还是对方拦截了。帮忙分析下,谢谢

前往版面: iRedMail 技术支持

21 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
Apr 30 04:08:34 vm-mail postfix/smtpd[30852]: NOQUEUE: reject: RCPT from unknown[x.x.x.x]: 450 4.7.1 <xx.org>: Helo command rejected: Host not found; from=<xxx@xxxx.org> to=<xx@xx.com> proto=ESMTP helo=<xx.org>
Apr 30 04:08:34 vm-mail postfix/smtpd[30852]: lost connection after RCPT from unknown[x.x.x.x]
Apr 30 04:08:34 vm-mail postfix/smtpd[30852]: disconnect from unknown[x.x.x.x]

Apr 30 06:25:55 vm-mail postfix/postscreen[31648]: DNSBL rank 5 for [x.x.x.x]:1154
Apr 30 06:25:55 vm-mail postfix/postscreen[31648]: NOQUEUE: reject: RCPT from [x.x.x.x]:1154: 550 5.7.1 Service unavailable; client [x.x.x.x] blocked using zen.spamhaus.org; from=<xx@x.com>, to=<x@xx.com>, proto=ESMTP, helo=<xx.com>
Apr 30 06:25:55 vm-mail postfix/postscreen[31648]: HANGUP after 0.12 from [x.x.x.x]:1154 in tests after SMTP handshake
Apr 30 06:25:55 vm-mail postfix/postscreen[31648]: DISCONNECT [x.x.x.x]:1154

Apr 30 06:49:52 vm-mail postfix/10025/smtpd[31751]: connect from vm-mail.poocan.com[127.0.0.1]
Apr 30 06:49:52 vm-mail postfix/10025/smtpd[31751]: D503C40CAB23: client=vm-mail.poocan.com[127.0.0.1]
Apr 30 06:49:52 vm-mail postfix/cleanup[31743]: D503C40CAB23: message-id=<f15e1047-8829-4b02-a208-52c785a4abf0@NWD2HUBCAS7.ad.analog.com>
Apr 30 06:49:52 vm-mail postfix/10025/smtpd[31751]: disconnect from vm-mail.poocan.com[127.0.0.1]
Apr 30 06:49:52 vm-mail postfix/qmgr[19073]: D503C40CAB23: from=<adimailer@analog.com>, size=25228, nrcpt=1 (queue active)
Apr 30 06:49:52 vm-mail amavis[25335]: (25335-13) Passed CLEAN {RelayedInbound}, [x.x.x.x]:21568 [x.x.x.x] <adimailer@analog.com> -> <xx@xx.com>, Queue-ID: 4F32140CAB22, Message-ID: <f15e1047-8829-4b02-a208-52c785a4abf0@nwd2hubcas7.ad.analog.com>, mail_id: jNXK0EY3_w8M, Hits: 1.229, size: 24525, queued_as: D503C40CAB23, 33814 ms, Tests: [DKIM_SIGNED=0.1,HTML_FONT_LOW_CONTRAST=0.001,HTML_IMAGE_RATIO_06=0.001,HTML_MESSAGE=0.001,MIME_HTML_ONLY=1.105,T_DKIM_INVALID=0.01,T_REMOTE_IMAGE=0.01,URIBL_BLOCKED=0.001]
Apr 30 06:49:52 vm-mail postfix/smtp-amavis/smtp[31748]: 4F32140CAB22: to=<xx@xx.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=40, delays=6/0.02/0.02/34, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as D503C40CAB23)
Apr 30 06:49:52 vm-mail postfix/qmgr[19073]: 4F32140CAB22: removed
====
这个用户的邮箱只能收不能发,但是其他的用户都可以收发邮件。请大神帮忙看下什么问题

前往版面: iRedMail 技术支持

22 youliang回复

(3 篇回复,发表在 iRedMail 技术支持)

问题已经解决,不知道原因是试出来的,结果就是拦截exe,通过rar等打包的exe
注销这条:
#  qr'^\.(exe-ms|dll)$',       # banned file(1) types, rudimentary
去掉这条注释
[ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any within these archives

前往版面: iRedMail 技术支持

23 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
====

amavisd.conf里面3处$log_level = 5;都已经开启,重启服务service amavisd restart后,/var/log/maillog还是一片空白。

[root@vm-mail amavisd]# grep -n log_level /etc/amavisd/amavisd.conf
38:$log_level = 5;              # verbosity 0..5, -d
455:    log_level => 4,
633:$log_level = 5;

前往版面: iRedMail 技术支持

24 youliang发表

(3 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):mysql
- 使用的 Linux/BSD 发行版名称及版本号:centos7
- 与您的问题相关的日志信息:
====
官方确认直接以exe作为附件会杀毒过滤,这是合理的,符合大家的认识。

我们现在的问题是:把exe打包生产rar后,还是会被过滤,这跟一般的邮件系统不同。我们想让内置exe的rar可发送,请问怎么配置。

我的配置如下。
$banned_namepath_re = new_RE(
#    [qr'T=(rar|arc|arj|zoo|gz|bz2)(,|\t)'xmi => 'DISCARD'],     # Compressed file types
    [qr'T=x-(msdownload|msdos-program|msmetafile)(,|\t)'xmi => 'DISCARD'],
    [qr'T=(hta)(,|\t)'xmi => 'DISCARD'],

    # Dangerous mime types
    [qr'T=(9|386|LeChiffre|aaa|abc|aepl|ani|aru|atm|aut|b64|bat|bhx|bin|bkd|blf|bll|bmw|boo|bps|bqf|breaking_bad|buk|bup|bxz|cc|ccc|ce0|ceo|cfxxe|chm|cih|cla|class|cmd|com|cpl|crinf|crjoker|crypt|cryptolocker|cryptowall|ctbl|cxq|cyw|dbd|delf|dev|dlb|dli|dll|dllx|dom|drv|dx|dxz|dyv|dyz|ecc|exe|exe-ms|exe1|exe_renamed|exx|ezt|ezz|fag|fjl|fnr|fuj|good|gzquar|hlp|hlw|hqx|hsq|hts|iva|iws|jar|js|kcd|keybtc@inbox_com|let|lik|lkh|lnk|locky|lok|lol!|lpaq5|magic|mfu|micro|mim|mjg|mjz|mp3|nls|oar|ocx|osa|ozd|pcx|pgm|php2|php3|pid|pif|plc|pr|pzdc|qit|qrn|r5a|rhk|rna|rsc_tmp|s7p|scr|shs|ska|smm|smtmp|sop|spam|ssy|swf|sys|tko|tps|tsa|tti|ttt|txs|upa|uu|uue|uzy|vb|vba|vbe|vbs|vbx|vexe|vxd|vzr|wlpginstall|ws|wsc|wsf|wsh|wss|xdu|xir|xlm|xlv|xnt|xnxx|xtbl|xxe|xxx|xyz|zix|zvz|zzz)(,|\t)'xmi => 'DISCARD'],

    # Dangerous file name extensions
    [qr'N=.*\.(9|386|LeChiffre|aaa|abc|aepl|ani|aru|atm|aut|b64|bat|bhx|bin|bkd|blf|bll|bmw|boo|bps|bqf|breaking_bad|buk|bup|bxz|cc|ccc|ce0|ceo|cfxxe|chm|cih|cla|class|cmd|com|cpl|crinf|crjoker|crypt|cryptolocker|cryptowall|ctbl|cxq|cyw|dbd|delf|dev|dlb|dli|dll|dllx|dom|drv|dx|dxz|dyv|dyz|ecc|exe|exe-ms|exe1|exe_renamed|exx|ezt|ezz|fag|fjl|fnr|fuj|good|gzquar|hlp|hlw|hqx|hsq|hts|iva|iws|jar|js|kcd|keybtc@inbox_com|let|lik|lkh|lnk|locky|lok|lol!|lpaq5|magic|mfu|micro|mim|mjg|mjz|mp3|nls|oar|ocx|osa|ozd|pcx|pgm|php2|php3|pid|pif|plc|pr|pzdc|qit|qrn|r5a|rhk|rna|rsc_tmp|s7p|scr|shs|ska|smm|smtmp|sop|spam|ssy|swf|sys|tko|tps|tsa|tti|ttt|txs|upa|uu|uue|uzy|vb|vba|vbe|vbs|vbx|vexe|vxd|vzr|wlpginstall|ws|wsc|wsf|wsh|wss|xdu|xir|xlm|xlv|xnt|xnxx|xtbl|xxe|xxx|xyz|zix|zvz|zzz)$'xmi => 'DISCARD'],
);
但是,我把exe删除后,重启服务,也是一样拦截。请帮忙指出还有哪处需要修改。

前往版面: iRedMail 技术支持

25 youliang发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:iRedMail-0.9.6
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):MySQL
- 使用的 Linux/BSD 发行版名称及版本号:centos6.5
- 与您的问题相关的日志信息: Plugin Options:
<< ERROR >> Installation failed, please check the terminal output.
<< ERROR >> If you're not sure what the problem is, try to get help in iRedMail
<< ERROR >> forum: http://www.iredmail.org/forum/

安装选择
apache
mysql
000000(mysql密码)
since.com(这个域名不是实际的域名)
000000(管理员密码)
组件全选

然后就报上面的错误,选项有什么限制。
====

前往版面: iRedMail 技术支持