1 bruce_wu发表

(0 篇回复,发表在 iRedMail 技术支持)

最近被以下这一类型的信件(广告,病毒 都有) 给搞惨了
mail header 如下.

X-Virus-Scanned: amavisd-new at 我的邮件网域名称.ltd
Authentication-Results: 我的邮件网域名称.ltd (amavisd-new); dkim=pass (2048-bit key)
header.d=f.xxx.com
Received: from 我的邮件网域名称.ltd ([127.0.0.1])
by localhost (我的邮件网域名称.ltd [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id QKqrNPDJwAkv for <bruce@我的邮件网域名称.ltd>;
Tue, 20 Nov 2018 18:33:48 +0800 (CST)
X-Original-Helo: srv.xxx.xxx
Received: from srv.xxx.xxx (unknown [49.50.x.x])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by 我的邮件网域名称.ltd (iRedMail: http://www.iredmail.org/) with ESMTPS id 190701A0ED4
for <bruce@我的邮件网域名称.ltd>; Tue, 20 Nov 2018 10:33:45 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=f.xxx.com
; s=default; h=Content-Type:MIME-Version:Subject:Message-ID:To:From:Date:
Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=oeKpNXzelCcu0Pa2JZ/kEccBY9jBf7XUbeiA+zDBB0Y=; b=ZPlhjtkzYLHgdoqK7HlWnbgDHA
GeQrNUQTlDBhLF1T+LxZRf5Np9zkr6tXGrhikSmT0qaCQcYFtGOu6dLdwmYF6eqNMqXRHBug24vKu
kht7/9BF9XWeaVcy51TFG9DuMjQLP3D+nBv57Gin2PCv7C4MpYf9Mgp8SFvJuA9++s1mcPx9WonWC
b9JxOQnDgokuP1qM9GGvclyUiJzYNZwY7fdfNfYF8Oic1+J+DNYOIgnHQgLWeSWvdXQ+RZZFEgk5g
l5YeJq79kyW/5YmqMJUTlupc6ZDqVocFWvHxMb7JjegGkRW45bbqYPRERYfLzL+sJrK9qi61EX18v
L237kRFw==;
Received: from 59-124-x-x.xxx.xxx.net ([59.124.x.x]:22194 helo=10.8.9.10)
by srv.xxx.xxx with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.91)
(envelope-from <nafees.ahmad@f.xxx.com>)
id 1gP3LI-000RCM-RQ
for bruce@我的邮件网域名称.ltd; Tue, 20 Nov 2018 16:03:17 +0530
Date: Tue, 20 Nov 2018 02:33:21 -0800
From: Boss <boss@我的邮件网域名称.ltd> <nafees.ahmad@f.xxx.com>
To: bruce@我的邮件网域名称.ltd
Message-ID: <10343280482126316992.119B469581C5721A@我的邮件网域名称.ltd>

亮点在 From 的格式, 系统会抓到实际发信者nafees.ahmad@f.xxx.com , 所以不会被判断成是本机的寄件者(boss@我的邮件网域名称)发信,
但收件者端的收件者,收信软体(Outlook)上却是显示Boss <boss@我的邮件网域名称> . 让收件者以为是自己内部的人寄来的信..

另类的伪造内部寄件者发信,请问这有办法阻挡或是过滤吗?

系统为: iRedMail 0.7.3

以上,感谢!

前往版面: iRedMail 技术支持

2 bruce_wu发表

(0 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.2
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):MySQL
- 使用的 Linux/BSD 发行版名称及版本号:Centos 6.5

如何达成备份进出的信件.
不采用 postfix 的 recipient_bcc 及 sender_bcc,因这已经改变了档头
这有何办法达成,我是想要 amavisd-new 最後处理後,送往 10025 port 前备份,之後才让他递送到 10025 port service

请问张工,这有何办法实现呢?感谢!

前往版面: iRedMail 技术支持

3 bruce_wu发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.2
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):MySQL
- 使用的 Linux/BSD 发行版名称及版本号:Centos 6.5

我于邮件伺服器下指令进行测试
sendmail -i test@bruce.com < sample-virus-simple.txt
(sample-virus-simple.txt 是amavisd-new 提供的)

但信件寄出却没有经过检查机制(amavisd-new)
maillog 为:


Sep 17 12:16:00 mail postfix/pickup[3142]: 56B00178186A: uid=0 from=<root>
Sep 17 12:16:00 mail postfix/cleanup[3147]: 56B00178186A: message-id=<20150917041600.56B00178186A@mail.bruce.com>
Sep 17 12:16:00 mail postfix/qmgr[3141]: 56B00178186A: from=<root@mail.bruce.com>, size=415, nrcpt=1 (queue active)
Sep 17 12:16:00 mail postfix/pipe[3214]: 56B00178186A: to=<test@bruce.com>, relay=dovecot, delay=0.52, delays=0.22/0/0/0.3, dsn=2.0.0, status=sent (delivered via dovecot service)
Sep 17 12:16:00 mail postfix/qmgr[3141]: 56B00178186A: removed

请问要如何于本机进行测试才会经过检查机制呢?

前往版面: iRedMail 技术支持

4 bruce_wu回复

(2 篇回复,发表在 iRedMail 技术支持)

了解,感谢张工的解疑.

前往版面: iRedMail 技术支持

5 bruce_wu发表

(2 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.9.2
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):MySQL
- 使用的 Linux/BSD 发行版名称及版本号:Centos 6.5

使用了线上iredadmin-pro demo,其中比较好奇的一项黑白名单
amavisd 不就已经包含了wblist 功能了,为何还要透过iredapd 来过滤呢?
是否有何特殊原因?

前往版面: iRedMail 技术支持

6 bruce_wu回复

(3 篇回复,发表在 iRedMail 技术支持)

tks!
如要从amavisd mysql 的msgs table 有可能判断的出来吗?

前往版面: iRedMail 技术支持

7 bruce_wu发表

(3 篇回复,发表在 iRedMail 技术支持)

- iRedMail 版本号:0.7.3
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):MySQL
- 使用的 Linux/BSD 发行版名称及版本号:CentOS 6.6

请问有啥办法可以经由log 纪录知道,信件是内部伺服器对外部伺服器发信,还是外部伺服器对内部伺服器发信的呢?
谢谢!

前往版面: iRedMail 技术支持

8 bruce_wu回复

(2 篇回复,发表在 iRedMail 技术支持)

我有透过http://www.mailradar.com/openrelay/进行测试,却是没问题的...
我撷取其中一段我的邮件服务器的日志...我服务器的ip我换成xxx.xxx.xxx.xxx显示...
=======================================================================
Jan 12 13:37:18 mail postfix/smtpd[30561]: connect from unknown[193.230.245.6]
Jan 12 13:37:19 mail postfix/smtpd[30561]: NOQUEUE: reject: RCPT from unknown[193.230.245.6]: 454 4.7.1 <relaytest@mailradar.com@[xxx.xxx.xxx.xxx]>: Relay access denied; from=<antispam@[xxx.xxx.xxx.xxx]> to=<relaytest@mailradar.com@[xxx.xxx.xxx.xxx]> proto=SMTP helo=<mailradar.com>
Jan 12 13:37:20 mail postfix/smtpd[30561]: disconnect from unknown[193.230.245.6]
=======================================================================

完整的测是讯息:
[Method 0 @ 1421040962]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@mailradar.com>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest@mailradar.com>
<<< 454 4.7.1 <relaytest@mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 1 @ 1421040971]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@mailradar.com>
<<< 250 2.1.0 Ok
>>> RCPT TO: relaytest@mailradar.com
<<< 454 4.7.1 <relaytest@mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 2 @ 1421040976]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest@mailradar.com>
<<< 550 5.1.0 <antispam>: Sender address rejected: User unknown in local recipient table
>>> QUIT
<<< 221 2.0.0 Bye
[TEST PASSED]
[Method 3 @ 1421040979]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest@mailradar.com>
<<< 454 4.7.1 <relaytest@mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 4 @ 1421040983]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest@mailradar.com>
<<< 454 4.7.1 <relaytest@mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 5 @ 1421040986]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest%mailradar.com@[xxx.xxx.xxx.xxx]>
<<< 454 4.7.1 <relaytest%mailradar.com@[xxx.xxx.xxx.xxx]>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 6 @ 1421040990]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest%mailradar.com.com@[xxx.xxx.xxx.xxx]>
<<< 501 5.1.3 Bad recipient address syntax
>>> QUIT
<<< 221 2.0.0 Bye
[TEST PASSED]
[Method 7 @ 1421040994]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <"relaytest@mailradar.com">
<<< 454 4.7.1 <relaytest@mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 8 @ 1421040997]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <"relaytest%mailradar.com">
<<< 454 4.7.1 <relaytest%mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 10 @ 1421041025]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <"relaytest@mailradar.com"@[xxx.xxx.xxx.xxx]>
<<< 454 4.7.1 <relaytest@mailradar.com@[xxx.xxx.xxx.xxx]>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 12 @ 1421041044]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <@[xxx.xxx.xxx.xxx]:relaytest@mailradar.com>
<<< 454 4.7.1 <relaytest@mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 13 @ 1421041048]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <@[xxx.xxx.xxx.xxx]:relaytest@mailradar.com>
<<< 454 4.7.1 <relaytest@mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 14 @ 1421041052]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <mailradar.com!relaytest>
<<< 454 4.7.1 <mailradar.com!relaytest>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 15 @ 1421041056]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <mailradar.com!relaytest@[xxx.xxx.xxx.xxx]>
<<< 454 4.7.1 <mailradar.com!relaytest@[xxx.xxx.xxx.xxx]>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 16 @ 1421041060]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <mailradar.com!relaytest@[xxx.xxx.xxx.xxx]>
<<< 501 5.1.3 Bad recipient address syntax
>>> QUIT
<<< 221 2.0.0 Bye
[TEST PASSED]
[Method 17 @ 1421041063]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest%mailradar.com@>
<<< 454 4.7.1 <relaytest%mailradar.com@>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 18 @ 1421041067]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <antispam@[xxx.xxx.xxx.xxx]>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest@mailradar.com@>
<<< 454 4.7.1 <relaytest@mailradar.com@>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye
[Method 19 @ 1421041070]
<<< 220 ESMTP iRedMail
>>> HELO mailradar.com
<<< 250 domail.com
>>> MAIL FROM: <postmaster@mailradar.com>
<<< 250 2.1.0 Ok
>>> RCPT TO: <relaytest@mailradar.com>
<<< 454 4.7.1 <relaytest@mailradar.com>: Relay access denied
>>> QUIT
<<< 221 2.0.0 Bye

All tested completed! No relays accepted by remote host!

====================================================
实在搞不懂,还是会发生上述的问题..
莫非主机被黑了..

前往版面: iRedMail 技术支持

9 bruce_wu发表

(2 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):
- 使用的 Linux/BSD 发行版名称及版本号:
- 与您的问题相关的日志信息:
==== ==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:0.7.3
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):MySQL
- 使用的 Linux/BSD 发行版名称及版本号:CentOS 6.6
- 与您的问题相关的日志信息:

主要配置:
mynetworks = 127.0.0.0/8
mynetworks_style = subnet

smtpd_sender_restrictions = permit_sasl_authenticated, reject_sender_login_mismatch, reject_authenticated_sender_login_mismatch, reject_unauthenticated_sender_login_mismatch, reject_unknown_sender_domain, permit_mynetworks

smtpd_client_restrictions = permit_sasl_authenticated, check_client_access hash:/etc/postfix/client_whitelist, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit_mynetworks

smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, permit_sasl_authenticated, reject_unauth_destination, check_client_access hash:/etc/postfix/client_whitelist, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit_mynetworks

以下这封相似讯息,这几日大量产生.
我实在搞不懂了!怎还会发生底下这种状况的信件呢?
求救于大神.


*** ENVELOPE RECORDS ./00E461662E58 ***
message_size:            3628             589               1               0            3628
message_arrival_time: Fri Jan  9 19:05:24 2015
create_time: Fri Jan  9 19:05:24 2015
named_attribute: log_ident=00E461662E58
named_attribute: rewrite_context=local
sender: bruce@domail.com
named_attribute: encoding=7bit
named_attribute: log_client_name=unknown
named_attribute: log_client_address=127.0.0.1
named_attribute: log_client_port=44947
named_attribute: log_message_origin=unknown[127.0.0.1]
named_attribute: log_helo_name=localhost
named_attribute: log_protocol_name=ESMTP
named_attribute: client_name=unknown
named_attribute: reverse_client_name=unknown
named_attribute: client_address=127.0.0.1
named_attribute: client_port=44947
named_attribute: helo_name=localhost
named_attribute: protocol_name=ESMTP
named_attribute: client_address_type=2
named_attribute: dsn_orig_rcpt=rfc822;cfvbc@email.com
original_recipient:
recipient: cfvbc@email.com
*** MESSAGE CONTENTS ./00E461662E58 ***
Received: from localhost (unknown [127.0.0.1])
    by mail.domail.com (iRedmail) with ESMTP id 00E461662E58
    for <cfvbc@email.com>; Fri,  9 Jan 2015 11:05:24 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=domail.com; h=
    mime-version:content-transfer-encoding:to:date:date:message-id
    :x-mailer:content-type:content-type:from:from:subject:subject;
     s=dkim; t=1420801519; x=1421665520; bh=OZDwFi25dUgKQB436cfE6eJ9
    9LeqXIDW4zx/Dz1PfXo=; b=ONnunk5UJt4MpSDghcQY2LAeVszj+b0IePft8Pjg
    pgby6CS2O4aeQp64/J/NQl38d4Dx4FDckgt0a8GudgC0dczHFNiE6m7xGLWZ9+kY
    UWtjvvKo14Snh74H64VUAmSZF2f2dludSqMz478qADWZPSVvqSdRFzxbrZ6gJJCa
    i4Y=
X-Virus-Scanned: amavisd-new at mail.domail.com
Received: from mail.domail.com ([127.0.0.1])
    by localhost (mail.domail.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id WGjrv65f31xg for <cfvbc@email.com>;
    Fri,  9 Jan 2015 19:05:19 +0800 (CST)
Received: from domail.com (unknown [59.99.56.113])
    by mail.domail.com (iRedmail) with ESMTPA id A82CC1662E46;
    Fri,  9 Jan 2015 11:04:24 +0000 (UTC)
Subject:  from:  Kara Sarcinella
From: kara sarcinella <bruce@domail.com>
Content-Type: multipart/alternative;
    boundary=Apple-Mail-3B568077-D5AC-5101-C8DA-7562CD50DD90
X-Mailer: iPhone Mail (11D257)
Message-Id: <68ffd4c32340$6fe8e395$66579197$@domail.com>
Date: Mon, 9 Dec 2014 12:04:13 +0000
To: "karsarc" <karsarc@gmail.com>, "christine clarkin" <christine_clarkin@hotmail.com>, "Alexandra Vaicaitis" <avaicaitis@chisox.com>, "Allan Santizo" <hckey1976@yahoo.com>, "alyssa evers" <alyssae86@yahoo.com>, "amanda distasio" <guessgirl94@hotmail.com>, "amy hannon" <aclarkin90@yahoo.com>, "ann marie buczek" <ambuczek@hotmail.com>, "ashlie rapp" <ashlierapp@gmail.com>, "audria green" <nfashn2@aol.com>, "aunt kara sarcinella" <kara.sarc@sbcglobal.net>, "barb edwards" <barbara.edwards@advocatehealth.com>, "becky carroll" <irishbecky17@aol.com>, "beth decklemann" <mylittlestang@aol.com>, "bob carroll" <cfd11236@aol.com>, "Brent Paulsen" <brentpaulsen@sbcglobal.net>, "brita gaffney" <gaffs317@aol.com>, "brittney barbee" <brittney.barbee@loop.colum.edu>, "Camille Paulsen" <bcpaulsen@sbcglobal.net>, "chicago s finest" <cfvbc@email.com>
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)


--Apple-Mail-3B568077-D5AC-5101-C8DA-7562CD50DD90
Content-Type: text/plain;
    charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi!
How are you?
I saw it on TV! http://acalltoheal.com/name/room.php CNN said it really works!


Kara Sarcinella
--Apple-Mail-3B568077-D5AC-5101-C8DA-7562CD50DD90
Content-Type: text/html;
    charset=utf-8
Content-Transfer-Encoding: 7bit

<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><span style="-webkit-text-size-adjust: auto; background-color: rgba(255, 255, 255, 0);">Hi!<br>How are you?&nbsp;</span><div><span style="-webkit-text-size-adjust: auto; background-color: rgba(255, 255, 255, 0);">I saw it on TV!&nbsp;<a href="http://acalltoheal.com/name/room.php" x-apple-data-detectors="true" x-apple-data-detectors-type="link" x-apple-data-detectors-result="0">http://acalltoheal.com/name/room.php</a>&nbsp;CNN said it really works!</span><br></div><div><span style="-webkit-text-size-adjust: auto; background-color: rgba(255, 255, 255, 0);"><br></span></div><div><span style="-webkit-text-size-adjust: auto; background-color: rgba(255, 255, 255, 0);"><br></span></div><div><span style="-webkit-text-size-adjust: auto; background-color: rgba(255, 255, 255, 0);">Kara Sarcinella</span></div></body></html>
--Apple-Mail-3B568077-D5AC-5101-C8DA-7562CD50DD90--
*** HEADER EXTRACTED ./00E461662E58 ***
named_attribute: encoding=7bit
*** MESSAGE FILE END ./00E461662E58 ***
====

前往版面: iRedMail 技术支持

10 bruce_wu发表

(1 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:iRedMail 0.73
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):MySQL
- 使用的 Linux/BSD 发行版名称及版本号:CentOS 6.5
- 与您的问题相关的日志信息:
====

How to reject senders is "from=<>"

tks!

前往版面: iRedMail 技术支持

11 bruce_wu回复

(3 篇回复,发表在 iRedMail 技术支持)

我测试了这一部份,
设定如下,且将porcupine\.org 换成我的域名
但这类型的信件一样无法挡下..

/etc/postfix/main.cf:
    header_checks = pcre:/etc/postfix/header_checks
    body_checks = pcre:/etc/postfix/body_checks

/etc/postfix/header_checks:
    # Do not indent the patterns between "if" and "endif".
    if /^Received:/
    /^Received: +from +(porcupine\.org) +/
        reject forged client name in Received: header: $1
    /^Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)(porcupine\.org)\)/
        reject forged client name in Received: header: $2
    /^Received:.* +by +(porcupine\.org)\b/
        reject forged mail server name in Received: header: $1
    endif
    /^Message-ID:.* <!&!/ DUNNO
    /^Message-ID:.*@(porcupine\.org)/
        reject forged domain name in Message-ID: header: $1

/etc/postfix/body_checks:
    # Do not indent the patterns between "if" and "endif".
    if /^[> ]*Received:/
    /^[> ]*Received: +from +(porcupine\.org) /
        reject forged client name in Received: header: $1
    /^[> ]*Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)(porcupine\.org)\)/
        reject forged client name in Received: header: $2
    /^[> ]*Received:.* +by +(porcupine\.org)\b/
        reject forged mail server name in Received: header: $1
    endif
    /^[> ]*Message-ID:.* <!&!/ DUNNO
    /^[> ]*Message-ID:.*@(porcupine\.org)/
        reject forged domain name in Message-ID: header: $1

前往版面: iRedMail 技术支持

12 bruce_wu发表

(3 篇回复,发表在 iRedMail 技术支持)

==== 必填信息。没有填写将不予回复 ====
- iRedMail 版本号:iRedMail 0.73
- 使用哪个数据库存储用户帐号(OpenLDAP,MySQL,PostgreSQL):MySQL
- 使用的 Linux/BSD 发行版名称及版本号:CentOS 6.5
- 与您的问题相关的日志信息:
====
Received: from localhost (unknown [127.0.0.1])
    by mail.bruce.com (iRedmail) with ESMTP id CDF121670DF4
    for <jooahn@yahoo.com>; Thu,  6 Mar 2014 08:37:55 +0000 (UTC)
Received: from mail.bruce.com ([127.0.0.1])
    by localhost (mail.bruce.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id m04DaNKMsubr for <jooahn@yahoo.com>;
    Thu,  6 Mar 2014 16:37:55 +0800 (CST)
Received: from bruce.com (unknown [122.160.24.25])
    by mail.bruce.com (iRedmail) with ESMTPA id BFEBC1670DEB;
    Thu,  6 Mar 2014 08:37:09 +0000 (UTC)
Return-Path: <russell@bruce.com>
Reply-To: <nskjch@yahoo.com>
From: "nam kwon" <nskjch@yahoo.com>
To: "easter lee" <jooahn61@yahoo.com>,
    "Jook kim" <jooksankim@yahoo.com>,
    "kimjin2484" <kimjin2484@yahoo.com>,
    "nicebo88" <nicebo88@gnail.com>,
    "oh davidd" <oh.davidd@gmail.com>,
    "skpclove" <skpclove@hotmail.com>,
    "sook heui park" <sookheui@yahoo.com>,
    "su Lee" <sukyungbbc@yahoo.com>,
    "su kyung park" <jpark@sbsgloval.net>,
    "un kwon" <kow812@hanmail.com>,
    "yanghwa lee" <yhii@hanmail.com>,
    <yhlii@hanmail.net>,
    "pastorwhang" <pastorwhang@gmail.com>,
    "jooahn6" <jooahn6@yahoo.com>,
    "nicebo88" <nicebo88@gmail.com>,
    "chungscho" <chungscho@yahoo.com>,
    "Soonyi Kim" <soonyi.kim@gmail.com>,
    "hyunachai" <hyunachai@sbcglobal.net>,
    "maeyoung" <maeyoung@yahoo.com>
Subject: nam kwon

说明:
1. 122.160.24.25 并不是我的 server ip
2. 要如何避免这种问题发生?
3. 如何配置拒收Return-Path 被盗用的信件

前往版面: iRedMail 技术支持

13 bruce_wu发表

(1 篇回复,发表在 iRedMail 技术支持)

安装0.7.3版
系统的CentOS6.0
免存放于mysql的
问题:
不知道为何原因,用户资料表vmail.mailbox中的某些栏位的值会突然变成空的
目前记得的密码名storagebasedirectory storagenode MAILDIR配额等栏位都会变成空的值
有时候一两位,有时候一位,时间不一定,也不会是同一个帐号
不知道是否也有人如此呢?

前往版面: iRedMail 技术支持

14 bruce_wu发表

(1 篇回复,发表在 iRedMail 技术支持)

请问 邮箱用量满了,再往该邮箱发信会收到如下 dovecot 发送的退信内容
1.请问该退信内容可以自定吗?
Your message to <bruce_wu@xxx.xxx.xx> was automatically rejected:
Quota exceeded (mailbox for user is full)

2.是否改采用于 MTA 上就检查出用量已经满了,直接 reject ,这样可以节省频带的用量

以上,谢谢

前往版面: iRedMail 技术支持

15 bruce_wu回复

(2 篇回复,发表在 iRedMail 技术支持)

感谢回覆,该篇我有先看过
看似可以,但似乎不知道要怎么搞 = =
有看没有理解,真是糟糕..
所以才来这找协助

前往版面: iRedMail 技术支持

16 bruce_wu发表

(2 篇回复,发表在 iRedMail 技术支持)

请问 dovecot lda quota 使否可以运用于 mailbox 储存格式
还是他仅能支援 maildir 的储存格式呢?

前往版面: iRedMail 技术支持