web-dev-qa-db-fra.com

Postfix, comment puis-je rejeter le spam de l'adresse IP inconnue (pas de DNS)

Malgré tous les efforts déployants pour filtrer le spam, je reçois toujours des spams de l'inconnu même après que j'ai défini Main.cf pour ne pas le permettre et de vérifier le DNS, etc. même après avoir ajouté une PCRE: Rejeter /.unknown. Ils traversent toujours et je ne comprends pas pourquoi! Voici mon fichier journal. Le premier bloc est correct, il est rejeté, c'est de l'inconnu. Le deuxième bloc est le même, de l'inconnu mais cela traverse et non rejeté. Je souhaite rejeter tout "Connect de Inconnu" Pas seulement certains d'entre eux. Postfix v2.8.4 sur Centos. Des idées ce que je fais mal? Merci.

Ce bloc est rejeté

Nov 24 12:00:30 sof postfix/smtpd[4632]: connect from unknown[91.99.51.137]
Nov 24 12:00:30 sof postfix/smtpd[4632]: connect from unknown[91.99.51.137]
Nov 24 12:00:31 sof postfix/smtpd[4632]: NOQUEUE: reject: RCPT from unknown[91.99.51.137]: 450 4.7.1 <91.99.51.137.parsonline.net>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<91.99.51.137.parsonline.net>
Nov 24 12:00:31 sof postfix/smtpd[4632]: NOQUEUE: reject: RCPT from unknown[91.99.51.137]: 450 4.7.1 <91.99.51.137.parsonline.net>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<91.99.51.137.parsonline.net>
Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted.
Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted.
Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted.
Nov 24 12:00:31 sof postfix/smtpd[4632]: disconnect from unknown[91.99.51.137]
Nov 24 12:00:31 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: Message aborted.
Nov 24 12:00:31 sof postfix/smtpd[4632]: disconnect from unknown[91.99.51.137]

Ce bloc n'est pas rejeté

Nov 24 14:16:09 sof postfix/smtpd[8221]: connect from unknown[190.237.252.197]
Nov 24 14:16:09 sof postfix/smtpd[8221]: connect from unknown[190.237.252.197]
Nov 24 14:16:18 sof postfix/smtpd[8221]: 9467B848368A: client=unknown[190.237.252.197]
Nov 24 14:16:18 sof postfix/smtpd[8221]: 9467B848368A: client=unknown[190.237.252.197]
Nov 24 14:16:23 sof postfix/cleanup[8428]: 9467B848368A: message-id=<[email protected]>
Nov 24 14:16:23 sof postfix/cleanup[8428]: 9467B848368A: message-id=<[email protected]>
Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: handlers_stderr: SKIP
Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: handlers_stderr: SKIP
Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: SKIP during call 'check-quota' handler
Nov 24 14:16:25 sof /usr/lib64/plesk-9.0/psa-pc-remote[678]: SKIP during call 'check-quota' handler
Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: from=<[email protected]>, size=5285, nrcpt=1 (queue active)
Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: from=<[email protected]>, size=5285, nrcpt=1 (queue active)
Nov 24 14:16:25 sof postfix-local[8481]: postfix-local: [email protected], [email protected], dirname=/var/qmail/mailnames
Nov 24 14:16:25 sof postfix-local[8481]: postfix-local: [email protected], [email protected], dirname=/var/qmail/mailnames
Nov 24 14:16:25 sof spamc[8483]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: No such file or directory
Nov 24 14:16:25 sof spamc[8483]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: No such file or directory
Nov 24 14:16:25 sof postfix-local[8481]: handlers_stderr: PASS
Nov 24 14:16:25 sof postfix-local[8481]: handlers_stderr: PASS
Nov 24 14:16:25 sof postfix-local[8481]: PASS during call 'spam' handler
Nov 24 14:16:25 sof postfix-local[8481]: PASS during call 'spam' handler
Nov 24 14:16:25 sof postfix/pipe[8435]: 9467B848368A: to=<[email protected]>, orig_to=<[email protected]>, relay=plesk_virtual, delay=7.9, delays=7.9/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
Nov 24 14:16:25 sof postfix/pipe[8435]: 9467B848368A: to=<[email protected]>, orig_to=<[email protected]>, relay=plesk_virtual, delay=7.9, delays=7.9/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: removed
Nov 24 14:16:25 sof postfix/qmgr[19747]: 9467B848368A: removed
Nov 24 14:16:27 sof postfix/smtpd[8221]: disconnect from unknown[190.237.252.197]
Nov 24 14:16:27 sof postfix/smtpd[8221]: disconnect from unknown[190.237.252.197]

Voici une partie de mon main.cf déposer

smtpd_tls_cert_file = /etc/postfix/domain.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_helo_required = yes

smtpd_sender_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        check_sender_access pcre:/etc/postfix/rejected_domains,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        reject_unlisted_sender,
        permit

smtpd_helo_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_non_fqdn_helo_hostname,
        reject_invalid_helo_hostname,
        reject_unknown_helo_hostname,
        permit

smtpd_recipient_restrictions =
        permit_sasl_authenticated,
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        permit_mynetworks,
        reject_rbl_client regexp:/etc/postfix/postfix_client_blacklist,
        reject_unauth_destination,
        reject_unknown_sender_domain,
        check_client_access hash:/etc/postfix/rbl_whitelist,
        check_client_access pcre:/var/spool/postfix/plesk/no_relay.re,
        reject_rbl_client bl.spamcop.net,
        permit

Voici la postfix_client_blacklist déposer

/^.*unknown.*$/         REJECT FCrDNS # I tried all kinds of ways found on the Internet.
7
Alienizer

Vous cherchez reject_unknown_client_hostname .

Du Documentation :

rejet_unknown_client_hostname (avec postfix <2.3: rejet_unknown_client)
[ Ceci est une restriction plus forte que la fonctionnalité Reject_unknown_Reverse_Client_HostName, qui déclenche uniquement la condition 1) ci-dessus. Le paramètre Unknown_Client_Reject_code Spécifie le code de réponse des demandes rejetées (par défaut: 450). La réponse est toujours 450 au cas où l'adresse-> nom ou nom -> l'adresse de la recherche est échoué en raison d'un problème temporaire.

Échantillon d'utilisation: (comme on le voit sur mon serveur de messagerie en direct)

smtpd_client_restrictions =
        permit_mynetworks,
        reject_unauth_pipelining,
        reject_unknown_client_hostname,
        permit
13
Michael Hampton