Se pare că serverul nostru de e-mail este folosit pentru a trimite spam.
- Expeditorul e-mailului este un cont real falsificat pe serverul nostru.
- Nu există niciun e-mail în istoricul trimis pentru acel cont.
Aș dori să știu dacă există vreo modalitate de a preveni acest lucru. Orice sfat este binevenit.
Jurnal Postfix:
9 mai 22:12:21 mx postfix/submission/smtpd[1885206]: avertisment: hostname 201-91-101-26.customer.tdatabrasil.net.br nu se rezolvă la adresa 201.91.101.26: Numele sau serviciul nu se cunoaște
9 mai 22:12:21 mx postfix/submission/smtpd[1885206]: conectați de la necunoscut[201.91.101.26]
9 mai 22:12:27 mx postfix/submission/smtpd[1885206]: conexiune TLS anonimă stabilită de la necunoscut[201.91.101.26]: TLSv1.3 cu cifră TLS_AES_256_GCM_SHA384 (256/256 servere de schimbare a semnăturii ESA 256/256 biți) P-256) server-digest SHA256
9 mai 22:12:29 mx postfix/submission/smtpd[1885206]: 984BB13B35D: client=unknown[201.91.101.26], sasl_method=PLAIN, [email protected]
9 mai 22:12:31 mx postfix/sender-cleanup/cleanup[1892316]: 984BB13B35D: înlocuiți: antet MIME-Versiunea: 1.0 din necunoscut[201.91.101.26]; de la=<[email protected]> la=<****@yahoo.com.br> proto=ESMTP helo=<EHZDDZCUEY0FN7B75U0HKZOH1JP2P2UI>: Versiune Mime: 1.0
9 mai 22:12:32 mx postfix/qmgr[944]: 984BB13B35D: from=<[email protected]>, size=18836, nrcpt=1 (coada activă)
9 mai 22:12:32 mx postfix/smtp[1892491]: 984BB13B35D: to=<****@yahoo.com.br>, relay=smtp.****.****.com[192. ***.***.***]:587, întârziere=3,9, întârzieri=3,6/0,01/0,13/0,13, dsn=2,0,0, stare=trimis (250 Ok)
9 mai 22:12:32 mx postfix/qmgr[944]: 984BB13B35D: eliminat
9 mai 22:12:35 mx postfix/submission/smtpd[1885206]: E344C13B35D: client=unknown[201.91.101.26], sasl_method=PLAIN, [email protected]
# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_min_user = da
anvil_rate_time_unit = 60s
append_dot_mydomain = nr
biff = nu
bounce_queue_lifetime = 7200s
compatibility_level = 2
default_process_limit = 5000
disable_vrfy_command = da
header_checks = pcre:/etc/postfix/maps/header_checks.pcre
inet_interfaces = all
inet_protocols = ipv4
cutie_poștală_size_limit = 20000000000
maximal_backoff_time = 7200s
maximal_queue_lifetime = 7200s
limită_dimensiunea mesajului = 52428800
milter_default_action = accept
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_protocol = 6
minim_backoff_time = 1600s
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = my-domain.net
myhostname = mx.my-domain.net
rețelele mele = 127.0.0.0/8 [::1]/128 [fe80::]/64 192.168.18.0/24 10.102.0.0/16 172.18.0.0/16 10.102.0.0/16
non_smtpd_milters = inet:127.0.0.1:11332
policyd-spf_time_limit = 3600
postscreen_bare_newline_action = aplica
postscreen_dnsbl_action = aplica
postscreen_dnsbl_sites = zen.spamhaus.org*3 bl.mailspike.net b.barracudacentral.org*2 bl.spameatingmonkey.net dnsbl.sorbs.net psbl.surriel.com list.dnswl.org=127.0.[0..255] .0*-2 list.dnswl.org=127.0.[0..255].1*-3 list.dnswl.org=127.0.[0..255].[2..3]*-4
postscreen_dnsbl_threshold = 3
postscreen_dnsbl_whitelist_threshold = -1
postscreen_greet_action = aplica
queue_run_delay = 200s
readme_directory = nr
destinatar_delimiter = +
relayhost = [smtp.****.****.com]:587
sender_dependent_relayhost_maps = texthash:/etc/postfix/relayhost_map
smtp_destination_concurrency_limit = 10
smtp_discard_ehlo_keywords = dimensiune
smtp_header_checks = pcre:/etc/postfix/maps/sender_header_filter.pcre
smtp_initial_destination_concurrency = 2
smtp_sasl_auth_enable = da
smtp_sasl_password_maps = texthash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sender_dependent_authentication = da
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_loglevel = 1
smtp_tls_note_starttls_offer = da
smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_security_level = mai
smtp_use_tls = da
smtpd_banner = $myhostname ESMTP
smtpd_client_message_rate_limit = 100
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, check_client_access hash:/etc/postfix/client_access.map, reject_unknown_reverse_client_hostname
smtpd_delay_reject = da
smtpd_error_sleep_time = 1s
smtpd_hard_error_limit = 20
smtpd_helo_required = da
smtpd_helo_restrictions = check_helo_access pcre:/etc/postfix/helo_access.map permit_mynetworks permit_sasl_authenticated reject_invalid_helo_hostname reject_non_fqdn_helo_hostname reject_unknown_helo_hostname
smtpd_milters = inet:127.0.0.1:11332
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf, reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain, check_policy_service inet:localhost:65265, reject_rbl_client zen.spamhaus.org
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = da
smtpd_sasl_authenticated_header = da
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_type = porumbel
smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf mysql:/etc/postfix/mysql-virtual-alias-maps.cf mysql:/etc/postfix/mysql-virtual-sender-maps.
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, check_sender_access hash:/etc/postfix/sender_access.map, reject_non_fqdn_sender, reject_sender_login_mismatch
smtpd_soft_error_limit = 10
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_auth_only = da
smtpd_tls_chain_files = /etc/postfix/ssl/key /etc/postfix/ssl/cert
smtpd_tls_dh1024_param_file = /etc/postfix/dhparams.pem
smtpd_tls_exclude_ciphers = aNULL, SEED, CAMELLIA, RSA+AES
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = mare
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_security_level = mai
smtputf8_enable = nr
strict_mailbox_ownership = nr
tls_high_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHACHA384:-ECDSA-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
tls_preempt_cipherlist = da
tls_server_sni_maps = hash:/etc/postfix/vmail_ssl.map
tls_ssl_options = NO_COMPRESSION, NO_RENEGOTIATION
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_limit = 20000000000
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:inet:localhost:24
# postconf -M
smtp inet n - n - 1 postscreen
smtpd trece - - n - - smtpd
tlsproxy unix - - n - 0 tlsproxy
dnsblog unix - - n - 0 dnsblog
submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_reject_unlisted_recipient=no -o smtpd_sasl_authenticated_header=yes -o smtpd_client_restrictions =permit_sasl_authenticated,reject_unknown_reverse_client_hostname,reject -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINARE -o cleanup_service_name=sender-cleanup
smtps inet n - n - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_reject_unlisted_recipient=no -o smtpd_sasl_authenticated_header=yes -o smtpd_client_restrictions =permit_sasl_authenticated,reject_unknown_reverse_client_hostname,reject -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINARE -o cleanup_service_name=sender-cleanup
pickup fifo n - y 60 1 pickup -o content_filter= -o receive_override_options=no_header_body_checks
curatare unix n - y - 0 curatare
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rescrie unix - - y - - trivial-rescriere
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 săritură
verifica unix - - y - 1 verifica
spălați Unix n - y 1000? 0 culoare
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
releu unix - - y - - smtp
showq unix n - y - - showq
eroare unix - - y - - eroare
reîncercați Unix - - y - - eroare
arunca unix - - y - - arunca
unix local - n n - - local
unix virtual - n n - - virtual
lmtp unix - - n - - lmtp
nicovală unix - - y - 1 nicovală
scache unix - - y - 1 scache
maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${destinatar}
uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($destinatar)
ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($destinatar)
bsmtp unix - n n - - steaguri pipe=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $destinatar
scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
sender-cleanup unix n - - - 0 cleanup -o syslog_name=postfix/sender-cleanup -o header_checks=pcre:/etc/postfix/maps/sender_header_filter.pcre
policyd-spf unix - n n - 0 spawn user=policyd-spf argv=/usr/bin/policyd-spf
smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=da -o disable_dns_lookups=da -o max_use=20 -o smtp_tls_security
127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters -o smtp_tls_security_level=niciun
slowrelay unix - - n - 2 smtp -o smtp_mx_session_limit=5
gmail-smtp unix - - n - 1 smtp -o syslog_name=postfix/gmail -o smtp_destination_concurrency_limit=1 -o smtp_destination_recipient_limit=1 -o anvil_rate_time_unit=60s -o smtpd_rate_limit_message_0
docomo-smtp unix - - n - 1 smtp -o smtp_destination_concurrency_limit=1 -o smtp_destination_recipient_limit=1 -o anvil_rate_time_unit=60s -o smtpd_client_message_rate_limit=100
au-smtp unix - - n - 1 smtp -o smtp_destination_concurrency_limit=1 -o smtp_destination_recipient_limit=1 -o anvil_rate_time_unit=60s -o smtpd_client_message_rate_limit=100
softbank-smtp unix - - n - 1 smtp -o smtp_destination_concurrency_limit=1 -o smtp_destination_recipient_limit=1 -o anvil_rate_time_unit=60s -o smtpd_client_message_rate_limit=100
ymobile-smtp unix - - n - 1 smtp -o smtp_destination_concurrency_limit=1 -o smtp_destination_recipient_limit=1 -o anvil_rate_time_unit=60s -o smtpd_client_message_rate_limit=100
icloud-smtp unix - - n - 1 smtp -o smtp_destination_concurrency_limit=1 -o smtp_destination_recipient_limit=1 -o anvil_rate_time_unit=30s -o smtpd_client_message_rate_limit=5
ms-smtp unix - - n - 1 smtp -o smtp_destination_concurrency_limit=1 -o smtp_destination_recipient_limit=1 -o anvil_rate_time_unit=30s -o smtpd_client_message_rate_limit=5
