Security

Postfix 錯誤地接受任何目的地的郵件

  • January 29, 2022

我有一個相當標準的 Postfix 配置來將郵件轉發到多個域(設置包括 postsrsd 和 spamassassin/spamass-milter,它們工作正常):

myhostname = mail.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

virtual_alias_domains = mydomain.com, otherdomain.com, thirddomain.com
virtual_alias_maps = hash:/etc/postfix/virtual

但是,Postfix 不是只為 virtual_alias_maps 中定義的地址接收(和轉發)郵件,而是嘗試向各種郵件伺服器發送欺詐性消息,如下所示:

Jan 29 15:52:41 localhost postfix/qmgr[354872]: D07D97F95E: from=<>, size=12267, nrcpt=1 (queue active)
Jan 29 15:52:41 localhost postfix/qmgr[354872]: 9C1C77F952: from=<>, size=11583, nrcpt=1 (queue active)
Jan 29 15:52:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[2606:4700:3032::ac43:8c58]:25: No route to host
Jan 29 15:52:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[2606:4700:3033::6815:369f]:25: No route to host
Jan 29 15:52:41 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[2606:4700:3031::6815:efe]:25: No route to host
Jan 29 15:52:42 localhost postfix/smtp[362944]: 9C1C77F952: to=<contact@gethoys.me>, relay=mail.gethoys.me[137.184.49.234]:25, delay=139007, delays=139006/0.03/0.76/0.1, dsn=4.7.1, status=deferred (host mail.gethoys.me[137.184.49.234] said: 454 4.7.1 <contact@gethoys.me>: Relay access denied (in reply to RCPT TO command))
Jan 29 15:53:11 localhost postfix/smtp[362942]: connect to mail.visceration.co[172.67.140.88]:25: Connection timed out
Jan 29 15:53:11 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[104.21.14.254]:25: Connection timed out
Jan 29 15:53:11 localhost postfix/smtp[362943]: connect to mail.smartsnakepro.us[2606:4700:3033::ac43:a0d9]:25: No route to host
Jan 29 15:53:41 localhost postfix/smtp[362942]: connect to mail.visceration.co[104.21.54.159]:25: Connection timed out

如何防止我的郵件伺服器對這些連接做出反應?為什麼不涉及 smtpd(因為它在合法的郵件轉發中)?

謝謝,揚

我檢查了 postqueue 並意識到這些日誌條目是由退回到不存在或偽造的郵件伺服器的消息創建的。對不起!

引用自:https://serverfault.com/questions/1091579