www.state-it.info

Gran base de respuestas a las preguntas de los desarrolladores
Header decor

Como ganar Postfix y spammers de cuentas del sistema?

hamnsk 2018-10-04 11:32:46

buenos días, si es honesto sacado un poco los encabezados de los mensajes de correo electrónico en un archivo adjunto:

Return-Path: <[email protected]_mx.domain>
Delivered-To: [email protected]
Received: by my_mx.domain (Postfix, from userid 997)
    id B6B155C115; Thu, 4 Oct 2018 11:07:34 +0300 (MSK)
To: [email protected]
Subject: =?UTF-8?B?0KHQvtC+0LHRidC10L3QuNC1IERhdmlkY3JpdmE=?=
X-PHP-Originating-Script: 997:mail.php
From: =?UTF-8?B?RGF2aWRjcml2YQ==?= <[email protected]>
Reply-To: =?UTF-8?B?ZmJ2YmZnZmcudmNkZ2VjZ2ZnLjA5QG1haWwucnU=?= <[email protected]>
X-Mailer: PHP/7.2.10


my.domain b my_mx.dominio de la misma carretilla de hecho, el postfix que sirve de dos de dominio

es конфигам:

mail_owner = postfix
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, mail.$mydomain
unknown_local_recipient_reject_code = 550
mynetworks = my_ip/32, 127.0.0.0/8, [::1]/128
alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps

mailbox_command = /usr/libexec/dovecot/deliver

debug_peer_level = 2
debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.10.1/samples
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES

smtp_tls_security_level = may
smtp_tls_loglevel = 1
smtp_tls_protocols = !SSLv2
smtp_tls_exclude_ciphers = EXPORT, LOW

### VIRTUAL MAIL CONFIG PARAMS ###
relay_domains = *
virtual_alias_maps = hash:/etc/postfix/aliases
virtual_mailbox_domains = hash:/etc/postfix/domains
virtual_mailbox_maps = hash:/etc/postfix/mailboxes

virtual_mailbox_base = /var/vmail
virtual_minimum_uid = 2222
virtual_transport = dovecot
virtual_uid_maps = static:2222
virtual_gid_maps = static:2222

dovecot_destination_recipient_limit = 1

milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_local_domain = $mydomain
broken_sasl_auth_clients = yes

smtpd_tls_security_level = may
smtpd_tls_key_file = /etc/ssl/mailcerts/mail.key
smtpd_tls_cert_file = /etc/ssl/mailcerts/mail_chained.crt
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache
smtpd_tls_protocols = $smtp_tls_protocols
tls_random_source = dev:/dev/urandom
tls_random_exchange_name = /var/lib/postfix/prng_exch
smtpd_tls_auth_only = yes
smtpd_helo_required = yes

# soft_bounce = yes
smtpd_recipient_restrictions =
	check_sender_access hash:/etc/postfix/sender_access, - тут два моих домена REJECT
	check_client_access hash:/etc/postfix/access, - пустой
	check_recipient_access hash:/etc/postfix/recipient_access, - пустой
	reject_invalid_hostname,
	reject_non_fqdn_hostname,
	reject_non_fqdn_sender,
	reject_non_fqdn_recipient,
	reject_unknown_sender_domain,
	reject_unknown_recipient_domain,
	reject_unauth_pipelining,
	reject_unauth_destination,
	reject_rbl_client zombie.dnsbl.sorbs.net,
	reject_rbl_client cbl.abuseat.org,
	reject_rbl_client zen.spamhaus.org,
	reject_rbl_client bl.spamcop.net,
	reject_rbl_client multihop.dsbl.org,
	reject_rbl_client work.rsbs.express.ru,
	reject_rbl_client dnsbl.sorbs.net,
	reject_unknown_client,
	permit_sasl_authenticated,
	permit_mynetworks,
	permit

smtpd_sender_login_maps = hash:/etc/postfix/smtpd_sender_login_map - тут мапки от какого мыла какой юзверь может слать письма, 2 записи по одной на каждый домен

smtpd_sender_restrictions =
	check_client_access hash:/etc/postfix/access, -пустой
	check_recipient_access hash:/etc/postfix/recipient_access, - пустой
	reject_unlisted_sender,
	reject_unverified_sender,
	reject_invalid_hostname,
	reject_non_fqdn_hostname,
	reject_non_fqdn_sender,
	reject_unlisted_sender,
	reject_unverified_sender,
#	reject_unauthenticated_sender_login_mismatch,
	reject_sender_login_mismatch,
	reject_unknown_sender_domain,

# Правило проверки соответствия ip и имени клиента
	reject_unknown_client_hostname,
	reject_unknown_sender_domain,
	reject_unknown_hostname,
	reject_rbl_client zombie.dnsbl.sorbs.net,
	reject_rbl_client cbl.abuseat.org,
	reject_rbl_client zen.spamhaus.org,
	reject_rbl_client bl.spamcop.net,
	reject_rbl_client multihop.dsbl.org,
	reject_rbl_client work.rsbs.express.ru,
	reject_rbl_client dnsbl.sorbs.net,
	reject_rhsbl_sender dsn.rfc-ignorant.org,
	permit_sasl_authenticated,
        permit_mynetworks,
	permit

smtpd_data_restrictions =
	reject_unauth_pipelining,
	reject_multi_recipient_bounce,
	permit


smtpd_relay_restrictions =
	permit_mynetworks,
	permit_sasl_authenticated,
	defer_unauth_destination


Aqui esta la tengo config, el exceso de cortar

En los registros, tal петрушка:

Oct  4 11:07:34 www0001 postfix/pickup[26695]: B6B155C115: uid=997 from=<nginx>
Oct  4 11:07:34 www0001 postfix/cleanup[26719]: B6B155C115: message-id=<20[email protected]_mx.domain>
Oct  4 11:07:34 www0001 opendkim[895]: B6B155C115: DKIM-Signature field added (s=default, d=sergeyvisman.ru)
Oct  4 11:07:34 www0001 postfix/qmgr[19110]: B6B155C115: from=<[email protected]_mx.domain>, size=974, nrcpt=1 (queue active)
Oct  4 11:07:34 www0001 dovecot: lda([email protected]): sieve: msgid=<[email protected]_mx.domain>: stored mail into mailbox 'INBOX'
Oct  4 11:07:34 www0001 postfix/pipe[26722]: B6B155C115: to=<[email protected]>, relay=dovecot, delay=0.1, delays=0.07/0.01/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service)
Oct  4 11:07:34 www0001 postfix/qmgr[19110]: B6B155C115: removed

Total answers: 2

martin74ua 2018-10-04 12:43:04

X-PHP-Originating-Script: 997:mail.php

usted mismo hasta el lugar se han mostrado, desde donde envío se.

hamnsk 2018-10-04 20:02:09

este soy yo en el título vi, no tiene el script de realmente estar en тачке, o el envío pasa a través de un formulario de contacto en el sitio


martin74ua 2018-10-04 22:00:03

usted piensa que está ahí simplemente por lo tanto, apareció???
entra en el script, consulte, ¿y a quién envía el


hamnsk 2018-10-04 22:38:48

En general he encontrado el bandido, de alguien que no la pereza es entrar en la página de contactos de la prueba опенкарту y llenar un formulario que incluyó allí рекапчу, vamos a ver como es

Preguntas relacionadas:

Footer decor

© www.state-it.info | Base of answers to questions for developers and programmers.