Perceba que o "From" foi forjado com o seu email, eu resolvi isto da
seguinte maneira...
No seu "smtpd_recipient_restrictions", coloque a diretiva
"check_sender_access" (depois dos reject..., permit_mynetworks, sasl ...
e antes da RBL's), por exemplo:
smtpd_recipient_restrictions = reject_non_fqdn_sender,
reject_non_fqdn_recipient ,reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_unlisted_sender,
reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination, check_sender_access
regexp:/etc/postfix/sender_access (...)
cat sender_access
/^(.*)dominio\.com$/ 550 please login first
grep "please login first" mail.log
Sep 23 10:07:48 xxxx postfix/smtpd[13086]: NOQUEUE: reject: RCPT from
unknown[89.185.207.148]: 550 5.7.1 <[email protected]>: Sender address
rejected: please login first; from=<[email protected]>
to=<[email protected]> proto=SMTP helo=<ms-865b4c0e7330>
Att,
Egberto Monteiro
Em 09/23/2010 10:06 AM, irado furioso com tudo escreveu:
buenas, guris
um spam for recebido e não foi detido por qualquer das regras no
postfix: greylist, reverso, spf, header_contents, etc.
o endereçamento estava de mim para mim mesmo ([email protected] para
[email protected]).
aqui os dados do e-mail que conseguiu passar:
:== begin
Sep 17 13:21:56 postfix/smtpd[26838]: connect from
200-127-47-209.cab.prima.net.ar[200.127.47.209] Sep 17 13:21:56
postfix/smtpd[26838]: BAD542297C:
client=200-127-47-209.cab.prima.net.ar[200.127.47.209] Sep 17 13:21:56
message-id=<[email protected]> Sep 17
13:21:57 postfix/qmgr[3175]: BAD542297C: from=<[email protected]>,
size=781, nrcpt=1 (queue active) Sep 17 13:21:57
postfix/smtpd[26838]: disconnect from 200-127-47-209.cab.prima.net.ar
[200.127.47.209] Sep 17 13:21:57 postfix/pickup[18839]:
5740023510: uid=1000 from=<[email protected]> Sep 17 13:21:57
postfix/cleanup[27372]: 5740023510:
message-id=<[email protected]> Sep 17
13:21:57 postfix/pipe[1888]: BAD542297C: to=<[email protected]>,
relay=filter, delay=0.85, delays=0.68/0/0/0.17, dsn=2.0.0, status=sent
(delivered via filter service) Sep 17 13:21:57 postfix/qmgr
[3175]: BAD542297C: removed Sep 17 13:21:57 postfix/qmgr
[3175]: 5740023510: from=<[email protected]>, size=898, nrcpt=1 (queue
active) Sep 17 13:21:57 postfix/smtp[18031]: 5740023510:
to=<[email protected]>, relay=192.168.1.15[192.168.1.15]:25,
delay=0.14, delays=0.01/0/0/0.12, dsn=2.6.0, status=sent (250 2.6.0
<[email protected]> Queued mail for delivery)
Sep 17 13:21:57 postfix/qmgr[3175]: 5740023510: removed
:== end
outras ocorrencias do tal cab.prima.net.ar sofreram rejeição,
observem:
bzgrep -i -B 1 -A 1 cab.prima.net.ar maillog.20100916.bz2
Sep 16 17:58:27 preproc-ias postfix/smtpd[27315]: disconnect from
cesar.ias.org.br[200.155.1.163] Sep 16 17:58:29 preproc-ias
postfix/smtpd[27315]: warning: 190.190.21.178: hostname
178-21-190-190.cab.prima.net.ar verification failed: Name or service
not known Sep 16 17:58:29 preproc-ias postfix/smtpd[27315]: connect
from unknown[190.190.21.178]
resumo: não sei COMO o spam (subject: V|AGRA) conseguiu passar. Alguma
idéia?
TIA
_______________________________________________
Postfix-BR mailing list
[email protected]
http://listas.softwarelivre.org/mailman/listinfo/postfix-br
