SPF... estava lendo sobre OSPF aoshoashaos Att, *Gabriel Ricardo* *MSN:* [email protected] http://tinotapa.blogspot.com http://twitter.com/gricardo87
Em 23 de setembro de 2010 11:16, Egberto Monteiro <[email protected] > escreveu: > Perceba que o "From" foi forjado com o seu email, eu resolvi isto da > seguinte maneira... > > No seu "smtpd_recipient_restrictions", coloque a diretiva > "check_sender_access" (depois dos reject..., permit_mynetworks, sasl ... e > antes da RBL's), por exemplo: > > smtpd_recipient_restrictions = reject_non_fqdn_sender, > reject_non_fqdn_recipient ,reject_unknown_sender_domain, > reject_unknown_recipient_domain, reject_unlisted_sender, > reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, > reject_unauth_destination, check_sender_access > regexp:/etc/postfix/sender_access (...) > > > cat sender_access > /^(.*)dominio\.com$/ 550 please login first > > > grep "please login first" mail.log > Sep 23 10:07:48 xxxx postfix/smtpd[13086]: NOQUEUE: reject: RCPT from > unknown[89.185.207.148]: 550 5.7.1 <[email protected]>: Sender address > rejected: please login first; from=<[email protected]> to=<[email protected]> > proto=SMTP helo=<ms-865b4c0e7330> > > > > Att, > Egberto Monteiro > > Em 09/23/2010 10:06 AM, irado furioso com tudo escreveu: > > buenas, guris >> >> um spam for recebido e não foi detido por qualquer das regras no >> postfix: greylist, reverso, spf, header_contents, etc. >> >> o endereçamento estava de mim para mim mesmo ([email protected] para >> [email protected]). >> >> aqui os dados do e-mail que conseguiu passar: >> :== begin >> >> Sep 17 13:21:56 postfix/smtpd[26838]: connect from >> 200-127-47-209.cab.prima.net.ar[200.127.47.209] Sep 17 13:21:56 >> postfix/smtpd[26838]: BAD542297C: >> client=200-127-47-209.cab.prima.net.ar[200.127.47.209] Sep 17 13:21:56 >> message-id=<[email protected]> Sep 17 >> 13:21:57 postfix/qmgr[3175]: BAD542297C: from=<[email protected]>, >> size=781, nrcpt=1 (queue active) Sep 17 13:21:57 >> postfix/smtpd[26838]: disconnect from 200-127-47-209.cab.prima.net.ar >> [200.127.47.209] Sep 17 13:21:57 postfix/pickup[18839]: >> 5740023510: uid=1000 from=<[email protected]> Sep 17 13:21:57 >> postfix/cleanup[27372]: 5740023510: >> message-id=<[email protected]> Sep 17 >> 13:21:57 postfix/pipe[1888]: BAD542297C: to=<[email protected]>, >> relay=filter, delay=0.85, delays=0.68/0/0/0.17, dsn=2.0.0, status=sent >> (delivered via filter service) Sep 17 13:21:57 postfix/qmgr >> [3175]: BAD542297C: removed Sep 17 13:21:57 postfix/qmgr >> [3175]: 5740023510: from=<[email protected]>, size=898, nrcpt=1 (queue >> active) Sep 17 13:21:57 postfix/smtp[18031]: 5740023510: >> to=<[email protected]>, relay=192.168.1.15[192.168.1.15]:25, >> delay=0.14, delays=0.01/0/0/0.12, dsn=2.6.0, status=sent (250 2.6.0 >> <[email protected]> Queued mail for delivery) >> Sep 17 13:21:57 postfix/qmgr[3175]: 5740023510: removed >> >> :== end >> >> outras ocorrencias do tal cab.prima.net.ar sofreram rejeição, >> observem: >> >> bzgrep -i -B 1 -A 1 cab.prima.net.ar maillog.20100916.bz2 >> Sep 16 17:58:27 preproc-ias postfix/smtpd[27315]: disconnect from >> cesar.ias.org.br[200.155.1.163] Sep 16 17:58:29 preproc-ias >> postfix/smtpd[27315]: warning: 190.190.21.178: hostname >> 178-21-190-190.cab.prima.net.ar verification failed: Name or service >> not known Sep 16 17:58:29 preproc-ias postfix/smtpd[27315]: connect >> from unknown[190.190.21.178] >> >> resumo: não sei COMO o spam (subject: V|AGRA) conseguiu passar. Alguma >> idéia? >> >> TIA >> >> > _______________________________________________ > Postfix-BR mailing list > [email protected] > http://listas.softwarelivre.org/mailman/listinfo/postfix-br > _______________________________________________ Postfix-BR mailing list [email protected] http://listas.softwarelivre.org/mailman/listinfo/postfix-br
