后缀:check_client_access 不工作
postfix: check_client_access not working
我想阻止试图通过 smtpd 登录到我的 postfix 服务器的特定 IP。因此在 /etc/postfix/main.cf 中我添加了以下内容:
smtpd_client_restrictions =
reject_rbl_client sbl.spamhaus.org,
...
check_client_access hash:/etc/postfix/blacklist
我的 /etc/postfix/blacklist 看起来像这样:
185.40.4.32 REJECT dont want spammers
80.82.78.96 REJECT dont want spammers
74.208.72.135 REJECT dont want spammers
当然我通过命令
创建了一个/etc/postfix/blacklist.db
sudo postmap /etc/postfix/blacklist
并重新启动后缀。
但在/var/log/mail.log中仍然出现以下内容:
Aug 28 13:32:08 server postfix/smtpd[5035]: warning: hostname hosted-by.hostgrad.ru does not resolve to address 185.40.4.32
Aug 28 13:32:08 server postfix/smtpd[5035]: connect from unknown[185.40.4.32]
Aug 28 13:32:13 server postfix/smtpd[5035]: warning: unknown[185.40.4.32]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Aug 28 13:32:13 server postfix/smtpd[5035]: lost connection after AUTH from unknown[185.40.4.32]
Aug 28 13:32:13 server postfix/smtpd[5035]: disconnect from unknown[185.40.4.32]
显然 IP 为 185.40.4.32 的客户端仍然没有被阻止。有人知道吗,为什么?
与...
smtpd_delay_reject = no
有效。
但是想想这个:
SMTP command specific restrictions that are described under the smtpd_helo_restrictions, smtpd_sender_restrictions or smtpd_recipient_restrictions parameters. When helo, sender or recipient restrictions are listed under smtpd_client_restrictions, they have effect only with "smtpd_delay_reject = yes", so that $smtpd_client_restrictions is evaluated at the time of the RCPT TO command.
我在尝试使用 .db 格式时遇到了同样的问题。当我使用 .cidr 格式时,我得到了成功的 REJECT。像这样:
check_client_access cidr:/etc/postfix/spammer_ip.cidr
为您的 .cidr 记录使用此格式:
185.40.4.32 REJECT 不想垃圾邮件发送者
我之前遇到过这个问题,通过在 main.cnf 末尾添加以下行
解决了这个问题
smtpd_sender_restrictions = hash:/etc/postfix/access
别忘了
postmap /etc/postifx/access
我想阻止试图通过 smtpd 登录到我的 postfix 服务器的特定 IP。因此在 /etc/postfix/main.cf 中我添加了以下内容:
smtpd_client_restrictions =
reject_rbl_client sbl.spamhaus.org,
...
check_client_access hash:/etc/postfix/blacklist
我的 /etc/postfix/blacklist 看起来像这样:
185.40.4.32 REJECT dont want spammers
80.82.78.96 REJECT dont want spammers
74.208.72.135 REJECT dont want spammers
当然我通过命令
创建了一个/etc/postfix/blacklist.dbsudo postmap /etc/postfix/blacklist
并重新启动后缀。
但在/var/log/mail.log中仍然出现以下内容:
Aug 28 13:32:08 server postfix/smtpd[5035]: warning: hostname hosted-by.hostgrad.ru does not resolve to address 185.40.4.32
Aug 28 13:32:08 server postfix/smtpd[5035]: connect from unknown[185.40.4.32]
Aug 28 13:32:13 server postfix/smtpd[5035]: warning: unknown[185.40.4.32]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Aug 28 13:32:13 server postfix/smtpd[5035]: lost connection after AUTH from unknown[185.40.4.32]
Aug 28 13:32:13 server postfix/smtpd[5035]: disconnect from unknown[185.40.4.32]
显然 IP 为 185.40.4.32 的客户端仍然没有被阻止。有人知道吗,为什么?
与...
smtpd_delay_reject = no
有效。 但是想想这个:
SMTP command specific restrictions that are described under the smtpd_helo_restrictions, smtpd_sender_restrictions or smtpd_recipient_restrictions parameters. When helo, sender or recipient restrictions are listed under smtpd_client_restrictions, they have effect only with "smtpd_delay_reject = yes", so that $smtpd_client_restrictions is evaluated at the time of the RCPT TO command.
我在尝试使用 .db 格式时遇到了同样的问题。当我使用 .cidr 格式时,我得到了成功的 REJECT。像这样:
check_client_access cidr:/etc/postfix/spammer_ip.cidr
为您的 .cidr 记录使用此格式: 185.40.4.32 REJECT 不想垃圾邮件发送者
我之前遇到过这个问题,通过在 main.cnf 末尾添加以下行
smtpd_sender_restrictions = hash:/etc/postfix/access
别忘了
postmap /etc/postifx/access