Pinky
07.03.09, 12:36
Hallo,
ich habe hier einen Mailserver mit Postfix in Verbindung mit Amavis laufen. Seit ich vor die jeweiligen Programme via apt vor einigen Tagen geupdatet habe, erhalte ich unter einigen Mailkontos folgende Benachrichtigungen. Sie sind sehr lästig, und daher will ich sie nicht mehr erhalten.
Beispiel für info@example.com:
A message from <kyhexamplefop@example.de> to:
-> example@example.lan
was considered unsolicited bulk e-mail (UBE).
Our internal reference code for your message is 15637-09/CSV6DBOESU06
The message carried your return address, so it was either a genuine mail
from you, or a sender address was faked and your e-mail address abused
by third party, in which case we apologize for undesired notification.
We do try to minimize backscatter for more prominent cases of UBE and
for infected mail, but for less obvious cases of UBE some balance
between losing genuine mail and sending undesired backscatter is sought,
and there can be some collateral damage on both sides.
First upstream SMTP client IP address: [127.0.0.1] localhost
According to a 'Received:' trace, the message originated at: [190.65.4.42],
[190.65.4.42] unknown [190.65.4.42]
Return-Path: <kyhexamplefop@example.de>
Message-ID: <20090306152055.BB98172D49@example.mailserver.com>
Subject: About our common friend Jack
Delivery of the email was stopped!
Reporting-MTA: dns; server-debian.example.lan
Received-From-MTA: smtp; server-debian.example.lan ([127.0.0.1])
Arrival-Date: Fri, 6 Mar 2009 16:22:36 +0100 (CET)
Original-Recipient: rfc822;example@example.lan
Final-Recipient: rfc822;example@example.lan
Action: failed
Status: 5.7.0
Diagnostic-Code: smtp; 554 5.7.0 Reject, id=15637-09 - SPAM
Last-Attempt-Date: Fri, 6 Mar 2009 16:22:36 +0100 (CET)
Final-Log-ID: 15637-09/CSV6DBOESU06
Return-Path: <kyhexamplefop@example.de>
Received: from server-debian.example.lan (localhost [127.0.0.1])
by server-debian.example.lan (Postfix) with ESMTP id 2382EF7B6B
for <example@example.lan>; Fri, 6 Mar 2009 16:22:34 +0100 (CET)
X-Original-To: kyhexamplefop@example.de
Delivered-To: user@example.mailserver.com
Received: from mail.example.de [85.13.130.43]
by server-debian.example.lan with POP3 (fetchmail-6.3.9-rc2)
for <example@example.lan> (single-drop); Fri, 06 Mar 2009 16:22:35 +0100 (CET)
Received: from [190.65.4.42] (unknown [190.65.4.42])
by example.mailserver.com (Postfix) with ESMTP id BB98172D49
for <kyhexamplefop@example.de>; Fri, 6 Mar 2009 16:20:55 +0100 (CET)
From: kyhexamplefop@example.de
To: kyhexamplefop@example.de
Subject: About our common friend Jack
MIME-Version: 1.0
Content-Type: text/html; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
Message-Id: <20090306152055.BB98172D49@example.mailserver.com>
Date: Fri, 6 Mar 2009 16:20:55 +0100 (CET)
X-KasLoop: v11174315
Der Weg den die Mails einschlagen ist folgender: Fetchmail->Postfix->Amavis(i.V.m. spamassassin, clamav)->Postfix->Dovecot
Postfix:master.cf
....
#Amavis
#
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_chec ks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1
retry unix - - - - - error
....
Posfix: postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
home_mailbox = .mails/
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
message_size_limit = 10485760
mydestination = $myhostname, localhost.$mydomain $mydomain
mydomain = example.lan
myhostname = server-debian.example.lan
mynetworks = 192.168.11.0/24
myorigin = /etc/mailname
parent_domain_matches_subdomains =
receive_override_options = no_address_mappings
recipient_delimiter = +
relayhost = [example.mailserver.de]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = reject_invalid_hostname
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname
smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, permit_sasl_authenticated, reject_unauth_destination, check_policy_service inet:127.0.0.1:60000
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = reject_unknown_address
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/mail.cert
smtpd_tls_key_file = /etc/postfix/mail.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_mailbox_limit = 0
amavis: 15_content_filter_mode
use strict;
# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.
#
# Default antivirus checking mode
# Uncomment the two lines below to enable it back
#
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
#
# Default SPAM checking mode
# Uncomment the two lines below to enable it back
#
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
1; # insure a defined return
amavis: 20_debian_defaults
$QUARANTINEDIR = "$MYHOME/virusmails";
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_ident = 'amavis'; # syslog ident tag, prepended to all messages
$syslog_facility = 'mail';
$syslog_priority = 'debug'; # switch to info to drop debug output, etc
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # default listenting socket
$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
# Quota limits to avoid bombs (like 42.zip)
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes
$final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine)
$final_banned_destiny = D_BOUNCE; # D_REJECT when front-end MTA
$final_spam_destiny = D_BOUNCE;
$final_bad_header_destiny = D_PASS; # False-positive prone (for spam)
$virus_admin = undef; # due to D_DISCARD default
# Leave empty (undef) to add no header
$X_HEADER_LINE = "Debian $myproduct_name at $mydomain";
....
Ich wäre sehr dankbar über eine Lösungstrategie dieses Problems.
Danke
Michael
ich habe hier einen Mailserver mit Postfix in Verbindung mit Amavis laufen. Seit ich vor die jeweiligen Programme via apt vor einigen Tagen geupdatet habe, erhalte ich unter einigen Mailkontos folgende Benachrichtigungen. Sie sind sehr lästig, und daher will ich sie nicht mehr erhalten.
Beispiel für info@example.com:
A message from <kyhexamplefop@example.de> to:
-> example@example.lan
was considered unsolicited bulk e-mail (UBE).
Our internal reference code for your message is 15637-09/CSV6DBOESU06
The message carried your return address, so it was either a genuine mail
from you, or a sender address was faked and your e-mail address abused
by third party, in which case we apologize for undesired notification.
We do try to minimize backscatter for more prominent cases of UBE and
for infected mail, but for less obvious cases of UBE some balance
between losing genuine mail and sending undesired backscatter is sought,
and there can be some collateral damage on both sides.
First upstream SMTP client IP address: [127.0.0.1] localhost
According to a 'Received:' trace, the message originated at: [190.65.4.42],
[190.65.4.42] unknown [190.65.4.42]
Return-Path: <kyhexamplefop@example.de>
Message-ID: <20090306152055.BB98172D49@example.mailserver.com>
Subject: About our common friend Jack
Delivery of the email was stopped!
Reporting-MTA: dns; server-debian.example.lan
Received-From-MTA: smtp; server-debian.example.lan ([127.0.0.1])
Arrival-Date: Fri, 6 Mar 2009 16:22:36 +0100 (CET)
Original-Recipient: rfc822;example@example.lan
Final-Recipient: rfc822;example@example.lan
Action: failed
Status: 5.7.0
Diagnostic-Code: smtp; 554 5.7.0 Reject, id=15637-09 - SPAM
Last-Attempt-Date: Fri, 6 Mar 2009 16:22:36 +0100 (CET)
Final-Log-ID: 15637-09/CSV6DBOESU06
Return-Path: <kyhexamplefop@example.de>
Received: from server-debian.example.lan (localhost [127.0.0.1])
by server-debian.example.lan (Postfix) with ESMTP id 2382EF7B6B
for <example@example.lan>; Fri, 6 Mar 2009 16:22:34 +0100 (CET)
X-Original-To: kyhexamplefop@example.de
Delivered-To: user@example.mailserver.com
Received: from mail.example.de [85.13.130.43]
by server-debian.example.lan with POP3 (fetchmail-6.3.9-rc2)
for <example@example.lan> (single-drop); Fri, 06 Mar 2009 16:22:35 +0100 (CET)
Received: from [190.65.4.42] (unknown [190.65.4.42])
by example.mailserver.com (Postfix) with ESMTP id BB98172D49
for <kyhexamplefop@example.de>; Fri, 6 Mar 2009 16:20:55 +0100 (CET)
From: kyhexamplefop@example.de
To: kyhexamplefop@example.de
Subject: About our common friend Jack
MIME-Version: 1.0
Content-Type: text/html; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
Message-Id: <20090306152055.BB98172D49@example.mailserver.com>
Date: Fri, 6 Mar 2009 16:20:55 +0100 (CET)
X-KasLoop: v11174315
Der Weg den die Mails einschlagen ist folgender: Fetchmail->Postfix->Amavis(i.V.m. spamassassin, clamav)->Postfix->Dovecot
Postfix:master.cf
....
#Amavis
#
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_chec ks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1
retry unix - - - - - error
....
Posfix: postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
home_mailbox = .mails/
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
message_size_limit = 10485760
mydestination = $myhostname, localhost.$mydomain $mydomain
mydomain = example.lan
myhostname = server-debian.example.lan
mynetworks = 192.168.11.0/24
myorigin = /etc/mailname
parent_domain_matches_subdomains =
receive_override_options = no_address_mappings
recipient_delimiter = +
relayhost = [example.mailserver.de]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = reject_invalid_hostname
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname
smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, permit_sasl_authenticated, reject_unauth_destination, check_policy_service inet:127.0.0.1:60000
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = reject_unknown_address
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/mail.cert
smtpd_tls_key_file = /etc/postfix/mail.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_mailbox_limit = 0
amavis: 15_content_filter_mode
use strict;
# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.
#
# Default antivirus checking mode
# Uncomment the two lines below to enable it back
#
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
#
# Default SPAM checking mode
# Uncomment the two lines below to enable it back
#
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
1; # insure a defined return
amavis: 20_debian_defaults
$QUARANTINEDIR = "$MYHOME/virusmails";
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_ident = 'amavis'; # syslog ident tag, prepended to all messages
$syslog_facility = 'mail';
$syslog_priority = 'debug'; # switch to info to drop debug output, etc
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # default listenting socket
$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
# Quota limits to avoid bombs (like 42.zip)
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes
$final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine)
$final_banned_destiny = D_BOUNCE; # D_REJECT when front-end MTA
$final_spam_destiny = D_BOUNCE;
$final_bad_header_destiny = D_PASS; # False-positive prone (for spam)
$virus_admin = undef; # due to D_DISCARD default
# Leave empty (undef) to add no header
$X_HEADER_LINE = "Debian $myproduct_name at $mydomain";
....
Ich wäre sehr dankbar über eine Lösungstrategie dieses Problems.
Danke
Michael