ZuelfikarBbk
12.04.13, 09:21
Hi,
ich habe Postfix 2.7.1 installiert und alles nach dem Tutorial von Ispmail eingerichtet. Trotzdem wir mein Server genutzt um spam (phihising) zu verschicken.
Meine main.cf sieht so aus.
mynetworks = XXX
virtual_mailbox_domains = pgsql:/etc/postfix/pgsql-virtual-mailbox-domains.cf
virtual_mailbox_maps = pgsql:/etc/postfix/pgsql-virtual-mailbox-maps.cf
virtual_alias_maps = pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf,pgsql:/etc/postfix/pgsql-email2email.cf
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject _unauth_destination
smtpd_sender_restrictions = permit_mynetworks,permit_sasl_authenticated,reject _unauth_destination
default_process_limit = 5
message_size_limit = 10485760
soft_bounce = no
content_filter=smtp-amavis:[127.0.0.1]:10024
receive_override_options=no_address_mappings
Ein Eintrag aus der mail.log sieht so aus: Weder sender noch Empfänger sind aus meinem Domain.
Apr 11 08:57:38 euve2092 postfix/qmgr[1845]: E019FDB10F1: from=<helenppbb@yahoo.com>, size=4639, nrcpt=2 (queue active)
Apr 11 08:57:38 euve2092 amavis[17424]: (17424-02-163) Passed SPAM, LOCAL [127.0.0.1] [82.128.44.92] <helenppbb@yahoo.com> -> <milagros.perez@mattel.com>,<milenio-import@terra.com.pe>, quarantine: t/spam-t673xTIXM1CL.gz, mail_id: t673xTIXM1CL, Hits: 17.796, size: 4175, queued_as: E019FDB10F1, 101 ms
Apr 11 08:57:38 euve2092 postfix/smtp[17810]: E8222DB16D7: to=<milagros.perez@mattel.com>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=163, delay=68, delays=47/21/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=17424-02-163, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as E019FDB10F1)
Apr 11 08:57:38 euve2092 postfix/smtp[17810]: E8222DB16D7: to=<milenio-import@terra.com.pe>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=163, delay=68, delays=47/21/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=17424-02-163, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as E019FDB10F1)
Apr 11 08:57:38 euve2092 postfix/qmgr[1845]: E8222DB16D7: removed
ich habe Postfix 2.7.1 installiert und alles nach dem Tutorial von Ispmail eingerichtet. Trotzdem wir mein Server genutzt um spam (phihising) zu verschicken.
Meine main.cf sieht so aus.
mynetworks = XXX
virtual_mailbox_domains = pgsql:/etc/postfix/pgsql-virtual-mailbox-domains.cf
virtual_mailbox_maps = pgsql:/etc/postfix/pgsql-virtual-mailbox-maps.cf
virtual_alias_maps = pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf,pgsql:/etc/postfix/pgsql-email2email.cf
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject _unauth_destination
smtpd_sender_restrictions = permit_mynetworks,permit_sasl_authenticated,reject _unauth_destination
default_process_limit = 5
message_size_limit = 10485760
soft_bounce = no
content_filter=smtp-amavis:[127.0.0.1]:10024
receive_override_options=no_address_mappings
Ein Eintrag aus der mail.log sieht so aus: Weder sender noch Empfänger sind aus meinem Domain.
Apr 11 08:57:38 euve2092 postfix/qmgr[1845]: E019FDB10F1: from=<helenppbb@yahoo.com>, size=4639, nrcpt=2 (queue active)
Apr 11 08:57:38 euve2092 amavis[17424]: (17424-02-163) Passed SPAM, LOCAL [127.0.0.1] [82.128.44.92] <helenppbb@yahoo.com> -> <milagros.perez@mattel.com>,<milenio-import@terra.com.pe>, quarantine: t/spam-t673xTIXM1CL.gz, mail_id: t673xTIXM1CL, Hits: 17.796, size: 4175, queued_as: E019FDB10F1, 101 ms
Apr 11 08:57:38 euve2092 postfix/smtp[17810]: E8222DB16D7: to=<milagros.perez@mattel.com>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=163, delay=68, delays=47/21/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=17424-02-163, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as E019FDB10F1)
Apr 11 08:57:38 euve2092 postfix/smtp[17810]: E8222DB16D7: to=<milenio-import@terra.com.pe>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=163, delay=68, delays=47/21/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=17424-02-163, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as E019FDB10F1)
Apr 11 08:57:38 euve2092 postfix/qmgr[1845]: E8222DB16D7: removed