防止邮件由中继发送

目前看来,有人用我的服务器发送垃圾邮件,因为我看到来自其他电子邮件服务(如Gmail)的100封拒绝电子邮件说,邮件无法传递“返回给发件人”并发送到mydomain.com。

经过调查,这些电子邮件是通过远程IP从RELAY来的,而不是从服务器本身(例如病毒等)

有什么我可以做,以防止有人使用我的邮件服务器(exim)中继?

我的服务器上有LFD,用于监视中继发送的电子邮件,并向我发送下面的警报。 如果超过200个来自该地址,我有LFD设置来阻止发件人。

示例LFD警报:

Subject: lfd on tent.myotherdomain.com: RELAY Alert for 187.23.175.140 (BR/Brazil/bb17af8c.virtua.com.br) To: root@myotherdomain.com Time: Wed Dec 5 14:25:46 2012 +0000 Type: RELAY, Remote IP - 187.23.175.140 (BR/Brazil/bb17af8c.virtua.com.br) Count: 203 emails relayed Blocked: Temporary Block Sample of the first 10 emails: 2012-12-05 14:08:44 1TgFeV-0006I1-7b <= tenf@mydomain.com H=(Smkt) [187.23.175.140] P=esmtp S=339 T="smtp.mydomain.com:25" from <tenf@mydomain.com> for teste_pop3@hotmail.com 2012-12-05 14:08:44 1TgFeV-0006I2-Kn <= zbcvyj@mydomain.com H=(Smkt) [187.23.175.140] P=esmtp S=343 T="mail.mydomain.com:25" from <zbcvyj@mydomain.com> for teste_pop3@hotmail.com 2012-12-05 14:08:46 1TgFeX-0006I1-DR <= uwvdfg0s@mydomain.com H=(Smkt) [187.23.175.140] P=esmtp S=351 T="smtp.mydomain.com:25" from <uwvdfg0s@mydomain.com> for teste1.pop3@yahoo.com.br 2012-12-05 14:08:46 1TgFeX-0006I2-Lo <= qstxd1@mydomain.com H=(Smkt) [187.23.175.140] P=esmtp S=347 T="mail.mydomain.com:25" from <qstxd1@mydomain.com> for teste1.pop3@yahoo.com.br etc... 

正在发送示例消息:(从我的个人域发送)

 Return-path: <hhfart6p@mydomain.com> Received: from [187.23.175.140] (helo=Smkt) by tent.myotherdomain.com with esmtp (Exim 4.72) (envelope-from <hhfart6p@mydomain.com>) id 1TgFut-0006k5-1K; Wed, 05 Dec 2012 14:25:40 +0000 From: "TV Digital no PC" <hhfart6p@mydomain.com> Subject: CANAIS ADULTOS em HD, FILMES, FUTEBOL To: matoselias@terra.com.br Content-Type: text/plain Reply-To: fabiana_dietrich1001@yahoo.com.br Date: Wed, 5 Dec 2012 12:25:36 -0200 Olá! Já imaginou assistir em seu computador, notebook, tablet, etc... a inúmeros canais de televisão, inclusive os fechados? Isso tudo usando apenas a Internet? E o melhor: Sem pagar assinatura Mensal!!! Algumas vantagens: - Com conexão banda larga, você pode assistir de qualquer computador; - Não precisa instalar nenhum programa; - Você assiste a canais de TV e Rádio do mundo todo; - Filmes, Séries, Esportes, Jogos de Futebol que só passam na TV fechada, e muito mais! 

发送拒绝的示例:(到我的个人域)

 ---------- Forwarded message ---------- From: Mail Delivery System Date: Wednesday, December 5, 2012 Subject: Mail delivery failed: returning message to sender To: hhfart6p@mydomain.com This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: someone@gmail.com SMTP error from remote mail server after end of data: host gmail-smtp-in.l.google.com [173.194.67.26]: 550-5.7.1 [78.129.132.155 7] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for 550 5.7.1 more information. d60si3060066wej.11 someoneelse@gmail.com SMTP error from remote mail server after end of data: host gmail-smtp-in.l.google.com [173.194.67.26]: 550-5.7.1 [78.129.132.155 7] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for 550 5.7.1 more information. d60si3060066wej.11 

Exim Conf

 addresslist whitelist_senders = lsearch;/etc/virtual/whitelist_senders addresslist blacklist_senders = lsearch;/etc/virtual/blacklist_senders domainlist blacklist_domains = lsearch;/etc/virtual/blacklist_domains domainlist whitelist_domains = lsearch;/etc/virtual/whitelist_domains domainlist local_domains = lsearch;/etc/virtual/domains domainlist relay_domains = lsearch;/etc/virtual/domains : localhost domainlist use_rbl_domains = lsearch;/etc/virtual/use_rbl_domains hostlist auth_relay_hosts = * hostlist bad_sender_hosts = lsearch;/etc/virtual/bad_sender_hosts hostlist bad_sender_hosts_ip = net-lsearch;/etc/virtual/bad_sender_hosts hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts hostlist whitelist_hosts = lsearch;/etc/virtual/whitelist_hosts hostlist whitelist_hosts_ip = net-lsearch;/etc/virtual/whitelist_hosts 

请打开您的Eximconfiguration文件(很可能是/etc/exim/exim.conf )并查找以下指令:

 hostlist relay_from_hosts = 127.0.0.1 

应将其设置为127.0.0.1,以防止邮件服务器转发来自其他主机的邮件。 也许,你有一个外部的IP地址。