[Postfix-br] Problemas com spam recebidos

Claudio Junior csjunior em gmail.com
Quarta Abril 2 18:53:04 BRT 2014 

a questão do SPF já tenho ativo.. Não sei se o nivel de bloqueio esta ok,
mas não é este o problema.


--
Claudio da Silva Junior
csjunior at gmail.com


2014-04-02 18:07 GMT-03:00 Guilherme Rezende <postfix at guilherme.eti.br>:

> Eu não conseguir resolver esse problema até hoje....
>
>
> Em 02/04/2014 16:23, vic escreveu:
>
>  Em 2014-04-01 12:20, Claudio Junior escreveu:
>>
>>> Ola pessoal
>>>
>>> Estou tendo problemas com spam recebidos no qual no cliente do
>>> usuário aparece que o email de origem é o mesmo email do usuário,
>>> isto é, o email de origem é igual ao email de destino.
>>>
>>> Hoje tenho no meu postfix as seguintes regras no main.conf:
>>>
>>> smtpd_client_restrictions =
>>> smtpd_helo_restrictions =
>>>
>>> smtpd_sender_restrictions =
>>>         permit_mynetworks,
>>>         permit_sasl_authenticated,
>>>         check_sender_access hash:/etc/postfix/access,
>>>         check_sender_access
>>> cidr:/etc/postfix/cidr_koreia_china_nets
>>>         reject_non_fqdn_sender,
>>>         reject_unknown_sender_domain,
>>> #       warn_if_reject reject_unverified_sender,
>>>         permit
>>>
>>> smtpd_recipient_restrictions =
>>>    permit_mynetworks
>>> #   permit_sasl_authenticated
>>>    reject_unauth_destination
>>>    check_policy_service inet:127.0.0.1:60000 [1]
>>>    check_policy_service unix:private/policy-spf
>>>    reject_non_fqdn_sender
>>>    reject_non_fqdn_recipient
>>>    reject_unknown_recipient_domain
>>>    reject_rbl_client bl.spamcop.net [2]
>>>    reject_rbl_client zen.spamhaus.org [3]
>>>    reject_rbl_client dnsbl.sorbs.net [4]
>>>
>>> No arquivo /etc/postfix/access tenho duas linhas com o um REJECT no
>>> meu dominio (ou dominios).
>>>
>>> O header do email que estou recebendo é:
>>>
>>> Return-Path: <"www-data at mmnishida"@ig.com.br [5]>
>>> Delivered-To: wellington at xxxxxxxx.coop.br
>>> Received: from localhost (localhost [127.0.0.1])
>>>     by srv03xxxxxxxx.xxxxxxxx.com [6] (Postfix) with ESMTP id
>>> F256C7FCA6
>>>     for <wellington at xxxxxxxx.com>; Mon, 31 Mar 2014 01:50:10 -0300
>>> (BRT)
>>> X-Virus-Scanned: Debian amavisd-new at srv03xxxxxxxx.xxxxxxxx.coop.br
>>> [7]
>>> X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char F3
>>> hex):
>>>      Subject: (URGENTE) Comprovante de Dep363sito (66703)
>>> Received: from mail.xxxxxxxx.coop.br [8] ([127.0.0.1])
>>>     by localhost (srv03xxxxxxxx.xxxxxxxx.coop.br [7] [127.0.0.1])
>>> (amavisd-new, port 10024)
>>>     with ESMTP id y6R8q59HOfXP for <wellington at xxxxxxxx.com>;
>>>     Mon, 31 Mar 2014 01:50:05 -0300 (BRT)
>>> X-Greylist: delayed 596 seconds by postgrey-1.32 at srv03xxxxxxxx;
>>> Mon, 31 Mar 2014 01:50:02 BRT
>>> Received-SPF: None (no SPF record) identity=mailfrom;
>>> client-ip=138.91.20.116; helo=npx11.npx11.m5.internal.cloudapp.net
>>> [9]; envelope-from=www-data at mmnishida@ig.com.br [5];
>>> receiver=wellington at xxxxxxxx.com
>>> Received: from npx11.npx11.m5.internal.cloudapp.net [9] (unknown
>>> [138.91.20.116])
>>>     by srv03xxxxxxxx.xxxxxxxx.com [6] (Postfix) with ESMTP id
>>> 813A97FCA4
>>>     for <wellington at xxxxxxxx.com>; Mon, 31 Mar 2014 01:50:02 -0300
>>> (BRT)
>>> Received: by npx11.npx11.m5.internal.cloudapp.net [9] (Postfix, from
>>> userid 33)
>>>     id C990B21B38; Mon, 31 Mar 2014 04:38:28 +0000 (UTC)
>>> To: wellington at xxxxxxxx.com
>>> Subject: (URGENTE) Comprovante de Depsito (66703)
>>> X-PHP-Originating-Script: 0:wwew.php
>>> MIME-Version: 1.0
>>> Content-type: text/html; charset=iso-8859-1
>>> X-Mailer: Microsoft Office Outlook, Build 17.551210
>>> Content-Transfer-encoding: 8bit
>>> From: wellington at xxxxxxxx.com
>>> Reply-To: wellington at xxxxxxxx.com
>>> X-Mailer: iGMail [www.ig.com.br [10]]
>>> X-Originating-Email: wellington at xxxxxxxx.com
>>> X-Sender: wellington at xxxxxxxx.com
>>> X-iGspam-global: Unsure, spamicity=0.570081 - pe=5.74e-01 -
>>> pf=0.574081 - pg=0.574081
>>> Message-Id:
>>> <20140331043828.C990B21B38 at npx11.npx11.m5.internal.cloudapp.net>
>>> Date: Mon, 31 Mar 2014 04:38:28 +0000 (UTC)
>>>
>>> Alguém sabe o que pode ser? Como é um ambiente de produção, esta
>>> difiicl ficar fazendo testes. Preciso implementar uma configuração
>>> que barre este tipo de emails.
>>>
>>> --
>>> Claudio da Silva Junior
>>> csjunior at gmail.com
>>>
>>>
>> Configure SPF no(s) seu(s) domínio(s).
>>
>>
> _______________________________________________
> Postfix-br mailing list
> Postfix-br at listas.softwarelivre.org
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/postfix-br/attachments/20140402/09bb7097/attachment.html>

More information about the Postfix-br mailing list