private:mail-server:gateway
Obsah
Mail gateway
Postfix konfigurace
Postfix, Amavis, Clamav, SpamAssassin
https://rimuhosting.com/knowledgebase/linux/mail/greylisting%20with%20postgrey
http://www.normyee.net/blog/2011/08/05/more-robust-postfix-anti-spam-configuration/
https://www.akadia.com/services/postfix_amavisd.html
https://docs.iredmail.org/install.iredmail.on.debian.ubuntu.html
Postfix: sender-dependent SASL authentication.md
https://gist.github.com/zmwangx/2c56aa32be68daf48c2f
Postfix: selecting relay host based on From: mail header rather than envelope sender https://serverfault.com/questions/679975/postfix-selecting-relay-host-based-on-from-mail-header-rather-than-envelope-se
Policyd - limit pro odesílané zprávy
http://ngocquyetlinux.blogspot.com/2013/05/limit-mail-with-policyd.html
SPF DKIM DMARC
https://www.michalblazek.cz/e-mail-marketing/nespadnete-do-spamu-dkim-spf
https://docs.iredmail.org/setup.dns.html
https://protodave.com/tools/dkim-key-checker/
https://askubuntu.com/questions/438756/using-dkim-in-my-server-for-multiple-domains-websites
https://www.linode.com/docs/email/postfix/configure-spf-and-dkim-in-postfix-on-debian-8/
https://blog.philipp.info/2017/01/inbound-and-outbound-spamantivirus-mail-gateway/3/
https://scaron.info/blog/debian-mail-spf-dkim.html
https://serverfault.com/questions/861642/opendkim-not-signing-mail
Spam
SpamAssassin
https://wiki.apache.org/spamassassin/AdjustRuleScore
Obrázkové emaily - nastavil jsem v /etc/spamassassin/local.cf parametr MAILING_LIST_MULTI na +1
Originálni konfigurační soubory jsou uloženy: /usr/share/spamassassin
Příklad hlaviček SPAM emailů - dva jsou obrázkové
<hidden>
Return-Path: <uylucbz@mainstree.eu> Delivered-To: info@emcc.cz Received: from localhost (localhost [127.0.0.1]) by post.emcc.cz (Postfix) with ESMTP id 1996D27A9D6 for <info@emcc.cz>; Tue, 19 Feb 2019 01:45:34 +0100 (CET) Received: from post.emcc.cz ([127.0.0.1]) by localhost (post.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jnWVro40vyGn for <info@emcc.cz>; Tue, 19 Feb 2019 01:45:33 +0100 (CET) X-Original-Helo: mailgw01.emcc.cz (iRedMail: http://www.iredmail.org/) Received: from mailgw01.emcc.cz (unknown [10.13.238.21]) by post.emcc.cz (Postfix) with ESMTP id E3BFE27A854 for <info@emcc.cz>; Tue, 19 Feb 2019 01:45:33 +0100 (CET) Received: from mailgw02.emcc.cz (mailgw02.emcc.cz [127.0.0.1]) by mailgw01.emcc.cz (Postfix) with ESMTP id D379B31B51 for <info@emcc.cz>; Tue, 19 Feb 2019 01:45:33 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mailgw02.emcc.cz X-Spam-Flag: NO X-Spam-Score: 3.428 X-Spam-Level: *** X-Spam-Status: No, score=3.428 tagged_above=2 required=4 tests=[HTML_IMAGE_ONLY_04=0.342, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.139, MAILING_LIST_MULTI=-1, MPART_ALT_DIFF=0.724, RDNS_NONE=1.274, SPF_PASS=-0.001, URIBL_ABUSE_SURBL=1.948, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mailgw01.emcc.cz ([127.0.0.1]) by mailgw02.emcc.cz (mailgw02.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E9uuftbHMya5 for <info@emcc.cz>; Tue, 19 Feb 2019 01:45:33 +0100 (CET) Received: from mail.mainstree.eu (unknown [89.163.216.59]) by mailgw01.emcc.cz (Postfix) with ESMTP id 5E1D231ABB for <info@emcc.cz>; Tue, 19 Feb 2019 01:45:33 +0100 (CET) Received: from mainstree.eu (unknown [5.8.76.161]) by mail.mainstree.eu (Postfix) with ESMTPA id E2CC283E9B; Tue, 19 Feb 2019 01:59:00 +0200 (EET) Message-ID: <uylucbz28037087.18553403@mail.mainstree.eu> From: "Horny Housewives" <uylucbz@mainstree.eu> To: <78501.572428-24689-1201235108-1086422513@email.seznam.cz> Subject: Life is short. Have an affair. Date: Tue, 19 Feb 2019 01:59:03 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0006_01D4C7F6.AE9FFDB0" Precedence: bulk List-Id: b51837323v06887284 X-Complaints-To: abuse@mainstree.eu List-Unsubscribe: <http://mainstree.eu/ru/unsubscribe/do?hash=3105052244177572> Return-Path: <ovyinbh@topins.eu> Delivered-To: info@emcc.cz Received: from localhost (localhost [127.0.0.1]) by post.emcc.cz (Postfix) with ESMTP id 67A8E27AC8D for <info@emcc.cz>; Tue, 19 Feb 2019 02:10:58 +0100 (CET) Received: from post.emcc.cz ([127.0.0.1]) by localhost (post.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aDUbEGvuNfOs for <info@emcc.cz>; Tue, 19 Feb 2019 02:10:58 +0100 (CET) X-Original-Helo: mailgw01.emcc.cz (iRedMail: http://www.iredmail.org/) Received: from mailgw01.emcc.cz (unknown [10.13.238.20]) by post.emcc.cz (Postfix) with ESMTP id 456B427AC86 for <info@emcc.cz>; Tue, 19 Feb 2019 02:10:58 +0100 (CET) Received: from mailgw02.emcc.cz (mailgw01.emcc.cz [127.0.0.1]) by mailgw01.emcc.cz (Postfix) with ESMTP id 3DD2F7A217 for <info@emcc.cz>; Tue, 19 Feb 2019 02:10:58 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mailgw02.emcc.cz X-Spam-Flag: NO X-Spam-Score: 2.285 X-Spam-Level: ** X-Spam-Status: No, score=2.285 tagged_above=2 required=4 tests=[HTML_IMAGE_ONLY_28=0.726, HTML_IMAGE_RATIO_04=0.61, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, URIBL_ABUSE_SURBL=1.948, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mailgw01.emcc.cz ([127.0.0.1]) by mailgw02.emcc.cz (mailgw02.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bFhNn3mduEfq for <info@emcc.cz>; Tue, 19 Feb 2019 02:10:57 +0100 (CET) Received: from mail.topins.eu (mail.topins.eu [5.255.94.85]) by mailgw01.emcc.cz (Postfix) with ESMTP id 4B1187A0DD for <info@emcc.cz>; Tue, 19 Feb 2019 02:10:57 +0100 (CET) Received: from topins.eu (unknown [5.8.76.161]) by mail.topins.eu (Postfix) with ESMTPA id EC330245E2; Tue, 19 Feb 2019 02:44:14 +0200 (EET) Message-ID: <ovyinbh61465010.35884510@mail.topins.eu> From: "Nicoin" <ovyinbh@topins.eu> To: <78501.572428-24689-1201235108-1086422513@email.seznam.cz> Subject: =?utf-8?B?TmVqamVkbm9kdcWhxaHDrSB6cMWvc29iLCBqYWsgcMWZZXN0YXQga291xZlpdA==?= Date: Tue, 19 Feb 2019 02:36:50 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0006_01D4C7FA.6A6D0CB0" Precedence: bulk List-Id: b10612128v02608671 X-Complaints-To: abuse@topins.eu List-Unsubscribe: <http://topins.eu/ru/unsubscribe/do?hash=8762238315603402> Return-Path: <belozerov@sdp-mos.ru> Delivered-To: nemec@emcc.cz Received: from localhost (localhost [127.0.0.1]) by post.emcc.cz (Postfix) with ESMTP id 8561D27D232 for <nemec@emcc.cz>; Tue, 19 Feb 2019 07:13:29 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=emcc.cz; h=from :from:x-mailer:content-type:content-type :content-transfer-encoding:subject:subject:message-id:date:date :to:user-agent:list-id; s=dkim; t=1550556809; x=1553148809; bh=d 5HIU2UkOv3Fr7/YVM9FFH2X75CANPKkU4zjbKWTgCk=; b=cgPTFRBzoOHwBsABA Vg0Ba4Kh7+ZDAb/ViMNgAZstee65NV+LH7v9I+19GhSBoYjAovbu4Gkh7VRnKSPo 3KBAonfvt3H2ILMitb0muoM3n7Tu11m4EiFSnnfeu+8OiVwqwsZV6bgIu8+DjqBq 45sfEyhAkiQUJnr6enDvML7ul4= Received: from post.emcc.cz ([127.0.0.1]) by localhost (post.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2SBI76gFZ-PD for <nemec@emcc.cz>; Tue, 19 Feb 2019 07:13:29 +0100 (CET) X-Original-Helo: mailgw01.emcc.cz (iRedMail: http://www.iredmail.org/) Received: from mailgw01.emcc.cz (unknown [10.13.238.21]) by post.emcc.cz (Postfix) with ESMTP id 63E8627D285 for <nemec@emcc.cz>; Tue, 19 Feb 2019 07:13:29 +0100 (CET) Received: from mailgw02.emcc.cz (mailgw02.emcc.cz [127.0.0.1]) by mailgw01.emcc.cz (Postfix) with ESMTP id 5C549367AC for <nemec@emcc.cz>; Tue, 19 Feb 2019 07:13:29 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mailgw02.emcc.cz X-Spam-Flag: YES X-Spam-Score: 16.228 X-Spam-Level: **************** X-Spam-Status: Yes, score=16.228 tagged_above=2 required=4 tests=[AM.WBL=5, BITCOIN_EXTORT_01=4.999, BITCOIN_SPAM_03=2.499, BITCOIN_SPAM_07=2.999, HEADER_FROM_DIFFERENT_DOMAINS=0.001, LOCALPART_IN_SUBJECT=0.73, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no autolearn_force=no Received: from mailgw01.emcc.cz ([127.0.0.1]) by mailgw02.emcc.cz (mailgw02.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RpXeUlDgZERL for <nemec@emcc.cz>; Tue, 19 Feb 2019 07:13:28 +0100 (CET) Received: from mail.sdp-mos.ru (mail.sdp-mos.ru [81.23.7.130]) by mailgw01.emcc.cz (Postfix) with ESMTP id 92022364D3 for <nemec@emcc.cz>; Tue, 19 Feb 2019 07:13:28 +0100 (CET) Received: from [dynamicip-176-215-13-96.pppoe.ekat.ertelecom.ru] (dynamicip-176-215-13-96.pppoe.ekat.ertelecom.ru [176.215.13.96]) by mail.sdp-mos.ru with ESMTPA ; Tue, 19 Feb 2019 06:26:20 +0300 List-ID: ah2j2vlkydvcj1d9tlm4kl0wr6f list <2642ii4qcrgdrh9n4qqq0q7lo.579754.sdp-mos.ru> User-Agent: One.com webmail 24.28.0 To: nemec@emcc.cz X-Abuse-Reports-To: <abuse@mailer.sdp-mos.ru> Date: Tue, 19 Feb 2019 04:26:19 +0100 Abuse-Reports-To: <abuse@mail.sdp-mos.ru> Message-ID: <fyc-gbxjg-77004-5259512916-91@r0rgds7qn> Subject: ***SPAM*** nemec Content-Transfer-Encoding: base64 Content-Type: text/plain; charset=UTF-8 X-Sender: belozerov@sdp-mos.ru X-Mailer: BME Mailer - **BME8534552-975406-169798249** X-Sender-Info: belozerov@sdp-mos.ru From: <nemec@emcc.cz> Return-Path: <prazakova@veltrusy.cz> Delivered-To: nemec@emcc.cz Received: from localhost (localhost [127.0.0.1]) by post.emcc.cz (Postfix) with ESMTP id 10FC5263CFD for <nemec@emcc.cz>; Wed, 13 Feb 2019 09:44:00 +0100 (CET) Received: from post.emcc.cz ([127.0.0.1]) by localhost (post.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pa0xJeG40kJ2 for <nemec@emcc.cz>; Wed, 13 Feb 2019 09:43:59 +0100 (CET) Received: from PCSTAROSTA (unknown [79.98.72.254]) by post.emcc.cz (Postfix) with ESMTPSA id 25EAF263E5E for <nemec@emcc.cz>; Wed, 13 Feb 2019 09:43:51 +0100 (CET) From: =?iso-8859-2?B?TWFydGluYSBQcmG+4WtvduE=?= <prazakova@veltrusy.cz> To: =?iso-8859-2?Q?'Stanislav_N=ECmec'?= <nemec@emcc.cz> Subject: =?iso-8859-2?B?a29udHJvbGEgbmFzdGV2bu0gb3By4XZu7G7tIHD47XN0dXD5IGs=?= =?iso-8859-2?B?IPpkYWr5bSBaUg==?= Date: Wed, 13 Feb 2019 09:42:54 +0100 Message-ID: <000c01d4c378$1d247f50$576d7df0$@veltrusy.cz> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_000D_01D4C380.7EF08870" X-Mailer: Microsoft Outlook 14.0 Thread-Index: AdTDdzFHKOO1JEjnTCu4wtKA0m4AsA== Content-Language: cs Return-Path: <onnyxrd@centroban.eu> Delivered-To: info@emcc.cz Received: from localhost (localhost [127.0.0.1]) by post.emcc.cz (Postfix) with ESMTP id CAACF240D28 for <info@emcc.cz>; Thu, 14 Feb 2019 12:17:06 +0100 (CET) Received: from post.emcc.cz ([127.0.0.1]) by localhost (post.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dy1fUZ5Xt2br for <info@emcc.cz>; Thu, 14 Feb 2019 12:17:06 +0100 (CET) X-Original-Helo: mailgw01.emcc.cz (iRedMail: http://www.iredmail.org/) Received: from mailgw01.emcc.cz (unknown [10.13.238.21]) by post.emcc.cz (Postfix) with ESMTP id B3831240D21 for <info@emcc.cz>; Thu, 14 Feb 2019 12:17:06 +0100 (CET) Received: from mailgw02.emcc.cz (mailgw02.emcc.cz [127.0.0.1]) by mailgw01.emcc.cz (Postfix) with ESMTP id 9F8592BE97 for <info@emcc.cz>; Thu, 14 Feb 2019 12:17:06 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mailgw02.emcc.cz X-Spam-Flag: YES X-Spam-Score: 6.022 X-Spam-Level: ****** X-Spam-Status: Yes, score=6.022 tagged_above=2 required=4 tests=[HTML_IMAGE_ONLY_12=1.629, HTML_IMAGE_RATIO_02=0.805, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.139, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, URIBL_ABUSE_SURBL=1.948, URIBL_BLOCKED=0.001, URIBL_DBL_SPAM=2.5] autolearn=no autolearn_force=no Received: from mailgw01.emcc.cz ([127.0.0.1]) by mailgw02.emcc.cz (mailgw02.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4h9cseJ-VmWq for <info@emcc.cz>; Thu, 14 Feb 2019 12:17:06 +0100 (CET) Received: from mail.centroban.eu (mail.centroban.eu [188.138.70.167]) by mailgw01.emcc.cz (Postfix) with ESMTP id D876A2BD4A for <info@emcc.cz>; Thu, 14 Feb 2019 12:17:05 +0100 (CET) Received: from centroban.eu (unknown [62.173.149.221]) by mail.centroban.eu (Postfix) with ESMTPA id ACD361BEC616; Thu, 14 Feb 2019 09:48:27 +0200 (EET) Message-ID: <onnyxrd15827474.08831564@mail.centroban.eu> Reply-To: "one-two slim" <onnyxrd@centroban.eu> From: "one-two slim" <onnyxrd@centroban.eu> To: <19991012200256.11687.qmail@email.seznam.cz> Subject: ***SPAM*** =?UTF-8?Q?Zdrav=C3=AD?= s OneTwoSlim Date: Thu, 14 Feb 2019 10:48:33 +0300 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0006_01D4C450.8CEC9650" Precedence: bulk List-Id: b17838601v85654876 X-Complaints-To: abuse@centroban.eu List-Unsubscribe: <http://centroban.eu/ru/unsubscribe/do?hash=0644130071661872> Return-Path: <yybowss@dreamse.eu> Delivered-To: info@emcc.cz Received: from localhost (localhost [127.0.0.1]) by post.emcc.cz (Postfix) with ESMTP id 43183208EDB for <info@emcc.cz>; Thu, 21 Feb 2019 01:37:23 +0100 (CET) Received: from post.emcc.cz ([127.0.0.1]) by localhost (post.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7hxsyuJX7XD9 for <info@emcc.cz>; Thu, 21 Feb 2019 01:37:23 +0100 (CET) X-Original-Helo: mailgw01.emcc.cz (iRedMail: http://www.iredmail.org/) Received: from mailgw01.emcc.cz (unknown [10.13.238.20]) by post.emcc.cz (Postfix) with ESMTP id 2282D2099BD for <info@emcc.cz>; Thu, 21 Feb 2019 01:37:23 +0100 (CET) Received: from mailgw02.emcc.cz (mailgw01.emcc.cz [127.0.0.1]) by mailgw01.emcc.cz (Postfix) with ESMTP id 1BC179B2FE for <info@emcc.cz>; Thu, 21 Feb 2019 01:37:23 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mailgw02.emcc.cz X-Spam-Flag: NO X-Spam-Score: 2.543 X-Spam-Level: ** X-Spam-Status: No, score=2.543 tagged_above=2 required=4 tests=[HTML_IMAGE_ONLY_20=0.7, HTML_IMAGE_RATIO_02=0.805, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_3=0.328, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLACK=1.7] autolearn=no autolearn_force=no Received: from mailgw01.emcc.cz ([127.0.0.1]) by mailgw02.emcc.cz (mailgw02.emcc.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1wPxgrbz5F8W for <info@emcc.cz>; Thu, 21 Feb 2019 01:37:22 +0100 (CET) Received: from mail.dreamse.eu (mail.dreamse.eu [46.249.59.89]) by mailgw01.emcc.cz (Postfix) with ESMTP id 9E6F09B450 for <info@emcc.cz>; Thu, 21 Feb 2019 01:37:22 +0100 (CET) Received: from dreamse.eu (p2002.pserver.ru [185.144.28.90]) by mail.dreamse.eu (Postfix) with ESMTPA id 478A32436A; Thu, 21 Feb 2019 02:22:38 +0200 (EET) Message-ID: <yybowss10258653.46676804@mail.dreamse.eu> Reply-To: "Erofertil" <yybowss@dreamse.eu> From: "Erofertil" <yybowss@dreamse.eu> To: <19991012081844.32064.qmail@email.seznam.cz> Subject: =?utf-8?B?QWt0aXZuw60ga29tcGxleCBwcm8genbDvcWhZW7DrSBwb3RlbmNl?= Date: Thu, 21 Feb 2019 02:22:03 +0200 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0006_01D4C98A.F9857590" Precedence: bulk List-Id: b33260101v08802510 X-Complaints-To: abuse@dreamse.eu List-Unsubscribe: <http://dreamse.eu/ru/unsubscribe/do?hash=1620272853570574>
</hidden>
Fail2ban - Postfix SASL attack
Postfix: remove and webserve attachments
private/mail-server/gateway.txt · Poslední úprava: autor: snemec