作者 主題: Postfix maillog 很多 NOQUEUE: reject  (閱讀 3706 次)

0 會員 與 1 訪客 正在閱讀本文。

scottbest168

  • 可愛的小學生
  • *
  • 文章數: 2
    • 檢視個人資料
Postfix maillog 很多 NOQUEUE: reject
« 於: 2011-03-22 16:45 »
小弟公司mailserver 是使用postfix,目前收放信正常,不過最近看maillog有很多以下的訊息:

postfix/smtpd[24249]: connect from unknown[117.242.0.149]
postfix/smtpd[24249]: lost connection after CONNECT from unknown[117.242.0.149]
postfix/smtpd[24249]: disconnect from unknown[117.242.0.149]
postfix/smtpd[24377]: connect from unknown[118.96.148.183]
postfix/smtpd[24424]: disconnect from unknown[219.93.192.182]
postfix/smtpd[24274]: NOQUEUE: reject: RCPT from unknown[201.3.112.45]: 554 5.7.1 Service unavailable; Client host [201.3.112.45] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=201.3.112.45; from=<coco.hh@msa.hinet.net> to=<c_k_tommy@hotmail.com> proto=SMTP helo=<201-3-112-45.dsl.ctaje700.brasiltelecom.net.br>
postfix/smtpd[24426]: disconnect from unknown[41.204.52.195]
postfix/smtpd[24414]: NOQUEUE: reject: RCPT from unknown[189.90.40.10]: 554 5.7.1 Service unavailable; Client host [189.90.40.10] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=189.90.40.10; from=<roger-ts@umail.hinet.net> to=<nicolas.mas@msa.hinet.net> proto=SMTP helo=<189.90.41.218.jupiter.com.br>
postfix/smtpd[24372]: NOQUEUE: reject: RCPT from unknown[200.165.162.110]: 554 5.7.1 Service unavailable; Client host [200.165.162.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.165.162.110; from=<tsanamanda@yahoo.com> to=<lex_113@hotmail.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24276]: NOQUEUE: reject: RCPT from unknown[123.237.164.119]: 554 5.7.1 Service unavailable; Client host [123.237.164.119] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=123.237.164.119; from=<jm-wh@umail.hinet.net> to=<super.web1519@msa.hinet.net> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24225]: NOQUEUE: reject: RCPT from unknown[211.83.101.124]: 554 5.7.1 Service unavailable; Client host [211.83.101.124] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=211.83.101.124; from=<syjao@yahoo.co.jp> to=<cheralllen.tw@yahoo.com.tw> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24427]: NOQUEUE: reject: RCPT from unknown[95.56.229.118]: 554 5.7.1 Service unavailable; Client host [95.56.229.118] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=95.56.229.118; from=<Judson-Voss@umail.hinet.net> to=<gyukitsao@coreasia.com.tw> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24422]: too many errors after RCPT from unknown[202.115.26.184]
postfix/smtpd[24422]: disconnect from unknown[202.115.26.184]
postfix/smtpd[24372]: NOQUEUE: reject: RCPT from unknown[200.165.162.110]: 554 5.7.1 Service unavailable; Client host [200.165.162.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.165.162.110; from=<tsanamanda@yahoo.com> to=<lex_2311@hotmail.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24274]: NOQUEUE: reject: RCPT from unknown[201.3.112.45]: 554 5.7.1 Service unavailable; Client host [201.3.112.45] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=201.3.112.45; from=<coco.hh@msa.hinet.net> to=<c_k_woo@hotmail.com> proto=SMTP helo=<201-3-112-45.dsl.ctaje700.brasiltelecom.net.br>
postfix/smtpd[24276]: NOQUEUE: reject: RCPT from unknown[123.237.164.119]: 554 5.7.1 Service unavailable; Client host [123.237.164.119] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=123.237.164.119; from=<jm-wh@umail.hinet.net> to=<super.web151@msa.hinet.net> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24414]: too many errors after RCPT from unknown[189.90.40.10]
postfix/smtpd[24414]: disconnect from unknown[189.90.40.10]
postfix/smtpd[24372]: NOQUEUE: reject: RCPT from unknown[200.165.162.110]: 554 5.7.1 Service unavailable; Client host [200.165.162.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.165.162.110; from=<tsanamanda@yahoo.com> to=<lex_pimp@hotmail.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24274]: NOQUEUE: reject: RCPT from unknown[201.3.112.45]: 554 5.7.1 Service unavailable; Client host [201.3.112.45] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=201.3.112.45; from=<coco.hh@msa.hinet.net> to=<c_k_y85@hotmail.com> proto=SMTP helo=<201-3-112-45.dsl.ctaje700.brasiltelecom.net.br>
postfix/smtpd[24225]: NOQUEUE: reject: RCPT from unknown[211.83.101.124]: 554 5.7.1 Service unavailable; Client host [211.83.101.124] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=211.83.101.124; from=<syjao@yahoo.co.jp> to=<cheralyn.whetstone@yahoo.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24276]: NOQUEUE: reject: RCPT from unknown[123.237.164.119]: 554 5.7.1 Service unavailable; Client host [123.237.164.119] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=123.237.164.119; from=<jm-wh@umail.hinet.net> to=<super.web1520@msa.hinet.net> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24274]: NOQUEUE: reject: RCPT from unknown[201.3.112.45]: 554 5.7.1 Service unavailable; Client host [201.3.112.45] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=201.3.112.45; from=<coco.hh@msa.hinet.net> to=<c_k_yeh@hotmail.com> proto=SMTP helo=<201-3-112-45.dsl.ctaje700.brasiltelecom.net.br>
postfix/smtpd[24376]: NOQUEUE: reject: RCPT from unknown[77.28.96.132]: 450 4.7.1 Client host rejected: cannot find your hostname, [77.28.96.132]; from=<rnvcla@yahoo.com.tw> to=<isaac@coreasia.com.tw> proto=ESMTP helo=<E10.REAKTIV.IN>
postfix/smtpd[24225]: NOQUEUE: reject: RCPT from unknown[211.83.101.124]: 554 5.7.1 Service unavailable; Client host [211.83.101.124] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=211.83.101.124; from=<syjao@yahoo.co.jp> to=<cheram@yahoo.com.tw> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24376]: disconnect from unknown[77.28.96.132]
postfix/smtpd[24383]: NOQUEUE: reject: RCPT from c951636e.virtua.com.br[201.81.99.110]: 554 5.7.1 Service unavailable; Client host [201.81.99.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=201.81.99.110; from=<isaaceugene@cm1.hinet.net> to=<nnis.chuang@msa.hinet.net> proto=SMTP helo=<c951636e.virtua.com.br>
postfix/smtpd[24372]: NOQUEUE: reject: RCPT from unknown[200.165.162.110]: 554 5.7.1 Service unavailable; Client host [200.165.162.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.165.162.110; from=<tsanamanda@yahoo.com> to=<lexapro@hotmail.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24383]: NOQUEUE: reject: RCPT from c951636e.virtua.com.br[201.81.99.110]: 554 5.7.1 Service unavailable; Client host [201.81.99.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=201.81.99.110; from=<isaaceugene@cm1.hinet.net> to=<nnis.chun@msa.hinet.net> proto=SMTP helo=<c951636e.virtua.com.br>
postfix/smtpd[24372]: NOQUEUE: reject: RCPT from unknown[200.165.162.110]: 554 5.7.1 Service unavailable; Client host [200.165.162.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.165.162.110; from=<tsanamanda@yahoo.com> to=<lexaprochen@hotmail.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24276]: too many errors after RCPT from unknown[123.237.164.119]
postfix/smtpd[24276]: disconnect from unknown[123.237.164.119]
postfix/smtpd[24274]: NOQUEUE: reject: RCPT from unknown[201.3.112.45]: 554 5.7.1 Service unavailable; Client host [201.3.112.45] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=201.3.112.45; from=<coco.hh@msa.hinet.net> to=<c_k_yock@hotmail.com> proto=SMTP helo=<201-3-112-45.dsl.ctaje700.brasiltelecom.net.br>
postfix/smtpd[24427]: disconnect from unknown[95.56.229.118]
postfix/smtpd[24225]: NOQUEUE: reject: RCPT from unknown[211.83.101.124]: 554 5.7.1 Service unavailable; Client host [211.83.101.124] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=211.83.101.124; from=<syjao@yahoo.co.jp> to=<cherami.bbs@yahoo.com.tw> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24425]: NOQUEUE: reject: RCPT from unknown[89.218.231.78]: 554 5.7.1 Service unavailable; Client host [89.218.231.78] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=89.218.231.78; from=<kellyltd@cm1.hinet.net> to=<kingyuan@ms36.hinet.net> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24372]: NOQUEUE: reject: RCPT from unknown[200.165.162.110]: 554 5.7.1 Service unavailable; Client host [200.165.162.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.165.162.110; from=<tsanamanda@yahoo.com> to=<lexderek@hotmail.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24225]: NOQUEUE: reject: RCPT from unknown[211.83.101.124]: 554 5.7.1 Service unavailable; Client host [211.83.101.124] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=211.83.101.124; from=<syjao@yahoo.co.jp> to=<cherami@yahoo.com.tw> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24442]: connect from fttu-216-41-254-223.btes.tv[216.41.254.223]
postfix/smtpd[24372]: NOQUEUE: reject: RCPT from unknown[200.165.162.110]: 554 5.7.1 Service unavailable; Client host [200.165.162.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.165.162.110; from=<tsanamanda@yahoo.com> to=<lexefa@huda.net> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24249]: connect from aspen.bluenet.com.br[187.28.121.3]
postfix/smtpd[24225]: NOQUEUE: reject: RCPT from unknown[211.83.101.124]: 554 5.7.1 Service unavailable; Client host [211.83.101.124] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=211.83.101.124; from=<syjao@yahoo.co.jp> to=<cheranchan702@yahoo.com.tw> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24439]: NOQUEUE: reject: RCPT from unknown[210.241.25.177]: 450 4.7.1 Client host rejected: cannot find your hostname, [210.241.25.177]; from=<apache@forum.icst.org.tw> to=<jhuang@coreasia.com.tw> proto=ESMTP helo=<forum.icst.org.tw>
postfix/smtpd[24372]: NOQUEUE: reject: RCPT from unknown[200.165.162.110]: 554 5.7.1 Service unavailable; Client host [200.165.162.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=200.165.162.110; from=<tsanamanda@yahoo.com> to=<lexibambas@hotmail.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24225]: NOQUEUE: reject: RCPT from unknown[211.83.101.124]: 554 5.7.1 Service unavailable; Client host [211.83.101.124] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=211.83.101.124; from=<syjao@yahoo.co.jp> to=<cheranchan@yahoo.com> proto=SMTP helo=<61.222.251.180>
postfix/smtpd[24383]: NOQUEUE: reject: RCPT from c951636e.virtua.com.br[201.81.99.110]: 554 5.7.1 Service unavailable; Client host [201.81.99.110] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=201.81.99.110; from=<isaaceugene@cm1.hinet.net> to=<nnis.chung@msa.hinet.net> proto=SMTP helo=<c951636e.virtua.com.br>

附上我的main.cf
queue_directory = /var/spool/postfix
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myorigin = $mydomain
inet_interfaces = all
unknown_local_recipient_reject_code = 550
mynetworks_style = host
mynetworks = 10.1.1.0/24
relay_domains = $mydestination
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases #alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
mail_spool_directory = /var/mail
mail_spool_directory = /var/spool/mail
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname

smtpd_client_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client xbl.spamhaus.org,
reject_rbl_client pbl.spamhaus.org,
reject_unknown_client,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient

smtpd_helo_restrictions =
permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_hostname,
check_helo_access hash:/etc/postfix/fake_helo

smtpd_helo_required = yes

smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_address,
reject_non_fqdn_sender

smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client xbl.spamhaus.org,
reject_rbl_client pbl.spamhaus.org

smtpd_sasl_security_options = noanonymous
maximal_queue_lifetime = 1d
bounce_queue_lifetime = 1d
disable_vrfy_command = yes
smtpd_delay_reject = yes
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20

postqueue -p 是空的

我想請教的是為什麼maillog裡面一堆都不是我網域的信箱要寄信到別人的信箱,而且重點是相當頻繁而且來自很多不同的IP...
雖然這些信都被Noqueue reject 可是這樣對伺服器是不是一種負擔呢
每次打tail -f /var/log/maillog 就一直跳這些訊息 感覺真的不是很好 XD
不知道各位先進的看法 或是可以教導一下小弟可以做的改進措施 感謝大家

sclin2k

  • 懷疑的國中生
  • **
  • 文章數: 73
    • 檢視個人資料
回覆: Postfix maillog 很多 NOQUEUE: reject
« 回覆 #1 於: 2011-03-22 20:39 »
您可以 Google 一下 fail2ban postfix,網路上有很多資料可參考。

scottbest168

  • 可愛的小學生
  • *
  • 文章數: 2
    • 檢視個人資料
回覆: Postfix maillog 很多 NOQUEUE: reject
« 回覆 #2 於: 2011-03-23 09:44 »
您可以 Google 一下 fail2ban postfix,網路上有很多資料可參考。

謝謝 sclin2k大,我馬上去研究一下,感謝。