Postfix+Dovecot
В очереди по 30к писем стоят, постоянно заносят в блеклисты. Отправка писем идёт с адресов:
random_name@domain.com
Вот эта строчка вроде как не позволяет не авторизованным пользователям отправлять почту, но вроде она не работает (или я её неправильно понял?)
smtpd_sasl_security_options = noanonymous
Конфиг:
# cat /etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/sslsmtpd.crt
smtpd_tls_key_file = /etc/postfix/sslsmtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
myhostname = domain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $myhostname
mydestination = $myhostname, localhost.$mydomain, localhost
bounce_queue_lifetime = 0
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mydomain = localdomain
mailbox_command = /usr/bin/maildrop
local_recipient_maps = unix:passwd.byname $alias_maps
virtual_alias_domains = /etc/mail/local-host-names
virtual_alias_maps = hash:/etc/mail/virtusertable
smtp_generic_maps = hash:/etc/mail/generic
sender_dependent_default_transport_maps = regexp:/etc/mail/domainips
default_transport = smtp:
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
#####
smtpd_sasl_security_options = noanonymous
#####
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_received_header = yes
smtpd_tls_loglevel = 1
# Запретить исходящую почту с наших доменов, но с несуществующих у нас адресов???
smtpd_reject_unlisted_sender = yes
smtpd_sender_restrictions = permit_sasl_authenticated, check_sender_access hash:/etc/mail/access
smtpd_client_restrictions = permit_sasl_authenticated, check_client_access hash:/etc/mail/access
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/mail/access, check_client_access hash:/etc/mail/access, check_recipient_access hash:/etc/mail/access, reject_unauth_destination, reject_unlisted_recipient, reject_unverified_recipient, check_policy_service inet:127.0.0.1:10023
milter_default_action = accept
milter_protocol = 6
smtpd_milters = unix:/var/run/clamav/clamav-milter.ctl, inet:localhost:12345
non_smtpd_milters = inet:localhost:12345