最近发现我们的 postmaster@$myorigin 经常收到垃圾邮件,而该垃圾邮件的来源是早在几个月前就列入 anti-spam.org.cn 的 RBL 中的。查了一下日志,发现对方发来的邮件被“部分拒收”,发给 postmaster@$myorigin 的那个投递成功了,发给一般地址的被服务器拒收。在 check_client_access 策略里,我把一个内网 IP 列入黑名单,然后 telnet 发信测试,这个问题竟然能稳定重现!我是不是发现 bug 了?
gdb 了半个下午,发现 postfix 中 smtpd_check.c 文件里有这么一段:
/*
* XXX Always say OK when we're probed with our own address verification
* sender address. Otherwise, some timeout or some UCE block may result
* in mutual negative caching, making it painful to get the mail through.
*/
#ifndef TEST
if (*recipient) {
if (canon_verify_sender == 0) {
canon_verify_sender = vstring_alloc(10);
rewrite_clnt_internal(MAIL_ATTR_RWR_LOCAL,
var_verify_sender,
canon_verify_sender);
}
if (strcasecmp(STR(canon_verify_sender), recipient) == 0)
return (0);
}
#endif
其中 canon_verify_sender 是个静态指针,在这一段被初始化之后,其指向的空间里就已经保存了一个字符串 postmaster@$myorigin。然后在第二句 if 之后就直接返回了,不继续进行 if 之后的那些反垃圾策略判断了。
然后看了一下 ADDRESS_VERIFICATION_README 文档,里面是这么说的:
By default, Postfix probe messages have a sender address “double-bounce@$myorigin” (with Postfix versions before 2.5, the default is “postmaster@$myorigin”). This is SAFE because the Postfix SMTP server does not reject mail for this address.
也就是说我活该收到垃圾邮件!好吧,那我改改 address_verify_sender 参数得了。
哇咔咔~~xiao习。。
这个不是特性而是RFC的要求。postmaster本来就是干这个的,RFC 5321 Section 4.5.1:
Any system that includes an SMTP server supporting mail relaying or delivery MUST support the reserved mailbox “postmaster” as a case-insensitive local name. This postmaster address is not strictly necessary if the server always returns 554 on connection opening (as described in Section 3.1). The requirement to accept mail for postmaster implies that RCPT commands that specify a mailbox for postmaster at any of the domains for which the SMTP server provides mail service, as well as the special case of “RCPT TO:” (with no domain specification), MUST be supported.