kevin78
14/09/2016, 10h18
Envoyé par buddy
J'utilise wordpress et prestashop.
J'ai réussi à bloquer toutes les tentatives avec
utilisateur-inextisant@mon-hostname.com
Pendant 2-3 jours, c'était sans problème, je n'avais plus de spam.
Depuis hier, j'ai des spams avec utilisateur-inextisant@mon-hostname.fr
Exemple dans la log
Sep 14 10:02:15 auth-worker(10943): Info: sql(della_hall@mon.hostname.fr.fr): unknown user
Sep 14 10:02:17 auth-worker(10943): Info: sql(joshua_spence@mon.hostname.fr.fr): unknown user
Sep 14 10:02:18 auth-worker(10943): Info: sql(geraldine_fleming@mon.hostname.fr.fr): unknown user
Sep 14 10:02:20 auth-worker(10943): Info: sql(genevieve_garcia@mon.hostname.fr.fr): unknown user
Sep 14 10:02:20 auth-worker(10943): Info: sql(molly_munoz@mon.hostname.fr.fr): unknown user
Sep 14 10:02:20 auth-worker(11073): Info: sql(jeanne_rhodes@mon.hostname.fr.fr): unknown user
Sep 14 10:02:20 auth-worker(10943): Info: sql(samuel_barlow@mon.hostname.fr.fr): unknown user
Sep 14 10:02:22 auth-worker(10943): Info: sql(julie_perez@mon.hostname.fr.fr): unknown user
Sep 14 10:03:28 auth-worker(10943): Info: sql(dana_brewer@mon.hostname.fr.fr): unknown user
Sep 14 10:03:29 auth-worker(10943): Info: sql(dana_brewer@mon.hostname.fr.fr): unknown user
Sep 14 10:03:30 auth-worker(10943): Info: sql(dana_brewer@mon.hostname.fr.fr): unknown user
Sep 14 10:03:31 auth-worker(10943): Info: sql(luz_newman@mon.hostname.fr.fr): unknown user
Sep 14 10:03:33 auth-worker(10943): Info: sql(luz_newman@mon.hostname.fr.fr): unknown user
Sep 14 10:05:01 auth-worker(11736): Info: sql(marian_mccormick@mon.hostname.fr.fr): unknown user
Sep 14 10:05:01 auth-worker(11736): Info: sql(marian_mccormick@mon.hostname.fr.fr): unknown user
Sep 14 10:05:03 auth-worker(11736): Info: sql(emma_welch@mon.hostname.fr.fr): unknown user
Sep 14 10:05:03 auth-worker(11736): Info: sql(emma_welch@mon.hostname.fr.fr): unknown user
Sep 14 10:06:51 auth-worker(11736): Info: sql(jennie_wheeler@mon.hostname.fr.fr): unknown user
Sep 14 10:06:51 auth-worker(11736): Info: sql(samantha_porter@mon.hostname.fr.fr): unknown user
Sep 14 10:06:51 auth-worker(11736): Info: sql(jennie_wheeler@mon.hostname.fr.fr): unknown user
Sep 14 10:10:15 auth-worker(12510): Info: sql(lynda_little@mon.hostname.fr.fr): unknown user
Sep 14 10:10:17 auth-worker(12510): Info: sql(deanna_salazar@mon.hostname.fr.fr): unknown user
Sep 14 10:10:18 auth-worker(12510): Info: sql(deanna_salazar@mon.hostname.fr.fr): unknown user
Sep 14 10:12:54 auth-worker(12871): Info: sql(candace_neal@mon.hostname.fr.fr): unknown user
Sep 14 10:12:54 auth-worker(12871): Info: sql(suzanne_rodriguez@mon.hostname.fr.fr): unknown user
Sep 14 10:12:54 auth-worker(12871): Info: sql(suzanne_rodriguez@mon.hostname.fr.fr): unknown user
Sep 14 10:13:10 auth-worker(12871): Info: sql(suzanne_rodriguez@mon.hostname.fr.fr): unknown user
Sep 14 10:13:19 auth-worker(12871): Info: sql(marsha_harris@mon.hostname.fr.fr): unknown user
Sep 14 10:13:21 auth-worker(12871): Info: sql(marsha_harris@mon.hostname.fr.fr): unknown user
Sep 14 10:13:21 auth-worker(12871): Info: sql(marsha_harris@mon.hostname.fr.fr): unknown user
Sep 14 10:13:22 auth-worker(12871): Info: sql(marsha_harris@mon.hostname.fr.fr): unknown user
Sep 14 10:13:26 auth-worker(12871): Info: sql(lorraine_bryant@mon.hostname.fr.fr): unknown user
Sep 14 10:13:29 auth-worker(12871): Info: sql(lorraine_bryant@mon.hostname.fr.fr): unknown user
Sep 14 10:13:29 auth-worker(12871): Info: sql(lorraine_bryant@mon.hostname.fr.fr): unknown user
Sep 14 10:13:31 auth-worker(12871): Info: sql(gloria_mckinney@mon.hostname.fr.fr): unknown user
Sep 14 10:14:32 auth-worker(13283): Info: sql(daniel_pickett@mon.hostname.fr.fr): unknown user
Sep 14 10:14:32 auth-worker(13283): Info: sql(daniel_pickett@mon.hostname.fr.fr): unknown user
Sep 14 10:14:33 auth-worker(13283): Info: sql(daniel_pickett@mon.hostname.fr.fr): unknown user
Pour arrêter les spams de "utilisateur-inextisant@mon-hostname.com", j'avais rajouté ces lignes dans mon config postfix (main.cf) :
invalid_hostname_reject_code = 554
multi_recipient_bounce_reject_code = 554
non_fqdn_reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_sender_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
smtpd_recipient_restrictions =
#check_sender_access hash:/etc/postfix/rejected-recipient
reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unknown_recipient_domain,
reject_rbl_client zen.spamhaus.org
#reject_rbl_client multi.uribl.com,
reject_rbl_client dsn.rfc-ignorant.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client combined.rbl.msrbl.net,
reject_rbl_client rabl.nuclearelephant.com,
permit
Cela a fonctionné pour les adresses *.com