[Postfixbuch-users] Spam von Freemailern wie z.B. Hotmail.com

Roland Schmid debian at net-service-24.de
Mo Nov 16 20:28:32 CET 2009 

Hallo,

wir bekommen am tag ca. 3-4 solcher anrüchigen mails (header siehe
unten) von freemail accounts wie z.b. hotmail.com
Wie kann ich die los werden ohne die ganze hotmail.com zu blocken ?
Habe in der main.cf des postfix unter
smtpd_recipient_restrictions =
[...]
check_sender_access hash:/etc/postfix/ausnahmen
[...]
eingefügt.
in /etc/postfix/ausnahmen steht dies:
/(^|\.)hotmail\.com$/ DUNNO
/./ REJECT You claim to be from hotmail.com but your mail didn't come
from a hotmail.com server.

Jetzt kam dennoch wieder so eine mail durch, offenbar wirkt es nicht.
Hat jemand eine Idee, wie ich diese mails blocken kann ?

Was bedeutet dieser eintrag im header ?
X-Originating-IP: [92.83.249.225]

Gruss Roland

unsere postconf -n ausgabe

broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical_maps
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
home_mailbox = Maildir/
mail_owner = postfix
mailbox_size_limit = 512000000
mailq_path = /var/spool/postfix
manpage_directory = /usr/local/man
message_size_limit = 100000000
mydestination = $myhostname, $mydomain, localhost.$mydomain,
linux2.$mydomain
mydomain = our-postfix-domain.de
myhostname = linux2.our-postfix-domain.de
mynetworks = 127.0.0.0/8
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = check_client_access
hash:/etc/postfix/client_access
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks
reject_non_fqdn_sender  reject_non_fqdn_recipient
reject_unknown_sender_domain    reject_unknown_recipient_domain
reject_multi_recipient_bounce   reject_unlisted_recipient
reject_unlisted_sender   permit_sasl_authenticated
reject_unauth_destination       check_sender_access
hash:/etc/postfix/ausnahmen check_policy_service inet:127.0.0.1:60000
check_policy_service inet:127.0.0.1:12525       reject_unauth_pipelining
reject_unknown_client_hostname  reject_unknown_reverse_client_hostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = cyrus
soft_bounce = no
unknown_local_recipient_reject_code = 550
virtual_alias_domains = our-email-domain.de
virtual_alias_maps = hash:/etc/postfix/virtual



<header-aus-der-mail>

Return-Path: <terbossiugigbudvlthzum1990 at hotmail.com>
X-Original-To: user-xy at localhost.our-postfix-domain.de
Delivered-To: user-xy at localhost.our-postfix-domain.de
Received: from localhost (localhost [127.0.0.1])
     by linux2.our-postfix-domain.de (Postfix) with ESMTP id 9857FBE8D
     for <user-xy at localhost.our-postfix-domain.de>; Mon, 16 Nov 2009
18:44:01 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at linux2.our-postfix-domain.de
Received: from linux2.our-postfix-domain.de ([127.0.0.1])
     by localhost (webserver2.our-postfix-domain.de [127.0.0.1])
(amavisd-new, port 10024)
     with ESMTP id 0vepxKP92UdY
     for <user-xy at localhost.our-postfix-domain.de>;
     Mon, 16 Nov 2009 18:43:59 +0100 (CET)
X-Greylist: delayed 353 seconds by postgrey-1.27 at webserver2; Mon, 16
Nov 2009 18:43:47 CET
X-policyd-weight: using cached result; rate: -8.3
Received: from blu0-omc1-s12.blu0.hotmail.com
(blu0-omc1-s12.blu0.hotmail.com [65.55.116.23])
     by linux2.our-postfix-domain.de (Postfix) with ESMTP id AE3E6BDEF
     for <user-xy at our-email-domain.de>; Mon, 16 Nov 2009 18:43:47 +0100
(CET)
Received: from BLU143-W7 ([65.55.116.7]) by
blu0-omc1-s12.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
     Mon, 16 Nov 2009 09:37:49 -0800
Message-ID: <BLU143-W7DACC2A9E27E50BE99D30C2A50 at phx.gbl>
Content-Type: multipart/alternative;
     boundary="_2e5dc923-b0ea-40e3-a48e-2413df8bb391_"
X-Originating-IP: [92.83.249.225]
From: Jay Terboss <terbossiugigbudvlthzum1990 at hotmail.com>
To: <user-xy at our-email-domain.de>
Subject: Hey user-xy. It is Ella. Wanna date?
Date: Mon, 16 Nov 2009 12:37:49 -0500
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 16 Nov 2009 17:37:49.0305 (UTC)
FILETIME=[8414DE90:01CA66E3]

</header-aus-der-mail>

Mehr Informationen über die Mailingliste Postfixbuch-users