Ce matin, une chose étrange est apparue dans la file d'attente de notre serveur de courrier…
MAILER-DAEMON en expéditeur…
Piratage ? Open Relay ?
Après quelques enquêtes du coté de mail.log, je pense que ce message doit
être généré par
spam-policie@mon_nom_de.domaineDû à un des règlages suivants dans amavisd.conf :
$final_virus_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_spam_destiny = D_REJECT; # (defaults to D_REJECT)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
# Notes:
# D_REJECT and D_BOUNCE are similar, the difference is in who is responsible
# for informing the sender about non-delivery, and how informative
# the notification can be (amavisd-new knows more than MTA);
# With D_REJECT, MTA may reject original SMTP, or send DSN (delivery status
# notification, colloquially called 'bounce') - depending on MTA;
# Best suited for sendmail milter, especially for spam.
# With D_BOUNCE, amavisd-new (not MTA) sends DSN (can better explain the
# reason for mail non-delivery, but unable to reject the original
# SMTP session). Best suited to reporting viruses, and for Postfix
# and other dual-MTA setups, which can't reject original client SMTP
# session, as the mail has already been enqueued.
3 questions si je puis me permettre :
• Qu'en pensez-vous ?
• Avez-vous déjà remarqué ce type d'expéditeur ?
• Quels sont vos règlages dans amavisd.conf ?
$final_virus_destiny
$final_banned_destiny
$final_spam_destiny
$final_bad_header_destiny
Merci d'avance !