Mis à jour le Vendredi 21 Janvier 2005 |
Sommaire |
Définition SPAM |
Contexte |
Moyens de lutte en frontal |
telnet relay-test.mail-abuse.org
depuis le serveur smtp frontal.
mynetworks = /etc/postfix/network_table
mynetworks_style = subnet
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
permit
mynetworks = /etc/postfix/network_table
mynetworks_style = subnet
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
check_client_access hash:/etc/postfix/whitelisted_domains
check_policy_service unix:private/whitelist
check_policy_service unix:private/greylist
permit
greylist unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/greylist.pl
whitelist unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/whitelist.pl
perl -MCPAN -e 'install DB_File'
perl -MCPAN -e 'install DB_File::Lock'
/var/log/maillog
les triplets
blanchis de la base "liste_grise" et les insère dans la base "liste_blanche", en "oubliant" les spammeurs, et virus notoires, et enfin efface
les triplets blancs de plus de 36 jours. Il doit être lancé par le crontab toutes les nuits.
return "OK_AND_PREPEND";
par return "OK";
. Idem pour la base whitelisted_domains.
rbl unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/rbl.pl
greylist unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/greylist.pl
whitelist unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/whitelist.pl
mynetworks = /etc/postfix/network_table
mynetworks_style = subnet
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
check_policy_service unix:private/whitelist
check_policy_service unix:private/greylist
permit
smtpd_restriction_classes = OK_AND_PREPEND
OK_AND_PREPEND =
check_policy_service unix:private/rbl
permit
spf unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/spf.pl
rbl unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/rbl.pl
greylist unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/greylist.pl
whitelist unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/whitelist.pl
mynetworks = /etc/postfix/network_table
mynetworks_style = subnet
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
check_policy_service unix:private/whitelist
check_policy_service unix:private/greylist
permit
smtpd_restriction_classes = OK_AND_PREPEND
OK_AND_PREPEND =
check_policy_service unix:private/spf
check_policy_service unix:private/rbl
permit
perl -MCPAN -e 'install Mail::SPF::Query'
mynetwork unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/mynetwork.pl
spf unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/spf.pl
rbl unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/rbl.pl
greylist unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/greylist.pl
whitelist unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/extra/whitelist.pl
mynetworks = /etc/postfix/network_table
mynetworks_style = subnet
smtpd_recipient_restrictions =
check_client_access hash:/etc/postfix/mynetwork
permit_mynetworks
reject_unauth_destination
check_policy_service unix:private/whitelist
check_policy_service unix:private/greylist
permit
smtpd_restriction_classes = OK_AND_PREPEND,MYNETWORK
OK_AND_PREPEND =
check_policy_service unix:private/spf
check_policy_service unix:private/rbl
permit
MYNETWORK =
check_policy_service unix:private/mynetwork
permit
127.0.0.1 OK
193.49.48.250 OK
193.49.48.247 OK
194.254.254.31 OK
192.93.172 MYNETWORK
193.49.48 MYNETWORK
193.49.50 MYNETWORK
193.49.51 MYNETWORK
193.49.52 MYNETWORK
193.49.53 MYNETWORK
193.49.54 MYNETWORK
193.49.55 MYNETWORK
193.49.58 MYNETWORK
194.254.254 MYNETWORK
194.254.255 MYNETWORK
195.83.197 MYNETWORK
10 MYNETWORK
192.168 MYNETWORK
/etc/postfix/header_checks
en lui ajoutant les deux lignes suivantes.
/^content-(type|disposition):.*name[[:space:]]*=.*\.(com|cpl|scr|vbe|vbs|pif|hta|shs|vxd|wsh|lnk|shm|shb)/
HOLD Attachement Type Not Allowed. Annexe de type non autorise
header_checks = regexp:/etc/postfix/header_checks
Moyens de lutte en profondeur |
X-Bogosity
qui peut prend les valeurs Yes
, No
ou Unsure
suivi de la note.
***SPAM***UT1***
.
Cela permet de différencier ce que nous marquons de ce que d'autres systèmes pourraient marquer.
/etc/postfix/master.cf
en lui ajoutant en début de fichier à la place de la ligne originellesmtp inet n - y - - smtpd -o content_filter=filter:
filter unix - n n - - pipe
user=filter argv=/usr/sbin/bogofilter.sh -f ${sender} -- ${recipient}
spam_header_name=X-Bogosity
spam_subject_tag=***SPAM***UT1***
block_on_subnets=yes
header_line_markup=yes
ham_cutoff = 0.15
spam_cutoff = 0.90
spamicity_tags = Yes, No, Unsure
spamicity_formats = %0.6f, %0.6f, %0.6f
/etc/postfix/main.cf
mailbox_size_limit = 100000000