Table of Contents

Защита почты от вирусов и SPAMа

Защита почты от вирусов с использование clamav

Установка clamav с milter интерфейсом

Debian/Ubuntu

Сервис Clamav

root@gate:~# apt install clamav-milter

FreeBSD

[gate:~] # pkg install clamav-milter

Настройка MTA на взаимодействие с clamav использованием milter интерфейса

Postfix (Debian/Ubuntu)

root@gate:~# cat /etc/clamav/clamav-milter.conf
...
MilterSocket /var/spool/postfix/clamav/clamav-milter.ctl
...
MilterSocketGroup postfix
...
root@gate:~# service clamav-milter restart

root@gate:~# cat /etc/postfix/main.cf
...
milter_default_action = accept
smtpd_milters = unix:/clamav/clamav-milter.ctl
root@gate:~# service postfix reload

root@gate:~# tail -f /var/log/clamav/clamav.log

Sendmail (FreeBSD)

[gate:~] # cat /usr/local/etc/clamav-milter.conf
...
AddHeader Replace
...
[gate:/etc/mail] # cat gate.corpX.un.mc
...
INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock,F=, T=S:4m;R:4m')
define(`confINPUT_MAIL_FILTERS', `clmilter')
MAILER(local)
...
[gate:/etc/mail] # make install

[gate:~] # service clamav-milter start

[gate:~] # service sendmail restart

[gate:~] # tail -f /var/log/maillog

Защита почты от спама

# apt install rblcheck 

# rblcheck 195.19.32.15

Технология взвешенной оценки

Установка

Debian/Ubuntu
root@gate:~# apt install spamassassin

Настройка и тестирование

Debian/Ubuntu
gate# cat /etc/spamassassin/local.cf
rewrite_header Subject *****SPAM*****
report_safe 0                        
use_bayes 0
# required_score 5.0
trusted_networks 192.168.X        # must be set for cgpav because default ALL_TRUSTED !!!
add_header all Report _REPORT_
score BODY_SINGLE_WORD 10.0
gate# spamassassin --lint      # Проверка конфигурации

gate# sa-update

gate# mail root

gate# spamassassin -tx < /var/mail/root

Запуск

Debian/Ubuntu
root@gate:~# cat /etc/default/spamassassin
...
CRON=1
...
root@gate:~# systemctl enable spamassassin

root@gate:~# service spamassassin start

Подключение SpamAssassin через milter интерфейс

Postfix (Debian/Ubuntu)
root@gate:~# apt install spamass-milter

root@gate:~# less /etc/default/spamass-milter

root@gate:~# cat /etc/postfix/main.cf
...
smtpd_milters = unix:/clamav/clamav-milter.ctl unix:/spamass/spamass.sock
root@gate:~# service postfix restart
Sendmail (FreeBSD)
[gate:~] # pkg install spamass-milter

[gate:~] # more /usr/local/share/doc/spamass-milter/activation.txt

[gate:~] # cat /etc/rc.conf
...
spamass_milter_enable=yes
[gate:~] # service spamass-milter start

[gate:/etc/mail] # cat gate.corpX.un.mc
...
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')
define(`confMILTER_MACROS_CONNECT',`b, j, _, {daemon_name}, {if_name}, {if_addr}')
define(`confINPUT_MAIL_FILTERS', `clmilter,spamassassin')
MAILER(local)
MAILER(smtp)
[gate:~] # make install

[gate:~] # /etc/rc.d/sendmail restart

Подключение SpamAssassin через procmail

FreeBSD
gate# cat ~student/.procmailrc
:0fw
| /usr/local/bin/spamc
# | /usr/local/bin/spamassassin -x

Технология Grey List

Postfix (Debian/Ubuntu)

http://vladimir-stupin.blogspot.com/2009/09/postfix-postgrey.html

root@gate:~# apt install postgrey

root@gate:~# less /etc/default/postgrey

root@gate:~# cat /etc/postfix/main.cf
...
smtpd_recipient_restrictions = permit_mynetworks,
                reject_unauth_destination,
                check_policy_service inet:127.0.0.1:10023
root@gate:~# service postfix restart

root@gate:~# ls /var/lib/postgrey/

root@gate:~# postgreyreport < /var/log/mail.log

Semdmail (FreeBSD)

[gate:~] # pkg install milter-greylist

[gate:~] # pkg_add -r milter-greylist

[gate:~] # more /usr/local/share/doc/milter-greylist/README

[gate:~] # more  /usr/local/etc/mail/greylist.conf.sample

[gate:~] # cat /usr/local/etc/mail/greylist.conf
pidfile "/var/run/milter-greylist.pid"
socket "/var/milter-greylist/milter-greylist.sock"
dumpfile "/var/milter-greylist/greylist.db" 600
dumpfreq 1
user "mailnull:mailnull"
quiet
list "my network" addr { 127.0.0.1/8 192.168.X.0/24 }
racl whitelist list "my network"
racl greylist default delay 5m autowhite 3d
[gate:~] # cat /etc/rc.conf
...
miltergreylist_enable=yes
[gate:~] # /usr/local/etc/rc.d/milter-greylist start

[gate:/etc/mail] # cat gate.corpX.un.mc
...
define(`confMILTER_MACROS_HELO', confMILTER_MACROS_HELO``, {verify}'')
define(`confMILTER_MACROS_ENVRCPT', confMILTER_MACROS_ENVRCPT``, {greylist}'')
INPUT_MAIL_FILTER(`greylist', `S=local:/var/milter-greylist/milter-greylist.sock, F=T, T=R:30s')
define(`confINPUT_MAIL_FILTERS', `clmilter,spamassassin,greylist')
MAILER(local)
...
[gate:/etc/mail] # make install

[gate:/etc/mail] # /etc/rc.d/sendmail restart

[gate:~] # tail -f /var/log/maillog

[gate:~] # cat /var/milter-greylist/greylist.db

Использование пакета AmavisNew для контексной фильрации почты

https://help.ubuntu.com/community/PostfixAmavisNew

Установка и настройка AmavisNew

root@gate:~# apt-get install amavisd-new

root@gate:~# less /etc/amavis/conf.d/15-av_scanners

root@gate:~# rcsdiff /etc/amavis/conf.d/15-content_filter_mode
11,12c11,12
< #@bypass_virus_checks_maps = (
< #   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
---
> @bypass_virus_checks_maps = (
>    \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
20,21c20,21
< #@bypass_spam_checks_maps = (
< #   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
---
> @bypass_spam_checks_maps = (
>    \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

root@gate:~# cat /etc/amavis/conf.d/50-user
...
$sa_tag2_level_deflt = -6.31;
$final_spam_destiny       = D_DISCARD;

1;  # ensure a defined return

root@g13:~# adduser clamav amavis

root@g13:~# id clamav
uid=117(clamav) gid=124(clamav) groups=124(clamav),125(amavis)

root@g13:~# /etc/init.d/clamav-daemon restart

root@g13:~# /etc/init.d/amavis restart

Подключение AmavisNew к postfix

root@gate:~# zcat /usr/share/doc/amavisd-new/README.postfix.gz | less

Смотри пункты 2.2.2, 2.3, 3.1

root@gate:~# rcsdiff /etc/postfix/master.cf
85a86,108
> amavisfeed unix    -       -       n       -       2     smtp
>      -o smtp_data_done_timeout=1200
>      -o smtp_send_xforward_command=yes
>      -o disable_dns_lookups=yes
>      -o max_use=20
> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>      -o content_filter=
>      -o smtpd_delay_reject=no
>      -o smtpd_client_restrictions=permit_mynetworks,reject
>      -o smtpd_helo_restrictions=
>      -o smtpd_sender_restrictions=
>      -o smtpd_recipient_restrictions=permit_mynetworks,reject
>      -o smtpd_data_restrictions=reject_unauth_pipelining
>      -o smtpd_end_of_data_restrictions=
>      -o smtpd_restriction_classes=
>      -o mynetworks=127.0.0.0/8
>      -o smtpd_error_sleep_time=0
>      -o smtpd_soft_error_limit=1001
>      -o smtpd_hard_error_limit=1000
>      -o smtpd_client_connection_count_limit=0
>      -o smtpd_client_connection_rate_limit=0
>      -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
>      -o local_header_rewrite_clients=


root@gate:~# rcsdiff /etc/postfix/main.cf
46a47,48
> content_filter=amavisfeed:[127.0.0.1]:10024

root@gate:~# /etc/init.d/postfix restart