User Tools
защита_почты_от_вирусов_и_spamа
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
защита_почты_от_вирусов_и_spamа [2016/07/29 12:44] val [Технология взвешенной оценки] |
защита_почты_от_вирусов_и_spamа [2020/12/29 10:39] val [Технология взвешенной оценки] |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| ==== Установка clamav с milter интерфейсом ==== | ==== Установка clamav с milter интерфейсом ==== | ||
| - | === FreeBSD 9 === | + | === Debian/Ubuntu === |
| + | |||
| + | [[Сервис Clamav]] | ||
| + | |||
| + | <code> | ||
| + | root@gate:~# apt install clamav-milter | ||
| + | </code> | ||
| + | |||
| + | === FreeBSD === | ||
| <code> | <code> | ||
| [gate:~] # pkg install clamav-milter | [gate:~] # pkg install clamav-milter | ||
| </code> | </code> | ||
| - | === Ubuntu === | ||
| - | [[Сервис Clamav]] | + | |
| + | ==== Настройка MTA на взаимодействие с clamav использованием milter интерфейса ==== | ||
| + | |||
| + | === Postfix (Debian/Ubuntu) === | ||
| <code> | <code> | ||
| - | root@gate:~# apt install clamav-milter | + | root@gate:~# cat /etc/clamav/clamav-milter.conf |
| - | </code> | + | </code><code> |
| + | ... | ||
| + | MilterSocket /var/spool/postfix/clamav/clamav-milter.ctl | ||
| + | ... | ||
| + | MilterSocketGroup postfix | ||
| + | ... | ||
| + | </code><code> | ||
| + | root@gate:~# service clamav-milter restart | ||
| + | |||
| + | root@gate:~# cat /etc/postfix/main.cf | ||
| + | </code><code> | ||
| + | ... | ||
| + | milter_default_action = accept | ||
| + | smtpd_milters = unix:/clamav/clamav-milter.ctl | ||
| + | </code><code> | ||
| + | root@gate:~# service postfix reload | ||
| - | ==== Настройка MTA на взаимодействие с clamav использованием milter интерфейса ==== | + | root@gate:~# tail -f /var/log/clamav/clamav.log |
| + | </code> | ||
| === Sendmail (FreeBSD) === | === Sendmail (FreeBSD) === | ||
| Line 45: | Line 71: | ||
| </code> | </code> | ||
| - | === Postfix (Ubuntu) === | ||
| - | <code> | ||
| - | ubuntu14# cat /etc/default/clamav-milter | ||
| - | </code><code> | ||
| - | ... | ||
| - | SOCKET_RWGROUP=postfix | ||
| - | </code><code> | ||
| - | root@gate:~# cat /etc/clamav/clamav-milter.conf | ||
| - | </code><code> | ||
| - | ... | ||
| - | MilterSocket /var/spool/postfix/clamav/clamav-milter.ctl | ||
| - | ... | ||
| - | </code><code> | ||
| - | root@gate:~# service clamav-milter restart | ||
| - | root@gate:~# cat /etc/postfix/main.cf | ||
| - | </code><code> | ||
| - | ... | ||
| - | milter_default_action = accept | ||
| - | smtpd_milters = unix:/clamav/clamav-milter.ctl | ||
| - | </code><code> | ||
| - | root@gate:~# service postfix reload | ||
| - | |||
| - | root@gate:~# tail -f /var/log/clamav/clamav.log | ||
| - | </code> | ||
| ===== Защита почты от спама ===== | ===== Защита почты от спама ===== | ||
| Line 75: | Line 77: | ||
| * [[http://www.dnsbl.info/dnsbl-database-check.php|Spam Database Lookup]] | * [[http://www.dnsbl.info/dnsbl-database-check.php|Spam Database Lookup]] | ||
| * [[http://mxtoolbox.com/blacklists.aspx|BLACKLIST CHECK]] | * [[http://mxtoolbox.com/blacklists.aspx|BLACKLIST CHECK]] | ||
| - | * [[http://www.it-35.ru/network/103-chto-takoe-spf-zapis-v-dns-i-s-chem-ee-gotovit.html|Что такое SPF запись в DNS]] | + | * [[https://www.tendence.ru/articles/spf-primenenie-v-pochtovyh-serverah-i-massovyh-rassylkah|SPF — применение в почтовых серверах и массовых рассылках]] |
| + | * [[https://habrahabr.ru/post/270159/|Значимость SPF]] | ||
| * [[http://www.lexa.ru/articles/distributed-antispam-2.html|Распределенные методы обнаружения спама]] | * [[http://www.lexa.ru/articles/distributed-antispam-2.html|Распределенные методы обнаружения спама]] | ||
| * [[http://spamassassin.apache.org/gtube/|Generic Test for Unsolicited Bulk Email (Тестовый спам)]] | * [[http://spamassassin.apache.org/gtube/|Generic Test for Unsolicited Bulk Email (Тестовый спам)]] | ||
| <code> | <code> | ||
| - | # rbllookup mailhub.bmstu.ru | + | # apt install rblcheck |
| # rblcheck 195.19.32.15 | # rblcheck 195.19.32.15 | ||
| Line 90: | Line 93: | ||
| === Установка === | === Установка === | ||
| - | == Ubuntu == | + | == Debian/Ubuntu == |
| <code> | <code> | ||
| root@gate:~# apt install spamassassin | root@gate:~# apt install spamassassin | ||
| - | |||
| - | root@gate:~# cd /etc/spamassassin/ | ||
| - | </code> | ||
| - | |||
| - | == FreeBSD == | ||
| - | <code> | ||
| - | [gate:~] # pkg install spamassassin | ||
| - | |||
| - | [gate:~] # cd /usr/local/etc/mail/spamassassin/ | ||
| </code> | </code> | ||
| === Настройка и тестирование === | === Настройка и тестирование === | ||
| - | == FreeBSD/Ubuntu == | + | == Debian/Ubuntu == |
| <code> | <code> | ||
| - | gate# cat local.cf | + | gate# cat /etc/spamassassin/local.cf |
| </code><code> | </code><code> | ||
| rewrite_header Subject *****SPAM***** | rewrite_header Subject *****SPAM***** | ||
| Line 115: | Line 109: | ||
| # required_score 5.0 | # required_score 5.0 | ||
| trusted_networks 192.168.X | trusted_networks 192.168.X | ||
| - | # add_header all Report _REPORT_ | + | add_header all Report _REPORT_ |
| - | # score RCVD_IN_BL_SPAMCOP_NET 10.0 | + | score BODY_SINGLE_WORD 10.0 |
| </code><code> | </code><code> | ||
| + | gate# spamassassin --lint # Проверка конфигурации | ||
| + | |||
| gate# sa-update | gate# sa-update | ||
| Line 127: | Line 123: | ||
| === Запуск === | === Запуск === | ||
| - | == FreeBSD == | + | == Debian/Ubuntu == |
| <code> | <code> | ||
| - | [gate:~] # cat /etc/rc.conf | + | root@gate:~# cat /etc/default/spamassassin |
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | spamd_enable=yes | + | CRON=1 |
| + | ... | ||
| </code><code> | </code><code> | ||
| - | [gate:~] # service sa-spamd start | + | root@gate:~# systemctl enable spamassassin |
| - | [gate:~] # cat /usr/local/etc/periodic/daily/sa-update.sh | + | root@gate:~# service spamassassin start |
| - | </code><code> | + | |
| - | #!/bin/sh | + | |
| - | echo sa-update | + | |
| - | /usr/local/bin/sa-update && /usr/local/etc/rc.d/sa-spamd restart | + | |
| - | </code><code> | + | |
| - | [gate:~] # chmod +x /usr/local/etc/periodic/daily/sa-update.sh | + | |
| </code> | </code> | ||
| - | == Ubuntu == | + | === Подключение SpamAssassin через milter интерфейс === |
| + | |||
| + | == Postfix (Debian/Ubuntu) == | ||
| <code> | <code> | ||
| - | root@gate:~# cat /etc/default/spamassassin | + | root@gate:~# apt install spamass-milter |
| + | |||
| + | root@gate:~# less /etc/default/spamass-milter | ||
| + | |||
| + | root@gate:~# cat /etc/postfix/main.cf | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | ENABLED=1 | + | smtpd_milters = unix:/clamav/clamav-milter.ctl unix:/spamass/spamass.sock |
| - | ... | + | |
| - | CRON=1 | + | |
| - | ... | + | |
| </code><code> | </code><code> | ||
| - | root@gate:~# service spamassassin start | + | root@gate:~# service postfix restart |
| </code> | </code> | ||
| - | === Подключение SpamAssassin через milter интерфейс === | + | == Sendmail (FreeBSD) == |
| - | + | ||
| - | == Sendmail (freebsd) == | + | |
| <code> | <code> | ||
| [gate:~] # pkg install spamass-milter | [gate:~] # pkg install spamass-milter | ||
| Line 185: | Line 177: | ||
| [gate:~] # /etc/rc.d/sendmail restart | [gate:~] # /etc/rc.d/sendmail restart | ||
| - | </code> | ||
| - | |||
| - | == Postfix (ubuntu) == | ||
| - | <code> | ||
| - | root@gate:~# apt install spamass-milter | ||
| - | |||
| - | root@gate:~# less /etc/default/spamass-milter | ||
| - | |||
| - | root@gate:~# service spamass-milter restart | ||
| - | |||
| - | root@gate:~# cat /etc/postfix/main.cf | ||
| - | </code><code> | ||
| - | ... | ||
| - | smtpd_milters = unix:/clamav/clamav-milter.ctl unix:/spamass/spamass.sock | ||
| - | </code><code> | ||
| - | root@gate:~# service postfix restart | ||
| </code> | </code> | ||
| === Подключение SpamAssassin через procmail === | === Подключение SpamAssassin через procmail === | ||
| - | == FreeBSD/Ubuntu == | + | == FreeBSD == |
| <code> | <code> | ||
| gate# cat ~student/.procmailrc | gate# cat ~student/.procmailrc | ||
| Line 216: | Line 192: | ||
| ==== Технология Grey List ==== | ==== Технология Grey List ==== | ||
| - | * [[http://ru.wikipedia.org/wiki/Серый_список]] | + | * [[https://ru.wikipedia.org/wiki/%D0%A1%D0%B5%D1%80%D1%8B%D0%B9_%D1%81%D0%BF%D0%B8%D1%81%D0%BE%D0%BA|Серый список]] |
| * RFC 2821 4.5.4.1 ([[http://rfc.com.ru/rfc2821.htm]]) | * RFC 2821 4.5.4.1 ([[http://rfc.com.ru/rfc2821.htm]]) | ||
| - | === Semdmail (freebsd) === | + | === Postfix (Debian/Ubuntu) === |
| + | |||
| + | [[http://vladimir-stupin.blogspot.com/2009/09/postfix-postgrey.html]] | ||
| + | |||
| + | <code> | ||
| + | root@gate:~# apt install postgrey | ||
| + | |||
| + | root@gate:~# less /etc/default/postgrey | ||
| + | |||
| + | root@gate:~# cat /etc/postfix/main.cf | ||
| + | </code><code> | ||
| + | ... | ||
| + | smtpd_recipient_restrictions = permit_mynetworks, | ||
| + | reject_unauth_destination, | ||
| + | check_policy_service inet:127.0.0.1:10023 | ||
| + | </code><code> | ||
| + | root@gate:~# service postfix restart | ||
| + | |||
| + | root@gate:~# ls /var/lib/postgrey/ | ||
| + | |||
| + | root@gate:~# postgreyreport < /var/log/mail.log | ||
| + | </code> | ||
| + | |||
| + | === Semdmail (FreeBSD) === | ||
| <code> | <code> | ||
| [gate:~] # pkg install milter-greylist | [gate:~] # pkg install milter-greylist | ||
| Line 266: | Line 265: | ||
| [gate:~] # cat /var/milter-greylist/greylist.db | [gate:~] # cat /var/milter-greylist/greylist.db | ||
| </code> | </code> | ||
| - | |||
| - | === Postfix (ubuntu) === | ||
| - | |||
| - | [[http://vladimir-stupin.blogspot.com/2009/09/postfix-postgrey.html]] | ||
| - | |||
| - | <code> | ||
| - | root@gate:~# apt-get install postgrey | ||
| - | |||
| - | root@gate:~# less /etc/default/postgrey | ||
| - | |||
| - | root@gate:~# cat /etc/postfix/main.cf | ||
| - | </code><code> | ||
| - | ... | ||
| - | smtpd_recipient_restrictions = permit_mynetworks, | ||
| - | reject_unauth_destination, | ||
| - | check_policy_service inet:127.0.0.1:10023 | ||
| - | </code><code> | ||
| - | root@gate:~# ls /var/lib/postgrey/ | ||
| - | |||
| - | root@gate:~# postgreyreport < /var/log/mail.log | ||
| - | </code> | ||
| - | |||
| ===== Использование пакета AmavisNew для контексной фильрации почты ===== | ===== Использование пакета AmavisNew для контексной фильрации почты ===== | ||
| https://help.ubuntu.com/community/PostfixAmavisNew | https://help.ubuntu.com/community/PostfixAmavisNew | ||
защита_почты_от_вирусов_и_spamа.txt · Last modified: 2021/06/10 10:10 by admin
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
