User Tools
защита_почты_от_вирусов_и_spamа
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
защита_почты_от_вирусов_и_spamа [2018/03/22 13:28] val |
защита_почты_от_вирусов_и_spamа [2021/06/10 10:10] (current) admin [Технология взвешенной оценки] |
||
|---|---|---|---|
| Line 4: | Line 4: | ||
| ==== Установка clamav с milter интерфейсом ==== | ==== Установка clamav с milter интерфейсом ==== | ||
| + | |||
| + | === Debian/Ubuntu === | ||
| + | |||
| + | [[Сервис Clamav]] | ||
| + | |||
| + | <code> | ||
| + | root@gate:~# apt install clamav-milter | ||
| + | </code> | ||
| === FreeBSD === | === FreeBSD === | ||
| Line 10: | Line 18: | ||
| </code> | </code> | ||
| - | === Debian/Ubuntu === | ||
| - | [[Сервис Clamav]] | + | |
| + | ==== Настройка MTA на взаимодействие с clamav использованием milter интерфейса ==== | ||
| + | |||
| + | === Postfix (Debian/Ubuntu) === | ||
| <code> | <code> | ||
| - | root@gate:~# apt install clamav-milter | + | root@gate:~# cat /etc/clamav/clamav-milter.conf |
| - | </code> | + | </code><code> |
| + | ... | ||
| + | MilterSocket /var/spool/postfix/clamav/clamav-milter.ctl | ||
| + | ... | ||
| + | MilterSocketGroup postfix | ||
| + | ... | ||
| + | </code><code> | ||
| + | root@gate:~# service clamav-milter restart | ||
| + | |||
| + | root@gate:~# cat /etc/postfix/main.cf | ||
| + | </code><code> | ||
| + | ... | ||
| + | milter_default_action = accept | ||
| + | smtpd_milters = unix:/clamav/clamav-milter.ctl | ||
| + | </code><code> | ||
| + | root@gate:~# service postfix reload | ||
| - | ==== Настройка MTA на взаимодействие с clamav использованием milter интерфейса ==== | + | root@gate:~# tail -f /var/log/clamav/clamav.log |
| + | </code> | ||
| === Sendmail (FreeBSD) === | === Sendmail (FreeBSD) === | ||
| Line 45: | Line 71: | ||
| </code> | </code> | ||
| - | === Postfix (Debian/Ubuntu) === | ||
| - | <code> | ||
| - | ubuntu14# cat /etc/default/clamav-milter | ||
| - | </code><code> | ||
| - | ... | ||
| - | SOCKET_RWGROUP=postfix | ||
| - | </code><code> | ||
| - | root@gate:~# cat /etc/clamav/clamav-milter.conf | ||
| - | </code><code> | ||
| - | ... | ||
| - | MilterSocket /var/spool/postfix/clamav/clamav-milter.ctl | ||
| - | ... | ||
| - | </code><code> | ||
| - | root@gate:~# service clamav-milter restart | ||
| - | root@gate:~# cat /etc/postfix/main.cf | ||
| - | </code><code> | ||
| - | ... | ||
| - | milter_default_action = accept | ||
| - | smtpd_milters = unix:/clamav/clamav-milter.ctl | ||
| - | </code><code> | ||
| - | root@gate:~# service postfix reload | ||
| - | |||
| - | root@gate:~# tail -f /var/log/clamav/clamav.log | ||
| - | </code> | ||
| ===== Защита почты от спама ===== | ===== Защита почты от спама ===== | ||
| Line 81: | Line 83: | ||
| <code> | <code> | ||
| - | # rbllookup mailhub.bmstu.ru | + | # apt install rblcheck |
| # rblcheck 195.19.32.15 | # rblcheck 195.19.32.15 | ||
| Line 94: | Line 96: | ||
| <code> | <code> | ||
| root@gate:~# apt install spamassassin | root@gate:~# apt install spamassassin | ||
| - | |||
| - | root@gate:~# cd /etc/spamassassin/ | ||
| - | </code> | ||
| - | |||
| - | == FreeBSD == | ||
| - | <code> | ||
| - | [gate:~] # pkg install spamassassin | ||
| - | |||
| - | [gate:~] # cd /usr/local/etc/mail/spamassassin/ | ||
| </code> | </code> | ||
| === Настройка и тестирование === | === Настройка и тестирование === | ||
| - | == FreeBSD/Debian/Ubuntu == | + | == Debian/Ubuntu == |
| <code> | <code> | ||
| - | gate# cat local.cf | + | gate# cat /etc/spamassassin/local.cf |
| </code><code> | </code><code> | ||
| rewrite_header Subject *****SPAM***** | rewrite_header Subject *****SPAM***** | ||
| Line 115: | Line 108: | ||
| use_bayes 0 | use_bayes 0 | ||
| # required_score 5.0 | # required_score 5.0 | ||
| - | trusted_networks 192.168.X | + | trusted_networks 192.168.X # must be set for cgpav because default ALL_TRUSTED !!! |
| - | # add_header all Report _REPORT_ | + | add_header all Report _REPORT_ |
| - | # score RCVD_IN_BL_SPAMCOP_NET 10.0 | + | score BODY_SINGLE_WORD 10.0 |
| </code><code> | </code><code> | ||
| - | gate# spamassassin --lint #check config | + | gate# spamassassin --lint # Проверка конфигурации |
| gate# sa-update | gate# sa-update | ||
| Line 130: | Line 123: | ||
| === Запуск === | === Запуск === | ||
| - | == FreeBSD == | + | == Debian/Ubuntu == |
| <code> | <code> | ||
| - | [gate:~] # cat /etc/rc.conf | + | root@gate:~# cat /etc/default/spamassassin |
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | spamd_enable=yes | + | CRON=1 |
| + | ... | ||
| </code><code> | </code><code> | ||
| - | [gate:~] # service sa-spamd start | + | root@gate:~# systemctl enable spamassassin |
| - | [gate:~] # cat /usr/local/etc/periodic/daily/sa-update.sh | + | root@gate:~# service spamassassin start |
| - | </code><code> | + | |
| - | #!/bin/sh | + | |
| - | echo sa-update | + | |
| - | /usr/local/bin/sa-update && /usr/local/etc/rc.d/sa-spamd restart | + | |
| - | </code><code> | + | |
| - | [gate:~] # chmod +x /usr/local/etc/periodic/daily/sa-update.sh | + | |
| </code> | </code> | ||
| - | == Debian/Ubuntu == | + | === Подключение SpamAssassin через milter интерфейс === |
| + | |||
| + | == Postfix (Debian/Ubuntu) == | ||
| <code> | <code> | ||
| - | root@gate:~# cat /etc/default/spamassassin | + | root@gate:~# apt install spamass-milter |
| + | |||
| + | root@gate:~# less /etc/default/spamass-milter | ||
| + | |||
| + | root@gate:~# cat /etc/postfix/main.cf | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | ENABLED=1 | + | smtpd_milters = unix:/clamav/clamav-milter.ctl unix:/spamass/spamass.sock |
| - | ... | + | |
| - | CRON=1 | + | |
| - | ... | + | |
| </code><code> | </code><code> | ||
| - | root@gate:~# service spamassassin start | + | root@gate:~# service postfix restart |
| </code> | </code> | ||
| - | |||
| - | === Подключение SpamAssassin через milter интерфейс === | ||
| == Sendmail (FreeBSD) == | == Sendmail (FreeBSD) == | ||
| Line 188: | Line 177: | ||
| [gate:~] # /etc/rc.d/sendmail restart | [gate:~] # /etc/rc.d/sendmail restart | ||
| - | </code> | ||
| - | |||
| - | == Postfix (Debian/Ubuntu) == | ||
| - | <code> | ||
| - | root@gate:~# apt install spamass-milter | ||
| - | |||
| - | root@gate:~# less /etc/default/spamass-milter | ||
| - | |||
| - | root@gate:~# service spamass-milter restart | ||
| - | |||
| - | root@gate:~# cat /etc/postfix/main.cf | ||
| - | </code><code> | ||
| - | ... | ||
| - | smtpd_milters = unix:/clamav/clamav-milter.ctl unix:/spamass/spamass.sock | ||
| - | </code><code> | ||
| - | root@gate:~# service postfix restart | ||
| </code> | </code> | ||
| Line 219: | Line 192: | ||
| ==== Технология Grey List ==== | ==== Технология Grey List ==== | ||
| - | * [[http://ru.wikipedia.org/wiki/Серый_список]] | + | * [[https://ru.wikipedia.org/wiki/%D0%A1%D0%B5%D1%80%D1%8B%D0%B9_%D1%81%D0%BF%D0%B8%D1%81%D0%BE%D0%BA|Серый список]] |
| * RFC 2821 4.5.4.1 ([[http://rfc.com.ru/rfc2821.htm]]) | * RFC 2821 4.5.4.1 ([[http://rfc.com.ru/rfc2821.htm]]) | ||
| + | |||
| + | === Postfix (Debian/Ubuntu) === | ||
| + | |||
| + | [[http://vladimir-stupin.blogspot.com/2009/09/postfix-postgrey.html]] | ||
| + | |||
| + | <code> | ||
| + | root@gate:~# apt install postgrey | ||
| + | |||
| + | root@gate:~# less /etc/default/postgrey | ||
| + | |||
| + | root@gate:~# cat /etc/postfix/main.cf | ||
| + | </code><code> | ||
| + | ... | ||
| + | smtpd_recipient_restrictions = permit_mynetworks, | ||
| + | reject_unauth_destination, | ||
| + | check_policy_service inet:127.0.0.1:10023 | ||
| + | </code><code> | ||
| + | root@gate:~# service postfix restart | ||
| + | |||
| + | root@gate:~# ls /var/lib/postgrey/ | ||
| + | |||
| + | root@gate:~# postgreyreport < /var/log/mail.log | ||
| + | </code> | ||
| === Semdmail (FreeBSD) === | === Semdmail (FreeBSD) === | ||
| Line 269: | Line 265: | ||
| [gate:~] # cat /var/milter-greylist/greylist.db | [gate:~] # cat /var/milter-greylist/greylist.db | ||
| </code> | </code> | ||
| - | |||
| - | === Postfix (Debian/Ubuntu) === | ||
| - | |||
| - | [[http://vladimir-stupin.blogspot.com/2009/09/postfix-postgrey.html]] | ||
| - | |||
| - | <code> | ||
| - | root@gate:~# apt-get install postgrey | ||
| - | |||
| - | root@gate:~# less /etc/default/postgrey | ||
| - | |||
| - | root@gate:~# cat /etc/postfix/main.cf | ||
| - | </code><code> | ||
| - | ... | ||
| - | smtpd_recipient_restrictions = permit_mynetworks, | ||
| - | reject_unauth_destination, | ||
| - | check_policy_service inet:127.0.0.1:10023 | ||
| - | </code><code> | ||
| - | root@gate:~# ls /var/lib/postgrey/ | ||
| - | |||
| - | root@gate:~# postgreyreport < /var/log/mail.log | ||
| - | </code> | ||
| - | |||
| ===== Использование пакета AmavisNew для контексной фильрации почты ===== | ===== Использование пакета AmavisNew для контексной фильрации почты ===== | ||
| https://help.ubuntu.com/community/PostfixAmavisNew | https://help.ubuntu.com/community/PostfixAmavisNew | ||
защита_почты_от_вирусов_и_spamа.1521714494.txt.gz · Last modified: 2018/03/22 13:28 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
