SpamAssassin 垃圾郵件刺客
最近的郵箱被垃圾郵件煩的實在受不了,就是搞不清這些垃圾郵件發送者有沒有頭腦,現在的網絡行銷還考這郵件的方式是不是趕不上時代了,沒事一天下來要在你郵箱中塞個50封垃圾才高興,搞的沒事的伺服器還要處理個沒完沒了的,當然要管理的人就更煩了,所以只好在網上找尋專門處理垃圾郵件問題的套件來解決了。在Linux平台上開源的軟體中SpamAssassin套件是專門在處理這類問題的軟體,安裝與設定上又不困難,所以有這類問題的網管應該可以考慮來使用看看。
官網請上SpamAssassin
有關說明可以在WiKi上參考
如果要了解各Linux分支的安裝及設定方式可以在Google上搜尋
本帖最後由 kevinhu 於 2016-8-26 10:19 編輯
如果想進一步直接的Reject掉SpamMail 可以參考以下的方法看看
Dropping Spam with Postfix and SpamAssassin on GoDaddy’s Dedicated ServersWe recently ran into a situation where one of our users was receiving a large amount of spam to their forwarded email account. Our setup is a dedicated server running Simple Control Panel at Godaddy. We handle email for a few clients and this one in particular was receiving 100’s of spam emails every hour.Pretty much as soon as we set up this client, we started hitting our 1,000 SMTP Relay limit which prevented us from sending any further emails for any other client on the server.
There is a simple fix to this that I had a difficult time finding so I decided to create a post on this for anyone else who might run into this issue.
The first thing I tried was to turn on SpamAssassin through the Simple Control Panel (log in to your control panel, choose “Email” from the “Server Configuration” section, and choose “Filter incoming email using SpamAssassin”).The result of this is that SpamAssassin started analyzing the emails coming in and marking them as Spam.This didn’t fix the problem because the emails were not being dropped, but were instead being forwarded onto the receipient, just now with the “SPAM” designation in the message subject.
The only solution I discovered was to utilize Postfix’s header_checks.This uses a regular expression to check the header of the email message and then apply a rule to the message accordingly.Here’s what we did.
[*]edit the /etc/postfix/header_checks file.
[*]add the following line to the bottom of the file:
/^X-Spam-Flag:.YES/ DISCARD spam
[*]edit the /etc/postfix/main.cf file an make sure the following line is in your file (it may just be commented out):
header_checks = regexp:/etc/postfix/header_checks
[*]Now restart your postfix process by using the following command:
postfix reload
What this does is look for the existence of “X-Spam-Flag” in the header of the message.This flag is put there by SpamAssassin, so it is important that SpamAssassin is running.Once it sees the “X-Spam-Flag”, it will discard the message.This will effectively prevent your server from forwarding any spam emails onto your user’s email accounts.So far this has worked out well for us.
Post from
http://www.halfslide.com/droppin ... -dedicated-servers/ Postfix configure anti spam with blacklist
Postfix is free and powerful MTA. You can easily configure Postfix to block spam. You need to add
following directives to /etc/postfix/main.cf file:
=> disable_vrfy_command = yes : Disable the SMTP VRFY command. This stops some techniques used to harvest email addresses.
=> smtpd_delay_reject = yes : It allows Postfix to log recipient address information when rejecting a client name/address or sender address, so that it is possible to find out whose mail is being rejected.
=> smtpd_helo_requi
red = yes : Require that a remote SMTP client introduces itself at the beginning of an SMTP session with the HELO or EHLO command. Many spam bot ignores HELO/EHLO command and you save yourself from spam. Following lines further restrictions on HELO command:
smtpd_helo_restrictions = permit_mynetworks,
reject_non_fqdn_hostname, Reject email if remote hostname is not in fully-qualified domain form. Usually bots sending email don’t have FQDN names.
reject_invalid_hostname, Reject all bots sending email from computers connected via DSL/ADSL computers. They don’t have valid internet hostname.
permit
You can put the following access restrictions that the Postfix SMTP server applies in the context of the RCPT TO command.
=> smtpd_recipient_restrictions =
reject_invalid_hostname, – Reject email if it not valid hostname
reject_non_fqdn_hostname, – Reject email if it not valid FQDN
reject_non_fqdn_sender, – Reject the request when the MAIL FROM address is not in fully-qualified domain form. For example email send from xyz or abc is rejected.
reject_non_fqdn_recipient, – Reject the request when the RCPT TO address is not in fully-qualified domain form
reject_unknown_sender_domain, – Reject email, if sender domain does not exists
reject_unknown_recipient_domain, Reject email, if recipient domain does not exists
permit_mynetworks,
reject_rbl_client list.dsbl.org, Configure spam black lists
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit
Open /etc/postfix/main.cf file :
# vi /etc/postfix/main.cf
Set/modify configuration as follows
disable_vrfy_command = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
reject_non_fqdn_hostname,
reject_invalid_hostname,
permit
smtpd_recipient_restrictions =
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
Also force (highlighted using red color) Postfix to limit incoming or receiving email rate to avoid spam.
Save and close the file. Restart postfix:
# /etc/init.d/postfix restart
Watch out maillog file. Now you should see lots of spam email blocked by above configuration directive:
# tail -f /var/log/maillog
Output:
Jan9 06:07:22 server postfix/smtpd: NOQUEUE: reject: RCPT from 183-12-81.ip.adsl.hu: 554 Service unavailable; Client host blocked using dul.dnsbl.sorbs.net; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?81.183.12.81; from= to= proto=ESMTP helo=<183-12-230.ip.adsl.hu>
Jan9 06:07:23 server postfix/smtpd: lost connection after RCPT from 183-12-81.ip.adsl.hu
Jan9 06:07:23 server postfix/smtpd: disconnect from 183-12-81.ip.adsl.hu
Jan9 06:10:43 server postfix/anvil: statistics: max connection rate 1/60s for (smtp:81.183.12.81) at Jan9 06:07:17
Jan9 06:10:43 server postfix/anvil: statistics: max connection count 1 for (smtp:81.183.12.81) at Jan9 06:07:17
Jan9 06:10:43 server postfix/anvil: statistics: max cache size 1 at Jan9 06:07:17
Jan9 06:16:58 server postfix/smtpd: warning: 81.92.197.249: address not listed for hostname unassigned.or.unconfigured.reverse.nfsi-telecom.net
Jan9 06:16:58 server postfix/smtpd: connect from unknown
Jan9 06:17:00 server postfix/smtpd: NOQUEUE: reject: RCPT from unknown: 550 : Recipient address rejected: User unknown in virtual alias table; from=<> to= proto=ESMTP helo=
Jan9 06:17:00 server postfix/smtpd: disconnect from unknown
Next time I will write about simple procmail and spamassassin combination to filter out spam :)
forward from http://www.cyberciti.biz/tips/postfix-spam-filtering-with-blacklists-howto.html
頁:
[1]