RedHat 5.4下构建postfix全功能电子邮（八）

smith88

　　RedHat 5.4下构建postfix全功能电子邮（八）-圾邮件过滤
Postfix 垃圾邮件过滤配置
1、根据客户端的主机名/地址过滤邮件,添加

[root@mail ~]# vim /etc/postfix/main.cf

659 smtpd_client_restrictions = check_client_access hash:/etc/postfix/access

[root@mail ~]# vim /etc/postfix/access

447 10.20.5 REJECT

448 10.20.5.35 OK

449 test.com REJECT

[root@mail ~]# postmap /etc/postfix/access

2、根据客户机HELO 信息中的主机名地址过滤邮件

[root@mail ~]# vim /etc/postfix/main.cf

660 smtpd_helo_required = yes

661 smtpd_helo_restrictions = reject_invalid_hostname

[root@mail ~]# postfix reload

postfix/postfix-script: refreshing the Postfix mail system

[root@mail ~]# service postfix restart

Shutting down postfix: [ OK ]

Starting postfix: [ OK ]

3、 根据发件人的地址过滤邮件

[root@mail ~]# vim /etc/postfix/main.cf

662 smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf,mysql:/etc/postfix/mysql_virtual_alias_maps.cf

663 smtpd_sender_restrictions = permit_mynetworks,reject_sender_login-mismatch,reject_non_fqdn_sender,reject_unknown_sender_domain,che ck_sender_access hash:/etc/postfix/sender_access

[root@mail ~]# vim /etc/postfix/sender_access

ds@163.com REJECT

marketing@ REJECT

fake.aptech.com REJECT

[root@mail ~]# postmap /etc/postfix/sender_access

4、 根据收件人的地址过滤邮件

[root@mail ~]# vim /etc/postfix/main.cf

664 smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_non_fqdn_ recipient,re ject_unknown_recipient_domain

[root@mail ~]# service postfix restart

Shutting down postfix: [ OK ]

Starting postfix: [ OK ]

5、基于邮件内容的过滤
5.1安装并配置MailScanner 扫描调度工具
1) 安装MailScanner 扫描调度工具，（安装时间非常长）

[root@mail ~]# cd mail/

[root@mail mail]# ll

[root@mail mail]# tar -zxf MailScanner-4.84.3-1.rpm.tar.gz -C /usr/local/src/

[root@mail mail]# cd /usr/local/src/MailScanner-4.84.3-1/

[root@mail MailScanner-4.84.3-1]# ls

[root@mail MailScanner-4.84.3-1]# ./install.sh

2) 修改配置文件MailScanner

[root@mail MailScanner-4.84.3-1]# cd

[root@mail ~]# vim /etc/MailScanner/MailScanner.conf

131 Run As User = postfix

136 Run As Group = postfix

165 Incoming Queue Dir = /var/spool/postfix/hold

169 Outgoing Queue Dir = /var/spool/postfix/incoming

196 MTA = postfix

2231 Required SpamAssassin Score = 7

2237 High SpamAssassin Score = 10

2437 Spam Actions = deliver header "X-Spam-Status: Yes"

2499 High Scoring Spam Actions = delete forward spam@extmail.org

3) 配置Postfix 支持调用MailScanner

[root@mail ~]# vim /etc/postfix/main.cf

520 header_checks = regexp:/etc/postfix/header_checks

#最后添加

[root@mail ~]# vim /etc/postfix/header_checks

497 /^Received:/HOLD

4) 调整邮件过滤队列的目录属主、属组，并启动MailScanner 服务程序

[root@mail ~]# chown -R postfix:postfix /var/spool/MailScanner/incoming/

[root@mail ~]# chown -R postfix:postfix /var/spool/MailScanner/quarantine/

[root@mail ~]# service MailScanner start

Starting MailScanner daemons:

incoming postfix: [ OK ]

outgoing postfix: [ OK ]

MailScanner: [ OK ]

[root@mail ~]# chkconfig --level 35 MailScanner on

[root@mail ~]# chkconfig --list MailScanner

MailScanner 0:off 1:off 2:on 3:on 4:on 5:on 6:off

5.2 安装并配置SpamAssassin 垃圾邮件过滤器

1) 安装并配置SpamAssassin 垃圾邮件过滤器

[root@mail ~]# yum install spamassassin -y

2) 修改配置文件local.cf

（位于“/etc/mail/spamassassin/local.cf”，一般不需要进行任何修改，保

持默认设置即可）

3) 启动SpamAssassin 服务

[root@mail ~]# chkconfig --level 2345 spamassassin on

[root@mail ~]# chkconfig --list spamassassin

spamassassin 0:off 1:off 2:on 3:on 4:on 5:on 6:off

[root@mail ~]# service spamassassin start

Starting spamd: [ OK ]

5.3 安装并配置F-Port 病毒查杀软件

1) 安装F-Port 软件包安装过程中出现提示是按回车键接受默认设置

[root@mail ~]# cd mail/

[root@mail mail]# ll

[root@mail mail]# tar -zxvf fp-Linux-i686-ws.tar.gz -C /opt/

[root@mail mail]# cd /opt/f-prot/

[root@mail f-prot]# ls

[root@mail f-prot]# ./install-f-prot.pl

2) 升级F-Port 病毒库（服务器要能够访问Internet 互联网）

[root@mail f-prot]# /opt/f-prot/fpupdate

[root@mail f-prot]# crontab –e (计划任务)

00 8 * * * /opt/f-prot/fpupdate

[root@mail f-prot]# chkconfig --level 2345 crond on

[root@mail f-prot]# service crond restart

Stopping crond: [ OK ]

Starting crond: [ OK ]