sendmail配置
yum -y update sendmail sendmail-cf
SendMail相关目录
1. 设定档目录:/etc/mail
2. 记录档:/var/log/maillog
3. 己收信件之暂存目录:/var/spool/mail/
4. 寄出信件之暂存目录:/var/spool/mqueue/
先备份,后修改
cd /etc/mail
mv sendmail.cf sendmail.cf.bak
解除只有Server本身可以递送信件的设定
vi /etc/mail/sendmail.mc
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') 改成
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
加入广告信来源过滤机制
在以下两行
FEATURE(`blacklist_recipients')dnl
.
.
EXPOSED_USER(`root')dnl
之间加入
dnl # use DNSBL for spam mail
FEATURE(`dnsbl', `rbl.maps.vix.com', `Rejected - see http://www.mail-abuse.org/rbl/')dnl
FEATURE(`dnsbl', `dul.maps.vix.com', `Dialup - see http://www.mail-abuse.org/dul/')dnl
FEATURE(`dnsbl', `relays.mail-abuse.org', `Open spam relay - see http://www.mail-abuse.org/rss')dnl
dnl FEATURE(`dnsbl', `relays.ordb.org', `"Email blocked using ORDB.org - see http://ordb.org"')dnl
FEATURE(`dnsbl', `blackholes.mail-abuse.org', `"Spam blocked see: http://mail-abuse.org/cgi-bin/lookup?"$&{client_addr}')dnl
FEATURE(`dnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}')dnl
dnl FEATURE(`dnsbl',`dnsbl.sorbs.net', `"554 Rejected " $&{client_addr} " found in dnsbl.sorbs.net"')dnl
dnl FEATURE(`dnsbl', `rbl.softworking.com', `"550 Mail from "$&{client_addr}" rejected based on external blacklist - See also http://www.111cn.net/"')dnl
配置防止广告
yum install milter-greylist
vi /etc/mail/sendmail.mc,在FEATURE(`dnsbl'...描述后面加入
dnl # use GREYLIST for spam mail
FEATURE(`milter-greylist')dnl
避免relay范围内的机器每次都要寄两次以上才会寄出信件
vi /etc/mail/greylist.conf
# Your own network, which should not suffer greylisting
list "my network" addr { 127.0.0.1/8 163.32.244.0/24 }
# This is a list of broken MTAs that break with greylisting. Derived from # http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt?rev=1.16
list "broken mta" addr {
12.5.136.141/32 # Southwest Airlines (unique sender)
12.5.136.142/32 # Southwest Airlines
163.32.250.21/32 # KH mail server
163.32.250.51/32 # Epass server
163.32.250.12/32 # kiecc.server
# 另可在底下列出安全无虞(确定不会寄广告信)的mail server IP
chkconfig --level 345 milter-greylist on
service milter-greylist start
完成修改sendmail.mc档后,产生正确的sendmail.cf
cd /etc/mail
make -C /etc/mail
避免造成MX loop back的问题,必须将这台Server的主机别称及所有主机别名登入进来
vi /etc/mail/local-host-names
设定负责转信(帮Outlook送信)的范围(RELAY)及挡掉广告信主机(DENY)
vi /etc/mail/access
Connect:localhost.localdomain RELAY
Connect:localhost RELAY
Connect:127.0.0.1 RELAY
Connect:163.18.225 RELAY
Connect:sgrsms.sg-rs.com.hk REJECT
Connect:mail.uhome.net.tw REJECT
存档后
make all
service sendmail restart
procmail广告信过滤规则
yum install procmail
vi /etc/procmailrc
MAILDIR=/var/mail
VERBOSE=off
PATH=/bin:/sbin:/usr/bin:/usr/sbin/:/usr/local/bin:/usr/local/sbin
LOGFILE=/var/log/procmail.log
# 广告信过滤机制
# 原则上因考量误判的机率较高,因为部份电子期刊也是利用相关的程式来寄发的,因此特别将这些特微的信,予以转存至特定的档案,以便日后人工确认。待确认无误后,再将设定改转存至/dev/null,以便直接删除信件,以免造成硬碟空间之浪费。
# 过滤伪装寄件者
:0 HBw
#* ^Return-Path: .*@mail.kh.edu.tw.*
* ^Received: from mail.kh.edu.tw .*
* !^Received: from mail.kh.edu.tw .*163.32.250.
* !^Received: from mail.kh.edu.tw .*163.32.119.
* !^Received: from mail.kh.edu.tw .*163.29.241.
* !^Received: from mail.kh.edu.tw .*163.29.242.
* !^Received: from mail.kh.edu.tw .*163.32.(www.111cn.net)137.
* !^Received: from mail.kh.edu.tw (localhost.localdomain [127.0.0.1])
* !^Received: from 163.32.250.21 .*163.32.250.
/home/mailfilter/spam.local
# 过滤广告信发送软体(1)
:0 HBw
* ^X-Library: (Indy.*|Dynamailer.*)
/home/mailfilter/spam.library
# 过滤广告信发送软体(2)
:0 HBw
* ^X-Mailer: (Dynamailer.*|EhooPost.*|Mail Bomber.*|QuickSender.*|made from pascual|RET.*| FoxMail*)
/home/mailfilter/spam.mailer
建立告信过滤的收集目录:
mkdir /home/mailfilter
设定后,到目录中编译
cd /etc/mail
make all
service sendmail restar
QQ群⑧:
窥视卡
雷达卡
发表于 2015-9-15 01:22:25
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡