。DNSBL

smtpd_client_restrictions = reject_rbl_client sbl-xbl.spamhaus.org

      ref: http://plog.longwin.com.tw/post/1/493

   spamhaus官網: www.spamhaus.org

SBL: verified spam sources and spam operations (including spammers, spam gangs and spam support services), 
XBL: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.

   Quote: http://blog.gslin.org/archives/2006/10/27/849/

是一個在英國提供 DNSBL 服務的單位,主要提供兩份名單:SBL (Spamhaus Block List) 與 XBL (Exploits Block List)。SBL 列出了 Spam Source 的機器 (Direct UBE sources, verified spam services and ROKSO spammers)。而 XBL 則是列出被 crack 當作跳板的機器 (Illegal 3rd party exploits, including proxies, worms and trojan exploits)。

   查詢工具
   http://spamlinks.net/filter-dnsbl-lookup.htm
   也可在 http://www.dnsstuff.com/ 的Spam Database Lookup查詢
   www.spamhaus.org也可查

   至於怎麼用
      Quote: http://www.spamhaus.org/sbl/howtouse.html

DNSBL     Zone to Query            Returns       Contains
SBL         sbl.spamhaus.org       127.0.0.2     Direct UBE sources, verified spam services and ROKSO spammers
XBL         xbl.spamhaus.org       127.0.0.4-6  Illegal 3rd party exploits, including proxies, worms and trojan exploits
SBL+XBL sbl-xbl.spamhaus.org 127.0.0.2-6  Combined zone to reduce queries Includes both SBL and XBL zones

   什麼是 PBL
      Quote: http://cpro.com.tw/channel/news/content/index.php?news_id=53541

PBL (Policy Block List) 乃是一個IP位址資料庫,可用以阻止以「direct-to-mx」方式寄信給其它ISP的行為。

。Postgrey
      ref: http://ssorc.tw/?p=594
      ref: http://blog.t-times.net/ada/space/start/2006-12-25/1#對抗垃圾信,使用_Postgrey
      ref: http://linux.vbird.org/linux_server/0380mail.php#adv_postgrey

。拒絕來自未知的寄件人顉域的郵件

smtpd_sender_restrictions = xxxxx, reject_unknown_sender_domain 
smtpd_reciptient_restrcitions = xxxxx, reject_unknown_sender_domain

。procmail 過濾只有自家人才可寄信給特定帳號,而外部寄進來的話,丟到/dev/null
      vi /etc/postfix/main.cf

mailbox_command = /usr/bin/procmail

      vi /etc/procmailrc

:0 Hw
 * ^[Tt]o.*cross@test.xports.idv.tw.*
 * !^[Ff]rom.*test.xports.idv.tw.*
 /dev/null

      ref: http://phorum.study-area.org/viewtopic.php?t=11673&highlight=procmailrc

。讀清單裡的帳號位址,符合的放到另定義的 maillistbox
      vi ~/.procmailrc

LOGFILE=./.procmail.log
LOGABSTRACT=all
VERBOSE=on

URGMATCH=`cat $HOME/.maillist.txt`

:0:
 * $^From.*${URGMATCH}
 maillistbox

      touch .procmail.log && chmod o+w .procmail.log

      vi .maillist.txt

cros2s@ssorc.tw

。Postfix內建的 header_checks與 body_checks
      [1.] vi /etc/postfix/main.cf

header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/body_checks

            postfix reload

      [2.] 編輯 /etc/postfix/header_checks或者 /etc/postfix/body_checks建立規則

# /規則/   動作   顯示在maillog檔裡的訊息
/^from.*root/   DISCARD  from root be droped

# 多重條件時
if /xxx/
if /xxx/
/xxx/ DISCARD the spam mail
endif
endif

      [3.] 測試
              postmap -q – regexp:/etc/postfix/header_checks < /etc/postfix/header_checks
              (無任何訊息顯示,代表正確無誤)

。拒絕動態 ip

      vi /etc/postfix/main.cf

smtpd_client_restrictions = check_client_access hash:/etc/postfix/access

      vi /etc/postfix/access

dynamic.hinet.net   REJECT   We can't allow dynamic IP to relay!

      postmap hash:/etc/postfix/access

。參考一下這篇文章吧
ref: http://www.howtoforge.com/block_spam_at_mta_level_postfix

最後修改日期: 2006 年 12 月 23 日

作者

留言

撰寫回覆或留言

發佈留言必須填寫的電子郵件地址不會公開。