RedHat 5.4下构建postfix全功能电子邮(八)
RedHat 5.4下构建postfix全功能电子邮(八)-圾邮件过滤Postfix 垃圾邮件过滤配置
1、根据客户端的主机名/地址过滤邮件,添加
# vim /etc/postfix/main.cf
659 smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
# vim /etc/postfix/access
447 10.20.5 REJECT
448 10.20.5.35 OK
449 test.com REJECT
# postmap /etc/postfix/access
2、根据客户机HELO 信息中的主机名地址过滤邮件
# vim /etc/postfix/main.cf
660 smtpd_helo_required = yes
661 smtpd_helo_restrictions = reject_invalid_hostname
# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
3、 根据发件人的地址过滤邮件
# vim /etc/postfix/main.cf
662 smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_sender_maps.cf,mysql:/etc/postfix/mysql_virtual_alias_maps.cf
663 smtpd_sender_restrictions = permit_mynetworks,reject_sender_login-mismatch,reject_non_fqdn_sender,reject_unknown_sender_domain,che ck_sender_access hash:/etc/postfix/sender_access
# vim /etc/postfix/sender_access
ds@163.com REJECT
marketing@ REJECT
fake.aptech.com REJECT
# postmap /etc/postfix/sender_access
4、 根据收件人的地址过滤邮件
# vim /etc/postfix/main.cf
664 smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_non_fqdn_ recipient,re ject_unknown_recipient_domain
# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
5、基于邮件内容的过滤
5.1安装并配置MailScanner 扫描调度工具
1) 安装MailScanner 扫描调度工具,(安装时间非常长)
# cd mail/
# ll
# tar -zxf MailScanner-4.84.3-1.rpm.tar.gz -C /usr/local/src/
# cd /usr/local/src/MailScanner-4.84.3-1/
# ls
# ./install.sh
2) 修改配置文件MailScanner
# cd
# vim /etc/MailScanner/MailScanner.conf
131 Run As User = postfix
136 Run As Group = postfix
165 Incoming Queue Dir = /var/spool/postfix/hold
169 Outgoing Queue Dir = /var/spool/postfix/incoming
196 MTA = postfix
2231 Required SpamAssassin Score = 7
2237 High SpamAssassin Score = 10
2437 Spam Actions = deliver header "X-Spam-Status: Yes"
2499 High Scoring Spam Actions = delete forward spam@extmail.org
3) 配置Postfix 支持调用MailScanner
# vim /etc/postfix/main.cf
520 header_checks = regexp:/etc/postfix/header_checks
#最后添加
# vim /etc/postfix/header_checks
497 /^Received:/HOLD
4) 调整邮件过滤队列的目录属主、属组,并启动MailScanner 服务程序
# chown -R postfix:postfix /var/spool/MailScanner/incoming/
# chown -R postfix:postfix /var/spool/MailScanner/quarantine/
# service MailScanner start
Starting MailScanner daemons:
incoming postfix: [ OK ]
outgoing postfix: [ OK ]
MailScanner: [ OK ]
# chkconfig --level 35 MailScanner on
# chkconfig --list MailScanner
MailScanner 0:off 1:off 2:on 3:on 4:on 5:on 6:off
5.2 安装并配置SpamAssassin 垃圾邮件过滤器
1) 安装并配置SpamAssassin 垃圾邮件过滤器
# yum install spamassassin -y
2) 修改配置文件local.cf
(位于“/etc/mail/spamassassin/local.cf”,一般不需要进行任何修改,保
持默认设置即可)
3) 启动SpamAssassin 服务
# chkconfig --level 2345 spamassassin on
# chkconfig --list spamassassin
spamassassin 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# service spamassassin start
Starting spamd: [ OK ]
5.3 安装并配置F-Port 病毒查杀软件
1) 安装F-Port 软件包安装过程中出现提示是按回车键接受默认设置
# cd mail/
# ll
# tar -zxvf fp-Linux-i686-ws.tar.gz -C /opt/
# cd /opt/f-prot/
# ls
# ./install-f-prot.pl
2) 升级F-Port 病毒库(服务器要能够访问Internet 互联网)
# /opt/f-prot/fpupdate
# crontab –e (计划任务)
00 8 * * * /opt/f-prot/fpupdate
# chkconfig --level 2345 crond on
# service crond restart
Stopping crond: [ OK ]
Starting crond: [ OK ]
页:
[1]