Diferencia entre revisiones de «Antispam methods»
De gacq wiki
(→TMDA) |
|||
(No se muestran 5 ediciones intermedias del mismo usuario) | |||
Línea 1: | Línea 1: | ||
*http://dspam.nuclearelephant.com/ | *http://dspam.nuclearelephant.com/ | ||
+ | =Greylists= | ||
=postgrey= | =postgrey= | ||
+ | ==Install== | ||
apt-get install postgrey | apt-get install postgrey | ||
netstat -anp | grep 60000 | netstat -anp | grep 60000 | ||
tcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 18478/postgrey.pid | tcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 18478/postgrey.pid | ||
− | /etc/postfix/main.cf | + | In /etc/postfix/main.cf add to "smtpd_recipient_restrictions =" |
check_policy_service inet:127.0.0.1:60000 | check_policy_service inet:127.0.0.1:60000 | ||
+ | Restart postfix: | ||
+ | /etc/init.d/postfix restart | ||
+ | |||
+ | ==Administration== | ||
+ | Lists the automatically whitelisted servers: | ||
+ | perl /usr/share/doc/postgrey/postgrey_clients_dump | ||
+ | |||
+ | =Mail Analysis= | ||
+ | ==SpamAssassin== | ||
=Blacklist= | =Blacklist= | ||
/etc/postfix/main.cf | /etc/postfix/main.cf | ||
− | + | reject_rbl_client bl.spamcop.net, | |
+ | reject_rbl_client relays.ordb.org, | ||
+ | reject_rbl_client sbl-xbl.spamhaus.org, | ||
+ | |||
+ | =SPF Filtering= | ||
+ | SPF stands for Sender Policy Framework. It's a way for your server to verify if a connecting client is supposed to be sending mail for the domain it claims to be sending mail for. It works by checking a special DNS record that domain owners create for this specific purpose. For more info on the Sender Policy Framework check out the [http://www.openspf.org Openspf site] | ||
+ | =DomainKeys= | ||
=TMDA= | =TMDA= |
Revisión actual del 08:09 2 dic 2006
Contenido
Greylists
postgrey
Install
apt-get install postgrey netstat -anp | grep 60000 tcp 0 0 127.0.0.1:60000 0.0.0.0:* LISTEN 18478/postgrey.pid
In /etc/postfix/main.cf add to "smtpd_recipient_restrictions ="
check_policy_service inet:127.0.0.1:60000
Restart postfix:
/etc/init.d/postfix restart
Administration
Lists the automatically whitelisted servers:
perl /usr/share/doc/postgrey/postgrey_clients_dump
Mail Analysis
SpamAssassin
Blacklist
/etc/postfix/main.cf
reject_rbl_client bl.spamcop.net, reject_rbl_client relays.ordb.org, reject_rbl_client sbl-xbl.spamhaus.org,
SPF Filtering
SPF stands for Sender Policy Framework. It's a way for your server to verify if a connecting client is supposed to be sending mail for the domain it claims to be sending mail for. It works by checking a special DNS record that domain owners create for this specific purpose. For more info on the Sender Policy Framework check out the Openspf site
DomainKeys
TMDA
Significantly reduce the amount of spam
- whitelists: accept mail from known, trusted senders.
- blacklists: refuse mail from undesired senders.
- challenge/response: allows unknown senders which aren't on the whitelist or blacklist the chance to confirm that their message is legitimate (non-spam).
- tagged addresses: special-purpose e-mail addresses such as time-dependent addresses, or addresses which only accept certain kinds of communication. These increase the transparency of TMDA for unknown senders by allowing them to safely circumvent the challenge/response system.
This methodology has the advantage of being very selective about what it allows in, while at the same time permitting legitimate, but previously unknown senders to reach you.