国产精品香蕉在线观看网,亚洲欧美精品综合在线观看,亚洲不卡av一区二区无码不卡,亚洲日本精品国产第一区二区

移動(dòng)安全 安全管理 應(yīng)用案例 網(wǎng)絡(luò)威脅 系統(tǒng)安全 應(yīng)用安全 數(shù)據(jù)安全 云安全
當(dāng)前位置: 主頁(yè) > 信息安全 > 移動(dòng)安全 >

如何正確配置Postfix阻止垃圾郵件進(jìn)服務(wù)器

時(shí)間:2011-05-01 17:16來(lái)源: 點(diǎn)擊:
毫無(wú)疑問,近一段時(shí)期以來(lái),垃圾郵件日益盛行。據(jù)估計(jì),垃圾郵件占全部郵件的80%到90%,很多郵件服務(wù)器在對(duì)付由最新的垃圾郵件所引起的額外負(fù)擔(dān)問題上存在著很大的困難。
Tags垃圾郵件(102)  

  毫無(wú)疑問,近一段時(shí)期以來(lái),日益盛行。據(jù)估計(jì),垃圾郵件占全部郵件的80%到90%,很多郵件在對(duì)付由最新的垃圾郵件所引起的額外負(fù)擔(dān)問題上存在著很大的困難,而且垃圾郵件過(guò)濾器如SpamAssassin并不能如以前那樣識(shí)別大部分的垃圾郵件。幸運(yùn)的是,我們可以在郵件傳輸代理(Mail Transfer Agent,MTA)層次上阻止大量的垃圾郵件,例如通過(guò)使用黑名單、在發(fā)送者和接收者的域上運(yùn)行測(cè)試等。這樣做的一個(gè)額外的優(yōu)勢(shì)是它可以降低郵件服務(wù)器的負(fù)荷,因?yàn)槔]件過(guò)濾器需要查看的郵件更少。

  基礎(chǔ)工作

  本文將討論怎樣配置Postfix(2.x和1.x),在垃圾郵件進(jìn)入服務(wù)器之前阻止它。不過(guò),在將本文所討論的方法運(yùn)用到您的郵件服務(wù)器中之后,您應(yīng)該檢查您的郵件日志,確保合法的用戶郵件不會(huì)被阻止。

  您可以查看如下鏈接得到一些指導(dǎo)性的信息:

  http://www.howtoforge.com/virtual_postfix_antispam

  如下的鏈接包含另外一些反垃圾郵件解決:

  http://www.howtoforge.com/taxonomy_menu/1/78/24

  Postfix 2.x

  打開/etc/postfix/main.cf文件,在其中增加如下的幾行(如果相關(guān)的配置存在,就替換之):

  vi /etc/postfix/main.cf

  [...]

  smtpd_helo_required = yes

  disable_vrfy_command = yes

  strict_rfc821_envelopes = yes

  invalid_hostname_reject_code = 554

  multi_recipient_bounce_reject_code = 554

  non_fqdn_reject_code = 554

  relay_domains_reject_code = 554

  unknown_address_reject_code = 554

  unknown_client_reject_code = 554

  unknown_hostname_reject_code = 554

  unknown_local_recipient_reject_code = 554

  unknown_relay_recipient_reject_code = 554

  unknown_sender_reject_code = 554

  unknown_virtual_alias_reject_code = 554

  unknown_virtual_mailbox_reject_code = 554

  unverified_recipient_reject_code = 554

  unverified_sender_reject_code = 554

  smtpd_recipient_restrictions =

  reject_invalid_hostname,

  reject_unknown_recipient_domain,

  reject_unauth_pipelining,

  permit_mynetworks,

  permit_sasl_authenticated,

  reject_unauth_destination,

  reject_rbl_client multi.uribl.com,

  reject_rbl_client dsn.rfc-ignorant.org,

  reject_rbl_client dul.dnsbl.sorbs.net,

  reject_rbl_client list.dsbl.org,

  reject_rbl_client sbl-xbl.spamhaus.org,

  reject_rbl_client bl.spamcop.net,

  reject_rbl_client dnsbl.sorbs.net,

  reject_rbl_client cbl.abuseat.org,

  reject_rbl_client ix.dnsbl.manitu.net,

  reject_rbl_client combined.rbl.msrbl.net,

  reject_rbl_client rabl.nuclearelephant.com,

  permit

  [...]

  然后重新啟動(dòng)Postfix:

  /etc/init.d/postfix restart

  Postfix 1.x

  打開/etc/postfix/main.cf,并在其中加入如下幾行(如果相關(guān)的配置已經(jīng)存在就替換之):

  vi /etc/postfix/main.cf

  [...]

  smtpd_helo_required = yes

  disable_vrfy_command = yes

  strict_rfc821_envelopes = yes

  invalid_hostname_reject_code = 554

  multi_recipient_bounce_reject_code = 554

  non_fqdn_reject_code = 554

  relay_domains_reject_code = 554

  unknown_address_reject_code = 554

  unknown_client_reject_code = 554

  unknown_hostname_reject_code = 554

  unknown_local_recipient_reject_code = 554

  unknown_relay_recipient_reject_code = 554

  unknown_sender_reject_code = 554

  unknown_virtual_alias_reject_code = 554

  unknown_virtual_mailbox_reject_code = 554

  unverified_recipient_reject_code = 554

  unverified_sender_reject_code = 554

  maps_rbl_domains =

  multi.uribl.com,

  dsn.rfc-ignorant.org,

  dul.dnsbl.sorbs.net,

  list.dsbl.org,

  sbl-xbl.spamhaus.org,

  bl.spamcop.net,

  dnsbl.sorbs.net,

  cbl.abuseat.org,

  ix.dnsbl.manitu.net,

  combined.rbl.msrbl.net,

  rabl.nuclearelephant.com

  smtpd_recipient_restrictions =

  permit_sasl_authenticated,

  permit_mynetworks,

  reject_invalid_hostname,

  reject_non_fqdn_hostname,

  reject_non_fqdn_sender,

  reject_unknown_sender_domain,

  reject_unknown_recipient_domain,

  reject_maps_rbl,

  check_relay_domains

  [...]

  然后重新啟動(dòng)Postfix:

  /etc/init.d/postfix restart

------分隔線----------------------------

推薦內(nèi)容