Revision [641]

This is an old revision of SendmailMilters made by JavierWilson on 2008-01-11 09:25:47.

 

Sendmail milters: Anti-virus y técnicas anti-spam


En guegue usamos distintas técnicas anti-spam:

DomainKeys (de yahoo)
SPF + milter
Greylinsting
SpamAssassin + DCC + Razor
Algunos DNSBL desde sendmail
Antivirus Clamav

Para puder pasar los varios filtros aceptamos autenticación SMTP usando TLS + PLAIN (Ver CorreoSMTP) para que los milter funcionen correctamente deben incluir ciertas definiciones en sendmail.mc, las lineas INPUT_MAIL_FILTER definen el socket, qué hacer si falla (F=) y los timeouts (T=) de conexión al milter (C), envio (S), recibo (R) de infomación y timeout total (E), los define almacenan variables necesarias para los milter, por ejemplo auth_authen (prar milter-greylist) y auth_type (para spf-milter) garantizan el evitar el milter cuando el usuario se ha autenticado via SMTP.

Para SPF, spf-milter: http://www.acme.com/software/spfmilter/
INPUT_MAIL_FILTER(`spfmilter', `S=local:/var/run/spfmilter/spfmilter.sock, F=, T=S:5s;R:5s')dnl
define(`confMILTER_MACROS_ENVFROM', `i, j, {auth_type}')dnl


Para Spamassassin, spamass-milter: http://savannah.nongnu.org/projects/spamass-milt/
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=, T=C:4m;S:1m;R:1m;E:5m')dnl
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl


Para que Greylisting, milter-greylist: http://hcpnet.free.fr/milter-greylist/
Nota: en algunos rpm, se crea /usr/share/sendmail-cf/feature/greylist.m4, en este caso ya no hace falta agergar todo esto, basta con agregar FEATURE(`milter-greylist')dnl
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock')
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')
define(`confMILTER_MACROS_ENVRCPT', `{greylist}')


Para Clamav, clamav-milter: http://sial.org/howto/clamav/clamav-milter/
INPUT_MAIL_FILTER(`clamav', `S=local:/var/clamav/clmilter.socket, F=, T=S:1m;R:1m')dnl


Combinando los milters, pues algunos define se repiten como confMILTER_MACROS_HELO, confMILTER_MACROS_ENVFROM:
sendmail.mc
dnl # sendmail.mc parcial...
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
INPUT_MAIL_FILTER(`clamav', `S=local:/var/clamav/clmilter.socket, F=, T=S:4m;R:4m')dnl
INPUT_MAIL_FILTER(`spfmilter', `S=local:/var/run/spfmilter/spfmilter.sock, F=, T=C:4m;S:4m;R:8m;E:16m')dnl
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock, F=, T=S:1m;R:1m')dnl
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {verify}, {cert_subject}, {cert_issuer}')dnl
define(`confMILTER_MACROS_ENVFROM', `i, j, {auth_type}, {auth_authen}')dnl
define(`confMILTER_MACROS_ENVRCPT', `{greylist}')dnl
define(`confINPUT_MAIL_FILTERS', `greylist,spfmilter,spamassassin,clamav')dnl
dnl # sendmail.mc parcial...


la última linea confINPUT_MAIL_FILTERS, configura el orden con que se se ejecutan



CategorySysAdmin
There are no comments on this page.
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki