标题:
反病毒反垃圾邮件系统构建HOWTO
[打印本页]
作者:
湘晴
时间:
2003-8-7 19:53
标题:
反病毒反垃圾邮件系统构建HOWTO
反病毒反垃圾邮件系统构建HOWTO 作者:san@nsfocus.com 主页:http://www.nsfocus.com 原来qmail系统的邮箱一天起码要收十几份垃圾、病毒邮件,实在是比较烦,不是很喜欢qmail,特别是日志,让人不知所云,所以干脆考虑更换邮件系统。 系统平台为Debian Woody 3.0 一、邮件系统的安装 1、软件包安装 Postfix+Courier-IMAP+Cyrus-SASL+PAM_MySQL+MySQL这种安装方式简单易行,在Debian下的安装更加方便: # apt-get install courier-pop postfix-mysql postfix-tls courier-authdaemon\ courier-authmysql libpam-mysql libsasl7 libsasl-modules-plain courier-imap 如果你的系统本身没有mysql,那么在上面的列表里还要加上mysql-server。apt在安装过程中会有简单的提示,要求填上系统的域名等信息。 2、postfix的配置 修改main.cf: 添加: home_mailbox = Maildir/ 告诉postfix使用Maildir方式 mydestination = $myhostname, $transport_maps 告诉postfix发送$myhostname(本机)和$transport_maps(transport表里的域名)的邮件。 alias_maps = mysql:/etc/postfix/mysql-aliases.cf relocated_maps = mysql:/etc/postfix/mysql-relocated.cf transport_maps = mysql:/etc/postfix/mysql-transport.cf virtual_maps = mysql:/etc/postfix/mysql-virtual.cf 告诉postfix从哪里找这些表。 local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname postfix传递给本地收件人的几种方法。 virtual_mailbox_base = /home/vmail virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf virtual_uid_maps = mysql:/etc/postfix/mysql-virtual-uid.cf virtual_gid_maps = mysql:/etc/postfix/mysql-virtual-gid.cf 虚拟用户的信息。 broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous 启用sasl,必须验证才能发信。 smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unknown_recipient_domain,reject_non_fqdn_recipient,check_relay_domains 发信限制。 还可以加上一些其他的参数: disable_vrfy_command = yes 将vrfy功能关掉。 3、与MySQL结合的配置及数据表结构 注意:配置mysql相关部分要写127.0.0.1而不要写localhost,如果使用localhost,postfix会尝试socket连接。debian的postfix使用socket连接好像有问题。mysql不能使用skip-networking选项,要使用--bind-address=127.0.0.1让它监听在127.0.0.1。(非常感谢Martin List-Petersen指点) 还有要注意的是如果是自己编译的mysql,建议在启动的时候加上--socket=/var/run/mysqld/mysqld.sock参数,因为pam-mysql又需要使用这个socket。如果你的apache+php是自己编译的话,php又需要重新编译,配置的时候需要加上--with-mysql-sock=/var/run/mysqld/mysqld.sock参数。 是不是比较烦?这不过是个开始。 MySQL的数据表: CREATE TABLE alias ( id int(11) unsigned NOT NULL auto_increment, alias varchar(128) NOT NULL default '', destination varchar(128) NOT NULL default '', PRIMARY KEY (id) ) TYPE=MyISAM; CREATE TABLE relocated ( id int(11) unsigned NOT NULL auto_increment, email varchar(128) NOT NULL default '', destination varchar(128) NOT NULL default '', PRIMARY KEY (id) ) TYPE=MyISAM; CREATE TABLE transport ( id int(11) unsigned NOT NULL auto_increment, domain varchar(128) NOT NULL default '', destination varchar(128) NOT NULL default '', PRIMARY KEY (id), UNIQUE KEY domain (domain) ) TYPE=MyISAM; CREATE TABLE users ( id int(11) unsigned NOT NULL auto_increment, email varchar(128) NOT NULL default '', clear varchar(128) NOT NULL default '', name tinytext NOT NULL, uid int(11) unsigned NOT NULL default '1011', gid int(11) unsigned NOT NULL default '1011', homedir tinytext NOT NULL, maildir tinytext NOT NULL, quota tinytext NOT NULL, postfix enum('Y','N') NOT NULL default 'Y', PRIMARY KEY (id), UNIQUE KEY email (email) ) TYPE=MyISAM; CREATE TABLE virtual ( id int(11) unsigned NOT NULL auto_increment, email varchar(128) NOT NULL default '', destination varchar(128) NOT NULL default '', PRIMARY KEY (id) ) TYPE=MyISAM; /etc/postfix目录下各mysql配置文件: mysql-aliases.cf user = mysql-postfix-user password = mysql-postfix-pass dbname = postfix table = alias select_field = destination where_field = alias hosts = 127.0.0.1 mysql-relocated.cf user = mysql-postfix-user password = mysql-postfix-pass dbname = postfix table = relocated select_field = destination where_field = email hosts = 127.0.0.1 mysql-transport.cf user = mysql-postfix-user password = mysql-postfix-pass dbname = postfix table = transport select_field = destination where_field = domain hosts = 127.0.0.1 mysql-virtual.cf user = mysql-postfix-user password = mysql-postfix-pass dbname = postfix table = virtual select_field = destination where_field = email hosts = 127.0.0.1 mysql-virtual-maps.cf user = mysql-postfix-user password = mysql-postfix-pass dbname = postfix table = users select_field = maildir where_field = email additional_conditions = and postfix = 'y' hosts = 127.0.0.1 mysql-virtual-uid.cf user = mysql-postfix-user password = mysql-postfix-pass dbname = postfix table = users select_field = uid where_field = email additional_conditions = and postfix = 'y' hosts = 127.0.0.1 mysql-virtual-gid.cf user = mysql-postfix-user password = mysql-postfix-pass dbname = postfix table = users select_field = gid where_field = email additional_conditions = and postfix = 'y' hosts = 127.0.0.1 修改Courier相关设置,/etc/courier/imapd: AUTHMODULES="authdaemon" IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE" 修改/etc/courier/pop3d AUTHMODULES="authdaemon" POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" 修改/etc/courier/authdaemonrc authmodulelist="authmysql authpam" 使用mysql验证和pam验证。 修改/etc/courier/authmysqlrc MYSQL_SERVER 127.0.0.1 MYSQL_USERNAME mysql-postfix-user MYSQL_PASSWORD mysql-postfix-pass #MYSQL_SOCKET /var/run/mysql/mysql.sock MYSQL_PORT 0 MYSQL_OPT 0 MYSQL_DATABASE postfix MYSQL_USER_TABLE users MYSQL_LOGIN_FIELD email MYSQL_CLEAR_PWFIELD clear MYSQL_UID_FIELD uid MYSQL_GID_FIELD gid MYSQL_HOME_FIELD homedir MYSQL_MAILDIR_FIELD maildir SASL library 创建/etc/postfix/sasl/smtpd.conf: pwcheck_method: PAM PAM-MySQL 创建/etc/pam.d/smtp: auth optional pam_mysql.so host=localhost db=postfix user=mysql-postfix-user passwd=mysql-postfix-pass table=users usercolumn=email passwdcolumn=clear crypt=n account required pam_mysql.so host=localhost db=postfix user=mysql-postfix-user passwd=mysql-postfix-pass usercolumn=email passwdcolumn=clear crypt=n 4、TLS支持 通过修改/usr/lib/ssl/misc/CA.pll脚本实现,以下修改后CA1.pl和未修改CA.pl之间的对比: *** CA.pl --- CA1.pl *************** *** 59,69 **** } elsif (/^-newcert$/) { # create a certificate ! system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS"); $RET=$?; print "Certificate (and private key) is in newreq.pem\n" } elsif (/^-newreq$/) { # create a certificate request ! system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); $RET=$?; print "Request (and private key) is in newreq.pem\n"; } elsif (/^-newca$/) { --- 59,69 ---- } elsif (/^-newcert$/) { # create a certificate ! system ("$REQ -new -x509 -nodes -keyout newreq.pem -out newreq.pem $DAYS"); $RET=$?; print "Certificate (and private key) is in newreq.pem\n" } elsif (/^-newreq$/) { # create a certificate request ! system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); $RET=$?; print "Request (and private key) is in newreq.pem\n"; } elsif (/^-newca$/) { 现在就可以使用修改的CA1.pl来签发证书: # cd /usr/local/ssl/misc # ./CA1.pl -newca # ./CA1.pl -newreq # ./CA1.pl -sign # cp demoCA/cacert.pem /etc/postfix/CAcert.pem # cp newcert.pem /etc/postfix/cert.pem # cp newreq.pem /etc/postfix/key.pem 修改main.cf,添加: smtpd_tls_cert_file = /etc/postfix/cert.pem smtpd_tls_key_file = /etc/postfix/privkey.pem smtpd_use_tls = yes tls_random_source = dev:/dev/urandom tls_daemon_random_source = dev:/dev/urandom 重起postfix后就可以看到250-STARTTLS 很多邮件客户端对TLS的支持并不是非常好,建议使用stunnel来实现相应的smtp和pop3加密。 # apt-get install stunnel 证书: # openssl req -new -x509 -days 365 -nodes -config /etc/ssl/openssl.cnf -out stunnel.pem -keyout stunnel.pem # openssl gendh 512 >> stunnel.pem 服务端: # stunnel -d 60025 -r 25 -s nobody -g nogroup # stunnel -d 60110 -r 110 -s nobody -g nogroup 如果使用-n pop3等参数就只能用邮件客户端收信。 客户端: 建一个stunnel.conf文件: client = yes [pop3] accept = 127.0.0.1:110 connect = 192.168.7.144:60110 [smtp] accept = 127.0.0.1:25 connect = 192.168.7.144:60025 然后启动stunnel.exe,在邮件客户端的smtp和pop3的服务器都填127.0.0.1就可以了,这样从你到邮件服务器端的数据传输就让stunnel给你加密了。 5、测试用户 # mkdir -p /home/vmail/test.org/san/ # chown -R nobody.nogroup /home/vmail # chmod -R 700 /home/vmail mysql> use postfix mysql> insert into transport set domain='test.org', destination='virtual:'; mysql> insert into users set email='san@test.org',clear='test',name='',uid='65534',gid='65534',homedir='home/vmail',maildir='test.org/san/'; 然后就可以使用客户端收发邮件,记得用户名是email地址。 二、防病毒系统 1、安装McAfee uvscan for linux McAfee uvscan for linux虽然是试用,但是没有什么限制,可以升级,也没有过期。 # wget http://download.nai.com/products/evaluation/virusscan/english/cmdline/linux/version_4.24/intel/vlnx424e.tar.Z # tar xzf vlnx424e.tar.Z # ./install-uvscan 默认会装到/usr/local/uvscan目录下,不过uvscan需要libstdc++.so.2.8,直接运行出现如下错误: # uvscan uvscan: error while loading shared libraries: libstdc++.so.2.8: cannot open shared object file: No such file or directory 可以从如下地址获得libstdc++.so.2.8的安装包: # wget http://debian.marlow.dk/dists/woody/virus/pool/lib/libstdc++2.8_2.90.29-2.deb # dpkg -i libstdc++2.8_2.90.29-2.deb 这样uvscan就可以正常运行了,不过会提示病毒库比较老了云云。写个病毒库更新脚本扔到crontab跑去吧: #!/bin/sh # # update-dat.sh # cd /usr/local/uvscan/ wget -q -O readme.txt http://download.nai.com/products/datfiles/4.x/nai/readme.txt >/dev/null AVVER=`head -5 readme.txt | grep ' 4[0-9][0-9][0-9] ' | head -1 | sed -e 's/^.* \(4[0-9]*\) .*$/\1/'` if [ ! -f dat-$AVVER.tar ]; then for i in *.tar ; do mv $i $i.old done if wget http://download.nai.com/products/datfiles/4.x/nai/dat-$AVVER.tar >/dev/null ; then for i in *.dat ; do cp -p $i $i.bak done if tar xf dat-$AVVER.tar ; then rm -f *.old echo `date` Successfully updated AntiVirus DAT files to $AVVER fi fi fi 2、AMaViS的安装 AMaViS是uvscan和postfix之间的一个桥梁,完成邮件解码,交给uvscan查毒,然后再处理,转发操作。 安装amavisd前先确定以下软件已经安装,lha、unarj等使用的no-free的分支版本: # apt-get install libio-stringy-perl mailtools libmime-perl libmailtools-perl libmime-base64-perl \ libcompress-zlib-perl libconvert-uulib-perl libconvert-tnef-perl tnef libarchive-tar-perl \ libarchive-zip-perl libtime-hires-perl libunix-syslog-perl libdigest-md5-perl lha unarj unzip \ gzip unrar zoo stable版本的amavisd比较老,使用如下链接: # wget http://debian.marlow.dk/dists/woody/custom/pool/compress/arc_5.21e-5_i386.deb # wget http://debian.marlow.dk/dists/woody/virus/pool/wrapper/amavisd-new_20030314p1-2_all.deb # wget http://debian.marlow.dk/dists/woody/virus/pool/lib/libnet-perl_1.12-1_all.deb # wget http://debian.marlow.dk/dists/woody/virus/pool/lib/libnet-server-perl_0.84-3_all.deb 先安装CPAN: # perl -MCPAN -e shell cpan> install CPAN cpan> install LWP cpan> install Archive::Tar cpan> install Archive::Zip cpan> install Compress::Zlib cpan> install Convert::TNEF cpan> install Convert::UUlib cpan> install MIME::Base64 cpan> install MIME::Parser cpan> install Mail::Internet cpan> install Net::Server cpan> install Net::SMTP cpan> install Digest::MD5 cpan> install IO::Stringy cpan> install Time::HiRes cpan> install Unix::Syslog 安装四个下载的软件包: # dpkg -i *.deb 修改/etc/amavis/amavisd.conf: @inet_acl = qw( 127/8 1.2.3.4/32 ); # 1.2.3.4 is your external ip .. because want maybe also accept mail from that interface, it's up to you. $warnvirussender = 1; # I want to warn people, who have got virus. $warnvirusrecip = 1; # I want to warn my users about virus send to them. $warn_offsite = 1; # I want to warn senders/recipients, that are not located on my server $mailfrom_notify_admin = 'virusalert@example.com'; # $mailfrom_notify_recip = 'virusalert@example.com'; # Change these to the appropriate email-adresses, you wish to use as sender $mailfrom_notify_spamadmin = 'spam.police@example.com'; # for spam and virus warnings $hdrfrom_notify_sender = 'AMaViS (content filter)
'; $virus_admin = 'virus-admin@example.com'; # $spam_admin = 'spam-admin@example.com'; # 指定使用uvscan: @av_scanners = ( ['NAI McAfee AntiVirus (uvscan)', 'uvscan', '--secure -rv --summary --noboot {}', [0], [13], qr/(?x) Found (?: \ the\ (.+)\ (?:virus|trojan) | \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | :\ (.+)\ NOT\ a\ virus)/ ], ); 找到/etc/postfix/master.cf如下行: smtp inet n - n - - smtpd 改为如下: smtp inet n n n - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024 smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o local_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o strict_rfc821_envelopes=yes 重启postfix,这样在收到病毒邮件的时候能够在日志文件看到如下的信息: Jul 16 15:34:22 xxx amavis[30997]: (30997-09) INFECTED (W32/Nimda.gen@MM), (?) ->
, quarantine virus-20030716-153422-30997-09, Message-ID: <20030716073414.520D3E5C2F@xxx> 三、防垃圾邮件部分 垃圾邮件的防范必须掌握好尺度,postfix本身提供了header_check、body_check、access、classes等方式来拒绝邮件,可以参考如下地址的样例,结合自己的情况进行修改也能阻止一部分垃圾邮件: http://www.securitysage.com/guides/postfix_uce_header.html http://www.securitysage.com/guides/postfix_uce_body.html http://www.securitysage.com/guides/postfix_uce_access.html http://www.securitysage.com/guides/postfix_uce_class.html 不过以上配置文件需要管理员根据自己情况手工进行修改,如果直接采用的话,那么国内很多邮件你将收不到。 SpamAssassin和AMaViS可以很好的结合,它能够帮管理员自动处理一些垃圾邮件。SpamAssassin很有趣,它对解码后的邮件进行扫描后打分,如果分数达到用户指定的分数,那么就认为是垃圾邮件,而且它还有学习功能,管理员也可以自己重新定义各种分值或自定义分值。 1、SpamAssassin的安装 由于已经安装了AMaViS,所以自然就选择了SpamAssassin。SpamAssassin可以通过CPAN安装: # perl -MCPAN -e shell install Mail::SpamAssassin 2、SpamAssassin配置 创建/var/lib/amavis/.spamassassin/user_prefs文件: # SpamAssassin config file for version 2.5x # generated by http://www.yrex.com/spam/spamconfig.php (version 1.01) # How many hits before a message is considered spam. required_hits 5.0 # Whether to change the subject of suspected spam rewrite_subject 1 # Text to prepend to subject if rewrite_subject is used subject_tag *****SPAM***** # Encapsulate spam in an attachment report_safe 1 # Use terse version of the spam report use_terse_report 0 # Enable the Bayes system use_bayes 1 # Enable Bayes auto-learning auto_learn 1 # Enable or disable network checks skip_rbl_checks 1 use_razor2 0 use_dcc 0 use_pyzor 0 # Mail using languages used in these country codes will not be marked # as being possibly spam in a foreign language. # - chinese english ok_languages zh en # Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales en zh SpamAssassin的打分标准见http://spamassassin.org/tests.html,默认的标准可能并不适合我们,比如SUBJ_FULL_OF_8BITS有4分多,这个比较容易误伤友军,应该降低该分值。只需在配置文件里加上: score SUBJ_FULL_OF_8BITS 2 那么SUBJ_FULL_OF_8BITS就只能评2分了。很多垃圾邮件内容都会有免费什么什么的,所以免费可以作为关键字,打上较高分数: body CH_FREE /免费/ describe CH_FREE Contain Chinese Free score CH_FREE 3.0 建立Bayes学习知识库: # cd /var/lib/amavis/.spamassassin # /usr/local/bin/sa-learn --rebuild -D -p user_prefs 以后spamassassin会自动学习更新。 3、amavis相关配置 修改/etc/amavis/amavisd.conf文件启用ANTI-SPAM功能: # @bypass_spam_checks_acl = qw( . ); 运行amavisd debug,看到有如下的信息,说明ANTI-SPAM的功能已经打开了: Jul 17 02:35:46 debian amavisd[3082]: ANTI-SPAM code loaded Jul 17 02:35:46 debian amavisd[3082]: SpamControl: initializing Mail::SpamAssassin Jul 17 02:35:47 debian amavisd[3082]: SpamControl: done /etc/amavis/amavisd.conf配置文件里的$final_spam_destiny决定了对垃圾邮件的处理,是拒绝、丢弃还是通过。 也许你还需要好好调整amavisd.conf配置文件,比如发现垃圾邮件和病毒邮件的时候是否给管理员发送提醒邮件等等,每个选项上面都有详细的描述。 在一个十多个邮件用户的真实环境里,spamassassin一天大概能挡下四、五十封垃圾邮件,而且正确率非常高,在98%以上。病毒邮件比较少,但是正确率100%,包括邮件用户给其他人员发木马等软件,都会被挡下来,所以内部邮件用户要发送此类邮件必须使用加密或者压缩后加口令。 四、邮件列表 1、mailman的安装 一直听说mailman不错,于是就选用了,结果问题多多,花了很长时间才解决。 首先在apt安装的时候就有问题,mailman一定要关联apache,由于系统本身有自己编译的apache,所以导致安装不成功。没办法只能手工编译,手工编译得确定有mailman的用户和组,而且需要python2.1-dev,源码包里有INSTALL和README.POSTFIX两个帮助文件一定要好好看看。 # apt-get install python2.1-dev # wget http://heanet.dl.sourceforge.net/sourceforge/mailman/mailman-2.1.2.tgz # tar xzf mailman-2.1.2.tgz # mkdir /usr/local/mailman # chmod 02775 /usr/local/mailman # cd mailman-2.1.2 # ./configure --prefix=/usr/local/mailman --with-mail-gid=mailman 安装完后检查权限: # /usr/local/mailman/bin/check_perm 加上-f参数可以修复。安装很方便,可是和虚拟域的postfix结合还是比较折腾人的,直接使用虚拟域如test.org就会带来麻烦,它会查找虚拟域的用户,所以会报unknown user的错误。 2、mailman的配置 加上mailman的cron: # cd /usr/local/mailman/cron # crontab -u mailman crontab.in 把mailman加到启动组里: # cp scripts/mailman /etc/init.d/mailman # update-rc.d mailman defaults 修改/usr/local/mailman/Mailman/mm_cfg.py,加上: DEFAULT_EMAIL_HOST = 'lists.test.org' MTA = 'Postfix' POSTFIX_STYLE_VIRTUAL_DOMAINS = ['lists.test.org', 'test.org'] 可以试着添加一个邮件列表: # /usr/local/mailman/bin/newlist mailman 把用户添加到邮件列表里测试一些,建一个文本文件,比如members.txt,一行一个邮件地址,然后执行如下命令就可以了: # /usr/local/mailman/bin/add_members -n members.txt mailman 3、postfix相关配置 还需要修改postfix的配置文件才能使mailman工作正常,修改main.cf,加上: owner_request_special = no recipient_delimiter = + unknown_local_recipient_reject_code = 550 修改alias_maps和virtual_maps为: alias_maps = hash:/usr/local/mailman/data/aliases, mysql:/etc/postfix/mysql-aliases.cf virtual_maps = hash:/usr/local/mailman/data/virtual-mailman, mysql:/etc/postfix/mysql-virtual.cf 单单这样还是不行的,我测试还需要把main.cf里myorigin改为: myorigin = lists.test.org 然后在transport表里添加一个记录: insert into transport set domain='lists.test.org',destination='local:'; 重启postfix和mailman,现在可以试试给mailman这个邮件列表发邮件是否都正常了? 4、python处理中文的问题 如果邮件都是中文gb2312编码的就有问题,查看/usr/local/mailman/logs/error会发现如下的错误: Jul 16 17:40:09 2003 (392) Uncaught runner exception: unknown encoding Jul 16 17:40:10 2003 (392) Traceback (most recent call last): File "/usr/local/mailman/Mailman/Queue/Runner.py", line 105, in _oneloop self._onefile(msg, msgdata) File "/usr/local/mailman/Mailman/Queue/Runner.py", line 155, in _onefile keepqueued = self._dispose(mlist, msg, msgdata) File "/usr/local/mailman/Mailman/Queue/IncomingRunner.py", line 130, in _dispose more = self._dopipeline(mlist, msg, msgdata, pipeline) File "/usr/local/mailman/Mailman/Queue/IncomingRunner.py", line 153, in _dopipeline sys.modules[modname].process(mlist, msg, msgdata) File "/usr/local/mailman/Mailman/Handlers/CookHeaders.py", line 75, in process prefix_subject(mlist, msg, msgdata) File "/usr/local/mailman/Mailman/Handlers/CookHeaders.py", line 262, in prefix_subject h.append(s, c) File "/usr/local/mailman/pythonlib/email/Header.py", line 285, in append s = s.encode(outcodec, errors) LookupError: unknown encoding Jul 16 17:40:10 2003 (392) SHUNTING: 1058348408.892736+4539457d44c4477c6393b0b8b9916993b6084898 这是由于python不支持gb2312的缘故!在linuxforum找到一篇关于如何使python支持gb2312的文章: http://www.linuxforum.net/forum/showflat.php?Cat=&Board=python&Number=427317&page=0&view=collapsed&sb=5&o=&fpart= 我就用了作者提供的http://bbs1.nju.edu.cn/file/gb2312.rar,其实它也是从http://sourceforge.net/projects/python-codecs/来的。把gb2312目录的gb2312.py文件拷贝到/usr/lib/python2.1/encodings/目录下,chinesecn目录也拷贝到该目录下,然后修改/usr/lib/python2.1/encodings/aliases.py文件,在最后的}前加上: # gb2321_cn codec 'gb2312': 'gb2312', 然后再次发送中文邮件给邮件列表,发现邮件列表就能够正常转发了。 5、邮件列表的配置 Default.py和mm_cfg.py的配置是针对全局的,对全局配置文件的修改不会影响到已经存在的邮件列表。mailman提供了config_list这个命令来对单个邮件列表进行配置,先导出该邮件列表的配置: # /usr/local/mailman/bin/config_list -o /tmp/config mailman 然后修改/tmp/config文件,里面有很多选项,可以根据自己的要求修改,比如加上回复到邮件列表的邮件头、去掉mailman自动加的边脚等等,最后把这个配置文件导回给邮件列表就可以了: # /usr/local/mailman/bin/config_list -i /tmp/config mailman 习惯了发现mailman配起来也是蛮简单的。 五、其它事项 1、courier-pop 有一个值得注意的问题,如果不小心/etc/init.d/courier-pop stop以后,再start起来,有时候会发现不能登陆pop,日志会提示: courierpop3login: chdir: No such file or directory 这应该是一个bug,courierpop3login好像使用了工作目录,只需退到根目录再start启动就没有问题。感谢scz的提醒。 2、Debian的ENC增强位 Debian默认设置/proc/sys/net/ipv4/tcp_ecn=1,这样在TCP握手时发的syn包ecn置位,对于一些严格的防火墙来说这不是syn包,所以拒绝和你建立连接。只需置零就可以了: echo 1 > /proc/sys/net/ipv4/tcp_ecn 如果希望重启也不置位,那么在/etc/sysctl.conf里加上: net/ipv4/tcp_ecn=0 3、邮箱别名 alias表是针对本地的别名,virtual表才是针对虚拟用户的别名。比如要给san@test.org建立一个别名faint@test.org,那么写入以下的SQL语句: insert into virtual set email='faint@test.org',destination='san@test.org'; 4、地址欺骗 为了让mailman正常工作,main.cf里已经设置myorigin = lists.test.org,这使得本地用户发送邮件也使用这个域名,比如通过web发邮件在日志里就能看到from是nobody@lists.test.org,如果lists.test.org这个子域名不存在的话,那么对于一些严格的邮件服务器会拒绝接受此类邮件(postfix可以在smtpd_sender_restrictions后面加上reject_unknown_sender_domain拒绝此类邮件)。 这时可以使用postfix的masquerade_domains选项来实现地址欺骗,只需加上: masquerade_domains = test.org 这样本地用户发送的邮件地址就使用test.org了。但有一点要注意,要屏蔽邮件列表,比如: masquerade_exceptions = mailman, otherlist 这样邮件列表还是使用lists.test.org这个域。地址欺骗并不影响虚拟域。 参考资料: 1. http://www.marlow.dk/tech/postfix.php 2. http://lawmonkey.org/anti-spam.html 3. http://www.securitysage.com/guides/postfix_uce.html 历史记录 0.01 - 初始版本。根据自己服务器配置和使用过程写的HOWTO。
作者:
jeremiah
时间:
2003-8-7 20:39
标题:
反病毒反垃圾邮件系统构建HOWTO
又是一个头大的东西
作者:
湘晴
时间:
2003-8-14 18:49
标题:
反病毒反垃圾邮件系统构建HOWTO
看看吧,反正我是看不懂~~~!
欢迎光临 黑色海岸线论坛 (http://bbs.thysea.com/)
Powered by Discuz! 7.2