什麼是 Greylist?

環境: CentOS 5 with RPMforge repos

Sendmail

yum install milter-greylist

vi /etc/mail/greylist.conf

#註解以下內容
#list "grey users" rcpt { \
#       user1@example.com \
#       user2@example.com \
#       user3@example.com \
#}

#修改以下內容
#原本: acl greylist list "grey users" delay 30m autowhite 3d
#改成:
acl greylist default delay 1m autowhite 3d

vi /etc/mail/sendmail.mc

#於 OSTYPE(`linux')dnl 底下加入以下內容
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock')
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')
define(`confMILTER_MACROS_ENVRCPT', `{greylist}')

#若同時使用 milter-SPF, 可合併如下

INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock')
INPUT_MAIL_FILTER(`spf-milter', `S=local:/var/spf-milter/spf-milter.sock')
define(`confMILTER_LOG_LEVEL', `9')
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')
define(`confMILTER_MACROS_ENVRCPT', `{greylist}')

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

chkconfig milter-greylist on

/etc/init.d/milter-greylist start

/etc/init.d/MailScanner restart


ps. Fedora 9, milter-greylist-4.0 需於 /etc/mail/greylist.conf 加入 geoipdb "/usr/share/GeoIP/GeoIP.dat" 才能正常運作 (Ref: http://tech.groups.yahoo.com/group/milter-greylist/message/4307 )


Postfix

yum install postgrey

vi /etc/postfix/main.cf

smtpd_recipient_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination,
    check_policy_service unix:postgrey/socket

#如同時使用 spf-milter, 可加入多個 check_policy_service

smtpd_recipient_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination,
    check_policy_service unix:postgrey/socket,
    check_policy_service unix:private/spfpolicy

vi /etc/sysconfig/postgrey (new file)

OPTIONS="--unix=/var/spool/postfix/postgrey/socket --delay=60"

chkconfig postgrey on

/etc/init.d/postgrey start

postfix reload


Ref:

arrow
arrow
    全站熱搜

    安德森 發表在 痞客邦 留言(0) 人氣()