- [Show page]
- [Old revisions]
- [[unknown link type]]
- []
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
linux:skoleni:mailserver [2014/05/02 00:34] admin |
linux:skoleni:mailserver [2014/05/02 00:50] (current) admin [SPF, cast druha] |
||
|---|---|---|---|
| Line 459: | Line 459: | ||
| </file> | </file> | ||
| - | ====== SPF ====== | + | ====== SPF - cast prvni====== |
| Kdyz jsme venovali tolik prace DNS, ukazeme si pomerne hezkou antispamovou techniku. Jedna se o hlubsi overovani domeny odesilatele. Konkretne se dotazeme serveru jahoda.cz, jestli adresa 1.2.3.4 mohla odeslat e-mail From:<nekdo@jahoda.cz>. | Kdyz jsme venovali tolik prace DNS, ukazeme si pomerne hezkou antispamovou techniku. Jedna se o hlubsi overovani domeny odesilatele. Konkretne se dotazeme serveru jahoda.cz, jestli adresa 1.2.3.4 mohla odeslat e-mail From:<nekdo@jahoda.cz>. | ||
| Line 479: | Line 479: | ||
| Promite mi, ze to sem pisu, vdyt' vsichni umite | Promite mi, ze to sem pisu, vdyt' vsichni umite | ||
| host -t txt starlab.cz | host -t txt starlab.cz | ||
| - | + | ||
| + | **Upozorneni: Tim ovsem pomahate jen druhym, aby e-maily s vasi podvrzenou domenou nikde nezpusobovali spam.** Jeste je potreba take nastavit druhou cast tj. implementovat ochranu na vlastnim serveru. | ||
| + | |||
| + | ====== SPF - cast druha ======= | ||
| + | Zarazeni do postfixu je obvykla trojkombinace | ||
| + | * apt-get install <neceho> | ||
| + | * pridani do main.cf | ||
| + | * pridani do master.cf | ||
| + | A pak trocha ladeni a opravovani preklepu. | ||
| + | |||
| + | Existuje python i perl verze. | ||
| + | apt-get install postfix-policyd-spf-python | ||
| + | apt-get install postfix-policyd-spf-perl | ||
| + | Pro ty co se nudi mohou napsat pojednani, jaky je mezi nimi rozdil. | ||
| + | |||
| + | Do ''main.cf'' pridame kamkoliv <code>policy-spf_time_limit = 3600s</code> | ||
| + | |||
| + | A do ''master.cf'' pridame treba pythonovsky skript | ||
| + | <code> | ||
| + | policy-spf unix - n n - - spawn | ||
| + | user=nobody argv=/usr/bin/policyd-spf | ||
| + | </code> | ||
| + | |||
| + | A obohatime ''smtpd_recipient_restrictions'' v main.cf: | ||
| + | |||
| + | <code> | ||
| + | smtpd_recipient_restrictions = | ||
| + | ... | ||
| + | permit_sasl_authenticated | ||
| + | permit_mynetworks | ||
| + | reject_unauth_destination | ||
| + | check_policy_service unix:private/policy-spf | ||
| + | </code> | ||
| ====== Sieve filtry v akci ====== | ====== Sieve filtry v akci ====== | ||
| Globalni filtr pro razeni spamu vsem uzivatelum do slozky spam. | Globalni filtr pro razeni spamu vsem uzivatelum do slozky spam. | ||
linux/skoleni/mailserver.1398983691.txt.gz · Last modified: 2014/05/02 00:34 by admin