|
|
EnderUNIX İpucuArkadaşıma gönder , Ana Sayfa[ qmail ] "Qmail'de Qtrap ile spam engelleme" - Mehmet AÇIKGÖZ - (2006-04-12 08:01:28) [4756] Merhabalar; Qmail'de spam engellemek için kullanılan bir yöntemi sizlerle paylaşmak istedim.Qtrap uygulaması.Mesaj başlıklarını ve domainleri kontrol edip direkt drop edebilen bir uygulama. 1. cd /home/vpopmail dizini altında qtrap ve logs dizini oluşturun (mkdir -p qtrap/logs) 2. Aşağdaki scripti qtrap.sh olarak /qtrap dizini altına kaydedin. #!/bin/sh ################################# # _ # # | | # # __ _| |_ _ __ __ _ _ __ # # / _` | __| '__/ _` | '_ \ # # | (_| | |_| | | (_| | |_) | # # \__, |\__|_| \__,_| .__/ # # | | | | # # |_| |_| v2.0.0# ################################# #Release 2.0.0 - June 24th, 2004 #Hacked by Eric Siegel # --- How Qtrap works --- # Incoming mail to a qtrap enabled domain is scanned up on arrival. If the sender's address # is found is the qtrap whitelist, the messaged allowed to pass unhindered and the action is logeed. # If the sender is not in the whitelist, the message is then scanned against an array of "banned" words # that is set by the system administrator. If the message does not contain a banned word, it is # allowed to go on its way. If it contains a banned word, the message is deleted and the action # is logged in the Qtrap log. # ----------------------- # --- How qtrap logs --- # There are 2 logging features here: # 1. Log entry to the qmail-send log # This script, when it deletes a message, will insert and entry into the qmail-send log # The format of the entry is: "MESSAGE DROPPED from someone@somewhere.com because of some_bad_word" # This feature comes in handy when analyzing your qmail logs. Duh. # 2. Log entry to independent qtrap log file # This script, when it deletes a message, will insert and entry into the designated qtrap log. # The format of the entry is: "MESSAGE DROPPED from someone@somewhere.com because of some_bad_word on some_date & time" # The log is also written to when an email is allowed to pass due to its presence in the whitelist. # ------------------------ # --- Future plans for qtrap --- # This script will eventually be converted to Perl # at which time I will probably add MySQL functionality, # thus allowing for web based, on the fly, content filter # management. # ------------------------------ # --- qtrap filter rules --- # 1. The filter is case sensitive. So "Porn" is different from "porn". # # 2. Wildcards are possible. For example: porn* would block the word "porn" but would also block the word "pornography". # # 3. Banned words and whitelist addresses must be seperated by a |. NEVER end the array with a |. #--------------------------- #The whitelist configuration block whitelist_check () { case $WHITELIST in address@somewhere.com|address@somewhereelse.com) echo $SENDER found in whitelist on `date "+%D %H:%M:%S"` >> /home/vpopmail/qtrap/logs/qtrap.log exit 0;; *) ;; esac } # The banned word list configuration block checkall () { case $BANNED_WORDS in porn|PORN|Sex|SEX)//buraya kelimeler girilecek echo MESSAGE DROPPED from $SENDER because of $BANNED_WORDS on `date "+%D %H:%M:%S"` >> /home/vpopmail/qtrap/logs/qtrap.log exit 99;; *) ;; esac } #Do not edit below here WHITECHECK=$SENDER for WHITELIST in $WHITECHECK do whitelist_check $WHITELIST done CONTENT=`(cat)` for BANNED_WORDS in $CONTENT do checkall $BANNED_WORDS done exit 0 4. Spam olabilecek kelimeler ve domainler whitelist ve checkall satılarına yazın.Büyük küçük harflere dikkat edin.Porn ve porn gibi.İkisini de ekleyin.vb.vb.(Dikkat:Yazdığınız en son kelimeden sonra |(pipe) kullanmayın.Yoksa mailleriniz kuyrukta bekler ve iletilmez.) 5.Log'ların tutulacağı log dosyasını oluşturun. (touch /home/vpopmail/qtrap/logs/qtrap.log) 6.Gerekli hakları verin chown -R vpopmail:vchkpw /home/vpopmail/qtrap 7.chmod -R 755 /home/vpopmail/qtrap 8./home/vpopmail/domains/sizindomain altında vi .qmail-default dosyasını edit edin ve en üst satıra aşağıdaki komutu yazın. | /home/vpopmail/qtrap/qtrap.sh 9.Atrık spam'li mailler başlıklarına göre filtrelenecektir. tail -f /home/vpopmail/qtrap/qtrap.log komutuyla logları izleyebilirsiniz. Redhat ve Fedora'da denenmiş ve sorunsuz çalıştığı tespit edilmiştir. Herkese spamsiz günler dilerim. Arkadaşıma gönder , Ana Sayfa |
|