« 我爱网络 | Main | [IPCN] 参加挑战杯 2004-04-24 17:00 综体西网球 »
April 21, 2004
antispam assp (qmail) - Anti-Spam SMTP Proxy (ASSP)
|
版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本声明。 https://windtear.net/archives/2004/04/21/000288.html It has long been clear to me that the best place to stop spam is at an organization's SMTP server. This is true for the following reasons:
However, mail transport systems are slow to adopt new technology, and spammers are quick and flexible, able to adopt new technology as quickly as it becomes available. Consequently, most SMTP servers are ill equipped to stop spam. Furthermore, one spam-stopping solution could work with all existing SMTP servers if it was implemented on a second level -- a transparent SMTP filtering proxy. This was my goal for this project. I wanted a server that accepted connections on port 25, passing the transmission on to the official SMTP server, and relaying its replies back to the SMTP client. But when enough of the message had been transmitted to validate its legitimacy the ASSP server could either pipe the remainder of the message to the official SMTP server or close the connection to the official SMTP server and ignore the remainder of the message. The Anti-Spam SMTP Proxy (ASSP) Server project is an open source platform-independent SMTP Proxy server which implements whitelists and Bayesian filtering to rid the planet of the blight of unsolicited email (UCE). UCE must be stopped at the SMTP server. Anti-spam tools must be adaptive to new spam and customized for each site's mail patterns. This free, easy-to-use tool works with any mail transport and achieves these goals requiring no operator intervention after the initial setup phase. What features make ASSP great?
2003-Nov-13 2:31pm jhanna -----> readme.txt Written for RedHat 7.x , and many others I believe would work with minor mods, if any. The script 'assp' should be copied into /etc/init.d/ and then linked to the appropriate run-level directories for starting up and shutting down.. For example, I run at init 3 at startup, so my script is linked to /etc/rc3.d/S79assp (just before S80sendmail) and also to /etc/rc0.d/K31assp (just after sendmail shutdown). The scripts 'start' and 'stop' should be in the 'sane' directory (ie: the typical installation directory for ASSP), if not you will have to modify 'assp' to fit. Don't forget to set the permissions of assp start stop and assp.pl (or best: all scripts) to 755 -----> assp.cfg AddSpamHeadder:=1 AddSpamProbHeadder:=1 AsADaemon:= AsAService:= AttachmentError:=500 Executable attachments are not allowed -- Compress before mailing. BlockAllExes:=1 BlockExes:=1 ChangeRoot:= DEBUG:= EmailFrom:=ASSP <> EmailHam:=assp-notspam EmailInterfaceOk:=1 EmailSpam:=assp-spam EmailWhitelist:=assp-white ExtensionsToBlock:=exe|scr|pif|vb[es]|js|jse|ws[fh]|sh[sb]|lnk|bat|cmd|com|ht[ab] KeepWhitelistedSpam:=0 MaxErrors:=10 MaxFiles:=14009 MaxWhitelistDays:=90 NoExternalSpamProb:=1 NoGoodhosts:=1 NoHaiku:=0 NoMaillog:= NoRelaying:=550 Relaying not allowed NotGreedyWhitelist:= OrderedTieHashSize:=5000 OutgoingBufSize:=102400 PopB4SMTPFile:= RamSaver:= RestartEvery:=0 SpamError:=500 Mail appears to be unsolicited -- send error reports to postmaster@yourdomain.com TestMode:=1 UpdateWhitelist:=3600 UseSubjectsAsMaillogNames:=1 WhitelistLocalOnly:= WhitelistOnly:= acceptAllMail:=127.0.0.|10.|169.254.|172.16.|192.168. allowAdminConnectionsFrom:= base:=/usr/local/assp blackListedDomains:= blackRe:=http://[\w\.]+@ bombError:=500 Your message was rejected because it appears to be part of a spam bomb -- rephrase your message and try sending it again. bombRe:= correctednotspam:=errors/notspam correctedspam:=errors/spam defaultLocalHost:= dnsbl:= greylist:=greylist incomingOkMail:= listenPort:=25 listenPort2:= localDomains:=bbs.ipcn.org localDomainsFile:= logfile:=maillog.txt maillogExt:=.eml myName:=ASSP-nospam noGreyListUpload:= noProcessing:= nogreydownload:= notspamlog:=notspam npRe:= pidfile:=pid redRe:= redlistdb:=redlist relayHost:= relayHostFile:= relayPort:= runAsGroup:=nobody runAsUser:=nobody sendAllSpam:= sendNoopInfo:= showAdvanced:=1 silent:= smtpDestination:=127.0.0.1:125 spamLovers:= spamSubject:= spamaddresses:=put|your@spambucket.com|addresses|@here.org spamdb:=spamdb spamlog:=spam totalizeSpamStats:=1 webAdminPassword:=secret webAdminPort:=55555 whiteListedDomains:=sourceforge.net whiteRe:= whitelistdb:=whitelist -----> qmail start % cat /etc/qmail/start csh -cf '/var/qmail/rc &' /etc/qmail/smtp.sh % cat /etc/qmail/smtp.sh /usr/local/bin/tcpserver -H -R -l 0 -t 1 -c 100 -v -p -x/etc/qmail/tcp.smtp.cdb -u 10001 -g 1000 0 125 /var/qmail/bin/qmail-smtpd >/dev/null 2>&1 & % cat /usr/sbin/qmail #!/bin/sh PID=`ps -ax |grep qmail-send|grep -v grep` PIDQ=`ps -ax |grep qmail-remote|grep -v grep` case $1 in start) if [ "$PID" = "" ]; then echo "Starting Qmail services......" sh /etc/qmail/start else echo "Qmail already running." fi ;; stop) if [ "$PID" = "" ]; then echo "Qmail not running" else echo "Stoping Qmail services......" killall qmail-send killall tcpserver if [ "$PIDQ" = "" ]; then echo "" else killall qmail-remote fi fi ;; restart) if [ "$PID" = "" ]; then echo "Qmail not running" else echo "Restart Qmail services......" killall qmail-send killall tcpserver if [ "$PIDQ" = "" ]; then echo "" else killall qmail-remote fi sh /etc/qmail/start fi ;; help) echo "Qmail manage scripts and Qmail_setup-v1.5 compile by iceblood" echo "My E-Mail:iceblood@163.com" echo "qmail {start|stop|help}" echo " start Starting Qmail services" echo " stop Stoping Qmail services" echo " help Qmail manage help" echo "" echo " Copyright (C) 2002 by iceblood" echo "Help end." ;; *) echo "Qmail manage scripts and Qmail_setup-v1.5 compile by iceblood" echo "My E-Mail:iceblood@163.com" echo "qmail {start|stop|restart|help}" echo " start Start Qmail services" echo " stop Stop Qmail services" echo " restart Restart Qmail services" echo " help Qmail manage help" echo "" echo " Copyright (C) 2002 by iceblood" echo "Help end." ;; esac exit 0 % -----> demo % /etc/rc.d/init.d/assp start Starting ASSP via: /usr/local/assp/start /usr/local/assp or % /usr/local/assp/start /usr/local/assp Starting ASSP Anti-SPAM Proxy server in /usr/local/assp loading config -- base='/usr/local/assp' Apr-21-04 02:03:10 ASSP version 1.0.9 initializing Apr-21-04 02:03:10 Listening for mail connections at 25 and admin connections at 55555 Apr-21-04 02:03:10 Switched effective gid to 99 (nobody) Apr-21-04 02:03:10 Switched real gid to 99 (nobody) Apr-21-04 02:03:10 Switched effective uid to 99 (nobody) Apr-21-04 02:03:10 Switched real uid to 99 (nobody) Apr-21-04 02:03:10 Warning: Bayesian spam database is small or empty: '/usr/local/assp/spamdb' Apr-21-04 02:03:10 Warning: Whitelist is small or empty: '/usr/local/assp/whitelist' (ignore if this is a new install) Apr-21-04 02:03:10 Starting % pwd % tail maillog.txt Apr-21-04 01:34:32 Connected: 166.111.154.35:4236 -----> orig articles of mine AntiSpam - C/R System - TMDA - wle - 反垃圾邮件 SOPHOS.ANTIVIRUS.V3.80.MULTILANGUAGE.LINUX-FeDEX Linux 下命令行 反病毒软件 antivirus @ linux Sophos sweep IDE update script - Download the IDE file - demo my attemp about 2 mail and 1 bbs |
Posted by windtear at April 21, 2004 2:09 AM
