毫无疑问,近一段时期以来,垃圾邮件日益盛行。据估计,垃圾邮件占全部邮件的80%到90%,很多邮件服务器在对付由最新的垃圾邮件所引起的额外负担问题上存在着很大的困难,而且垃圾邮件过滤器如SpamAssassin并不能如以前那样识别大部分的垃圾邮件。幸运的是,我们可以在邮件传输代理(Mail Transfer Agent,MTA)层次上阻止大量的垃圾邮件,例如通过使用黑名单、在发送者和接收者的域上运行测试等。这样做的一个额外的优势是它可以降低邮件服务器的负荷,因为垃圾邮件过滤器需要查看的邮件更少。 基础工作 本文将讨论怎样配置Postfix(2.x和1.x),在垃圾邮件进入服务器之前阻止它。不过,在将本文所讨论的方法运用到您的邮件服务器中之后,您应该检查您的邮件日志,确保合法的用户邮件不会被阻止。 您可以查看如下链接得到一些指导性的信息: http://www.howtoforge.com/virtual_postfix_antispam 如下的链接包含另外一些反垃圾邮件解决方案: http://www.howtoforge.com/taxonomy_menu/1/78/24 Postfix 2.x 打开/etc/postfix/main.cf文件,在其中增加如下的几行(如果相关的配置存在,就替换之): vi /etc/postfix/main.cf [...]smtpd_helo_required = yesdisable_vrfy_command = yesstrict_rfc821_envelopes = yesinvalid_hostname_reject_code = 554multi_recipient_bounce_reject_code = 554non_fqdn_reject_code = 554relay_domains_reject_code = 554unknown_address_reject_code = 554unknown_client_reject_code = 554unknown_hostname_reject_code = 554unknown_local_recipient_reject_code = 554unknown_relay_recipient_reject_code = 554unknown_sender_reject_code = 554unknown_virtual_alias_reject_code = 554unknown_virtual_mailbox_reject_code = 554unverified_recipient_reject_code = 554unverified_sender_reject_code = 554smtpd_recipient_restrictions = reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client combined.rbl.msrbl.net, reject_rbl_client rabl.nuclearelephant.com, permit[...] |
然后重新启动Postfix: /etc/init.d/postfix restart Postfix 1.x 打开/etc/postfix/main.cf,并在其中加入如下几行(如果相关的配置已经存在就替换之): vi /etc/postfix/main.cf [...]smtpd_helo_required = yesdisable_vrfy_command = yesstrict_rfc821_envelopes = yesinvalid_hostname_reject_code = 554multi_recipient_bounce_reject_code = 554non_fqdn_reject_code = 554relay_domains_reject_code = 554unknown_address_reject_code = 554unknown_client_reject_code = 554unknown_hostname_reject_code = 554unknown_local_recipient_reject_code = 554unknown_relay_recipient_reject_code = 554unknown_sender_reject_code = 554unknown_virtual_alias_reject_code = 554unknown_virtual_mailbox_reject_code = 554unverified_recipient_reject_code = 554unverified_sender_reject_code = 554maps_rbl_domains = multi.uribl.com, dsn.rfc-ignorant.org, dul.dnsbl.sorbs.net, list.dsbl.org, sbl-xbl.spamhaus.org, bl.spamcop.net, dnsbl.sorbs.net, cbl.abuseat.org, ix.dnsbl.manitu.net, combined.rbl.msrbl.net, rabl.nuclearelephant.comsmtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_maps_rbl, check_relay_domains[...] |
然后重新启动Postfix: /etc/init.d/postfix restart (责任编辑:董建伟)
|
