Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "how to configure Sendmail to prevent spam in Linux". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

The problem of spam has greatly consumed the network resources and brought great inconvenience to people. According to an anti-spam survey conducted by the Internet Society of China (ISC), Chinese mail users receive an average of 17 e-mails per day, accounting for more than 70% of the total number of e-mails received.

At present, spam email has become one of the biggest headaches for people. In the Linux operating system platform, fighting back and filtering spam e-mail is a very important work. Here are some anti-spam technologies that are widely used in Linux.

Common spam prevention technology

SMTP user Authentication Technology

At present, a common and very effective method is to carry out SMTP authentication on the mail transfer agent MTA to send messages from Internet users outside the local network, and only authenticated users are allowed to forward them remotely. In this way, it can not only effectively prevent the mail transmission proxy server from being used by spammers, but also provide convenience for employees who are away on business or work at home. If SMTP authentication is not adopted, it is feasible to set up an Internet-oriented Web mail gateway without sacrificing security. In addition, if SMTP services and POP3 services are integrated on the same server, it is a more secure way to authenticate POP3 access (POP before SMTP) before users try to send messages, but there are not many mail clients that support this authentication.

Reverse DNS parsing

No matter which kind of authentication, the purpose is to prevent the mail delivery proxy server from being used by spammers, but there is still nothing you can do about spam sent locally. To solve this problem, the most simple and effective way is to reverse the name resolution of the sender's IP address. The DNS query is used to determine whether the sender's IP is consistent with its claimed name, for example, if its claimed name is mx.hotmail.com and its connection address is 20.200.200.200, which does not match its DNS record, it will be rejected. This method can effectively filter out spam from dynamic IP, and for some senders using dynamic domain names, it can also be blocked according to the actual situation. But the above method still doesn't work for spam using Open Relay. In this regard, a further technique is to assume that legitimate users only use mail delivery agents with legitimate Internet names in their domain to send e-mail. For example, if the sender's e-mail address is someone@yahoo.com, the Internet name of the mail delivery agent server he uses should have the suffix yahoo.com. This restriction is not consistent with the SMTP protocol, but it is effective in most cases. It is important to point out that reverse name resolution requires a large number of DNS queries.

Configure Sendmail to prevent spam

Sendmail is the mail delivery agent for Red Hat Linux and most UNIX-like operating systems, so it is by far the most widely configured mail server. Here are several specific ways to deal with spam, taking Sendmail used by Red Hat Enterprise Linux 6 as an example. Other open source mail servers can also be configured to prevent spam by referring to the introduction in this section.

Turn off the Relay function of Sendmail

The so-called Relay means that others can use the SMTP mail server that provides this feature to send messages to anyone, so that spammers with ulterior motives can use this mail server to send a large number of spam, while * other people complain about this server instead of spammers, so Relay must be disabled. The way to do this is to edit the access file in the / etc/mail directory of the Linux server, remove settings such as "* relay", and leave only "localhost relay" and "127.0.0.1 relay". * Note: after modifying the access file, use the command to make the modification take effect: # makemap hash access.db

< access 在Sendmail中添加RBL功能 RBL(Realtime Blackhole List)是实时黑名单。国外有一些机构提供RBL服务，常用的RBL服务器地址有relays.ordb.org、dnsbl.njabl.org、bl.spamcop.net、sbl.spamhaus.org、dun.dnsrbl. net和dnsbl.sorbs.net。查询和删除RBL中的IP地址可以到http://openrbl.org/和http://ordb.org。RBL将收集到的专发垃圾邮件的IP地址加入他们的黑名单，只要在Sendmail中加入RBL认证功能，就会使邮件服务器在每次收信时都自动到RBL服务器上去查实，如果信件来源于黑名单，则Sendmail会拒收邮件，从而使用户少受垃圾邮件之苦。在Sendmail中添加RBL认证，需要对sendmail.mc添加以下内容： FEATURE(`dnsbl'，`relays.ordb.org'，`″Email blocked using ORDB.org - see ″') ***执行"m4 sendmail.mc>

The two commands "sendmail.cf" and "service sendmail restart" give effect to the changes to Sendmail.

This is the end of the content of "how to configure Sendmail to prevent spam in Linux". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.