Shulou(Shulou.com)06/01 Report--

This article introduces you how to configure the Sendmail server to prevent spam, the content is very detailed, interested friends can refer to, hope to be helpful to you.

This paper introduces some anti-spam technologies which are widely used in Linux, and also introduces the specific methods of suppressing spam by configuring mail transfer proxy server Sendmail.

With the development of Internet, e-mail as

A method of communication is becoming more and more popular. At present, the users of e-mail have developed from the science and education industry to the users of ordinary families, and the information transmitted by e-mail has also developed from ordinary text messages to multimedia messages including sound and images. The cheap and easy operation of e-mail not only brings great convenience to people, but also induces some people to use it as a tool to distribute their own information, which eventually leads to the proliferation of spam in the Internet world. The problem of spam has greatly consumed the network resources and brought great inconvenience to people. According to the first anti-spam survey conducted by the Internet Society of China (ISC) in 2005, Chinese mail users received an average of 16.8 e-mails per person per day in April 2005, accounting for 60.87% of the total e-mails received.

Spam email has become one of the biggest headaches for people. In the Windows operating system, users may have had enough of the pain brought by spam, and it is difficult to avoid the harassment caused by spam in the Linux operating system platform. Counterattack and filter spam is a very important work.

Spam prevention and control strategy

Generally speaking, there are several ways to suppress spam:

1.SMTP user authentication

This is the most common, simplest and very effective method at present. SMTP authentication is performed on the mail transfer agent (Mail Transport Agent,MTA) for users who send messages from the Internet outside the local network, and only authenticated users are allowed to forward them remotely. In this way, it can not only effectively prevent the mail transmission proxy server from being used by spammers, but also provide convenience for employees who are away on business or work at home. If SMTP authentication is not adopted, it is feasible to set up an Internet-oriented Web mail gateway without sacrificing security.

In addition, if the SMTP service and the POP3 service are integrated on the same server, it is more secure to authenticate the POP3 access to the user before attempting to send the message. At present, large websites such as Sina have adopted this function one after another, which greatly reduces the probability that the servers of these large service providers are used to send spam. At present, the mail client program that supports this kind of authentication is FoxMail.

two。 Reverse DNS parsing

No matter which kind of authentication, the purpose is to prevent the mail delivery proxy server from being used by spammers, but there is still nothing you can do about spam sent locally. To solve this problem, the most simple and effective way is to reverse the name resolution of the sender's IP address, that is, through the DNS query to determine whether the sender's IP is consistent with its claimed name. For example, if its claimed name is pc.sina.com and its connection address is 120.20.96.68, which does not match its DNS record, it will be rejected. This method can effectively filter out spam from dynamic IP, and for some senders using dynamic domain names, it can also be blocked according to the actual situation.

But the above method still doesn't work for spam using Open Relay. In this regard, a further technique is to assume that legitimate users only use mail delivery agents with legitimate Internet names in their domain to send e-mail. It should be noted that reverse name resolution requires a large number of DNS queries. In this way, a large number of UDP packets will appear in the network.

3. Blacklist filtering

The blacklist service is a database made up of domain names or IP based on the accumulation of user complaints and samples, the most famous of which are RBL, DCC and Razor. These databases hold host names or IP addresses that send spam frequently for MTA to query in real time to decide whether to reject the corresponding email. To put it simply, all IP addresses or domain names stored in the database should be illegal and should be blocked.

However, at present, it is difficult to ensure the correctness and timeliness of various blacklist databases, and the formation of the list generally takes a period of time to accumulate. For example, for a period of time, RBL and DCC in North America contained a large number of host names and IP addresses in China, some of which were caused by early Open Relay and some caused by false positives. However, these delays have not been corrected, which not only hinders the email contact between China and North America to a certain extent, but also hinders our users from using these blacklist services.

4. Whitelist filtering

Whitelist filtering is relative to the blacklist filtering mentioned above. The content of the database it establishes is the same as that of the blacklist, but its nature is that what exists in the library is legal and should not be blocked. Similarly, the disadvantage of this filtering method is similar to the blacklist, it is also difficult to update and maintain in real time, and some normal messages that are not collected by the system whitelist may be blocked. From the point of view of application, it is successful to use whitelist on a small scale, and the whitelist can be generated by obtaining relevant information about internal emails at the gateways of enterprises or companies over a period of time.

5. Content filtering

Even if you use the techniques in many of the previous links, there will still be a considerable number of spam leaks. In this case, the most effective and fundamental method is to filter the content based on the title or body of the email. The relatively simple method is to combine the content scanning engine to filter according to the common headings of spam, the names of spam beneficiaries, phone numbers, Web addresses and other information.

The more complex but at the same time more intelligent method is the content filtering based on Bayesian probability theory statistical method, support vector machine (SVM) method, artificial neural network, Winnow and other methods. The theoretical basis of these methods is to obtain the statistical model of distribution after machine learning of a large number of common keywords in spam. From this, the possibility that the target mail is spam is calculated. These methods have a certain ability of self-adaptation and self-learning, and have been widely used. The most famous spam content filtering is Spamassassin, which is implemented in Perl, integrates the above two filtering methods, and can be integrated with a variety of mainstream MTA. Content filtering is the most resource-consuming and effective of all the above methods, and it needs to be used with high-performance servers when the mail flow is large.

Sendmail is the mail delivery agent for Red Hat Linux and most Unix-like operating systems, so it is by far the most widely configured mail server. Figure 1 is a schematic diagram of Sendmail functionality. Here are several specific ways to deal with spam by taking Sendmail used by Red Hat Linux as an example.

Install and start Sendmail

There are two ways to install Sendmail mail server: RPM package installation and source code installation. The former is easier to install, and the installation package is generally included in the release and installation CD of Red Hat Linux. The steps of these two installation methods are described below.

1..RPM package installation method

First, check whether the RPM package is installed on the system:

# rpm-qa | grep sendmail

If it is not installed, put the first installation CD of Red Hat Linux into the CD drive and attach it:

# mount / mnt/cdrom / / attach CD

# cd / mnt/cdrom/RedHat/RPMS / / enter the RPMS directory

# rpm-ivh sendmail-8.12.8-4.i386.rpm / / install the executable file

/ / install the M4 toolkit that generates Sendmail configuration files

# rpm-ivh M4-1.4.1-13.i386.rpm

Insert the third installation CD of Red Hat Linux and install the following packages:

# mount / mnt/cdrom

# cd / mnt/cdrom/RedHat/RPMS

# rpm-ivh sendmail-cf-8.12.8-4.i386.rpm

# rpm-ivh sendmail-doc-8.12.8-4.i386.rpm

On how to configure the Sendmail server to prevent spam to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.