EnderUNIX Team.


EnderUNIX İpucu

Arkadaşıma gönder , Ana Sayfa

[ qmail ]

"Qmail'de Qtrap ile spam engelleme" - Mehmet AÇIKGÖZ - (2006-04-12 08:01:28)   [4686]

Merhabalar;
Qmail'de spam engellemek için kullanılan bir yöntemi sizlerle paylaşmak istedim.Qtrap uygulaması.Mesaj başlıklarını ve domainleri kontrol edip direkt drop edebilen bir uygulama.
1. cd /home/vpopmail dizini altında qtrap ve logs dizini oluşturun (mkdir -p qtrap/logs)
2. Aşağdaki scripti qtrap.sh olarak /qtrap dizini altına kaydedin.

#!/bin/sh
#################################
# _ #
# | | #
# __ _| |_ _ __ __ _ _ __ #
# / _` | __| '__/ _` | '_ \ #
# | (_| | |_| | | (_| | |_) | #
# \__, |\__|_| \__,_| .__/ #
# | | | | #
# |_| |_| v2.0.0#
#################################
#Release 2.0.0 - June 24th, 2004
#Hacked by Eric Siegel

# --- How Qtrap works ---
# Incoming mail to a qtrap enabled domain is scanned up on arrival. If the sender's address
# is found is the qtrap whitelist, the messaged allowed to pass unhindered and the action is logeed.
# If the sender is not in the whitelist, the message is then scanned against an array of "banned" words
# that is set by the system administrator. If the message does not contain a banned word, it is
# allowed to go on its way. If it contains a banned word, the message is deleted and the action
# is logged in the Qtrap log.
# -----------------------

# --- How qtrap logs ---
# There are 2 logging features here:

# 1. Log entry to the qmail-send log
# This script, when it deletes a message, will insert and entry into the qmail-send log
# The format of the entry is: "MESSAGE DROPPED from someone@somewhere.com because of some_bad_word"
# This feature comes in handy when analyzing your qmail logs. Duh.

# 2. Log entry to independent qtrap log file
# This script, when it deletes a message, will insert and entry into the designated qtrap log.
# The format of the entry is: "MESSAGE DROPPED from someone@somewhere.com because of some_bad_word on some_date & time"
# The log is also written to when an email is allowed to pass due to its presence in the whitelist.
# ------------------------

# --- Future plans for qtrap ---
# This script will eventually be converted to Perl
# at which time I will probably add MySQL functionality,
# thus allowing for web based, on the fly, content filter
# management.
# ------------------------------

# --- qtrap filter rules ---
# 1. The filter is case sensitive. So "Porn" is different from "porn".
#
# 2. Wildcards are possible. For example: porn* would block the word "porn" but would also block the word "pornography".
#
# 3. Banned words and whitelist addresses must be seperated by a |. NEVER end the array with a |.
#---------------------------



#The whitelist configuration block

whitelist_check () {
case $WHITELIST in
address@somewhere.com|address@somewhereelse.com)
echo $SENDER found in whitelist on `date "+%D %H:%M:%S"` >> /home/vpopmail/qtrap/logs/qtrap.log
exit 0;;
*)
;;
esac
}

# The banned word list configuration block

checkall () {
case $BANNED_WORDS in
porn|PORN|Sex|SEX)//buraya kelimeler girilecek
echo MESSAGE DROPPED from $SENDER because of $BANNED_WORDS on `date "+%D %H:%M:%S"` >> /home/vpopmail/qtrap/logs/qtrap.log
exit 99;;
*)
;;
esac
}

#Do not edit below here

WHITECHECK=$SENDER
for WHITELIST in $WHITECHECK
do
whitelist_check $WHITELIST
done

CONTENT=`(cat)`
for BANNED_WORDS in $CONTENT
do
checkall $BANNED_WORDS
done
exit 0

4. Spam olabilecek kelimeler ve domainler whitelist ve checkall satılarına yazın.Büyük küçük harflere dikkat edin.Porn ve porn gibi.İkisini de ekleyin.vb.vb.(Dikkat:Yazdığınız en son kelimeden sonra |(pipe) kullanmayın.Yoksa mailleriniz kuyrukta bekler ve iletilmez.)
5.Log'ların tutulacağı log dosyasını oluşturun. (touch /home/vpopmail/qtrap/logs/qtrap.log)
6.Gerekli hakları verin
chown -R vpopmail:vchkpw /home/vpopmail/qtrap
7.chmod -R 755 /home/vpopmail/qtrap
8./home/vpopmail/domains/sizindomain altında
vi .qmail-default dosyasını edit edin ve en üst satıra aşağıdaki komutu yazın.
| /home/vpopmail/qtrap/qtrap.sh
9.Atrık spam'li mailler başlıklarına göre filtrelenecektir. tail -f /home/vpopmail/qtrap/qtrap.log komutuyla logları izleyebilirsiniz.
Redhat ve Fedora'da denenmiş ve sorunsuz çalıştığı tespit edilmiştir.

Herkese spamsiz günler dilerim.

Arkadaşıma gönder , Ana Sayfa