特殊:Badtitle/NS100:PostfixGreylisting:修订间差异

来自Ubuntu中文
跳到导航跳到搜索
Oneleaf留言 | 贡献
新页面: {{From|https://help.ubuntu.com/community/PostfixGreylisting}} {{Languages|UbuntuHelp:PostfixGreylisting}} == Introduction == [http://projects.puremagic.com/greylisting/ Greylisting] is...
 
Wikibot留言 | 贡献
无编辑摘要
 
(未显示同一用户的3个中间版本)
第1行: 第1行:
{{From|https://help.ubuntu.com/community/PostfixGreylisting}}
{{From|https://help.ubuntu.com/community/PostfixGreylisting}}
{{Languages|UbuntuHelp:PostfixGreylisting}}
{{Languages|UbuntuHelp:PostfixGreylisting}}
 
<<Include(Tag/NeedsExpansion)>>
 
== Introduction ==
== Introduction ==
[http://projects.puremagic.com/greylisting/ Greylisting] is a spam-reduction technique which can be very effective. It works by delaying mail from untrusted senders. If the sending mail server is standards-compliant, it will re-send the e-mail, and the server will accept it. Most spam mailers, however, don't re-send the mail, and so the spam is blocked. Servers that re-send the mail will be added to a white list, and will not be delayed in future. This means that the first e-mail from a given sender will be delayed, but subsequent ones will not be.
[http://projects.puremagic.com/greylisting/ Greylisting] is a spam-reduction technique which can be very effective. It works by delaying mail from untrusted senders. If the sending mail server is standards-compliant, it will re-send the e-mail, and the server will accept it. Most spam mailers, however, don't re-send the mail, and so the spam is blocked. Servers that re-send the mail will be added to a white list, and will not be delayed in future. This means that the first e-mail from a given sender will be delayed, but subsequent ones will not be.
== Installation ==
== Installation ==
 
Simply install the <code><nowiki>postgrey</nowiki></code> package and any dependencies. Note that it is in the <code><nowiki>universe</nowiki></code> repository. See the [[UbuntuHelp:InstallingSoftware|InstallingSoftware]] page for more information on installing packages.
Simply install the <code><nowiki>postgrey</nowiki></code> package and any dependencies. Note that it is in the <code><nowiki>universe</nowiki></code> repository. See the InstallingSoftware page for more information on installing packages.
 
== Configuration ==
== Configuration ==
 
You need to instruct postfix to use postgrey.  You can either manually edit /etc/postfix/main.cf and on parameter '''smtpd_recipient_restrictions''' add <code><nowiki>check_policy_service inet:127.0.0.1:10023</nowiki></code> or run the following command to configure Postfix to use Postgrey:
Run the following command to configure Postfix to use Postgrey:
 
<pre><nowiki>
<pre><nowiki>
sudo postconf -e 'smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,check_policy_service inet:127.0.0.1:60000'
sudo postconf -e 'smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,check_policy_service inet:127.0.0.1:10023'
</nowiki></pre>
</nowiki></pre>
 
'' Note: the port number seems to vary depending on the version of the package.  On 8.04LTS, it is 60000, while on jaunty it is 10023.  Fortunately Postgrey prints the ports it is listening on when it starts.  Have a look at /var/log/mail.info if you are unsure.''
Then run the following to reload the Postfix configuration:
Then run the following to reload the Postfix configuration:
<pre><nowiki>
<pre><nowiki>
sudo /etc/init.d/postfix reload
sudo /etc/init.d/postfix reload
</nowiki></pre>
</nowiki></pre>
 
You may need to modify the whitelisting of certain domains or users.  To do so, use the files in '''/etc/postgrey/'''.
== In Use ==
== In Use ==
Once Postgrey is running, entries will start to appear in <code><nowiki>/var/log/mail.log</nowiki></code>. To see them, run <code><nowiki>sudo grep -i greylisted /var/log/mail.log</nowiki></code>. Entries will look something like:
Once Postgrey is running, entries will start to appear in <code><nowiki>/var/log/mail.log</nowiki></code>. To see them, run <code><nowiki>sudo grep -i greylisted /var/log/mail.log</nowiki></code>. Entries will look something like:
<pre><nowiki>
<pre><nowiki>
Sep 14 10:44:57 mailserver postfix/smtpd[17049]: NOQUEUE: reject: RCPT from mail.server.com[1.2.3.4]: 450 <[email protected]>: Recipient address rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help/somedomain.com.html); from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail.server.com>
Sep 14 10:44:57 mailserver postfix/smtpd[17049]: NOQUEUE: reject: RCPT from mail.server.com[1.2.3.4]: 450 <[email protected]>: Recipient address rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help/somedomain.com.html); from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail.server.com>
</nowiki></pre>
</nowiki></pre>
In addition, e-mails that have been greylisted will have an <code><nowiki>X-Greylist</nowiki></code> header, eg:
In addition, e-mails that have been greylisted will have an <code><nowiki>X-Greylist</nowiki></code> header, eg:
<pre><nowiki>
<pre><nowiki>
X-Greylist: delayed 1201 seconds by postgrey-1.24 at mail.server.com; Fri, 14 Sep 2007 11:04:58 BST
X-Greylist: delayed 1201 seconds by postgrey-1.24 at mail.server.com; Fri, 14 Sep 2007 11:04:58 BST
</nowiki></pre>
</nowiki></pre>
----
[[category:CategoryDocumentation]] [[category:CategoryNeedsExpansion]]


[[category:UbuntuHelp]]
[[category:UbuntuHelp]]

2009年11月17日 (二) 20:23的最新版本

{{#ifexist: :PostfixGreylisting/zh | | {{#ifexist: PostfixGreylisting/zh | | {{#ifeq: {{#titleparts:PostfixGreylisting|1|-1|}} | zh | | }} }} }} {{#ifeq: {{#titleparts:PostfixGreylisting|1|-1|}} | zh | | }}

<<Include(Tag/NeedsExpansion)>>

Introduction

Greylisting is a spam-reduction technique which can be very effective. It works by delaying mail from untrusted senders. If the sending mail server is standards-compliant, it will re-send the e-mail, and the server will accept it. Most spam mailers, however, don't re-send the mail, and so the spam is blocked. Servers that re-send the mail will be added to a white list, and will not be delayed in future. This means that the first e-mail from a given sender will be delayed, but subsequent ones will not be.

Installation

Simply install the postgrey package and any dependencies. Note that it is in the universe repository. See the InstallingSoftware page for more information on installing packages.

Configuration

You need to instruct postfix to use postgrey. You can either manually edit /etc/postfix/main.cf and on parameter smtpd_recipient_restrictions add check_policy_service inet:127.0.0.1:10023 or run the following command to configure Postfix to use Postgrey:

sudo postconf -e 'smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,check_policy_service inet:127.0.0.1:10023'

Note: the port number seems to vary depending on the version of the package. On 8.04LTS, it is 60000, while on jaunty it is 10023. Fortunately Postgrey prints the ports it is listening on when it starts. Have a look at /var/log/mail.info if you are unsure. Then run the following to reload the Postfix configuration:

sudo /etc/init.d/postfix reload

You may need to modify the whitelisting of certain domains or users. To do so, use the files in /etc/postgrey/.

In Use

Once Postgrey is running, entries will start to appear in /var/log/mail.log. To see them, run sudo grep -i greylisted /var/log/mail.log. Entries will look something like:

Sep 14 10:44:57 mailserver postfix/smtpd[17049]: NOQUEUE: reject: RCPT from mail.server.com[1.2.3.4]: 450 <[email protected]>: Recipient address rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help/somedomain.com.html); from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail.server.com>

In addition, e-mails that have been greylisted will have an X-Greylist header, eg:

X-Greylist: delayed 1201 seconds by postgrey-1.24 at mail.server.com; Fri, 14 Sep 2007 11:04:58 BST