postfix + spamassassin
Jan Stary
hans at stare.cz
Wed Apr 30 07:46:59 CEST 2008
> >>tak prave RFC to FQDN vyzaduje.
> >
> > Nevyzaduje:
> >
> > These commands are used to identify the SMTP client to the
> > SMTP server. The argument field contains the fully-qualified
> > domain name of the SMTP client if one is available. In
^^^^^^^^^^^^^^^^^^^^
> > situations in which the SMTP client system does not have a
> > meaningful domain name (e.g., when its address is dynamically
> > allocated and no reverse mapping record is available), the
> > client SHOULD send an address literal (see section 4.1.3),
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > optionally followed by information that will help to identify
^^^^^^^^^^
> > the client system.
> >
> >
> >>Alespon dle
> >>citaci z nekolika webu (to konkretni RFC jsem ted neprohledaval, lenost
> >>je hrozna)
> >>"...parametr za HELO/EHLO bylo plně přeložitelné hostname (FQDN). Tuto
> >>podmínku v SMTP protokolu popisuje RFC dokument 1123 sekce 5.2.5, RFC
> >>821 sekce 4.1.1 a dále ještě RFC 2821."
> >
> >
> > http://www.ietf.org/rfc/rfc2821.txt
> >
> > obsoletes RFC 821, RFC 974, and updates RFC 1123
> > (replaces the mail transport materials of RFC 1123).
>
> Dobra, vyklad at si udela kazdy po svem, pro me je dulezity funkcni
> vysledek :)
Proto mame RFC, aby kazdy nemel svuj "vyklad".
> To bypass this barrier a special literal form
> of the address is allowed as an alternative to a domain name. For
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> IPv4 addresses, this form uses four small decimal integers separated
> by dots and enclosed by brackets such as [123.255.37.2], which
> indicates an (IPv4) Internet Address in sequence-of-octets form.
> Pokud k tomu pridam i popis z manualu Postfixu:
(coz je vuci RFC irelevantni)
> reject_non_fqdn_helo_hostname
> Reject the request when the HELO or EHLO hostname is not in
> fully-qualified domain form, as required by the RFC.
(Nicmene treba ja to taky odmitam.)
> reject_non_fqdn_sender
> Reject the request when the MAIL FROM address is not in
> fully-qualified domain form, as required by the RFC.
>
> reject_non_fqdn_recipient
> Reject the request when the RCPT TO address is not in
> fully-qualified domain form, as required by the RFC.
To uz se HELO netyka vubec.
> Tak si troufnu klidne na tom "tvrdosijne trvat" a toho, kdo to
> neposkytne, odmitnout.
To jsou dve ruzne veci; k tomu, abys takove klienty odmital, nemusis
trvat na necem, co neni pravda; proste je odmitnes, to je Tvoje
rozhodnuti (moje taky).
> Ostatne na netu jsou i daleko prisnejsi
> mailservery, co vyzaduji pro EHLO / HELO hostname i existujici A / PTR
> zaznamy a kdo vi co vsechno.
Ano, treba muj server tohle vsechno taky vyzaduje.
Coz nic nemeni na tom, ze RFC nevyzaduje FQDN HELO.
> >>Greylisted: 0
> >>RBL blocked: 0
> >>bad HELO blocked: 4740
> >>user unknown: 7118
> >>SPAM clean: 695
> >>SPAM spammy: 380
> >>SPAM quarantine: 0
> >>SPAM blocked: 2609
> >>delivered (local): 1794
> >>queued (to remote): 1377
> >>pop3ssl login: 1271
> >>pop3 login: 2500
> >>imapssl login: 186
> >>imap login: 191
> >
> >
> > Takove logy bych chtel; co je vyrabi?
>
> Takovou statistiku vyrabim ja, pomerne jednoduchym awk scriptem, mozna
> jsem ho tu uz i pred casem pastoval.
>
> ----------------------------
> #!/bin/sh
>
> awk -- '
> {
> if (/NOQUEUE: reject:.+Greylisted for/) { greylisted++ }
> if (/NOQUEUE: reject:.+blocked using/) { blocked++ }
> if (/Helo command rejected:/) { badhelo++ }
> if (/rejected: User unknown/) { unknown++ }
> if (/Passed CLEAN/) { clean++ }
> if (/Passed SPAMMY/) { spammy++ }
> if (/Blocked SPAM.+quarantine: /) { spamquarantine++ }
> if (/Blocked SPAM/ && !/quarantine: /) { blockspam++ }
> if (/delivered to maildir/) { delivered++ }
> if (/status=sent .+ Ok: queued/) { queued++ }
> if (/pop3d-ssl: LOGIN/) { pop3ssl++ }
> if (/pop3d: LOGIN/) { pop3++ }
> if (/imapd-ssl: LOGIN/) { imapssl++ }
> if (/imapd: LOGIN/) { imap++ }
> } END {
> printf("%-20s\t %i\n", "Greylisted:", greylisted)
> printf("%-20s\t %i\n", "RBL blocked:", blocked)
> printf("%-20s\t %i\n", "bad HELO blocked:", badhelo)
> printf("%-20s\t %i\n", "user unknown:", unknown)
> printf("%-20s\t %i\n", "SPAM clean:", clean)
> printf("%-20s\t %i\n", "SPAM spammy:", spammy)
> printf("%-20s\t %i\n", "SPAM quarantine:", spamquarantine)
> printf("%-20s\t %i\n", "SPAM blocked:", blockspam)
> printf("%-20s\t %i\n", "delivered (local):", delivered)
> printf("%-20s\t %i\n", "queued (to remote):", queued)
> printf("%-20s\t %i\n", "pop3ssl login:", pop3ssl)
> printf("%-20s\t %i\n", "pop3 login:", pop3)
> printf("%-20s\t %i\n", "imapssl login:", imapssl)
> printf("%-20s\t %i\n", "imap login:", imap)
> }' /var/log/maillog
> ----------------------------
Najs - asi si to upravim a nahradim tim pflogsumm.
Dik
H.
More information about the Users-l
mailing list