1 / 18

Educational Network Center of Tainan City Anti-SPAM Report

Educational Network Center of Tainan City Anti-SPAM Report. Kuo-Kuang Chu. Configuration in TN Mail. account. Mail.tn.edu.tw: P4 3.2G, 1GB ram, 40+150+150GB DSK CPU idle 90%-99%, used swap 4096k Ms(1|2).tn.edu.tw: P4-2.8G*2, 1GB ram, 36G DSK CPU idle 85%-99%, used swap 0k. 10025.

amalie
Download Presentation

Educational Network Center of Tainan City Anti-SPAM Report

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Educational Network Center of Tainan CityAnti-SPAM Report Kuo-Kuang Chu

  2. Configuration in TN Mail account Mail.tn.edu.tw: P4 3.2G, 1GB ram, 40+150+150GB DSK CPU idle 90%-99%, used swap 4096k Ms(1|2).tn.edu.tw: P4-2.8G*2, 1GB ram, 36G DSK CPU idle 85%-99%, used swap 0k 10025 spool mail.tn.edu..tw SMTP, IMAP, POP3, webmail MX record for filter ? 10024 messages ms1.tn.edu..tw 25 Client or Other SMTP servers ms2.tn.edu..tw A record for SMTP ? MX record for SMTP? Mail Exchanger Remote Filter DNS

  3. TN Mail Anti-SPAM Process Spam alertSpam-level:6-15 5% Passed All Messages 27% 25% Graylist ClamAV Spam-Assassin 17% Passed 3% 2% 73% Not-deliveredSpam-level>16 Virus Rejected

  4. Day Report in TN Mail http://ms1.tn.edu.tw/amavis.day.html http://ms2.tn.edu.tw/amavis.day.html The load is evenly distributed between ms1 and ms2 Date Range: 2004/11/01 00:00:00 - 2004/12/01 00:00:00

  5. TN Mail Filter Statistics Date Range: 2004/11/01 00:00:00 - 2004/12/01 00:00:00

  6. Passed & Not-delivered Messages Add SPAM alert In Subject

  7. Passed Messages • Top 5 Client Hosts • Top 5 Client Domains • Top 5 Senders • Top 5 Sender Hosts • Top 5 Sender Domains

  8. Not-delivered Messages • Top 5 client hosts of spam • Top 5 client domains of spam • Top 5 senders of spam • Top 5 sender hosts of spam • Top 5 sender domains of spam

  9. Infected Messages • Top 5 Virus • Top 5 Client Hosts • Top 5 Client Domains • Top 5 Senders • Top 5 Sender Hosts • Top 5 Sender Domains

  10. Rejected Messages • Top 5 Reject reasons • Top 5 Client Hosts • Top 5 Client Domains • Top 5 Senders • Top 5 Sender Hosts • Top 5 Sender Domains

  11. Rejected Connections • Top 5 Reject Reasons • Top 5 Client Hosts • Top 5 Client Domains • Top 5 Senders • Top 5 Sender Hosts • Top 5 Sender Domains

  12. Mail Filter Log Advanced Search

  13. Add SPAM Level in Subject

  14. SpamAssassin local.cf Sample • body MailName_ZH /姓名/ • describe MailName_ZH Body contain spammer msg in chinese • score MailName_ZH 1 • body Mail_ADDR /住址/ • describe Mail_ADDR Body contain spammer msg in chinese • score Mail_ADDR 1 • body Mail_MOBILE /手機|行動/ • describe Mail_MOBILE Body contain spammer msg in chinese • score Mail_MOBILE 1 • body Mail_EMAIL /E-Mail|EMail|電子郵件|電郵|電子信箱/ • describe Mail_EMAIL Body contain spammer msg in chinese • score Mail_EMAIL 0 • body Mail_TEL /電話/ • describe Mail_TEL Body contain spammer msg in chinese • score Mail_TEL 0 • body Mail_SEND /郵寄/ • describe Mail_SEND Body contain spammer msg in chinese • score Mail_SEND 0 • meta Mail_ZH MailName_ZH && Mail_ADDR && (Mail_MOBILE || Mail_TEL ||Mail_EMAIL || Mail_SEND) • describe Mail_ZH Body contain spammer msg in chinese • score Mail_ZH 3

  15. Meta Score in local.cf

  16. Reconfigure local.cf • Parse local.cf • spamassassin --lint local.cf • Restart amavisd • /usr/local/sbin/amavisd stop • /usr/local/sbin/amavisd start

  17. TN Mail Management System

  18. School Personnel Approved

More Related