210 likes | 345 Views
Filtragem de Email com Red Hat Linux Implementações Práticas e Apresentação de Laboratórios. Ruben Oliveira RHCE RHCX MCSE MCITP. Postfix Mail Server / GW Filter Mailscanner SpamAssassin Mailwatch Webmin/Usermin Dovecot Apresentação de Laboratórios. Postfix Mail Server / GW Filter.
E N D
Filtragem de Email com Red Hat Linux Implementações Práticas e Apresentação de Laboratórios Ruben Oliveira RHCE RHCX MCSE MCITP
Postfix Mail Server / GW Filter • Mailscanner • SpamAssassin • Mailwatch • Webmin/Usermin • Dovecot • Apresentação de Laboratórios
Postfix • main.cf • multiple domain • mail relaying • sasl / tls
MailScanner • www.mailscanner.info • A Free Anti-Virus and Anti-Spam Filter • Protecting over 1 billion e-mails every day • Over 1 million downloads • Perl based • Instalação simples • Compatível com Sendmail/Postfix/Exim,etc • como alternativas amavisd-new
Spam Scanning • Most of the spam scanning is done with the help of SpamAssassin: • DNS blacklists • over 850 heuristic rules • Bayesian probability system • Distributed network-based checks such as • Razor, DCC, Pyzor which track the frequency of messages around the world to identify spam
Virus Scanning • Scans all e-mail passing through it for viruses using any combination of the supported anti-virus engines • Many sites run 2 or 3 different engines for better coverage and resistance against brand new viruses • Anti-Virus Engines 20 are supported, including all the major market leaders • ClamAV is free and has greatly improved over the past year
Virus Handling • Attachments containing viruses or other security problems are removed • All safe content is delivered untouched • Recipients and senders may get a warning explaining what happened and who they should contact for help • System admin notified of basic details of message and what viruses were found
Attachment Filenames • Allows/denies attachments based on filename and file content, providing implementation of any email security policy. • Easily used to block attachments which are common ways of disguising viruses, e.g. ReadMe.doc.exe • These can be varied for different users.
Highly Configurable • Virtually all configuration parameters can be set using fixed values, “rulesets” or “Custom Functions” • Rulesets allow different values for any users or domains you specify • Reports are supplied in 15 languages • Language can be different for different domains and users
Rulesets • Archive Mail = /etc/MailScanner/rules/arch.rules ;-) • From: joao@dominio.pt joana@dominio2.pt • From: - Matches when the message is from a matching address • To: - Matches when the message is to a matching address • FromOrTo: - Matches when the message is from or to a matching address • user@sub.domain.com # Individual address • *@domain.com # Any user at 1 specific domain • 192.168.21.0/24 # Any SMTP client IP address in this network • *@* # Default value • default # Default value • Destination email address / directorio com ou sem datas appended / ficheiro mbox
Custom Functions • These allow implementation of any other configuration model you choose, including external databases of user options • Many useful examples are provided • Minimal Perl knowledge needed
Hash-Sharing Systems • Send a checksum of a message to an online database of spam. • "Has anyone reported this as spam?". The online database can report back "yes", allowing your mail system to raise the spam score for that message. • Pyzor Razor DCC
Mailwatch • MailWatch for MailScanner is a web-based front-end to MailScanner written in PHP, MySQL • Load Average and Today’s Totals for Messages, Spam, Viruses and Blocked Content. • Colour-coded display of recently processed mail. • Drill-down onto each message to see detailed information. • Quarantine management allows you to release, delete or run sa-learn across any quarantined messages. • Reports with customisable filters and graphs
Webmin / Usermin • Gestão e Utilização do servidor via https
Dovecot • Dovecot is an open source IMAP and POP3 server for Linux • security primarily in mind. • It's fast, simple to set up, requires no special administration and it uses very little memory.
Laboratórios • Utilização de Máquinas Virtuais • Instalação de um servidor de email com filtragem de spam e virus, além de webmail e gestão via http
Obrigado Perguntas e Respostas ruben.oliveira@rumos.pt