Filtragem Email Filtragem de Email com Red Hat Linux Implementações Práticas e Apresentação de Laboratórios Ruben Oliveira RHCE RHCX MCSE MCITP Filtragem Email • • • • • • • Postfix Mail Server / GW Filter Mailscanner SpamAssassin Mailwatch Webmin/Usermin Dovecot Apresentação de Laboratórios Filtragem Email • Postfix Mail Server / GW Filter Filtragem Email • Postfix Mail Server / GW Filter Filtragem Email • Postfix • main.cf • multiple domain • mail relaying •sasl / tls Filtragem Email • • • • • • • • • MailScanner www.mailscanner.info A Free Anti-Virus and Anti-Spam Filter Protecting over 1 billion e-mails every day Over 1 million downloads Perl based Instalação simples Compatível com Sendmail/Postfix/Exim,etc como alternativas amavisd-new Filtragem Email • Spam Scanning • Most of the spam scanning is done with the help of SpamAssassin: • DNS blacklists • over 850 heuristic rules • Bayesian probability system • Distributed network-based checks such as • Razor, DCC, Pyzor which track the frequency of messages around the world to identify spam Filtragem Email • Virus Scanning • Scans all e-mail passing through it for viruses using any combination of the supported antivirus engines • Many sites run 2 or 3 different engines for better coverage and resistance against brand new viruses • Anti-Virus Engines 20 are supported, including all the major market leaders • ClamAV is free and has greatly improved over the past year Filtragem Email • Virus Handling • Attachments containing viruses or other security problems are removed • All safe content is delivered untouched • Recipients and senders may get a warning explaining what happened and who they should contact for help • System admin notified of basic details of message and what viruses were found Filtragem Email • Attachment Filenames • Allows/denies attachments based on filename and file content, providing implementation of any email security policy. • Easily used to block attachments which are common ways of disguising viruses, e.g. ReadMe.doc.exe • These can be varied for different users. Filtragem Email • Highly Configurable • Virtually all configuration parameters can be set using fixed values, “rulesets” or “Custom Functions” • Rulesets allow different values for any users or domains you specify • Reports are supplied in 15 languages • Language can be different for different domains and users • • Filtragem Email • Rulesets • Archive Mail = /etc/MailScanner/rules/arch.rules • From: [email protected] [email protected] ;-) • From: • To: • FromOrTo: - Matches when the message is from or to a matching address • [email protected] • *@domain.com • 192.168.21.0/24 • *@* # Default value • default # Default value • Destination email address / directorio com ou sem datas appended / ficheiro mbox - Matches when the message is from a matching address - Matches when the message is to a matching address # Individual address # Any user at 1 specific domain # Any SMTP client IP address in this network Filtragem Email • Custom Functions • These allow implementation of any other configuration model you choose, including external databases of user options • Many useful examples are provided • Minimal Perl knowledge needed Filtragem Email • Hash-Sharing Systems • Send a checksum of a message to an online database of spam. • "Has anyone reported this as spam?". The online database can report back "yes", allowing your mail system to raise the spam score for that message. • Pyzor Razor DCC Filtragem Email • Mailwatch • MailWatch for MailScanner is a web-based frontend to MailScanner written in PHP, MySQL • Load Average and Today’s Totals for Messages, Spam, Viruses and Blocked Content. • Colour-coded display of recently processed mail. • Drill-down onto each message to see detailed information. • Quarantine management allows you to release, delete or run sa-learn across any quarantined messages. • Reports with customisable filters and graphs Filtragem Email Filtragem Email Filtragem Email Webmin / Usermin • Gestão e Utilização do servidor via https Filtragem Email • Dovecot • Dovecot is an open source IMAP and POP3 server for Linux • security primarily in mind. • It's fast, simple to set up, requires no special administration and it uses very little memory. Filtragem Email • Laboratórios • Utilização de Máquinas Virtuais • Instalação de um servidor de email com filtragem de spam e virus, além de webmail e gestão via http Filtragem Email Obrigado Perguntas e Respostas [email protected]
Download
