Borba protiv spam-a, graylisting, deo 4

Šta je uopšte Milter Graylist?
Pa evo jedne lepe definicije :
**************
Milter-greylist is a stand-alone milter written in C that implements the greylist filtering method, as proposed by Evan Harris. Grey listing works by assuming that, unlike legitimate MTA, spam engines will not retry sending their junk mail on a temporary error. The filter will always reject mail temporarily on a first attempt, then accept it after some time has elapsed. If spammers ever try to resend rejected messages, we can assume they will not stay idle between the two sends (if they do, the spam problem would just be solved). Odds are good that the spammer will send a mail to a honey pot address and get blacklisted in several real-time distributed black lists before the second attempt.
***************
A evo i početne strane za Milter Greylist.
Pošto ja koristim Fedoru i RHEL, najviše volim da pakete (kada je to moguće) uzmem u RPM formatu.
Dakle odavde može da se uzme Milter Graylist. Naravno, uvek je najbolje najnovija verzija….

Spuštanje paketa :
# wget http://pkgs.repoforge.org/milter-greylist/milter-greylist-4.2.7-1.el6.rf.i686.rpm
Početni uslovi :
Sendmail paket najmanje 8.11 verzije (kod mene je 8.14.4-8) i Milter opcija, kao i libmilter paket (uzeti sendmail-milter RPM za CentOS, odgovarajuće verzije, naravno).
Evo kako se to proverava za Milter opciju :
# sendmail -d0.1 -bt Sam mail server treba da je na beloj listi obavezno!

#bela lista za ORACLE farmu servera Ovo obavezno, ili će kašnjenje sa ovog klastera biti ogromno
racl whitelist addr 148.87.113.120/32 Isto treba uraditi i za ostale klastere sa kojima mail-ujete
racl whitelist addr 148.87.113.121/32
racl whitelist addr 148.87.113.123/32
racl whitelist addr 148.87.113.124/32
racl whitelist addr 148.87.113.125/32
racl whitelist addr 141.146.126.230/32
racl whitelist addr 141.146.126.231/32
racl whitelist addr 141.146.126.230/32

racl whitelist rcpt moja.adresa@moj.domen.rs Bela lista može i za pojedinačnu adresu primaoca

racl greylist rcpt /.*@moj\.domen.rs/ delay 30s autowhite 3d
#30sec je otprilike kako treba, da korisnici ne postanu mnogo nestrpljivi…..
racl whitelist default Ovo je OBAVEZNO na kraju!!!

Posle ovoga obavezno proveriti sintaksu konfiguracionog fajla :
# milter-greylist -c
config file “/etc/mail/greylist.conf” is okay

Fajl koji takođe treba izmeniti je /etc/mail/sendmail.mc, staviti na kraju fajla :
INPUT_MAIL_FILTER(`greylist’,`S=local:/var/milter-greylist/milter-greylist.sock’)
define(`confMILTER_MACROS_CONNECT’, `j, {if_addr}’)
define(`confMILTER_MACROS_HELO’, `{verify}, {cert_subject}’)
define(`confMILTER_MACROS_ENVFROM’, `i, {auth_authen}’)
define(`confMILTER_MACROS_ENVRCPT’, `{greylist}’)
MAILER(smtp)dnl
MAILER(procmail)dnl

Napraviti sendmail.cf fajl i restartovati servis MailScanner :
# /etc/mail/make
# service MailScanner restart
# service milter-graylist start
# chkconfig milter-greylist on

Provera rada je kroz pregled /var/log/maillog fajl :

Jun 15 12:57:02 mail-2012 milter-greylist: q5FAugBY024420: skipping greylist because address 209.85.213.175 is whitelisted, (from=, rcpt=, addr=mail-yx0-f175.google.com[209.85.213.175]) ACL 128

I ako hoćete da vidite bazu trilinga koje pravi greylist proces, ona se nalazi u ovom fajlu :
/var/milter-greylist/greylist.db