SVN: PLD-doc/book/pl_book__uslugi/pl_uslugi_poczta__exim.sec
sardzent
sardzent at pld-linux.org
Wed Sep 27 00:09:18 CEST 2006
Author: sardzent
Date: Wed Sep 27 00:09:17 2006
New Revision: 7815
Modified:
PLD-doc/book/pl_book__uslugi/pl_uslugi_poczta__exim.sec
Log:
- formating
Modified: PLD-doc/book/pl_book__uslugi/pl_uslugi_poczta__exim.sec
==============================================================================
--- PLD-doc/book/pl_book__uslugi/pl_uslugi_poczta__exim.sec (original)
+++ PLD-doc/book/pl_book__uslugi/pl_uslugi_poczta__exim.sec Wed Sep 27 00:09:17 2006
@@ -547,20 +547,19 @@
<screen>exiscan:
- deny message = Znaleziono wirusa. \n\
- Virus or other harmful content found: $malware_name
- delay = 1s
- malware = *
-
- warn message = X-MIME-Warning: Serious MIME defect detected ($demime_reason)
- demime = *
- condition = ${if >{$demime_errorlevel}{2}{1}{0}}
+deny message = Znaleziono wirusa. \n\
+ Virus or other harmful content found: $malware_name
+ delay = 1s
+ malware = *
+
+warn message = X-MIME-Warning: Serious MIME defect detected ($demime_reason)
+ demime = *
+ condition = ${if >{$demime_errorlevel}{2}{1}{0}}
- warn message = Message-ID: <E$message_id@$primary_hostname>
- condition = ${if !def:h_Message-ID: {1}}
-
-
- accept</screen>
+warn message = Message-ID: <E$message_id@$primary_hostname>
+ condition = ${if !def:h_Message-ID: {1}}
+
+accept</screen>
<para>
Pierwszy wpis odpowiednio skanuje cały e-mail i jeśli
zostanie znaleziony wirus lub inna zawartość uznana za szkodliwą
@@ -593,9 +592,10 @@
dopisujemy zaraz po <emphasis>exiscan:</emphasis>
następujące linijki:
</para>
- <screen>deny message = Pliki z rozszerzeniem $found_extension \
- nie są tutaj mile widziane
- demime = com:vbs:bat:pif:scr</screen>
+ <screen>
+deny message = Pliki z rozszerzeniem $found_extension \
+ nie są tutaj mile widziane
+ demime = com:vbs:bat:pif:scr</screen>
<para>
Odrzuci to pliki *.com, *.vbs, *.bat, *.pif i *.scr.
Teraz, jeżeli nie chcemy aby skanowane były maile
@@ -661,11 +661,11 @@
Wymuszamy helo/ehlo
</para>
<screen>
- deny message = Wymagane RFC HELO/EHLO zanim wyslesz wiadomosc. \n\
- RFCs mandate HELO/EHLO before mail can be sent.
- condition = ${if or{{!def:sender_helo_name}{eq{$sender_helo_name}{}}}{yes}{no}}
- delay = 5s
- log_message = No HELO/EHLO.
+deny message = Wymagane RFC HELO/EHLO zanim wyslesz wiadomosc. \n\
+ RFCs mandate HELO/EHLO before mail can be sent.
+ condition = ${if or{{!def:sender_helo_name}{eq{$sender_helo_name}{}}}{yes}{no}}
+ delay = 5s
+ log_message = No HELO/EHLO.
</screen>
<para>
Definujemy własne <option>białe listy</option>.
@@ -673,37 +673,37 @@
były traktowane "ulgowo".
</para>
<screen>
- accept domain = +local_domains
- condition = /etc/mail/whitelist
+accept domain = +local_domains
+ condition = /etc/mail/whitelist
</screen>
<para>
Sprawdzamy czy serwer nadawcy figuruje na listach RBL
</para>
- <screen>
- deny message = Serwer nadawcy figuruje na liscie RBL \n\
- Server $sender_host_address is at RBL: \
- $dnslist_domain\n$dnslist_text
- delay = 5s
- dnslists = blackholes.mail-abuse.org : \
- dialup.mail-abuse.org : \
- dnsbl.njabl.org : \
- sbl.spamhaus.org : \
- list.dsbl.org : \
- cbl.abuseat.org : \
- relays.ordb.org : \
- bl.spamcop.net
- hosts = ! +relay_from_hosts
- log_message = Listed at RBL list: $dnslist_domain\n$dnslist_text.
-
- deny message = Serwer nadawcy figuruje na liscie RBL \n\
- Server $sender_host_address is at RBL: $dnslist_domain.
- hosts = ! +relay_from_hosts
- dnslists = bogusmx.frc-ignorant.org/$sender_host_name : \
- dns.rfc-ignorant.org/$sender_host_name
- delay = 5s
- log_message = Listed at RFC-Ignorant.
- </screen>
+<screen>
+deny message = Serwer nadawcy figuruje na liscie RBL \n\
+ Server $sender_host_address is at RBL: \
+ $dnslist_domain\n$dnslist_text
+ delay = 5s
+ dnslists = blackholes.mail-abuse.org : \
+ dialup.mail-abuse.org : \
+ dnsbl.njabl.org : \
+ sbl.spamhaus.org : \
+ list.dsbl.org : \
+ cbl.abuseat.org : \
+ relays.ordb.org : \
+ bl.spamcop.net
+ hosts = ! +relay_from_hosts
+ log_message = Listed at RBL list: $dnslist_domain\n$dnslist_text.
+
+deny message = Serwer nadawcy figuruje na liscie RBL \n\
+ Server $sender_host_address is at RBL: $dnslist_domain.
+ hosts = ! +relay_from_hosts
+ dnslists = bogusmx.frc-ignorant.org/$sender_host_name : \
+ dns.rfc-ignorant.org/$sender_host_name
+ delay = 5s
+ log_message = Listed at RFC-Ignorant.
+</screen>
<para>
Teraz dokonujemy weryfikacji podanego HELO
</para>
@@ -712,54 +712,54 @@
<literal>HELO</literal> nie może być postaci <literal>localhost.localhomain</literal>
</para>
<screen>
- deny message = Niepoprawne HELO. \n\
- $sender_helo_name is a stupid HELO.
- hosts = !+relay_from_hosts
- condition = ${if match {$sender_helo_name}{\N^(127\.0\.0\.1|localhost(\.localdomain)?)$\N}{yes}{no}}
- delay = 5s
- log_message = Stupid localhost HELO.
+deny message = Niepoprawne HELO. \n\
+ $sender_helo_name is a stupid HELO.
+ hosts = !+relay_from_hosts
+ condition = ${if match {$sender_helo_name}{\N^(127\.0\.0\.1|localhost(\.localdomain)?)$\N}{yes}{no}}
+ delay = 5s
+ log_message = Stupid localhost HELO.
</screen>
<para>
<literal>HELO</literal> musi być nazwą domenową (<literal>hostname</literal>)
</para>
<screen>
- deny message = HELO musi byc nazwa domenowa. \n\
- HELO must be hostname.
- hosts = !+relay_from_hosts
- condition = ${if !match {$sender_helo_name}\
- {\N.*[A-Za-z].*\N}{yes}{no}}
- delay = 5s
- log_message = Helo must be hostname.
- </screen>
+deny message = HELO musi byc nazwa domenowa. \n\
+ HELO must be hostname.
+ hosts = !+relay_from_hosts
+ condition = ${if !match {$sender_helo_name}\
+ {\N.*[A-Za-z].*\N}{yes}{no}}
+ delay = 5s
+ log_message = Helo must be hostname.
+</screen>
<para>
Według <literal>RFC821</literal> <literal>HELO</literal> musi być pełną nazwą domenową
(<literal>Fully Qualifield Domain Name</literal>).
</para>
<screen>
- deny message = HELO nie wyglada poprawnie. Zobacz RFC 821. \n\
- HELO must contain a Fully Qualifield Domain Name. See RFC821.
- hosts = !+relay_from_hosts
- condition = ${if !match{$sender_helo_name} \
- {\N.*[A-Za-z].*\..*[A-Za-z].*\N}{yes}{no}}
- delay = 5s
- log_message = HELO is not a FQDN.
- </screen>
+deny message = HELO nie wyglada poprawnie. Zobacz RFC 821. \n\
+ HELO must contain a Fully Qualifield Domain Name. See RFC821.
+ hosts = !+relay_from_hosts
+ condition = ${if !match{$sender_helo_name} \
+ {\N.*[A-Za-z].*\..*[A-Za-z].*\N}{yes}{no}}
+ delay = 5s
+ log_message = HELO is not a FQDN.
+</screen>
<para>
Eliminujemy sytuację gdy nadawca jako <literal>HELO</literal> podaje
serwer z naszej domeny np. <literal>domena.pl</literal>
</para>
<screen>
- deny message = Wykryto zafalszowane RFC HELO. \n\
- Fake HELO detected: $sender_helo_name.
- condition = ${if eq{$sender_helo_name}\
- {\N^(.*\.)?domena\.pl$\N}{yes}{no}}
- hosts = !+relay_from_hosts
- delay = 5s
- log_message = Fake HELO from host $sender_helo_name.
- </screen>
+deny message = Wykryto zafalszowane RFC HELO. \n\
+ Fake HELO detected: $sender_helo_name.
+ condition = ${if eq{$sender_helo_name}\
+ {\N^(.*\.)?domena\.pl$\N}{yes}{no}}
+ hosts = !+relay_from_hosts
+ delay = 5s
+ log_message = Fake HELO from host $sender_helo_name.
+</screen>
<para>Krótkie wyjaśnienie wykorzystanych opcji</para>
More information about the pld-cvs-commit
mailing list