Bii o ṣe le Lo Sagator, Ẹnu-ọna Antivirus/Antispam, lati Dabobo Olupin Ifiranṣẹ Rẹ
A ka ti awọn akoran ọlọjẹ (awọn tuntun wa jade ni gbogbo igba) ati pe bakan naa ni ipa nipasẹ leta meeli ni ojoojumọ. Lakoko ti ọpọlọpọ awọn solusan ọfẹ ati ti iṣowo (wa bi awọn ohun elo alabara) fun awọn iparun mejeeji, awọn alabojuto eto nilo lati ni igbimọ kan fun gbigbe pẹlu awọn irokeke wọnyi daradara ṣaaju ki wọn to awọn apoti leta ti awọn olumulo.
Ọkan ninu iru awọn imọran bẹẹ ni bi siseto ẹnu-ọna antivirus/antispam kan. O le ronu ti ọpa yii bi agbedemeji agbedemeji (tabi àlẹmọ) laarin aye ita ati nẹtiwọọki inu rẹ titi o fi de akoonu imeeli.
Ni afikun, ti o ba ronu rẹ, o rọrun pupọ lati fi sori ẹrọ ati ṣetọju ẹyọ sọfitiwia ẹyọkan ninu ẹrọ kan (olupin meeli) ju lati ṣe kanna lori ọpọlọpọ awọn ẹrọ lọkọọkan.
Ninu nkan yii a yoo ṣe afihan ọ si Sagator, ẹnu-ọna antivirus/anti-spam fun awọn olupin meeli Linux ti a kọ sinu Python. Ninu awọn ohun miiran, Sagator pese gedu data, lilo awọn iṣiro, ati awọn iroyin ojoojumọ fun awọn olumulo. Ti o sọ, jẹ ki a bẹrẹ.
Fifi Sagator ati Postfix Server Server sori ẹrọ
Lati fi Sagator sori ẹrọ ni CentOS/RHEL 7, ṣe igbasilẹ ati fi awọn idii RPM wọnyi sii. Itusilẹ beta tuntun (7) pẹlu atilẹyin ati awọn atunṣe fun eto - iyẹn ni idi ti a fi fẹran lati fi sii ni lilo ọna yii dipo gbigba lati ayelujara package lati awọn ibi ipamọ.
# rpm -Uvh https://www.salstar.sk/pub/sagator/epel/testing/7/i386/sagator-core-1.3.2-0.beta7.el7.noarch.rpm # rpm -Uvh https://www.salstar.sk/pub/sagator/epel/testing/7/i386/sagator-1.3.2-0.beta7.el7.noarch.rpm
Ti o ba n ṣe fifi sori ẹrọ yii lori olupin tuntun, jọwọ ṣe akiyesi pe ọpọlọpọ awọn idii miiran nilo lati fi sori ẹrọ bi awọn igbẹkẹle, laarin eyiti a le darukọ ClamAV, ati SpamAssassin.
Ni afikun, o le fẹ tun fi Rrdtool sii, ohun elo lati ṣẹda ati ifihan ọjọ/ọsẹ/oṣu/ọdun awọn aworan ti lapapọ/mimọ/kokoro/nọmba spam ti awọn imeeli.
Awọn aworan wọnyi yoo wa ni/var/www/html/sagator ni kete ti iṣẹ ati awọn igbẹkẹle rẹ ti ṣiṣẹ ni kikun.
# yum install epel-release # yum install postfix spamassassin clamav clamav-scanner clamav-scanner-systemd clamav-data clamav-update rrdtool
Eyi kii ṣe iyalẹnu nitori a yoo nilo olupin meeli, ati software antivirus/antispam Sagator le ṣe asopọ si. Ni afikun, a le nilo lati fi sori ẹrọ ni apo-iwe meelix, eyiti o pese MUA (Oluranlowo Olumulo Ifiranṣẹ, ti a tun mọ ni Oluranlowo Imeeli)
Ni Debian ati Ubuntu, iwọ yoo nilo lati fi sori ẹrọ Sagator lati inu apo-iwe .deb ti a ti ṣa tẹlẹ, eyiti o le ṣe igbasilẹ lati ibi ki o fi sii bi atẹle:
# wget https://www.salstar.sk/pub/sagator/debian/pool/jessie/testing/sagator-base_1.3.2-0.beta7_all.deb # wget https://www.salstar.sk/pub/sagator/debian/pool/jessie/testing/sagator_1.3.2-0.beta7_all.deb # dpkg -i sagator-base_1.3.2-0.beta7_all.deb # dpkg -i sagator_1.3.2-0.beta7_all.deb
# wget https://www.salstar.sk/pub/sagator/ubuntu/pool/trusty/testing/sagator-base_1.3.2-0.beta7_all.deb # wget https://www.salstar.sk/pub/sagator/ubuntu/pool/trusty/testing/sagator_1.3.2-0.beta7_all.deb # sudo dpkg -i sagator-base_1.3.2-0.beta7_all.deb # sudo dpkg -i sagator_1.3.2-0.beta7_all.deb
Bi o ti jẹ ọran pẹlu CentOS, iwọ yoo nilo lati fi sori ẹrọ ati tunto olupin meeli, SpamAssassin, ati awọn idii ClamAV:
# aptitude install postfix spamassassin clamav clamav-daemon -y
Maṣe gbagbe lati lo sudo ni Ubuntu.
Nigbamii ti, laibikita pinpin, iwọ yoo nilo lati ṣe imudojuiwọn asọye ọlọjẹ ṣaaju ki o to bẹrẹ ClamAV. Ṣaaju ki o to ṣe, satunkọ /etc/clamd.d/scan.conf ati /etc/freshclam.conf ki o paarẹ laini atẹle:
Example
Pẹlupẹlu, ni /etc/clamd.d/scan.conf, rii daju pe ila atẹle yii ko ni idamu:
LocalSocket /var/run/clamd.scan/clamd.sock
Lakotan, ṣe
# freshclam
Ati bẹrẹ/mu ClamAV ṣiṣẹ, SpamAssassin, ati Sagator:
# systemctl start [email # systemctl start spamassassin # systemctl start sagator # systemctl enable [email # systemctl enable spamassassin # systemctl enable sagator
O le fẹ lati ṣayẹwo akọọlẹ Sagator lati rii daju pe iṣẹ naa bẹrẹ ni deede:
# systemctl status -l sagator
tabi fun awọn alaye diẹ sii,
# tail -f /var/spool/vscan/var/log/sagator/sagator.log
Awọn ofin ti o wa loke ni a sapejuwe ninu aworan atẹle:
Tito leto Sagator ni Lainos
Faili iṣeto akọkọ wa ni /etc/sagator.conf. Jẹ ki a wo atokọ ti o kere julọ ti awọn itọsọna ti a nilo lati ṣeto ni fun Sagator lati ṣiṣẹ daradara:
Igbesẹ 1 - A yoo lo Sagator inu chroot kan, nitorinaa rii daju pe laini atẹle yii ko ṣoro:
CHROOT = '/var/spool/vscan'
Igbesẹ 2 - Rii daju pe itọsọna LOGFILE baamu iye atẹle:
LOGFILE = CHROOT + '/var/log/sagator/sagator.log'
Igbesẹ 3 - Yan antivirus kan ti yoo ṣepọ pẹlu Sagator. Lati ṣe bẹ, rii daju pe awọn ila ti o ṣe afihan ni aworan ni isalẹ ko ni ibanujẹ:
Lakoko ti o ni ominira lati yan lati oriṣi ọpọlọpọ awọn solusan antivirus, ClamAV n pese iṣẹ ti o ga julọ ati iduroṣinṣin. Botilẹjẹpe a yoo lo ClamAV ninu itọsọna yii, jọwọ ranti pe faili iṣeto ni pẹlu awọn itọnisọna lati kio Sagator si awọn solusan antivirus/antispam miiran.
Nigbati o ba pari, ṣiṣe
# sagator --test
Lati ṣayẹwo faili iṣeto ni. Ko si iṣẹjade jẹ ohun ti o dara! Bibẹẹkọ, koju eyikeyi awọn aṣiṣe ti a rii ṣaaju ṣiṣe.
Ṣiṣẹpọ Sagator pẹlu Postfix
Lati le ṣepọ Sagator pẹlu Postfix, rii daju pe awọn ila wọnyi wa ni /etc/postfix/main.cf ati /etc/postfix/master.cf:
mynetworks = 127.0.0.0/8 content_filter = smtp:[127.0.0.1]:27
#smtp inet n - n -- smtpd 127.0.0.1:26 inet n - n - 30 smtpd -o content_filter= -o myhostname=localhost -o local_recipient_maps= -o relay_recipient_maps= -o mynetworks=127.0.0.0/8 -o mynetworks_style=host -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_data_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_use_tls=no
Lẹhinna tun bẹrẹ ifiweranṣẹ ki o rii daju pe o ti ṣiṣẹ lati bẹrẹ laifọwọyi ni bata:
# systemctl restart postfix # systemctl enable postfix
A le bayi tẹsiwaju pẹlu idanwo.
Igbeyewo Sagator
Lati ṣe idanwo Sagator, fi imeeli ranṣẹ lati gbongbo olumulo si gacanepa olumulo pẹlu ara atẹle. Eyi kii ṣe nkan diẹ sii ko si nkan ti o kere ju boṣewa GTUBE (Idanwo jeneriki fun Imeeli Bulk ti a ko beere) ti a pese nipasẹ SpamAssassin, bi a ṣe han ninu aworan ni isalẹ:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
Bayi jẹ ki a wo ohun ti o ṣẹlẹ nigbati a ba ran ọlọjẹ bi asomọ. Ninu apẹẹrẹ atẹle a yoo lo idanwo EICAR (tọka si titẹsi Wikipedia yii fun awọn alaye diẹ sii):
# wget http://www.eicar.org/download/eicar.com # mail -a eicar.com gacanepa
Lẹhinna ṣayẹwo log:
# tail -f /var/spool/vscan/var/log/sagator/sagator.log
Lẹhinna a firanṣẹ awọn imeeli ti a kọ si olufiranṣẹ pẹlu akiyesi ti o baamu:
Kini o dara julọ nipa eyi? Bi o ti le rii, àwúrúju ati awọn ọlọjẹ ko ṣe ni otitọ si olupin meeli ti nlo ati awọn apoti leta awọn olumulo, ṣugbọn wọn silẹ tabi kọ ni ipele ẹnu-ọna.
Gẹgẹbi a ti sọ tẹlẹ, awọn awọn aworan wa ni http:// :
Akopọ
Ninu nkan yii a ti ṣalaye bi o ṣe le fi sori ẹrọ ati tunto Sagator, ẹnu-ọna antivirus/antispam eyiti o ṣepọ laisiyonu pẹlu ati aabo olupin meeli rẹ.
Fun alaye diẹ sii ati iṣẹ siwaju (ọpọlọpọ diẹ sii si sọfitiwia alaragbayida yii ju ti a le bo daradara lọ ninu nkan kan!), O le fẹ lati tọka si oju opo wẹẹbu iṣẹ akanṣe ni http://www.salstar.sk/sagator.
Gẹgẹbi igbagbogbo, ma ṣe ṣiyemeji lati fi ila silẹ wa ni lilo fọọmu asọye ni isalẹ ti o ba ni ibeere tabi awọn asọye eyikeyi.
Ọpẹ pataki si Jan ONDREJ (SAL), Olùgbéejáde ti Sagator, fun atilẹyin titayọ rẹ nigbati mo nkọ nkan yii.