PPoossttffiixx  HHoowwttoo

-------------------------------------------------------------------------------

Ϥ

ΥɥȤ Postfix С 2.0 ʹߤɬפȤ뵡ǽ򵭽ҤƤޤ

ΥɥȤС:

  * ᡼Ȥ?
  * ʼԥɥ쥹θ᡼֥åˤ?
  * ºߤԥɥ쥹θ᡼֥åˤ?

      o ٤줿 HELO ĸ᡼Υ֥å
      o ٤줿Ծĸ᡼Υ֥å
      o ٤줿¾ξĸ᡼Υ֥å
      o 륹ʤθ᡼Υ֥å

᡼Ȥ??

ѥޡबԥɥ쥹٤äƥ᡼ȡΤʤФ
ã᡼ΤǤդƤޤޤϸ (backscatter) ᡼
ƤФƤꡢƥबդФˤ狼Ǥ礦

ʼԥɥ쥹θ᡼֥åˤ??

ޥ󤬥ʥɥ쥹θ᡼ˤϡ
LOCAL_RECIPIENT_README  STANDARD_CONFIGURATION_README ɥȤ˽񤫤
褦ˡ¸ߤʤ԰Υ᡼Ƶݤ褦 Postfix 
ޤ

Postfix 2.0 ưƤϡSMTP Ф "ݤ˰ߤ"
ǽ̵ˤƤƥ٤äƤϡ̵֤̤
٤ǤϤޤ

    /etc/postfix/main.cf:
        # Postfix 2.1 ʹߤǤפǤ
        smtpd_error_sleep_time = 0

ºߤԥɥ쥹θ᡼֥åˤ??

᡼뤬 "Τʤ" ХꥢĶƤޤǤ⡢ޤ
ɬפϤޤ¿Υ᡼륷ƥϿڤˤãΤǤʤ
᡼ΥåإåźդޤΥåإåˤϡ٤줿
᡼ǧƥ֥å뤿˻Ȥ󤬴ޤޤƤޤ

٤줿 HHEELLOO ĸ᡼Υ֥å

E᡼륢ɥ쥹 "wietse@porcupine.org" ǤΥ᡼륷ƥ
 SMTP HELO ޥɤǼʬȤ "hostname.porcupine.org" Τޤ
ΤᡢäƤ᡼뤬

    Received: from porcupine.org ...

Τ褦 Received åإåäƤ硢Ϥְܴۤ㤤ʤ
٤줿᡼ǤȤ狼ޤ (ۤ; ϼΥ򻲾Ȥ
)˻Υƥˤä줿᡼ϼΤ褦˸ޤ:

    Received: from hostname.porcupine.org ...

ƱͤͳǡʲΥåإå٤줿̤Ǥǽ˹⤤Ǥ:

    Received: from host.example.com ([1.2.3.4] helo=porcupine.org) ...
    Received: from [1.2.3.4] (port=12345 helo=porcupine.org) ...
    Received: from host.example.com (HELO porcupine.org) ...
    Received: from host.example.com (EHLO porcupine.org) ...

¾ˤϡʪ Message-ID: إåˤ褯ޤΥƥ
<stuff@hostname.porcupine.org> Ȥ Message-ID: ޤʲä
1ܤϵʪǤ:

    Message-ID: <1cb479435d8eb9.2beb1.qmail@porcupine.org>
    Message-ID: <yulszqocfzsficvzzju@porcupine.org>

Τ褦ʸ֥å뤿ᡢϼΤ褦 header_checks 
body_checks ѥȤäƤޤ:

    /etc/postfix/main.cf:
        header_checks = regexp:/etc/postfix/header_checks
        body_checks = regexp:/etc/postfix/body_checks

    /etc/postfix/header_checks:
        /^Received: +from +(porcupine\.org) +/
            reject forged client name in Received: header: $1
        /^Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)
    (porcupine\.org)\)/
            reject forged client name in Received: header: $2
        /^Message-ID:.*@(porcupine\.org)/
            reject forged domain name in Message-ID: header: $1

    /etc/postfix/body_checks:
        /^[> ]*Received: +from +(porcupine\.org) /
            reject forged client name in Received: header: $1
        /^[> ]*Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)
    (porcupine\.org)\)/
            reject forged client name in Received: header: $2
        /^[> ]*Message-ID:.*@(porcupine\.org)/
            reject forged domain name in Message-ID: header: $1

:

  * ϶Τ˴ñˤƤޤºݤˤϻΥѥ
    "(domain|domain|...)" Τ褦ʣΥɥᥤ̾󤷤Ƥޤ

  * "\."  "." ȤʸΤΤ˥ޥåޤ"\" ʤȡ"." Ϥ
    ʸ˥ޥåޤ

  * "\("  "\)"  "("  ")" ȤʸΤΤ˥ޥåޤ"\" 
    ʤȡ"("  ")" ϥ롼ԥ󥰱黻Ҥˤʤޤ

ٹ

Netscape Messenger (ʹȤǤ Mozilla) ԥɥ쥹Υɥᥤʬ
Ʊ HELO ̾ޤΤ褦ʥ饤Ȥ硢嵭Υѥ
E᡼֥åƤޤޤ

Υͥåȥˤ1Τ褦ʥޥ󤬤ΤǡΥ᡼֥å
Ƥޤʤ褦ˡ᡼ user@hostname.porcupine.org Ȥ褦
ޥꤷƤޤPostfix оǥΥ˥ޥåԥ󥰤Ǥ
Ūʥɥ쥹 user@porcupine.org ѤƤޤ

    /etc/postfix/main.cf:
        canonical_maps = hash:/etc/postfix/canonical

    /etc/postfix/canonical:
        @hostname.porcupine.org @porcupine.org

󤳤ϡΤ褦 HELO ޥɤ륷ƥब˾ʤ
ۥȾΥ桼᡼ɬפʤˤΤ߼ŪǤ

¾ˤϡADDRESS_REWRITING_README ɥȤ˽񤫤Ƥ褦ˡɥ쥹
ޥ졼ɤ "hostname.porcupine.org" ۥ̾ˡ⤢ޤ

٤줿Ծĸ᡼Υ֥å

¿οƱ͡ϤޤλȤäƤɥᥤˤĤɥ쥹äƤޤ
Υɥ쥹Υ᡼ϻκΥɥ쥹žޤ䤬
᡼ΤۤȤɤϤΥɥ쥹줿ȼĥƤޤ
Τ褦ʥ᡼餫٤줿ΤǤ뤿ᡢñ˻ߤ뤳ȤǤޤ

    /etc/postfix/main.cf:
        header_checks = regexp:/etc/postfix/header_checks
        body_checks = regexp:/etc/postfix/body_checks

    /etc/postfix/header_checks:
        /^(From|Return-Path):.*[[:<:]](user@domain\.tld)[[:>:]]/
            reject forged sender address in $1: header: $2

    /etc/postfix/body_checks:
        /^[> ]*(From|Return-Path):.*[[:<:]](user@domain\.tld)[[:>:]]/
            reject forged sender address in $1: header: $2

:

  * ϶Τ˴ñˤƤޤºݤˤϻΥѥ
    "(user1@domain1\.tld|user2@domain2\.tld)" Τ褦ʣE᡼륢ɥ쥹
    󤷤Ƥޤ

  * [[:<:]]  [[:>:]] Ϥ줾ñκǽȺǸ˥ޥåޤ
    ƥˤäƤ "\<"  "\>" ꤹɬפޤ
    ܺ٤ϥƥΥɥȤ򻲾ȤƤ

  * "\."  "." ȤʸΤΤ˥ޥåޤ"\" ʤȡ"." Ϥ
    ʸ˥ޥåޤ

٤줿¾¾ξĸ᡼Υ֥å

ʳ٤줿 Received: إå HELO ۥȤޤϥɥᥤ̾
٤ˤ IP ɥ쥹˸Ĥ뤫⤷ޤ󡣤ξդ
ȤʤФޤ󡣥᡼륵Фˤϥͥåȥɥ쥹Ѵظˤ
Τ⤢ꡢ饤 IP ɥ쥹ʤ礬ޤ

륹ʤθ᡼Υ֥å

ñǧǤ٤ƤʤƤ⡢᡼ΰĤΥƥ꤬Ĥޤ
ϥ륹ʥեȥΤǤǰʤ顢륹
եȥˤϥ륹ԥɥ쥹٤뤳ȤΤʤΤޤ
˰ȤˡΥեȥϥ᡼𤹤ˡΤʤᡢ
٤줿Ȥǧ뤿ξ嵭Υƥ˥åȤޤ

륹ʥ᡼ǧϡ¿μΥݡȥեޥåȤ뤿ᡢ
顼ˤʤ꤬ʽǤʲϥåإåѥΤۤΤ鷺
Ǥ륹Υ᡼ǧإåιԥѥ˭٤
쥯 http://www.dkuug.dk/keld/virus/ ⤷
http://www.t29.dk/antiantivirus.txt 򻲾ȤƤ

    /etc/postfix/header_checks:
        /^Subject: *Your email contains VIRUSES/ DISCARD virus notification
        /^Content-Disposition:.*VIRUS1_DETECTED_AND_REMOVED/
            DISCARD virus notification
        /^Content-Disposition:.*VirusWarning.txt/ DISCARD virus notification

륹 spam ʤΥڥ졼ؤΤꤤ: ٤줿ԥɥ쥹
᡼뤳Ȥǡ򰭲ʤǤ̵¤ʿ͡
줷ƤǤ顣ԤȾΤ륢ɥ쥹˥᡼֤ʤ
ʤΤǤСԤɤ褦˥åإåΤ
֤Ƥ

