filtragem email filtragem de email com red hat linux implementações práticas e apresentação de...
TRANSCRIPT
Filtragem Email
Filtragem de Email com Red Hat Linux
Implementações Práticas e Apresentação de Laboratórios
Ruben OliveiraRHCE RHCX MCSE MCITP
Filtragem Email
• Postfix Mail Server / GW Filter• Mailscanner• SpamAssassin• Mailwatch• Webmin/Usermin• Dovecot• Apresentação de Laboratórios
Filtragem Email
• Postfix Mail Server / GW Filter
Filtragem Email
• Postfix Mail Server / GW Filter
Filtragem Email
• Postfix• main.cf• multiple domain• mail relaying•sasl / tls
Filtragem Email
• MailScanner• www.mailscanner.info• A Free Anti-Virus and Anti-Spam Filter• Protecting over 1 billion e-mails every day• Over 1 million downloads• Perl based• Instalação simples• Compatível com Sendmail/Postfix/Exim,etc• como alternativas amavisd-new
Filtragem Email
• Spam Scanning• Most of the spam scanning is done with the help
of SpamAssassin:• DNS blacklists• over 850 heuristic rules• Bayesian probability system• Distributed network-based checks such as• Razor, DCC, Pyzor which track the frequency
of messages around the world to identify spam
Filtragem Email
• Virus Scanning• Scans all e-mail passing through it for viruses
using any combination of the supported anti-virus engines
• Many sites run 2 or 3 different engines for better coverage and resistance against brand new viruses
• Anti-Virus Engines 20 are supported, including all the major market leaders
• ClamAV is free and has greatly improved over the past year
Filtragem Email
• Virus Handling• Attachments containing viruses or other
security problems are removed• All safe content is delivered untouched• Recipients and senders may get a warning
explaining what happened and who they should contact for help
• System admin notified of basic details of message and what viruses were found
Filtragem Email
• Attachment Filenames• Allows/denies attachments based on filename
and file content, providing implementation of any email security policy.
• Easily used to block attachments which are common ways of disguising viruses, e.g.ReadMe.doc.exe
• These can be varied for different users.
Filtragem Email
• Highly Configurable• Virtually all configuration parameters can be set
using fixed values, “rulesets” or “Custom Functions”
• Rulesets allow different values for any users or domains you specify
• Reports are supplied in 15 languages• Language can be different for different domains
and users•
•
Filtragem Email
• Rulesets• Archive Mail = /etc/MailScanner/rules/arch.rules ;-)
• From: [email protected] [email protected]• From: - Matches when the message is from a matching address
• To: - Matches when the message is to a matching address
• FromOrTo: - Matches when the message is from or to a matching address
• [email protected] # Individual address
• *@domain.com # Any user at 1 specific domain
• 192.168.21.0/24 # Any SMTP client IP address in this network
• *@* # Default value
• default # Default value
• Destination email address / directorio com ou sem datas appended / ficheiro mbox
Filtragem Email
• Custom Functions• These allow implementation of any other
configuration model you choose, including external databases of user options
• Many useful examples are provided• Minimal Perl knowledge needed
Filtragem Email
• Hash-Sharing Systems
• Send a checksum of a message to an online database of spam.
• "Has anyone reported this as spam?". The online database can report back "yes", allowing your mail system to raise the spam score for that message.
• Pyzor Razor DCC
Filtragem Email
• Mailwatch
• MailWatch for MailScanner is a web-based front-end to MailScanner written in PHP, MySQL
• Load Average and Today’s Totals for Messages, Spam, Viruses and Blocked Content.
• Colour-coded display of recently processed mail.
• Drill-down onto each message to see detailed information.
• Quarantine management allows you to release, delete or run sa-learn across any quarantined messages.
• Reports with customisable filters and graphs
Filtragem Email
Filtragem Email
Filtragem Email
Webmin / Usermin• Gestão e Utilização do servidor via https
Filtragem Email
• Dovecot
• Dovecot is an open source IMAP and POP3 server for Linux
• security primarily in mind.• It's fast, simple to set up, requires no special
administration and it uses very little memory.
Filtragem Email
• Laboratórios
• Utilização de Máquinas Virtuais• Instalação de um servidor de email com
filtragem de spam e virus, além de webmail e gestão via http