

            .

			    Copyright (c) 2003 by Maxim Chirkov <mc@tyumen.ru>
			    http://www.opennet.ru/dev/spam_check/

   !!!    , 
   .    
    (      
,   DNSBL     ). 
      ,    .


==============================================================================
     


  :
    1.1.    (IP , , email' ("RCPT TO"  
	 "MAIL FROM"),  );
    1.2.   (      
         ).

         :
    2.1.  IP  ;
    2.2.  email   ;
    2.3.   ;
    2.4.   .

    :
    3.1.       ( IP    "HELO", 
         "RCPT TO"  "MAIL FROM");
    3.2.      "DATA",    ;
    3.2.    ,       
            (    ,  );
    3.3.       ( 
	         ).

  ,    postfix     
    ,    
    HELO:
smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain, check_relay_domains
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname,  reject_non_fqdn_hostname


  :
    4.1.     , 
          ,     (  
	    );
    4.2.     (   
	 ,         ,
	        );
    4.3.       ,   - 
               (  
	    ,   "bounce"   
	         ).

  :
    5.1.    (        ,
          ,  DSBL  );
    5.2.   (http, socks,  5.1);
    5.3.  cgi- (formmail,  5.1);
    5.4.   dial-up     (
	   , DUL    , 
	       );
    5.5.       
           (  ,   ) 
	 (      ,  
	      ,  
	          
	 ).

:         ,
    ,          
         SMTP  ,    
       .    -   
      IP       . 


   ,    ,    
    regex ,      
   ,      , ..  
   ,     ,  
   -      
  , ,  ,     .


  P    *BL     email , 
   ,     
 -.    DNSBL  
    ,      
    xDSL ,      
    . DNSBL    5.1, 5.2, 
5.3  5.4.   5.5    . 



==============================================================================
     .

         
  IP     .     
: 
      -      ;
      -  ;
      -   .

        spam  ( "tail"  
     ) 
,      
     . .. 
         .
       
 .

           
    (  1000-2000,   
     5000  9000  ,    
   "tail"     ).  
    DNSBL-,  
     (: dsbl.org, 
proxies.relays.monkeys.com, relays.ordb.org).

        ,    
  , "bounce"   .  - 
    ,      offline ,
   - (  N .    
   ).     ,   
     ,  .  
           
(         ),  
       .
  
     ""        
(  cron    ), 
""  -         
( "tail -f"),       .  
  .  

    :
    -       ,   
          ;
    -    (   5   ,   3,
      : bzq-218-1-51.cable.test.com).
    -       
      (: client, dial, dsl, cable, pool, ppp);
    -      (    
        -    ).
      


==============================================================================
  .

-     spam_check.pl   :
  # vi spam_check.pl
  # vi util/clean_dn.pl

-   (: antispam)     
  spam_check.pl (    maillog  ,  "data" (. )
  ,      ,  ):
  Linux  : # groupadd antispam; useradd -g antispam -s /bin/sh antispam
  FreeBSD: # pw useradd -n antispam -c 'antispam robot' -s /bin/sh
  

-      ,   
   antosmap,    /usr/local/etc/postfix/antispam:
  # mkdir -m 755 /var/log/antispam
  # mkdir -m 755 /usr/local/etc/postfix/antispam
  # mkdir -m 755 /usr/local/etc/postfix/antispam/blocklist
  # chown antispam:antispam /var/log/antispam
  # chown antispam:antispam /usr/local/etc/postfix/antispam/blocklist

-    (su antispam -c ./spam_check.pl).  
   perl  BerkeleyDB (http://search.cpan.org/author/PMQS/BerkeleyDB-0.23/)
    Berkeley DB (http://sleepycat.com). 

    "tail"     File::Tail 
  (http://search.cpan.org/author/MGRABNAR/File-Tail-0.98/),     
   Time::HiRes (http://search.cpan.org/author/JHI/Time-HiRes-1.48/).


-   (  5-10 .)   spam_check.pl 
   cron (   ,    ):
  # crontab -e -u antispam
      */4 * * * *  /usr/local/etc/postfix/antispam/spam_check.pl 2>/dev/null

        "tail",  cron   ,
     (    "&"): 
      su antispam -c '/usr/local/etc/postfix/antispam/spam_check.pl&'

        util/clean_dn.pl:
  # crontab -e -u antispam
      32 5 * * *  /usr/local/etc/postfix/antispam/util/clean_dn.pl
  
-  ,     spam_check.pl, 
       rbldnsd.
  ,  postfix  main.cf  :

    maps_rbl_domains = list.dsbl.org, relays.ordb.org, proxies.relays.monkeys.com
    maps_rbl_reject_code = 550
    smtpd_client_restrictions = hash:/usr/local/etc/postfix/antispam/blocklist/block_list.txt, reject_maps_rbl

        MTA ,   
    .  ,    
         .
  