dear admins...
sebelumnya met puasa buat yang melaksanakannya,
dan mohon maaf kepada yang puasa kalau "agak" pusing dikit nih ....
(1) saya sudah pasang RBLSMTPD, sbb di supervise/qmail-smtpd:
------------------------------------------------------------
[root@mx qmail-smtpd]# cat run
#!/bin/sh
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" ]; then
echo QMAILDUID, NOFILESGID, or MAXSMTPD is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
exec /usr/local/bin/softlimit -m 2000000 \
/usr/local/bin/tcpserver -v -p -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
/usr/local/bin/rblsmtpd /var/qmail/bin/qmail-smtpd 2>&1
(2) saya sudah pasang /etc/tcp.smtp:
------------------------------------------------------------
[root@mx qmail-smtpd]# cat /etc/tcp.smtp
127.:allow,RELAYCLIENT=""
203.130.:allow,RELAYCLIENT=""
203.134.:allow,RELAYCLIENT=""
61.5.:allow,RELAYCLIENT=""
202.158.:allow,RELAYCLIENT=""
202.95.:allow,RELAYCLIENT=""
202.53.:allow,RELAYCLIENT=""
202.159.:allow,RELAYCLIENT=""
202.137.:allow,RELAYCLIENT=""
202.77.:allow,RELAYCLIENT=""
202.146.:allow,RELAYCLIENT=""
202.159.:allow,RELAYCLIENT=""
202.180.:allow,RELAYCLIENT=""
202.155.:allow,RELAYCLIENT=""
202.153.:allow,RELAYCLIENT=""
202.152.:allow,RELAYCLIENT=""
202.151.:allow,RELAYCLIENT=""
202.150.:allow,RELAYCLIENT=""
202.149.:allow,RELAYCLIENT=""
202.148.:allow,RELAYCLIENT=""
202.147.:allow,RELAYCLIENT=""
(3) saya sudah pasang juga di RAVMAIL, sbb :
------------------------------------------------------------
FILE -> ravmd.conf:
# Uncomment this if you want to use RBL feature (you have to edit
# the /etc/opt/rav/rbl_settings too).
_include /etc/opt/rav/rbl_settings
# ANTISPAM DEFINITIONS SECTION
_include /etc/opt/rav/antispam
------------------------------------------------------------
FILE -> rbl_settings:
rbl_site = bl.spamcop.net, dev.null.dk
rbl_site = orbs.dorkslayers.com, orbz.gst-group.co.uk
rbl_site = relays.ordb.org, relays.osirusoft.com
# The number of IPs which will be cached localy
rbl_cache_size = 20000
# The location of the IPs cache file
rbl_cache_file = /tmp/rbl_cache
#rbl_cache_file = /var/opt/rav/rbl_cache
# The timeout (in seconds) for a DNS query to one server from the rbl_site
#rbl_timeout = 5
# The number of retries for a DNS query
#rbl_retry = 3
------------------------------------------------------------
(4) /var/qmail/control/rcpthost & morercpthosts berisi domain2 yang hosting di kita.
tanpa ada line terlewatkan (line kosong)
------------------------------------------------------------
(5) tapi tetep aja, sbb (open aja deh!!) :
------------------------------------------------------------
220 mail.famili.web.id ESMTP
helo rrss.crynwr.com
250 mail.famili.web.id
mail from:<>
250 ok
rcpt to:<[EMAIL PROTECTED]>
250 ok
data
354 go ahead
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Date: Wed, 13 Nov 2002 9:12:25 -0000
Message-Id: <[EMAIL PROTECTED]>
Test message
.
250 ok 1037178745 qp 19060
quit
Successful termination. As far as I can tell, the email was delivered.
That might not be what you want.
------------------------------------------------------------
(6) yang terakhir, virus biasanya menggunakan email <user@domain > <-- awas! ada
spasi!!!
nah, gimana caranya ngedetek "spasi" setelah domain ini ? apakah ada script qmail
untuk searching2 string ?
misalnya searching <user@domain > , soalnya si qmail akan (reply) result dari
[EMAIL PROTECTED] bahwa domain tsb tidak ada, padahal kalau tanpa
"spasi" tsb domain itu ada di RCPTHOSTS.
Tentunya hal ini sangat menggangu bandwidth yang kita pergunakan juga. Mohon
pencerahannya.
------------------------------------------------------------
Tolong dengan sangat bantuan rekan yang lebih berpengalaman dalam hal QMAIL Anti-RELAY
ini.
Terima kasih atas bantuannya.
Rgds,
-Denie-
--
Utk berhenti langganan, kirim email ke [EMAIL PROTECTED]
Informasi arsip di http://www.linux.or.id/milis.php3
