完美的垃圾邮件 - Ubuntu Jaunty Jackalope
作者:Mohammed Alli
Postfix w /贝叶斯过滤和反向散射(Relay Recipients),Apache,Mysql,Dnsmasq,MailScanner(Spamassassin,ClamAV,Pyzor,Razor,DCC-Client),MailWatch,SPF Checks,FuzzyOcr,PDF / XLS / Phishing Sanesecurity Signatures, Postfix-GLD(Greylisting可选),Logwatch统计报告(可选),使用alterMIME(可选)发送免责声明,FireHOL(Iptables防火墙)
版本2.5
本教程将介绍如何在网关模式下将基于Ubuntu Jaunty Jackalope的服务器设置为垃圾邮件过滤器。 最后,您将拥有一个SpamSnake网关,它会将干净的电子邮件转发到您的MTA。 您还可以查看您的入站队列,训练您的SpamSnake,并通过MailWatch进行一些更高级的操作。
我不能提供任何保证,这将为您工作,与我一样的方式。
我将使用以下软件:
- Web服务器:Apache 2与PHP 5
- 数据库服务器:MySQL 5.0
- 邮件服务器:Postfix
- 缓存DNS服务器:Dnsmasq
- MailScanner:MailScanner v4.76
- MailWatch:MailWatch v1.0.4
信用于youcl和MailScanner,MailWatch,ClamAV,Apache,Mysql和Postfix的开发人员。
使用最小选项安装基本系统。
获取root权限
通过运行以下命令启用根登录,并给根密码。 然后,您可以直接以root身份登录:
sudo passwd root
2.安装vim-nox(可选)
我将在本教程中使用vi作为我的文本编辑器。 默认的vi程序在Ubuntu和Debian上有一些奇怪的行为; 要解决这个问题,我们安装vim-nox:
aptitude install vim-nox
(如果您使用其他文本编辑器(如joe或nano),则无需执行此操作。)
3.配置网络
由于Ubuntu安装程序已将系统配置为通过DHCP获取其网络设置,因此,由于服务器应具有静态IP地址,因此我们必须进行更改。 编辑/ etc / network / interfaces
并根据您的需要进行调整(在本例中,我将使用IP地址192.168.0.100
)
vi /etc/network/interfaces
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.0.100 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1
然后重新启动您的网络:
/etc/init.d/networking restart
然后编辑/ etc / hosts
。 看起来像这样:
127.0.0.1 localhost.localdomain localhost 192.168.0.100 server1.example.com server1 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts
现在运行:
echo server1.example.com > /etc/hostname
/etc/init.d/hostname.sh start
之后,运行:
hostname
hostname -f
两者都应该显示server1.example.com
。
4.更新您的Linux安装
编辑/etc/apt/sources.list
。 从文件中注释或删除安装CD,并确保启用了Universe和multiverse存储库。 它应该是这样的:
# # deb cdrom:[Ubuntu-Server 9.04 _Jaunty Jackalope_ - Release amd64 (20090421.1)]/ jaunty main restricted #deb cdrom:[Ubuntu-Server 9.04 _Jaunty Jackalope_ - Release amd64 (20090421.1)]/ jaunty main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://de.archive.ubuntu.com/ubuntu/ jaunty main restricted deb-src http://de.archive.ubuntu.com/ubuntu/ jaunty main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://de.archive.ubuntu.com/ubuntu/ jaunty-updates main restricted deb-src http://de.archive.ubuntu.com/ubuntu/ jaunty-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://de.archive.ubuntu.com/ubuntu/ jaunty universe deb-src http://de.archive.ubuntu.com/ubuntu/ jaunty universe deb http://de.archive.ubuntu.com/ubuntu/ jaunty-updates universe deb-src http://de.archive.ubuntu.com/ubuntu/ jaunty-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://de.archive.ubuntu.com/ubuntu/ jaunty multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ jaunty multiverse deb http://de.archive.ubuntu.com/ubuntu/ jaunty-updates multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ jaunty-updates multiverse ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. # deb http://de.archive.ubuntu.com/ubuntu/ jaunty-backports main restricted universe multiverse # deb-src http://de.archive.ubuntu.com/ubuntu/ jaunty-backports main restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu jaunty partner # deb-src http://archive.canonical.com/ubuntu jaunty partner deb http://security.ubuntu.com/ubuntu jaunty-security main restricted deb-src http://security.ubuntu.com/ubuntu jaunty-security main restricted deb http://security.ubuntu.com/ubuntu jaunty-security universe deb-src http://security.ubuntu.com/ubuntu jaunty-security universe deb http://security.ubuntu.com/ubuntu jaunty-security multiverse deb-src http://security.ubuntu.com/ubuntu jaunty-security multiverse
然后运行以下更新apt包数据库:
aptitude update
运行以下安装最新更新:
aptitude safe-upgrade
如果您看到新内核作为更新的一部分进行安装,那么您应该重新启动系统:
5.更改默认Shell
/ bin / sh
是/ bin / dash
的符号链接,但是我们需要/ bin / bash
,not / bin / dash
。 所以我们这样做:
dpkg-reconfigure dash
安装破折号为/ bin / sh?
< - 不
6.禁用AppArmor
AppArmor是一个安全扩展(类似于SELinux),应该提供扩展的安全性。 在我看来,你不需要配置一个安全的系统,它通常会导致更多的问题,而不是优势(考虑到你做了一周的故障排除后,因为一些服务不能按预期工作,然后你发现一切都很好,只有AppArmor导致了这个问题)。 因此我禁用它(如果你想稍后安装ISPConfig,这是必须的)。
我们可以禁用它:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
aptitude remove apparmor apparmor-utils
7.安装一些软件
现在我们安装一些稍后需要的软件包:
aptitude install binutils cpp fetchmail flex gcc libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.6-dev libpcre3 libpopt-dev lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++ build-essential unrar
8.同步系统时钟
通过互联网将系统时钟与NTP(网络时间协议)服务器同步是个好主意。 只需运行:
apt-get install ntp ntpdate
缓存Dnsmasq
apt-get install dnsmasq
编辑/etc/dnsmasq.conf
并使localhost上的Dnsmasq监听:
listen-address=127.0.0.1
编辑/etc/resolv.conf
并将以下内容添加到列表的顶部:
nameserver 127.0.0.1