센드메일에서 RBL를 이용해서 spam ip 막는 방법.
대표로 cbl.abuseat.org 랑 국내 kisa RBL 사이트를 적용하면 그마나 스팸아이피를 차단할수가 있다.
설정 방법
[dolmuri@ mail] vi /etc/mail/sendmail.mc
dnl # 한국 화이트 도메인 설정시
FEATURE(`dnsbl', `cbl.abuseat.org', `550 Message from $&{client_addr} rejected as spam - see http://cbl.abuseat.org')dnl
FEATURE(dnsbl, `spamlist.or.kr', `Rejected - see http://www.kisarbl.or.kr/')dnl
dnl # 해외 블랙 도메인 설정시
FEATURE(`dnsbl', `relays.ordb.org', `"Rejected due to Open Relay see http://www.ordb.org/lookup/?host=" $& clientaddr} " for more information"')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `"Rejected due to Spamhaus listing see http://www.abuse.net/sbl.phtml?IP=" $&{clientaddr} " for more information"')dnl
FEATURE(`dnsbl', `dnsbl.sorbs.net',`"554 Rejected " $&{client_addr} " found in dnsbl.sorbs.net"')dnl
[dolmuri@ mail] m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
추가된 룰을 확인해본다.
[dolmuri@ mail] vi /etc/mail/sendmail.cf
## map for DNS based blacklist lookups
Kdnsbl host -T<TMP>
# DNS based IP address spam list cbl.abuseat.org
R$* $: $&{client_addr}
R$-.$-.$-.$- $: <?> $(dnsbl $4.$3.$2.$1.cbl.abuseat.org. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+<TMP> $: TMPOK
R<?>$+ $#error $@ 5.7.1 $: 550 Message from $&{client_addr} rejected as spam - see http://cbl.abuseat.org
# DNS based IP address spam list spamlist.or.kr
R$* $: $&{client_addr}
R$-.$-.$-.$- $: <?> $(dnsbl $4.$3.$2.$1.spamlist.or.kr. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+<TMP> $: TMPOK
R<?>$+ $#error $@ 5.7.1 $: Rejected - see http://www.kisarbl.or.kr/
# DNS based IP address spam list relays.ordb.org
R$* $: $&{client_addr}
R$-.$-.$-.$- $: <?> $(dnsbl $4.$3.$2.$1.relays.ordb.org. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+<TMP> $: TMPOK
R<?>$+ $#error $@ 5.7.1 $: "Rejected due to Open Relay see http://www.ordb.org/lookup/?host=" $& clientaddr} " for more information"
# DNS based IP address spam list sbl.spamhaus.org
R$* $: $&{client_addr}
R$-.$-.$-.$- $: <?> $(dnsbl $4.$3.$2.$1.sbl.spamhaus.org. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+<TMP> $: TMPOK
R<?>$+ $#error $@ 5.7.1 $: "Rejected due to Spamhaus listing see http://www.abuse.net/sbl.phtml?IP=" $&{clientaddr} " for more information"
# DNS based IP address spam list dnsbl.sorbs.net
R$* $: $&{client_addr}
R$-.$-.$-.$- $: <?> $(dnsbl $4.$3.$2.$1.dnsbl.sorbs.net. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+<TMP> $: TMPOK
R<?>$+ $#error $@ 5.7.1 $: "554 Rejected " $&{client_addr} " found in dnsbl.sorbs.net"