terça-feira, 24 de maio de 2011

FreeBSD - Configurando Spamd

Com base em uma guerra diária ao SPAM, resolvi escrever como fazer um gateway para servidor de E-mail.

Usando FreeBSD 8.2 amd_64 , Packet Filter e Spamd.

É importante lembrar que citarei somente o Básico para a configuração, sendo necessário criar suas regras de firewall e devidos redirecionamentos "rdr" , "nat" , etc...


Instalando o Spamd

# cd /usr/ports/mail/spamd && make install clean

Adicione ao /etc/fstab
# echo "fdescfs /dev/fd fdescfs rw 0 0" >> /etc/fstab
# mount /dev/fd

Packet Filter (PF)


#/etc/rc.conf
#-------------pf.conf
pf_enable="YES"
pf_rules="/etc/pf.conf.spamd"
pf_flags=""
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
pflog_flags=""
obspamd_enable="YES"
obspamd_flags="-v"
obspamlogd_enable="YES"
#-------------EOF

Adiconando ao final do /etc/syslog.conf

# touch /var/log/spamd


#-------------syslog.conf
!spamd
daemon.err;daemon.warn;daemon.info /var/log/spamd
#-------------EOF

Regras Adicionadas ao pf.conf.spamd

#-------------pf.conf.spamd
#tables
zimbra="192.168.0.200/32"

table < spamd > persist
table < spamd-white > persist
table < blacklist > persist file "/usr/local/etc/spamd/blacklist.txt"
table < whitelist > persist file "/usr/local/etc/spamd/whitelist.txt"

rdr pass on $ext_if proto tcp from to $ext_if port smtp -> $zimbra port smtp
rdr pass on $ext_if proto tcp from to $ext_if port smtp -> 127.0.0.1 port 8025
rdr pass on $ext_if proto tcp from to $ext_if port smtp -> 127.0.0.1 port 8025
rdr pass on $ext_if proto tcp from to $ext_if port smtp -> $zimbra port smtp
rdr pass on $ext_if proto tcp from ! to $ext_if port smtp -> 127.0.0.1 port 8025

#-------------EOF

Inicializando os daemons

# /usr/local/etc/rc.d/obspamd start
# /usr/local/etc/rc.d/obspamlogd start
# /etc/rc.d/pf start

Verificando as regras do pf
# pfctl -sr
# pfctl -ss

Verificando ips da WHITE list
# spamdb | grep WHITE | awk -F "|" '{print $2}'

Verificando ips da GREY list
# spamdb | grep GREY | awk -F "|" '{print $2}'

Adicionando e-mail a greylist
# spamdb -T -a 'spammer@spam_domain.com'

Adicionando um ip a whitelist
# spamdb -a 200.200.200.200

Removendo um ip
# spamdb -d 200.200.200.200

OBS: Greylisting pode atrasar ou bloquear o e-mail, faça muitos testes antes.

Referências:
http://onlamp.com/bsd/2007/01/18/greylisting-with-pf.html
https://calomel.org/spamd_config.html
man spamd
man spamdb