Line 22: |
Line 22: |
| Install of the lastest Email Whitelist-Blacklist package is from the smecontribs repo: | | Install of the lastest Email Whitelist-Blacklist package is from the smecontribs repo: |
| | | |
− | 1. Install package:
| + | =====Install package:===== |
− | =For SME 10= | + | <tabs container><tab name="For SME 10"> |
| yum install --enablerepo=smecontribs smeserver-wbl | | yum install --enablerepo=smecontribs smeserver-wbl |
| | | |
− | =For SME 9= | + | </tab> |
| + | <tab name="For SME 9"> |
| yum install --enablerepo=smecontribs smeserver-wbl | | yum install --enablerepo=smecontribs smeserver-wbl |
| Reconfigure machine: | | Reconfigure machine: |
Line 33: |
Line 34: |
| signal-event post-upgrade; signal-event reboot | | signal-event post-upgrade; signal-event reboot |
| | | |
− | =For SME 8= | + | </tab> |
| + | <tab name="For SME 8"> |
| yum --enablerepo smecontribs install smeserver-wbl | | yum --enablerepo smecontribs install smeserver-wbl |
| Reconfigure machine: | | Reconfigure machine: |
Line 39: |
Line 41: |
| or if you prefer to reboot your server | | or if you prefer to reboot your server |
| signal-event post-upgrade; signal-event reboot | | signal-event post-upgrade; signal-event reboot |
− | <headertabs /> | + | </tab> |
| + | </tabs> |
| | | |
− | 2. Configure:
| + | =====Configure:===== |
| + | |
| + | Once you do this a new menu item will be visable in the Server-Manager on the left hand side, called '''E-mail WBL'''. Traffic is scanned and may be blocked due to the various screening methods enabled. Clicking on this will present you with 3 buttons. |
| + | |
| + | You may use this panel to define e-mail white/black lists and RBLs. |
| + | |
| + | RBL's List is used to adjust DNSBL and RHSBL. |
| + | '''[RBLs List]''' |
| | | |
− | Once you do this a new menu item will be visable in the Server-Manager on the left hand side, called E-mail WBL. Clicking on this will present you with 2 buttons.
| |
− | '''E-mail WBL'''
| |
− | E-mail traffic is scanned and may be blocked due to the various screening methods enabled.
| |
− | You may use this panel to define e-mail white/black lists.
| |
| Black lists are used for rejecting e-mail traffic. | | Black lists are used for rejecting e-mail traffic. |
| '''[Black List]''' | | '''[Black List]''' |
| + | |
| White lists are used for accepting e-mail traffic. | | White lists are used for accepting e-mail traffic. |
| '''[White List]''' | | '''[White List]''' |
| | | |
| If you press the Black List button you will see the following window. | | If you press the Black List button you will see the following window. |
| + | |
| [[File:email-Reject.jpg]] | | [[File:email-Reject.jpg]] |
| | | |
| If you press the White List button you will see the following window. | | If you press the White List button you will see the following window. |
| + | |
| [[File:Email-accept.jpg|842px]] | | [[File:Email-accept.jpg|842px]] |
| | | |
− | And finally If you press the SAVE button you will simply be presented with one button to;
| + | If you press the RBLs List button you will see the following window. |
− | Execute the email-update event now to restart services and load in your changes.
| + | |
− |
| + | [[File:Wbl rbl.jpg|842px]] |
− | This will apply any of the changes you made in the Reject or Accept windows.
| + | |
| + | And finally If you press the SAVE button this will apply any of the changes you made, wait for confirmation message. |
| | | |
| ===Usage Examples=== | | ===Usage Examples=== |
Line 67: |
Line 77: |
| ====Black Lists: REJECT==== | | ====Black Lists: REJECT==== |
| | | |
− | The '''qpsmtpd badhelo''' is effective in examining the SMTP HELO string and then block mail based on this string. Entries follow the following format.
| + | =====Plugin: Helo===== |
− | something.a.somehost.com
| + | |
− | To find the proper string to enter on the qpsmtp badhelo line. 1. Open an offending email. 2. Open the header of the email. 3. Look for a line that says,
| + | Format: |
− | (HELO something.a.somehost.com)
| + | some.host.domain |
− | Partial strings will not work, E.G. in the previous example somehost.com will not work. It must be the complete HELO string.
| + | |
− | {{Note box|Using qpsmtpd badhelo will stop all mail at a domain that uses that specific HELO string. It's not looking at a specific email. This strategy isn't always effective as spammers generally change this field to stop this kind of detection. Also companies have several SMTP gateways so you may see mail from mail1.domain.com and mail2.domain.com . You will then need to add both of these. The advantage however is if you do want to stop all mail from one source, it can be effective. }} Alternatively you may use the ip address. Again look in the header for the Helo line. It may look something like this, | + | Add domains, hostnames, or perl regexp patterns to the <badhelo> config file; one per line. |
− | Received: from smtprelay0207.c.somehost.com (HELO smtprelay.c.somehost.com) '''(123.111.123.321''')
| + | |
− | Now simply add the IP address you found in the HELO line.
| + | {{Note box|You cannot block HELO IP addresses with this plugin. It is not designed to do that. Please look at other methods such as direct IP blocking via the firewall, or contribs like Fail2ban, GeoIP, xt_tables}} |
− | 123.111.123.321
| + | |
| + | https://github.com/smtpd/qpsmtpd/blob/master/plugins/helo |
| + | |
| + | Matches in the <badhelo> config file, including yahoo.com and aol.com, which neither the real Yahoo or the real AOL use, but which spammers use a lot. |
| + | Like qmail with the qregex patch, the <badhelo> file can also contain perl regular expressions. In addition to normal regexp processing, a pattern can start with a ! character, and get a negated (!~) match. |
| + | |
| + | =====Plugin: Badmailfrom===== |
| + | |
| + | Format: |
| + | @host or user@host |
| + | |
| + | This plugin also supports regular expression matches. This allows special patterns to be denied (e.g. FQDN-VERP, percent hack, bangs, double ats). |
| + | Patterns are stored in the format pattern'''(\s+)'''response, where pattern is a Perl pattern expression. Don't forget to anchor the pattern (front ^ and back $) if you want to restrict it from matching anywhere in the string. |
| + | |
| + | https://github.com/smtpd/qpsmtpd/blob/master/plugins/badmailfrom |
| | | |
− | Badmailfrom
| |
− | @host or user@host
| |
| | | |
| ====White Lists: ACCEPT==== | | ====White Lists: ACCEPT==== |
| | | |
− | Whitelisthosts - see this post http://forums.contribs.org/index.php/topic,51429.0.html | + | =====Whitelisthosts===== |
| + | |
| + | see this post http://forums.contribs.org/index.php/topic,51429.0.html |
| | | |
| Single IP | | Single IP |
Line 91: |
Line 115: |
| 192.168 | | 192.168 |
| | | |
− | WhitelistHELO | + | =====WhitelistHELO===== |
| host.domain.com | | host.domain.com |
| | | |
− | Whitelistsenders | + | =====Whitelistsenders===== |
| joe@foo.com | | joe@foo.com |
| foo.com | | foo.com |