阻止率99%のスパム対策方式の研究報告

https://www.thousand-winds.jp/cgi-bin/s25r_s.cgi

http://mail.kuji-clinic.info/cgi-bin/s25r/s25r_s.cgi

http://mail.smb.net/cgi-bin/s25r_s.cgi

http://mail.smb.net/cgi-bin/s25r_s7.cgi

http://mail.smb.net/cgi-bin/s25r.cgi

CONTENTS


Lastmodified 2021-06-26 (土) 11:20:26


特定の from アドレスを許可する

http://www.aishinsys.co.jp/wordpress/?p=102

white-list.txt

http://www.gabacho-net.jp/anti-spam/white-list.html

ダウンロードしたwhite-list.txtファイルを/usr/local/etc/postfixディレクトリの下に置いて、これを/usr/local/etc/postfix/main.cfファイルで次のように指定することもできます。

/usr/local/etc/postfix/main.cf

smtpd_client_restrictions =
 permit_mynetworks,
 check_client_access regexp:/etc/postfix/white-list.txt, ←この行を追加
 check_client_access regexp:/etc/postfix/white_list,
 check_client_access regexp:/etc/postfix/rejections

s25rのログ検索のためpermisssion変更

/etc/newsyslog.conf

#/var/log/maillog			640  7	   *	@T00  C
########## s25r log検索のため 644 へ 20120823 ##############
/var/log/maillog			644  7	   *	@T00  C

/var/log/mail.0.log.bz2 の解凍

解析可能にするために既に圧縮済みであれば、解凍する。

-rw-r-----  1 root    wheel      19915 Aug 11 07:13 maillog
-rw-r-----  1 root    wheel      11867 Aug 11 00:00 maillog.0
-rw-r-----  1 root    wheel      11825 Aug 10 00:00 maillog.1
-rw-r-----  1 root    wheel      14997 Aug  9 00:00 maillog.2
-rw-r-----  1 root    wheel      16721 Aug  8 00:00 maillog.3
-rw-r-----  1 root    wheel      91912 Aug  7 00:00 maillog.4
-rw-r-----  1 root    wheel      24205 Aug  6 00:00 maillog.5
-rw-r-----  1 root    wheel      28757 Aug  5 00:00 maillog.6


# bunzip2 maillog.*.bz2

拒絶ログソーティングスクリプト FreeBSD 9.0用

オリジナルのままだとエラーするので、ちょっと改訂。

【変えた所】

--- s25r_s_orig.cgi	2012-08-23 12:56:33.000000000 +0900
+++ s25r_s.cgi	2012-08-23 11:16:48.000000000 +0900
@@ -1,5 +1,6 @@
 #!/bin/sh
-echo "Content-Type: text/plain"
+echo "Content-type: text/plain; charset=iso-8859-1"
+#echo "Content-Type: text/plain"
 echo
 echo "Mail rejection log (450 Client host rejected) - sorted"
 echo
@@ -14,10 +15,10 @@
 #
 # (3) Extract essential items.
 #
-gawk '
+awk '
 {
   client=substr($0, match($0, /from [^]]+\]/)+5, RLENGTH-5)
-  sub(/\[/, " [", client)
+  gsub(/\[/, " [", client)
   sender=substr($0, match($0, /from=<[^>]*>/), RLENGTH)
   rcpt=substr($0, match($0, /to=<[^>]*>/), RLENGTH)
   helo=substr($0, match($0, /helo=<[^>]*>/), RLENGTH)
@@ -27,7 +28,7 @@
 #
 # (4) Convert month names into month numbers.
 #
-gawk '
+awk '
 BEGIN {
   month_num["Jan"]=1
   month_num["Feb"]=2
@@ -59,7 +60,7 @@
 #
 # (6) Insert a blank line between records with a different triplet.
 #
-gawk '
+awk '
 BEGIN {
   prev_triplet=""
 }
@@ -75,7 +76,7 @@
 #
 # (7) Convert retry records in a sequence into one line.
 #
-gawk '
+awk '
 BEGIN {
   RS=""
 }
@@ -91,7 +92,7 @@
 #
 # (9) Reconvert retry records in a sequence into multiple lines.
 #
-gawk '
+awk '
 {
   gsub(/\036/, "\n")
   print
@@ -101,7 +102,7 @@
 #
 # (10) Reconvert month numbers into month names.
 #
-gawk '
+awk '
 BEGIN {
   month_name[1]="Jan"
   month_name[2]="Feb"
@@ -128,7 +129,7 @@
 #
 # (11) Output sorted records with counting.
 #
-gawk '
+awk '
 BEGIN {
   Suppress_single_access_records=0
   RS=""

拒絶ログソーティングスクリプト

オリジナルは、こちら。 http://www.gabacho-net.jp/anti-spam/log-sorting-script.html

試しに実行してみると、

[Thu Aug 23 08:26:18 2012] [error] [client 210.255.122.209] /usr/local/www/apache22/cgi-bin/s25r.cgi: gawk: not found

というエラー(´・ω・`)なので、

hotshot# portinstall japanese/gawk
hotshot# rehash

した。けど、何故か broken pipe の嵐になるので、gawk やめて awk に・・・w

必要な設定

 HTTPデーモンの権限でメールログファイルが読めるようにアクセス権を設定。

hotshot# chmod 644 /var/log/maillog*
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] /usr/local/www/apache22/cgi-bin/s25r.cig: gawk: not found
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] /usr/local/www/apache22/cgi-bin/s25r.cig: gawk: not found
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] /usr/local/www/apache22/cgi-bin/s25r.cig: gawk: not found
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] /usr/local/www/apache22/cgi-bin/s25r.cig: gawk: not found
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] /usr/local/www/apache22/cgi-bin/s25r.cig: gawk: not found
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe
[Thu Aug 23 08:49:30 2012] [error] [client 210.255.122.209] egrep: writing output: Broken pipe

Total access 3811:本日 1:昨日 0

Counter: 3811, today: 1, yesterday: 0

トップ   新規 一覧 検索 最終更新   ヘルプ   最終更新のRSS