sendmail¿¡¼ milter »ç¿ëÇؼ ¾à°£ÀÇ ½ºÆÔ°ú ¹ÙÀÌ·¯½º ¸·±â.. | ÀÛ¼ºÀÏ : 2004/02/07 16:48 |
Á¶È¸¼ö : 8715 |
¾ó¸¶Àü ¸¶À̵ÒÀ¸·Î ÀÎÇؼ Á¦°¡ °ü¸®ÇÏ´Â Á¶±×¸¸ ¸ÞÀϼ¹ö°¡ ¾û¸ÁÀÌµÈ ÀûÀÌ ÀÖ¾î¼ ¿©±âÀú±â ¾Ë¾Æº¸´Ù°¡ ¾Ë°ÔµÈ ¹æ¹ýÀÔ´Ï´Ù. qmailÀ» »ç¿ëÇ϶ó´Â ¾ê±â¸¦ ¸¹ÀÌ µé¾ú´Âµ¥¿ä. óÀ½ºÎÅÍ »õ·Î ¼³Ä¡ÇѴٴµ¥¿¡ °ÌÀÌ ³ª¼ sendmailÀ» »ç¿ëÇؼ ÇÏ´Â ¹ýÀ» ¿©±âÀú±â ã¾Æº¸´Ù°¡ ¾Ë°ÔµÈ ¹æ¹ýÀÌÁÒ. RedHat9¸¦ ±âÁØÀ¸·Î ¼³¸íÇÕ´Ï´Ù. 1. milter »ç¿ëÀ» À§ÇØ sendmail-develÆÐÅ°Áö¿Í sendmail¼Ò½º¸¦ ¼³Ä¡ ¡¡ (perlÀÇ milter ¸ðµâÀ» ¼³Ä¡ÇÒ ¶§ ¼Ò½º¸¦ ÇÊ¿ä·Î ÇÕ´Ï´Ù) [sendmail-devel rpm] ¡¡¡¡RedHat9 cd3 RPMS ¡¡¡¡sendmail-devel-8.12.8-4.i386.rpm [sendmail srpm] ¡¡¡¡http://rpmfind.net/¿¡¼ sendmail·Î °Ë»ö ÈÄ RedHat9¿ë °°Àº ¹öÀüÀ» ã´Â´Ù. ¡¡¡¡sendmail-8.12.8-4.src.rpm [¼³Ä¡] ¡¡¡¡# rpm -Uvh sendmail-devel-8.12.8-4.i386.rpm ¡¡¡¡# rpm -Uvh sendmail-8.12.8-4.src.rpm [sendmail ¼Ò½º ÄÄÆÄÀÏ] ¡¡¡¡# cd /usr/src/redhat/SPECS/ ¡¡¡¡# rpmbuild -bc sendmail.spec 2. perl¿ë milter ¸ðµâÀ» ¼³Ä¡ ¡¡ (base64 ÀÎÄÚµùµÈ ¸ÞÀϵµ °Ë»çÇϱâ À§ÇÏ¿© base64 ¸ðµâµµ ¼³Ä¡ÇÕ´Ï´Ù) [¸ðµâ ´Ù¿î·Îµå] ¡¡¡¡http://www.cpan.org/authors/id/G/GA/GAAS/MIME-Base64-3.00.tar.gz ¡¡¡¡http://www.cpan.org/authors/id/C/CY/CYING/Sendmail-Milter-0.18.tar.gz [Base64 ¸ðµâ ¼³Ä¡] ¡¡¡¡# tar xzvf MIME-Base64-3.00.tar.gz ¡¡¡¡# cd MIME-Base64-3.00 ¡¡¡¡# perl Makefile.PL ¡¡¡¡# make ¡¡¡¡# make install [Milter ¸ðµâ ¼³Ä¡] ¹Ýµå½Ã sendmail¼Ò½º ÄÄÆÄÀÏÀÌ ¸ÕÀú µÇ¾î ÀÖ¾î¾ß ÇÕ´Ï´Ù. ¡¡¡¡# tar xzvf Sendmail-Milter-0.18.tar.gz ¡¡¡¡# cd Sendmail-Milter-0.18 ¡¡¡¡# perl Makefile.PL /usr/src/redhat/BUILD/sendmail-8.12.8/ /usr/src/redhat/BUILD/sendmail-8.12.8/obj.Linux.2.4.20-8smp.i686/ ¡¡¡¡# make ¡¡¡¡# make install 3. ÀÌÁ¦ ÀڽŸ¸ÀÇ ¹ÐÅ͸¦ perl·Î ÀÛ¼ºÇÏ°Ú½À´Ï´Ù. [perl ½ºÅ©¸³Æ® »ý¼º] ¡¡¡¡# cd /etc/mail/ ¡¡¡¡# vi MyMilter.pl --------------------------8<------------------------------code : MyMilter.pl---- #!/usr/bin/perl use Sendmail::Milter; use Socket; use MIME::Base64; sub connect_callback { my ($ctx, $hostname, $sockaddr_in) = @_; print "[connect] hostname: '$hostname'\n"; return SMFIS_CONTINUE; } sub helo_callback { my ($ctx, $helohost) = @_; print " [helo] helohost: '$helohost'\n"; return SMFIS_CONTINUE; } sub envfrom_callback { my ($ctx, $from, @args) = @_; print " [envfrom] args: '$from','" . join("','", @args) . "'\n"; # ÀÍ¸í ¼Û½ÅÀÚ Á¦°Å if ($from !~ /.*\@.*/) { print(" ! from nobody: $from\n"); return SMFIS_REJECT; } return SMFIS_CONTINUE; } sub envrcpt_callback { my ($ctx, $rcpt, @args) = @_; print " [envrcpt] args: '$rcpt','" . join("','", @args) . "'\n"; # ÀÍ¸í ¼ö½ÅÀÚ Á¦°Å if ($rcpt !~ /.*\@.*/) { print(" ! rcpt nobody: $rcpt\n"); return SMFIS_REJECT; } return SMFIS_CONTINUE; } sub check_subject { my ($subject) = @_; # ±¤°í ¹× È«º¸ Á¦°Å if ($subject =~ /[[(< ({].*(±¤.*°í|È«.*º¸).*[])>) }]/) { print(" ! ad: $subject\n"); return "bad"; } # Æ÷¸£³ë Á¦°Å if ($subject =~ /.*(Æ÷¸£³ë|porno).*/) { print(" ! porno: $subject\n"); return "bad"; } return "good"; } sub header_callback { my ($ctx, $headerf, $headerv) = @_; # Subject: Çì´õÀÎ °æ¿ì. if ($headerf eq "Subject") { $chk = &check_subject($headerv); if ($chk eq "bad") { return SMFIS_REJECT; } # base64 µðÄÚµùÀ» ¼öÇà @decoded = split(/[\?+\n+ +\t+]/, $headerv); $headerv = ""; foreach (@decoded) { $headerv .= decode_base64($_); } $chk = &check_subject($headerv); if ($chk eq "bad") { return SMFIS_REJECT; } } return SMFIS_CONTINUE; } sub eoh_callback { my ($ctx) = @_; return SMFIS_CONTINUE; } sub check_body { my ($body) = @_; # º»¹® ±¤°í üũ : Á¤º¸Åë½ÅºÎ if ($body =~ /Á¤º¸Åë½ÅºÎ *±Ç°í *»çÇ׿¡ *ÀÇ°Å/) { print(" ! ad: Á¤º¸Åë½ÅºÎ ±Ç°í »çÇ׿¡ ÀÇ°ÅÇÑ ³»¿ë\n"); return "bad"; } return "good"; } sub body_callback { my ($ctx, $body_chunk, $len) = @_; print(" [body] length: $len\n"); # Àû´çÇÏÁö ¾ÊÀº ÷ºÎÆÄÀÏÀÌ ÀÖÀ»½Ã °ÅºÎ *.src, *.pif, *.bat, *.com @decoded = split(/[\r+\n+]/, $body_chunk); foreach (@decoded) { if ($_ =~ /name=\"?.*\.(scr|pif|bat|com)\"?/) { print(" ! virus?: $_\n"); return SMFIS_REJECT; } } $chk = &check_body($body_chunk); if ($chk eq "bad") { return SMFIS_REJECT; } # base64 µðÄÚµùÀ» ¼öÇà @decoded = split(/[\?+\r+\n+ +\t+]/, $body_chunk); $body_chunk = ""; foreach (@decoded) { $body_chunk .= decode_base64($_); } $chk = &check_body($body_chunk); if ($chk eq "bad") { return SMFIS_REJECT; } return SMFIS_CONTINUE; } sub eom_callback { my ($ctx) = @_; $ctx->addheader("X-MyMilter", "Spam,Virus Chk 1.01beta [Perl version]"); return SMFIS_CONTINUE; } sub abort_callback { my ($ctx) = @_; return SMFIS_CONTINUE; } sub close_callback { my ($ctx) = @_; return SMFIS_CONTINUE; } ############################################ # ÀÌÇÏÀÇ ÄÚµå´Â ¹ÐÅÍ ±âº» ÄÚµå·Î ¼öÁ¤ ºÒ°¡ # ############################################ my %my_callbacks = ( 'connect' => \&connect_callback, 'helo' => \&helo_callback, 'envfrom' => \&envfrom_callback, 'envrcpt' => \&envrcpt_callback, 'header' => \&header_callback, 'eoh' => \&eoh_callback, 'body' => \&body_callback, 'eom' => \&eom_callback, 'abort' => \&abort_callback, 'close' => \&close_callback, ); BEGIN: { if (scalar(@ARGV) < 2) { print "Usage: perl $0 À§ÀÇ ÄÚµå´Â ¾î´ÀºÐÀÌ milter¿¡ ´ëÇØ ¼³¸íÇØÁֽŠ°÷¿¡¼ ±×´ë·Î °¡Á®´Ù°¡ ¸î°¡Áö¸¸ ¼öÁ¤ÇÑ °ÍÀÔ´Ï´Ù. (Á¤È®È÷ ¾îµòÁø ±â¾ïÀÌ °¡¹°..) 4. sendmail¿¡¼ ¹æ±Ý ¸¸µç ¹ÐÅ͸¦ »ç¿ëÇϵµ·Ï ¼³Á¤ÇÕ´Ï´Ù. [sendmail.mc ¼öÁ¤] ¡¡¡¡# vi /etc/mail/sendmail.mc ¡¡¡¡¡¡¡¡-´ÙÀ½À» ¸¶Áö¸·¿¡ Ãß°¡----------- ¡¡¡¡¡¡¡¡INPUT_MAIL_FILTER(`MyMilter', `S=local:/var/run/mymilter.sock')dnl ¡¡¡¡¡¡¡¡-------------------------------- ¡¡¡¡# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf [sendmail Àç½ÃÀÛ] ¡¡¡¡# /etc/init.d/sendmail restart 5. Å×½ºÆ®¸¦ À§ÇØ ¹ÐÅ͸¦ ½ÇÇà½ÃÄÑ º¾´Ï´Ù. [perl·Î ¹ÐÅÍ ½ÇÇà] ¡¡¡¡# perl /etc/mail/MyMilter.pl MyMilter /etc/mail/sendmail.cf [¹é±×¶ó¿îµå ½ÇÇà½Ã ÇÁ·Î¼¼½º È®ÀÎ] : Ưº°È÷ ½ÇÇàÇÏ´Â perlÀÌ ¾ø´Ù¸é Çϳª¸¸ º¸Àϲ®´Ï´Ù. ¡¡¡¡# ps -Al | grep perl »øÇàµÈ »óÅ¿¡¼ ÀÌ·± Àú·± ¸ÞÀÏÀ» º¸³» º¾´Ï´Ù. ±×·¯¸é ¸ÞÀÏ Çϳª¸¶´Ù ȸ鿡 ÂïÈú²®´Ï´Ù. Outlook Express¶ó¸é ¹ÞÀº ¸ÞÀÏ¿¡ '¼Ó¼º'->'ÀÚ¼¼È÷'Çغ¸¸é Á¦ÀÏ ³¡¿¡ 'X-MyMilter'¶ó´Â ³»¿ëÀÌ ºÙ¾î ÀÖ´Â °ÍÀÌ º¸ÀÏ°ÍÀÔ´Ï´Ù. ±×·¯¸é Á¤»óÀûÀ¸·Î ½ÇÇàµÈ °ÍÀÔ´Ï´Ù. 6. ÀçºÎÆÃÇÏ¸é ¹Ù·Î ¹é±×¶ó¿îµå·Î ½ÇÇàµÇ°Ô ÇսôÙ. [rc.local ¼öÁ¤] ¡¡¡¡# vi /etc/rc.local ¡¡¡¡¡¡¡¡-´ÙÀ½À» ¸¶Áö¸·¿¡ Ãß°¡----------- ¡¡¡¡¡¡¡¡perl /etc/mail/MyMilter.pl MyMilter /etc/mail/sendmail.cf & ¡¡¡¡¡¡¡¡-------------------------------- ´ÙÀ½ºÎÅÍ´Â ¹ÐÅÍ°¡ µ¿ÀÛÇÏ¸é¼ ³»¿ë¿¡ ´ëÇÑ °ÍÀ» tty1¿¡ Âï°ÔµË´Ï´Ù. ȸ鿡 ÂïÈ÷´Â°Ô ½ÈÀ¸¸é print¹®À» ÀüºÎ #À¸·Î ÁÖ¼®Ã³¸® ÇÏ½Ã¸é µÇ±¸¿ä. À§ÀÇ ¼Ò½º¸¸ »ìÆ캸½Ã¸é ¾ÆÁÖ ´Ù¾çÇÏ°Ô È°¿ëÇÒ ¼ö ÀÖÀ» °Í°°½À´Ï´Ù. ¿©·¯°³ÀÇ ¹ÐÅ͵µ »ç¿ëÀÌ °¡´ÉÇϱ¸¿ä.. sendmail.mc¿¡ µî·Ï½ÃŲ ¼ø¼´ë·Î ÀÛµ¿ÇÏ°Ô µË´Ï´Ù. ¹ÐÅÍ°¡ ¿©·¯°³À϶© 'mymilter.sock' <- ¿äºÎºÐÀÇ À̸§ÀÌ ´Ù ´Þ¶ó¾ß ÇÕ´Ï´Ù. ¸ÞÀÏÀÌ ÀÏ´Ü µµÂøÇϸé Á¦ÀÏ ¸ÕÀú milter¿¡°Ô ¼ö½Å ¿©ºÎ¸¦ ¹¯´Â´Ù°í ÇÏ´Ï ÀúÀåµÇ±âµµ Àü¿¡ Á¦ÀÏ ¸ÕÀú º¸°í Â÷´ÜÇÏ´Â °ÍÀ̶ó°í º¼ ¼ö ÀÖ½À´Ï´Ù. Á¦°¡ °ü¸®ÇÏ´Â ¼¹ö´Â ÀÌ¿ëÀÚ°¡ 20¸í Á» ¾ÈµÇ±â ¶§¹®¿¡ ÃæºÐÇÑ È¿°ú¸¦ º¸°í ÀÖ½À´Ï´Ù. ´ë±Ô¸ð¿¡¼±îÁö È¿À²ÀûÀÏÁö´Â ¸ð¸£°Ú±º¿ä. |
Ä¿ÇǴнº, ½Ã½ºÅÛ ¿£Áö´Ï¾îÀÇ ½°ÅÍ / URL : http://coffeenix.net/board_view.php?bd_code=189 |