新たなSPAM対策

最近また日本語のSPAMが届くようになったので、少し厳しくSPAM排除の設定を行うことにしました。

mcファイルの定義追加

FEATURE(dnsbl, `sbl.spamhaus.org', `"550 rejected, see sbl.spamhaus.org"')

cfを作ってsendmailの再起動

内容はメールサーバに届いたメールのIP及びドメインをspamhausのブラックリストデータベースから検索しメール配送を行わないという方法です。
下記のようなSpamAssassinでSpam-Levelの低いメールでもブラックリストに載っていれば配送されないのです。

Return-Path:
Received: from mail.hard-bank.net (NK218-187-44-124.static.apol.com.tw [218.187.44.124] (may be forged))
by gentooez8.momoso-net.com (SMTP) with SMTP id j8GIlQJM009860
for ; Sat, 17 Sep 2005 03:47:26 +0900
Received: (qmail 2045 invoked by uid 511); 16 Sep 2005 19:28:50 +0900
Date: 16 Sep 2005 19:28:50 +0900
Message-ID: <20050916102850.2044.qmail@mail.hard-bank.net>
From: info@hard-bank.net
To: xxxxxxxx@momoso-net.com
Ｓubject: ＸＸＸＸＸＸＸＸＸＸ
X-Spam-Checker-Version: SpamAssassin 3.0.4-gr0 (2005-06-05) on
gentooez8.momoso-net.com
X-Spam-Level: ****
X-Spam-Status: No, score=4.4 required=5.0 tests=ALL_TRUSTED,
DATE_IN_PAST_06_12,NO_REAL_NAME,RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL,
SUBJ_ILLEGAL_CHARS,URIBL_JP_SURBL,URIBL_SBL autolearn=no
version=3.0.4-gr0
X-UIDL: ]VM"!'PM!!M2@!!daO!!
Status: U

From - Sun Sep 18 08:03:44 2005
X-Account-Key: account2
X-UIDL: 03O!!L;Y!!fU3"!SU<"!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path:
Received: from mail.s-koba.com ([220.229.241.97])
by gentooez8.momoso-net.com (SMTP) with SMTP id j8HBZIwY008978
for ; Sat, 17 Sep 2005 20:35:19 +0900
Received: (qmail 30538 invoked by uid 510); 17 Sep 2005 17:53:45 +0900
Date: 17 Sep 2005 17:53:45 +0900
Message-ID: <20050917085345.30536.qmail@mail.s-koba.com>
From: info@s-koba.com
To: xxxxxxxx@momoso-net.com
Ｓubject: ＸＸＸＸＸＸＸＸＸＸ
X-Spam-Checker-Version: SpamAssassin 3.0.4-gr0 (2005-06-05) on
gentooez8.momoso-net.com
X-Spam-Level: *
X-Spam-Status: No, score=1.7 required=5.0 tests=ALL_TRUSTED,NO_REAL_NAME,
PLING_QUERY,SUBJ_ILLEGAL_CHARS,URIBL_SBL autolearn=no
version=3.0.4-gr0
X-UIDL: 03O!!L;Y!!fU3"!SU<"!
Status: RO

From - Sun Sep 18 08:03:44 2005
X-Account-Key: account2
X-UIDL: GiS"!ADA!!f#E!!F9%#!
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path:
Received: from mail.space-d.com ([220.229.241.209])
by gentooez8.momoso-net.com (SMTP) with SMTP id j8HIdEKZ011463
for ; Sun, 18 Sep 2005 03:39:14 +0900
Received: (qmail 8830 invoked by uid 510); 17 Sep 2005 23:18:29 +0900
Date: 17 Sep 2005 23:18:29 +0900
Message-ID: <20050917141829.8829.qmail@mail.space-d.com>
From: info@space-d.com
To: xxxxxxxx@momoso-net.com
Ｓubject: ＸＸＸＸＸＸＸＸＸＸ
X-Spam-Checker-Version: SpamAssassin 3.0.4-gr0 (2005-06-05) on
gentooez8.momoso-net.com
X-Spam-Level: **
X-Spam-Status: No, score=2.4 required=5.0 tests=ALL_TRUSTED,NO_REAL_NAME,
SUBJ_ILLEGAL_CHARS,URIBL_JP_SURBL,URIBL_SBL autolearn=no
version=3.0.4-gr0
X-UIDL: GiS"!ADA!!f#E!!F9%#!
Status: U

こんなメールがこんなかんじにrejectされます。

Sep 18 13:53:54 gentooez8 sm-mta[28827]: ruleset=check_relay, arg1=[220.229.241.131], arg2=127.0.0.2, relay=[220.2
29.241.131], reject=550 5.7.1 Email rejected - see sbl.spamhaus.org
Sep 18 14:22:36 gentooez8 sm-mta[28979]: ruleset=check_relay, arg1=[220.230.101.126], arg2=127.0.0.2, relay=[220.2
30.101.126], reject=550 5.7.1 Email rejected - see sbl.spamhaus.org
Sep 18 22:10:58 gentooez8 sm-mta[31642]: ruleset=check_relay, arg1=[211.106.152.186], arg2=127.0.0.2, relay=[211.1
06.152.186], reject=550 5.7.1 Email rejected - see sbl.spamhaus.org
Sep 18 22:10:58 gentooez8 sm-mta[31643]: ruleset=check_relay, arg1=[211.106.152.186], arg2=127.0.0.2, relay=[211.1
06.152.186], reject=550 5.7.1 Email rejected - see sbl.spamhaus.org