qmail+spamassassin启用spf过滤-白红宇

qmail+spamassassin启用spf过滤

阅读量：5968 次

发布时间：2019-06-19

本文共 3348 字，大约阅读时间需要 11 分钟。

先检测是否支持spf模块

[root@localhost ~]# sa-update -D[13454] dbg: logger: adding facilities: all[13454] dbg: logger: logging level is DBG[13454] dbg: generic: SpamAssassin version 3.2.0[13454] dbg: config: score set 0 chosen.[13454] dbg: dns: no ipv6[13454] dbg: dns: is Net::DNS::Resolver available? yes[13454] dbg: dns: Net::DNS version: 0.59[13454] dbg: generic: sa-update version svn523403[13454] dbg: generic: using update directory: /var/lib/spamassassin/3.002000[13454] dbg: diag: perl platform: 5.008008 linux[13454] dbg: diag: module installed: Digest::SHA1, version 2.11[13454] dbg: diag: module installed: HTML::Parser, version 3.55[13454] dbg: diag: module installed: Net::DNS, version 0.59[13454] dbg: diag: module installed: MIME::Base64, version 3.07[13454] dbg: diag: module installed: DB_File, version 1.814[13454] dbg: diag: module installed: Net::SMTP, version 2.29[13454] dbg: diag: module not installed: Mail::SPF ('require' failed)[13454] dbg: diag: module not installed: Mail::SPF::Query ('require' failed)[13454] dbg: diag: module not installed: IP::Country::Fast ('require' failed)[13454] dbg: diag: module not installed: Razor2::Client::Agent ('require' failed)[13454] dbg: diag: module not installed: Net::Ident ('require' failed)

这提示odule not installed: Mail::SPF ('require' failed)，表示没安装spf模块，先安装

[root@localhost ~]# yum install epel-release -y[root@localhost ~]# yum install perl-Mail-SPF perl-Mail-SPF-Query -y[root@localhost ~]# sa-update -D[19738] dbg: logger: adding facilities: all[19738] dbg: logger: logging level is DBG[19738] dbg: generic: SpamAssassin version 3.2.0[19738] dbg: config: score set 0 chosen.[19738] dbg: dns: no ipv6[19738] dbg: dns: is Net::DNS::Resolver available? yes[19738] dbg: dns: Net::DNS version: 0.59[19738] dbg: generic: sa-update version svn523403[19738] dbg: generic: using update directory: /var/lib/spamassassin/3.002000[19738] dbg: diag: perl platform: 5.008008 linux[19738] dbg: diag: module installed: Digest::SHA1, version 2.11[19738] dbg: diag: module installed: HTML::Parser, version 3.55[19738] dbg: diag: module installed: Net::DNS, version 0.59[19738] dbg: diag: module installed: MIME::Base64, version 3.07[19738] dbg: diag: module installed: DB_File, version 1.814[19738] dbg: diag: module installed: Net::SMTP, version 2.29[19738] dbg: diag: module installed: Mail::SPF, version v2.007[19738] dbg: diag: module installed: Mail::SPF::Query, version 1.999001

现在查看已经安装了，下面添加spf评分并测试

trusted_networks 127.0.0.1   #信任的IP地址envelope_sender_header Fromscore SPF_PASS -1score SPF_FAIL 200score SPF_SOFTFAIL 200

[root@localhost ~]# spamassassin -D

测试已经生效，重启spamassassin即可

注意，如果测试spf检测未通过，提示

[5033] dbg: spf: query for /118.244.232.82/localhost.localdomain: result: none, comment: , text: No applicable sender policy available[5033] dbg: spf: already checked for Received-SPF headers, proceeding with DNS based checks[5033] dbg: spf: cannot get Envelope-From, cannot use SPF[5033] dbg: spf: def_spf_whitelist_from: already checked spf and didn't get pass, skipping whitelist check[5033] dbg: spf: whitelist_from_spf: already checked spf and didn't get pass, skipping whitelist check

这个错误就要检查 envelope_sender_header From 这行参数是否正确信头的白名单检查按照如下顺序：如果信头设置了 Resent-From 地址，那么就检查它；否则检查来自下列信头的全部地址： Envelope-Sender Resent-Sender X-Envelope-From From

转载于:https://my.oschina.net/hxily/blog/668223

你可能感兴趣的文章