1583
Comment:
|
1285
|
Deletions are marked like this. | Additions are marked like this. |
Line 2: | Line 2: |
Line 4: | Line 3: |
Line 6: | Line 4: |
Line 12: | Line 9: |
After installation config generator used to setup. http://www.yrex.com/spam/spamconfig.php |
After installation config generator used to setup. http://www.yrex.com/spam/spamconfig.php |
Line 17: | Line 12: |
Training spamassassin bayesian filter for spam and ham rules. http://spamassassin.apache.org/full/3.0.x/dist/doc/sa-learn.html | |
Line 18: | Line 14: |
Training spamassassin bayesian filter for spam and ham rules. http://spamassassin.apache.org/full/3.0.x/dist/doc/sa-learn.html |
==== Rulesets ==== After install, config and training we installed the applicable rulesets to our installation to catch more spam. http://wiki.apache.org/spamassassin/CustomRulesets |
Line 22: | Line 20: |
We used SELinux as our firewall and setup iptables opening the following ports needed by default for Zimbra and Snort | |
Line 23: | Line 22: |
Standard Zimbra ports SMTP 25 tcp HTTP 80 tcp POP3 110 tcp IMAP 143 tcp should probably be limited by a firewall to your local network only LDAP 389 tcp HTTPS 443 tcp SMTPS 465 tcp IMAPS 993 tcp POP3S 995 tcp (Admin Interface) 7071 tcp This is the should probably be limited by a firewall to your local network only LMTP 7025 tcp should probably be limited by a firewall to your local network only |
. [[attachment:Firewall Ports Needed.docx]] |
Line 36: | Line 24: |
==== Next on list to do ==== Next we would like to setup some dummy mx records that lead to no where, that way spam emailers will give up after first try of not being able to connect. |
|
Line 37: | Line 27: |
http://wiki.zimbra.com/index.php?title=Firewall_Configuration SNORT PORTS 21 FTP / TCP 23 TELNET / TCP 25 SMTP / TCP 42 HOST NAME SERVER 53 DNS 80 HTTP 110 POP3 111 SUN RPC 135 DCOM Service Control Manager 136 PROFILE Naming System 137 NetBIOS Name Services 139 NetBIOS Session Service 143 IMAP 445 Micro$oft Directory Services 513 Login – Remote Login a la telnet 514 syslog –Remote System Event Logging 1433 is used by Microsoft SQL Server 1521 Oracle connection 2401 if you are using the pserver authorization interface to CVS 3306 Common Use. Used by mySQL database server |
As seen here http://wiki.apache.org/spamassassin/OtherTricks and here [[http://blog.eukhost.com/webhosting/change-in-mx-record…/|http://blog.eukhost.com/webhosting/change-in-mx-record%E2%80%A6/]] |
Spam Control - Matt Zuehlke and Nick Zeller
SpamAssassin
Installation
Used to install and do basic configuration for test purposes
http://www.brennan.id.au/12-Sendmail_Server.html#spam
Config
After installation config generator used to setup. http://www.yrex.com/spam/spamconfig.php
Spam and Ham Training
Training spamassassin bayesian filter for spam and ham rules. http://spamassassin.apache.org/full/3.0.x/dist/doc/sa-learn.html
Rulesets
After install, config and training we installed the applicable rulesets to our installation to catch more spam.
http://wiki.apache.org/spamassassin/CustomRulesets
Ports requested by Zimbra and Snort
We used SELinux as our firewall and setup iptables opening the following ports needed by default for Zimbra and Snort
Next on list to do
Next we would like to setup some dummy mx records that lead to no where, that way spam emailers will give up after first try of not being able to connect.
As seen here http://wiki.apache.org/spamassassin/OtherTricks and here http://blog.eukhost.com/webhosting/change-in-mx-record%E2%80%A6/