======================================================================
Part4 ǥᥤ뤫ݸ
======================================================================

ԤˤȤäơᥤ륵ФϺǽ֤ޤǤζϫϷפΤ줺礭
ʬ٤ޤưƤޤаꤷӥǤδ
֤ϾǤᥤ륵Фư³Ƥȡ
Τ褦ʶϤϤ

  ֤ͤͤǶ䤿饹ѥब¿ɡȤʤʤ?

ºȤơǥᥤSMTPȾƤ롣̥桼Ȥ
ᥤɤ֤Ⱦʬʾ򥹥ѥ̤䤷ԤȤLANδ
ŰPC˴륹Ȥɤư̵̤ˤ
ﳲԡפ³Ƥ롣Part4ǤŻҥᥤ򶼤󥿡ͥ
ȤΡָ¡פȤ⤤ǥᥤ뤫鼫ȤˡҲ𤷤Ƥ



 ǥᥤк


Żҥᥤδ

ƻפϤϫϤڸƤ롣Ʊˡ
Ưʹ֤ϫϤڸ롣ŻҥᥤϤκǤΤǡɬ
ȤƼƤᥤפ¿ꤿ
ǥᥤפΤۤΨ礭ȤᤷˤʤäƤ롣

Τǡܤ̤ʤйԤʤᥤפ̤ǥᥤ
䤹ʤꡢ߳ʥߥ˥˳ۤɤˤʤäƤ롣
Ǥϡǥᥤ

  * UBE(Unsolicited Bulk Email; ˾ޤʤemail)spam
  * 륹˴Windows-PCФޤ륹
    (ǤϥƱʬȤ)

2Ĥʬơ줾˸Ūʡּкפͤ褦

־ɽޤ

  ʤβȤθƤ뤬ĤäɤʤǤȿҤͤ顢

	־ɽޤߤǤ

  ֻäʤϥɥ򳫤ʿͤʤ顢Ф˳
  ʤɽΡפ̾ä餽ϾòдβꡢȤ
  μȤƻäƤòд˸¤餺ɥ򳫤˷
  Ǥ벡ϤǤ⤢롣ɥϰٳƤޤä顢Ǥ
  ƵΤˤʤϤϲ񤹤롣

  ƱȤǥᥤˤ롣꤬ɤΤ褦̾äĴ٤
  ǡ줬ꤿΤǥᥤʤΤȽ̤ۤȤɲǽ
  Ǥ롣ǥᥤƤ븽ߤǤϡ99%ɥ򳫤
  ޤSMTPåʸʳǤȽ̤Ǥ롣

ǥᥤкμ

кͤˡߤSMTPλȤߤñ򤷤Ƥɬפ롣
ᥤǤʤˤ餺ƤŻҥᥤSMTPФϤ롣

  +--+                                             +--+
  ||  (1)HELO				   ||
  ||       HELO mail.example.com           ||
  ||   250 ok ()		   ||
  ||  (2)envelope-from			   ||
  ||       MAIL FROM: <taro@example.com>   ||
  ||   250 ok				   |  |
  |  |  (3)Recipient address		   |  |
  |  |       RCPT TO: <jiro@example.net>     |  |
  |  |   250 ok				   |  |
  |  |  (4)ǡ			   |  |
  |  |       DATA			         |  |
  |  |   354 ok				   |  |
  |  |  (5)åΤ			   |  |
  |  |        إåʸΤи	         |  |
  |  |        ԥꥪɤΤߤιԤ		   |  |
  |  |   250 ok			         |  |
  +--+                                             +--+

SMTPǤϥåΤФˡ饤¦3ĤΥѥ᡼
롣饤ȼ̾(HELO)ºݤԤΥɥ쥹(MAIL FROM)
ºݤμԤΥɥ쥹(RCPT TO)Ǥ롣


ƱǥᥤפǤspamȥ륹Τȼʤ礭ۤʤ롣
spamϸդäԤ̤ΥåȿŪĤ롣
褦ʹ԰٤ػߤƤ뤳ȤΤäƤΤǡᥤˡ
οȸ餫ˤʤ褦Ϥʤ΢֤ƤСȸ򱣤
ꡢ¤ꤷƤ륯饤ȤspamǤ뤫뤤ϾʤȤ
ͤΤʤᥤǤȤȽǤ롣ĤޤꡢSMTP³3ѥ᡼
ȡ饤ȤIPɥ쥹ȤäŪǤˤäƼݤȽ
ȤǤ롣

äݤ륹ϰդΤʤѼԤPC̣־üס
ѼԤξѤƤᥤ꡼򥦥륹˼ưƤ
Ԥθ¤ǥ륹ᥤ뤬¿ĤޤꡢΤϤ
Υ桼̤ѤƤץХSMTPФȤʤ뤳Ȥ¿
ǡSMTP³Υѥ᡼򸫤ǤϤ줬ǥᥤ뤫ɤȽǤ
ʤȤ¿å򤤤äꡢʸ򸫤źդ줿ե
뤬Υѥ˥ޥå뤫ɤĴ٤ɬפ롣ΤΥᥤ륦
륹кեȤʤɤϤ롣

ʾΤȤդޤȡǥᥤפɤʤˤ2Ĥͤ
롣
	* SMTPåե륿

	  SMTP饤ȤIPɥ쥹SMTPå3ѥ᡼
	  򸵤˼ε/ԵĤȽꤹ롣ȽǤʤ
	  ФCPU٤㤤spamʬֿȸβפ
	  ΤϵݤǤ뤬ֿȸγΤʡ򤹤Τɤʤ
	  SMTPʳǵݤΤǡ顼ǥᥤ(뤤
	  Ѽ)Υ饤Ȥ֤롣

	* ƥĥե륿

	  åʸŪѥȹʤɤμˡǲϤ
	  桼뤫ꤹ롣ʸʾ⤢Τǰ
	  Ū˥ФCPU٤˳ݤ롣SMTP٥ǤϤä
	  ꤬λƤޤΤǡƤ饤Ȥ˥顼
	  ֤ʤ֤ƤϤʤ ۡ

---[ ]------------------------------------------------------------
ǥᥤ Envelope-from ϤۤȤɤΤ줿ΤʤΤǡΰ
顼֤Ƥ̵¤οͤ˰̣ΤʤݡȤϤǤꡢ켫Τ
ǥᥤȤʤ롣äơƥĥե륿 Envelope-from ˥顼
(Х)֤ƤϤʤʤȿ륳ƥĥե륿ϻǰʤ¿
----------------------------------------------------------------------

㳰Ϥ뤬SMTPåե륿spamӽΤͭǤꡢ
ƥĥե륿ϥ륹ͭǤ롣ƥĥե륿ư
٤̵ǤʤˤʤäƤ뤿ᡢSMTPåե륿Ǥ
餫ʬǥᥤƤȤĤäΤ򥳥ƥĥե륿
ƥȢ˼ΤƤ롢ȤΨŪȤ롣

Part3ȾǤSMTPåե륿ˤĤƲ⤷Ⱦǥƥĥե
륿ΰǤ Qmail-Scanner ˤĤƲ⤹롣

SMTPåե륿

2002ǯꡢɮԤϼʬαѤƤᥤɥᥤ󰸤Ϥspamˤ
Ϥ᤿褤Ѥڤʤʤä2002ǯ12 qmail-smptd ˽
SMTPåΥѥ᡼򸵤ˡ餫ספʬ륯
ȤФSMTP顼(SMTP5xx)֤ݤ
뵡ǽʸ塢±ѤǤȽӤ򸵤˲ɤŤͤΤ qmail
patches ۤǤ롣μˡͭǧǤȤ顢
qmail ʳMTAǤƱͤμˡѤǤ褦˿˳ȯΤ
Ҳ𤹤 antibadmail Ǥ롣
---[ ]------------------------------------------------------------
http://www.gentei.org/~yuuji/software/qmpatch/
----------------------------------------------------------------------

ʤantibadmailϳȯ֤ʤΤǡqmailʳȤȤ߹碌Ǥư
ӤʤǤ롣줫MTASMTP饤ȤȤ̿Զ
ĤäϤưˤ˶Ϥĺ

ޤantibadmailιԤʤäƤݤεưˤϡ̩ˤRFCȿȤʤ
ʬ롣˴ŤRFC򤢤̤ǽ餹Τ
Ԥ¿ʤäƤޤäߤǤϤäƤʤդ(
Ǥ)ԤˤϤޤˤ餺ǤʤΤϿȤ뤿εư
ԤʤȤΤantibadmailΥݥꥷȤʤäƤ롣


  antibadmailγ

  antibadmailSMTP饤(ۥ)ȡSMTP()
  Ȥδ֤ꡢ饤Ȥä褿åѥ᡼
  Ʊˡ򸡺ڿ ϡۡơ줬ǥᥤ
  ŵŪ˸ͤȽꤷȤˤϥ饤ȤSMTP "DATA" 
  ޥɤSMTP顼ɤꡢݤ롣
---[ ]------------------------------------------------------------

  +------+					+------+
  | SMTP |					| SMTP |
  |    |           +-------------+		|    |
  | 	 |  -------  | antibadmail | ---------> |    |
  | 	 |           |             |		|    |
  | 	 |  <------  |		   | ---------	|      |
  | 	 |	     +-------------+		|      |
  | 	 |					|      |
  +------+					+------+
 
----------------------------------------------------------------------

  antibadmailϥФƱۥȤưƤɤ̤ΥۥȤǤɤ
  ε/ԵĤϰʲδŬѤƷꤹ(ȴ)

	* 饤ȥۥȤDNSϿԷ
	* 饤ȤIPɥ쥹֥åꥹȤϿƤ뤫
	* HELOä褿̾Ǥᤫ
	* MAIL FROMǤᤫ
	* MAIL FROM֥åꥹȤϿƤ뤫
	* RCPT TO֥åꥹȤϿƤ뤫

  εݺΤ֥֥åꥹȡפȽ񤫤ƤΤϴԤ
  ꤷǡ١򻲾ȤΤǡȤԹ˹碌꤬Ǥ롣
  ޤɮԤ餬ȼ˴Ƥ֥åꥹȥǡ١Ѥ뤳
  ȤǤ롣

  ˡ֥åꥹȤ˥ޥåΤΰȽʤ
  Ĥ褦ˤ뤿Ρ֥ۥ磻ȥꥹȡפϿǤ褦ˤʤäƤ롣

  antibadmailƳ

  antibadmailƳϡʲμǿʤ롣

	1. ucspi-tcp(tcpserver)Υѥ&󥹥ȡ
	2. antibadmailΤΥѥ&󥹥ȡ
	3. ¸SMTPǡΥå
	4. ݥǡ١δ

  ޤϡantibadmailΤΤߤƳ(13)ơư뤫γ
  ǧޤǺѤޤ褦ǤϡantibadmailƳͽSMTPФʲ
  ǤΤȤ롣

  -------------------------------------
   ۥ̾		mail.ymzk.org
   IPɥ쥹		192.168.0.25
   LANΥɥ쥹	192.168.0.0/24
  -------------------------------------

  (1) ucspi-tcp(tcpserver)Υѥ&󥹥ȡ
      =============================================

  ucspi-tcpϡqmailǤѤƤTCP³Ūʥ󥿥եǼ
  갷Υġ뷲Ǥ롣antibadmailǤϡucspi-tcpġ뷲Τ
  3ĤѤ롣

	* tcpserver

	  TCPݡȤؤ³롣IPɥ쥹ۥ̾١
	  ³ε/ԵĤꤷºݤΥǡץư
	  롣륹ѡǡ򤹤롣ưǡ˼
	  ϤĶѿǤantibadmailǤϤѤ롣

	* tcprules

	  TCP³饤ȤΥɥ쥹˱ơɤʵư򼨤Υ롼
	  եcdb ˡۤѴ桼ƥƥ롼ե
	  tcpserverѤ롣

	* mconnect

	  (MTAȤqmailʳѤɬ)
	  ⡼ȤSMTPФ³륳ޥɡϤSMTPФϤ
	  ФνϤɸϤ˽񤭽ФSMTPɬפʲԥɤ
	  Ѵǽޤޤ롣
---[ ]------------------------------------------------------------
®ǿι⤤󥹥ȥǡ١ȥߥå˹Ԥʤ
롢̤Υǡθ®Ȥħ롣ܺ٤ϡ
http://cr.yp.to/cdb.html ȡ
----------------------------------------------------------------------

  ucspi-tcp http://cr.yp.to/ucspi-tcp/install.html ˽񤫤Ƥ
  ˱äƥ󥹥ȡ뤹롣եȥΤ
  http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz ޤϡϿCD
  ˤΤǤŬʥǥ쥯ȥꥳԡ֤Ÿ롣

	# gzip -dc ucspi-tcp-0.88.tar.gz | tar xpf -

  ǤդfefeˤIPv6бѥå(IPv4ǤѲǽ)Ƥ ۡۡ
  ΥѥåƤȥ饤ޥ˥奢뤬ɲäΤIPv6Ѥ
  ƤƤͤ礭ѥåեCD-ROM˼Ͽ

	# bzip2 ucspi-tcp-0.88-ipv6.diff10.bz2 | patch -p0

---[ ]------------------------------------------------------------
fefeˤǿѥåϡdiff 14פΤޤޤǤ*BSDưʤ
ɮԤбѥåäΤֻʤäϺ̷ڸ
*BSDưǽŪˤ½ʤ diff 10 Ѥ롣
----------------------------------------------------------------------

  ǤդtcprulesǺ롼եantibadmailȤ߹
  碌Ȥˡ꤭٤Ԥʤ褦ˤ뤿ΥѥåƤ롣

	# patch -p0 < ut088fefe10-paranoid.diff

  Ѥ륳ѥ顢󥫡󥹥ȡǥ쥯ȥʤɤ conf-* ե
  ˽񤫤ƤΤǳǧɬפʤƥե1ܤ񤭴롣

	# cd ucspi-tcp-0.88
	# rm *.orig
	# head conf-*

  ǥեȤǤϡޥɷ /usr/local/bin ˥󥹥ȡ뤵
  ʤäƤ롣ܹƤǤ⡢/usr/local/bin ˥󥹥ȡ뤹ΤȤƲ
  롣

	# make && make setup check

  (2) antibadmailΤΥѥ&󥹥ȡ
      ========================================

  ʲURLˡܤɥȤΤǤ򻲹ͤˤʤ
  ʤߤ

	http://www.gentei.org/~yuuji/software/antibadmail/

  antibadmailcvsͳꤹ롣Ŭʥǥ쥯ȥ˰ưʲΥ
  ɤˤǿǤΥ롣

	% cvs -d :pserver:anonymous@yatex.org:/qmail co antibadmail

  ǥ쥯ȥ˰ưѥ&󥹥ȡ뤹롣

	# cd antibadmail
	# make all install

  make installˤɬפʥޥ antibadmail  f2d  /usr/local/bin
  ˥󥹥ȡ뤵롣antibadmailΥ󥹥ȡưεưꤹ
  뤿Υѥѿɽ ̡ۤ˼Makefile 

	CFLAGS  = -DSYSLOG -g

  ʬ

	CFLAGS  = -DSYSLOG -g -Dѿ=

  Ȥ뤳ȤǥȸͭͤѤ뤳ȤǤ롣

  ޤantibadmail ǤեǼǥ쥯ȥΥǥե
   /var/qmail/control ˤʤäƤ롣ϡѥѿ CONTROLDIR 
  ѹǤ롣ʤʲǤե֤ǥ쥯ȥ
  $CONTROLDIR ɽ ۡ
---[ ]------------------------------------------------------------
qmailήƧƤΤ antibadmail δǥ쥯ȥ
ǥեȤ /var/qmail/control Ѥ褦ˤʤäƤ뤬
qmailδեˤ¸Ƥʤ̤Υǥ쥯ȥѤ
⹽ʤǥեȤΥѥ֤ξǤ⡢
Ķѿ CONTROLDIR ̤Υǥ쥯ȥ֤̾
antibadmailưǤդΥǥ쥯ȥѹǽ
----------------------------------------------------------------------


---[ɽ ]------------------------------------------------------------
 antibadmailΥѥѿƯ

  ѿ		ǥե		̣
  CONTROLDIR	/var/qmail/control	ݥǡ١Ǽǥ
					ȥ
  LOG_FACI	LOG_LOCAL1		Ͽsyslogեƥ
----------------------------------------------------------------------


---[ netqmail-1.05]--------------------------------------------- 
ʸβǤϴ˲ưƤMTAΤȲꤷƤ뤬줫鿷
˥ᥤ륵Фۤ netqmail-1.05 ƳΤɤ

http://www.qmail.org/netqmail/

netqmailqmail-1.03˻ή˱ä¤Υѥå°djb
ǧΥѥåǤ롣 netqmail-1.05.tar.gz Ÿ
ǥ쥯ȥ˰ư

	# ./collate.sh
	# cd netqmail-1.05
	# make setup check

ˤꥤ󥹥ȡ뤬λ롣ˡ qmail-1.03 Ѥʤ
qmail-1.03ΤȤǥᥤкȤ

	* mfcheck patch(MAIL FROMǧ)
	  http://www.qmail.org/qmail-1.03-mfcheck.3.patch
	* badrcptto patch(ݤRCPTTObadrcptto˽񤱤)
	  http://patch.be/qmail/badrcptto.html

ʤɤΥѥåͭѤäantibadmailϤ뵡ǽޤ
뤿ᡢqmailΤˤƤǥᥤк׵ǽפǤ롣
ѥåäƤ϶礹ΤǤ򳰤ɤ
netqmail֤Ƥޤñ
----------------------------------------------------------------------

  (3) ¸SMTPǡΥå
      ==========================

  MTAȤqmailʳѤƤ

  ɸSMTPݡ(25)antibadmail˥åפ뤿ᡢ¸MTALISTENݡ
  Ȥ25ʳѹ롣ʲ5ĤμǹԤʤ

    i. ¸SMTPDΥݡֹѹ
       ---------------------------
  ȤSendmailξ sendmail.cf  DaemonPortOptions ʲΤ
  ѹǡƵư롣

	O DaemonPortOptions=Name=MTA
	
	O DaemonPortOptions=Name=MTA, Port=10025

  Ǥϥݡֹ10025ѹƤ롣ʲκȼǤ⡢
  SMTPǡΥݡֹ椬10025ǤȲꤹ롣
    %%
    %% Postfixξ?
    %%

   ii. antibadmailưѤΥ桼/롼פκ
       ----------------------------------------
  Τ antibadmail ø桼ǵư롣ΤΥ桼
  롣桼̾/롼̾ϲǤɤǤξȤ "abm" Ȥ
  ̾Ǻ롣

	(Linux/NetBSD/SunOSξ)
	# groupadd abm
	# useradd -g abm abm
	(FreeBSDξ)
	# pw groupadd abm
	# pw useradd abm -g abm

  iii. TCP³롼δܥեκ
       ---------------------------------

  (v)ǵưtcpserverΤΥ롼ե롣롼ե
  Ϥɤ֤Ƥɤ/etc/abm 

	롼եΥ  /etc/abm/smtp
	cdbѴ   /etc/abm/smtp.cdb

  Ȥե֤̾ΤȤ褦

	* ۥȤLANΥɥ쥹SMTP³Ͽꤹ
	* ¾Υ饤Ȥ³̤˵Ĥ

  ΤΥ롼եϡڥꥹ ءۤΤ褦˵Ҥ롣
---[ꥹ  /etc/abm/smtp]------------------------------------------
127.0.0.1:allow,RELAYCLIENT=""
192.168.0.:allow,RELAYCLIENT=""
all:allow
----------------------------------------------------------------------

  롼եcdbѴΤڤʤ褦ˡڥꥹ ȡۤƤ
  Makefile Ƥ
---[ꥹ  /etc/abm/Makefile]--------------------------------------
TCPRULES = /usr/local/bin/tcprules
smtp.cdb:  smtp
	cat smtp | ${TCPRULES} smtp.cdb smtp.tmp
----------------------------------------------------------------------

  /etc/abm ǥ쥯ȥ˰ư make ưcdbΥ롼ե
  롣

	# (cd /etc/abm; make)

   iv. SMTPǼ밸ɥᥤϿ
       --------------------------------
  ٤ɥᥤ󡢤ޤ̥ФΥȤʤäƤ
  ϥ졼٤ɥᥤ̾Ͽ롣ȤС륢ɥ쥹Ȥ
  foo.ymzk.org ̥Ф˥졼٤ɥ쥹Ȥ example.com 
  *.example.com ϡʲΤ褦ˤ롣

	# mkdir -p $CONTROLDIR     (ǥեȤǤ /var/qmail/control)
	# cd $CONTROLDIR
	# mkdir rcpthostsdir
	# cd rcpthostsdir
	# touch foo.ymzk.org example.com .example.com

  ɥᥤ̾Ʊ̾ζե롣ԥꥪɤǻϤޤΤϥ磻
  ɤ̣롣 rcpthostsdir/ ˤɥᥤ˥ޥå
  ΤRCPT TO˻ꤵ줿ϡѤȤƵݤ褦ˤʤ롣

  ޤ⤷ᥤ륵ФѤSMTPФȤƤѤ
  ϡSMTP-AUTH ʤɤƳ롣POP before SMTP Ѥ
  ϡĤФIPɥ쥹Υ˴ĶѿRELAYCLIENTå
  褦tcpserverΥ롼եưŪɤ ۡ
---[ ]------------------------------------------------------------
ŪĹʤΤǻ̤ǤϾά롣antibadmailۡڡ
abmusers-ML˲̤ߤ
----------------------------------------------------------------------

   
    v. tcpserverͳantibadmailεư
       --------------------------------

  ڥꥹ ۤΤ褦ʥ륹ץȤƥΥȥ
  ׻˵ư褦ˤ롣ꥹabmUIDסabmGIDפȤ
  ʬˤϤ줾 /etc/passwd, /etc/group ե abm ȥ3ե
  ɤ˵ϿIDֹ򵭽Ҥ롣

---[ꥹ  /etc/abm/start-abm.sh]----------------------------------
#!/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/bin:/usr/local/bin
UID=abmUID
GID=abmGID
exec env - \
PATH="$PATH" \
UID=$UID \
GID=$GID \
RELAYCHECK=1 \
tcpserver -x /etc/abm/smtp.cdb -p -U 0 25 \
antibadmail mconnect 192.168.0.25 10025
----------------------------------------------------------------------

  MTAȤqmailѤƤ

  qmailѤƤϴ qmail-smtpd εưץȤƥ
  Ϥ ۤʤΤǡץΡqmail-smtpdפʬ
  antibadmail qmail-smtpd ѹ롣ϰʲΤ褦ˤʤ롣

	[[ ¸Υץ() ]]
	PATH=/usr/local/bin:$PATH
	UID=qmaildUID \
	GID=qmaildGID \
	tcpserver -vR -c40 -p -U -x /somewhere/smtp.cdb 0 25 \
	  qmail-smtpd 2>&1

	[[ 񤭴Υץ ]]
	PATH=/usr/local/bin:$PATH
	UID=qmaildUID \
	GID=qmaildGID \
	tcpserver -vR -c40 -p -U -x /somewhere/smtp.cdb 0 25 \
	  antibadmail qmail-smtpd 2>&1
	  
	  ɲ
---[ ]------------------------------------------------------------
qmail-smptd εư̤ inetd ͳǹԤʤäƤϡε
daemontools+tcpserver Ǥεưѹ뤳Ȥ򤪴᤹롣daemontools 
tcpserverˤ뵯ưˤĤƤܻ2002ǯ7 PartII ޤϡ
http://www.gentei.org/~yuuji/support/uu/200207/part2.html
򻲾ȡ
----------------------------------------------------------------------

  ޤ qmail-smtpd εư tcpserver ѤƤʤäϡ
  qmailʳMTAѤƤפ˽񤫤Ƥ̤˽롼ե
  롣

		-	-	-	-	-

  ʾ antibadmail δϴλǤ롣ǥᥤεݥꥹȥǡ
  ١̵֤Ǥ⡢Ūʵ꤬ƯޤϡΥۥ
  ȤᥤƤߤƤޤǤɤᥤ뤬夹뤫ǧ롣

  ƥεϿ

  SMTP³׵ФantibadmailåμĤݤ
  εϿϥǥեȤsyslogͳǽ񤭹ޤ롣ǥեȤΤޤޥ
  뤷 /etc/syslog.conf ˰ʲΥȥɲä롣

	local1.info			/var/log/smtp-stat
	(뤤ɤäȤդ)

  ե syslogd HUPʥ롣

	# touch /var/log/smtp-stat
  	# killall -1 syslogd		(FreeBSDξ)
  	# pkill -1 syslogd		(Linux/NetBSD/Solarisξ)

  礭ʤäե۴Ĥ뤿Ƥɤ
  newsyslogѤƤ륷ƥξ(*BSD)ϡ/etc/newsyslog.conf 
  logrotateѤƤ륷ƥξ(Linux) /etc/logroate.conf 
  logadmѤƤ륷ƥξ(Solaris)ξ
  /etc/logadm.conf Ŭ롣
  %%% Խ: ĹʤΤǾάǤɤrotate꤬뤫
  %%% 餹̣ǤΥѥ饰դϻĤɤȻפޤ

  ǥᥤݥǡ١ι

  antibadmail̤ưʲ4ĤδǼݤꤹ롣

	* HELOѥ᡼Υ֥åꥹ

	  - $CONTROLDIR/badhelodir/ Ͽ
	  -localhost.localdomainפΤ褦Ǥʤᥤ륵Ф
	   ŵŪʤΤ䡢hotmail.comФǤʤΤ
	   hotmail.comפ̾ä뱳HELOʤɤϿ롣

	* MAIL FROMѥ᡼Υ֥åꥹ

	  - $CONTROLDIR/badmailfromdir/ Ͽ
	  - ꤿʤ(MAIL FROM)ɥ쥹Ͽ롣
	    Τ䤹 @hotmail.com ʤɤϿ롣

	* RCPT TOѥ᡼Υ֥åꥹ

	  - $CONTROLDIR/badrcpttodir/ Ͽ
	  - ¨¤˵ݤ(RCPT TO)ɥ쥹Ͽ롣

	* 饤ȥɥ쥹ˤ֥åꥹ

	  - tcpserverΥ롼ե(/etc/abm/smtp)Ͽ
	  - ŵŪspamȯ֥åФꤷɥ쥹󥸡ޤ
	    ɥᥤ̾ΤǼݤΤϿ롣


  SMTP3ѥ᡼Υ֥åꥹ

  HELO/MAIL FROM/RCPT TO 3ѥ᡼εݥǡ١ϡdatadir
  Ͽ롣륨ȥ x ǡ١ϿȤϳǥ쥯
  ȥ x Ȥ̾Υե(ɤ)롣ʲ˶򼨤

  HELO localhost.localdomain ݤ
	 $CONTROLDIR/badhelodir/localhost.localdomain ե

  HELO *.example.com ݤ(*Ǥ)
	 $CONTROLDIR/badhelodir/.example.com ե

  MAIL FROM *@hotmail.com ݤ(*Ǥ)
	 $CONTROLDIR/badmailfromdir/@hotmail.com ե

  RCPT TO sales@ymzk.org ݤ
	 $CONTROLDIR/badrcpttodir/sales@ymzk.org ե

  饤ȥɥ쥹˴Ť/

  饤ȤΥɥ쥹˴ŤݤtcpserverѤΥ롼ե˵
  롣Υ饤ȤФưʲδĶѿꤹ뤳ȤǼ
  Ĥ뤫ݤ뤫ȽǤ롣

	 Ķѿ		ͤΰ̣
	---------------------------------------------------------------------
	 BADHOST		åȤƤе
	 REQPTR			åȤƤ硢饤IPɥ
				PTR쥳ɤϿƤʤ
				еݤ
	 GOODMAILFROM		MAIL FROMͤ˹פϤȤ
				MAIL FROM֥åꥹȤ˺ܤäƤƤ
	 PASSONLY		MAIL FROMͤ˰פʤϵ
	 GOODHELO		HELOͤ˹פϤȤ
				HELO֥åꥹȤ˺ܤäƤƤ
	 RELAYCLIENT		Ƥˤƿꤹ(٤ߥʳ
				ϼĤ)
	 RELIABLECLIENT		RELAYCLIENTƱ
	---------------------------------------------------------------------

  ʲˡ/etc/abm/smtp եˤɤΤ褦ʹԤɲä뤫ζ򼨤

    *.adsl.example.net ΥᥤƼ(*Ǥ)
  	
	=.adsl.example.net:allow,BADHOST=""

    10.0.0.*  10.0.2.*10.0.5.* ΥᥤPTR쥳ɤ׵
  	
	10.0.0.:allow,REQPTR=""
	10.0.2-5.:allow,REQPTR=""

    *.msn.com 褿 MAIL FROM  *@msn.com
    ޤ *@*.msn.com Υᥤϵݤʤ
    (: $CONTROLDIR/badmailfromdir/  @msn.com  .msn.com Ƥ)
	
	=.msn.com:allow,GOODMAILFROM="@msn.com/.msn.com"

    oldmail.ymzk.org  MAIL FROM  *@ymzk.org *@*.ymzk.org 
    ʤ(ʳƵ)
	
	=oldmail.ymzk.org:allow,PASSONLY="@ymzk.org/.ymzk.org"

    *.docomo.ne.jp  HELO docomo.ne.jp äƤݤʤ
    (: $CONTROLDIR/badhelodir/  docomo.ne.jp  Ƥ)
	
	=.docomo.ne.jp:allow,GOODHELO="docomo.ne.jp"

    *.tomodachi.example.org MTA꤬ܥܤ륹
    ä뤬Ū˼Ĥ
	
	=.tomodachi.example.org:allow,RELIABLECLIENT=""

  嵭ƤˤơtcpserverŪˤϡallowפؼƤ롣⤷
  denyפˤƥ饤ȤTCP³ΤΤԵĤˤƤޤ
  ȡ饤ȤϥꥵФ˷Ҥ˹Ԥǽ롣ȥ
  ꥵФޤǥᥤ뤬ήƤޤ ۡ
---[ ]------------------------------------------------------------
docomo.ne.jpSMTPФHELO "docomo.ne.jp" ä롣
FQDNäߤΤǤ롣au(ezweb.ne.jp)vodafoneФϤ
ȤHELOä롣
----------------------------------------------------------------------
---[ ]------------------------------------------------------------
SMTP顼֤Ƥ⥻ꥵФƱᥤꤲ
ʶ˰饤ȤäȤ̤Ѥʤ
----------------------------------------------------------------------

  ǡ١ζͭ

  tcpserverѤΥ롼ե $CONTROLDIR ʲ˺ѥ󥨥ȥ
  ƼʬǴΤҤȤĤˡcvssubversionʤɤʬ
  ӥƥȤäƶƱȴμ֤ڸǤ롣

  ɮԤϡαĤᥤ륵ФϤǥᥤʬϤơ
  μݤǤ褦ǡ١ۤƤ(ʲ spamdbɽ
  )Υǡ١ anonymous cvs ˤïǤѤǤ褦ˤ
  ΤɮԤΥǡ١ѤǤ()ѤߤϿ
  ݥꥷȤƤϡܿͤˤȤäͭѡפȤ򿴳ݤƤ롣⤷
  θǡ١Թʥȥ꤬äȤƤ⡢ۥ磻ȥꥹ
  Ȥꤹ뤳ȤˤäƤǤʤȤǤ롣

  $CONTROLDIR(ǥեȤ /var/qmail/control)˰ư anoncvs 
  spamdb롣

	# cd $CONTROLDIR
	# cvs -d :pserver:anonymous@yatex.org:/qmail co spamdb

  $CONTROLDIR/spamdb ǥ쥯ȥ˰ʲΥե뤬ԡ롣

	badhelo		ݤHELOΥѥ11ȥǽ񤤤
	badmailfrom	ݤMAIL FROMΥѥ11ȥǽ񤤤
	badrcptto	ݤHELOΥѥ11ȥǽ񤤤
	smtp-badhost	³饤Ȥ˱TCP³/ݤȴĶ
			롼
	Makefile	嵭 bad* ե bad*dir Ѵ롼
			񤤤 Makefile
	Makefile.tcprule  smtp 롼եȾ嵭
			smtp-badhostեޡΤcdbѴ
			롼񤤤 Makefile 

  Υǥ쥯ȥ˰ư make ư뤳ȤǡdatadirΥ֥
  ꥹȥǡ١ۤ롣 $CONTROLDIR ˥ܥå
  󥯤ɤǥեͤѤƤʤаʲǴλ
  롣
	# cd /var/qmail/control/spamdb
	# make
	# cd ..
	# ln -s spamdb/bad*dir .

  Ū cvs up  datadir ƹ롣

	# (cd /var/qmail/control/spamdb; cvs up; make)

  ޤspamdbǤɮԤȽǴǡ־˼ݤBADHOST ѿ
  򥻥åȤ륢ɥ쥹 smtp-badhost եϿƤ롣
  Ѥ tcpserver ѤΥ롼եΤǥ쥯ȥ
  Makefile.tcprule  Makefile ̾ǥԡȤ褤

	# cp spamdb/Makefile.tcprule /etc/abm/Makefile
	# cd /etc/abm
	# ln -s /var/qmail/control/spamdb/smtp-badhost .
	# make

  spamdbѤȤ⡢μˡ߱طΤᥤ륵дƱ
  ΤǳѤ뤳ȤǤ롣

  ¾Ƚ굡ǽ

  antibadmailˤϾ嵭ʳˤ⤤ĤȽ굡ǽ롣

  	* Null-Sender ʤΤ2İʾRCPT TOꤷΤϵݤ
	* åΥإåʸˤ
	* Ƥǥᥤ̤ RCPT TO ɥ쥹
	* (qmailΤ) ¸ߤʤ RCPT TO SMTPʳǵݤ

  ܺ٤ http://www.gentei.org/~yuuji/software/antibadmail/ 򻲾Ȥĺ
  ޤantibadmailӤʤqmail patchѤ
  ǥᥤ̤˴ؤʲURLǸƤ롣

http://www.gentei.org/~yuuji/software/qmpatch/publication/nospam200312.pdf
http://www.gentei.org/~yuuji/software/antibadmail/publication/abm-dsm35.pdf

