Kuphulitsa kwa maimelo ndi imodzi mwamitundu yakale kwambiri yowukira pa intaneti. Pachimake, amafanana ndi kuukira kwa DoS wamba, kokha m'malo mwa zopempha zochokera ku ma adilesi osiyanasiyana a IP, mafunde a maimelo amatumizidwa ku seva, yomwe imabwera mochuluka kwambiri ku imodzi mwa ma adilesi a imelo, chifukwa cha katunduyo. pa izo kumawonjezeka kwambiri. Kuukira koteroko kungayambitse kulephera kugwiritsa ntchito bokosi la makalata, ndipo nthawi zina kungayambitse kulephera kwa seva yonse. Mbiri yakale ya mtundu uwu wa cyberattack yadzetsa zotsatira zabwino ndi zoipa kwa oyang'anira machitidwe. Zinthu zabwino zikuphatikizapo kudziwa bwino za kuphulitsa makalata ndi kupezeka kwa njira zosavuta zodzitetezera ku kuukira koteroko. Zoyipa zikuphatikiza njira zambiri zothanirana ndi anthu pochita ziwopsezo zamtunduwu komanso kuthekera kwa wowukira kuti azitha kudziteteza kuti asadziwike.
Chofunikira pakuwukira kwa cyber ndikuti ndizosatheka kugwiritsa ntchito phindu. Chabwino, wowukirayo adatumiza maimelo ku imodzi mwamabokosi a makalata, chabwino, sanalole kuti munthuyo agwiritse ntchito imelo nthawi zonse, chabwino, wowukirayo adalowa mu imelo yakampani yamunthu wina ndikuyamba kutumiza makalata masauzande ambiri mu GAL, yomwe ndi chifukwa chiyani seva idagwa kapena idayamba kutsika mpaka idakhala yosatheka kuigwiritsa ntchito, ndipo kenako chiyani? Ndikosatheka kusinthira upandu wapaintaneti kukhala ndalama zenizeni, kotero kuphulitsa kwa makalata ndizomwe zimachitika kawirikawiri ndipo oyang'anira dongosolo, popanga zomangamanga, sangakumbukire kufunika kodziteteza ku chiwonongeko cha cyber.
Komabe, ngakhale kuti maimelo amadziwombera okha ndizochitika zopanda pake kuchokera pazamalonda, nthawi zambiri zimakhala mbali zina, zovuta kwambiri komanso zamagulu ambiri a cyber. Mwachitsanzo, pozembera makalata ndi kugwiritsira ntchito kubera akaunti m’ntchito zina za boma, oukirawo nthaŵi zambiri “amaphulitsa” bokosi la makalata la wozunzidwayo ndi zilembo zopanda tanthauzo kotero kuti kalata yotsimikizirayo itayika m’mitsinje yawo ndi kusazindikirika. Kubomba kwa maimelo kungagwiritsidwenso ntchito ngati njira yolimbikitsira bizinesi. Chifukwa chake, kuphulika mwachangu kwa bokosi la makalata labizinesi, lomwe limalandira zopempha kuchokera kwa makasitomala, kumatha kusokoneza kwambiri ntchito ndi iwo ndipo, chifukwa chake, kungayambitse kuchepa kwa zida, kulamula kosakwaniritsidwa, komanso kutayika kwa mbiri ndikutaya phindu.
Ichi ndichifukwa chake woyang'anira dongosolo sayenera kuyiwala za kuthekera kwa bomba la imelo ndipo nthawi zonse azichita zinthu zofunika kuti ateteze kuwopseza kumeneku. Poganizira kuti izi zikhoza kuchitika pa siteji yomanga zomangamanga makalata, komanso kuti zimatenga nthawi yochepa kwambiri ndi ntchito kuchokera kwa woyang'anira dongosolo, palibe zifukwa zomveka zopezera chitetezo chanu ku mabomba a makalata . Tiyeni tiwone momwe chitetezo ku cyber-attack chimakhazikitsidwa mu Zimbra Collaboration Suite Open-Source Edition.
Zimbra idakhazikitsidwa ndi Postfix, imodzi mwama gwero odalirika komanso otseguka a Mail Transfer Agents omwe alipo lero. Ndipo ubwino waukulu wa kutseguka kwake ndikuti umathandizira njira zosiyanasiyana za chipani chachitatu kuti ziwonjezere ntchito. Makamaka, Postfix imathandizira kwathunthu cbpolicyd, chida chapamwamba chowonetsetsa kuti seva yamakalata imatetezedwa. Kuphatikiza pa chitetezo chotsutsana ndi sipamu komanso kupanga zolemba zoyera, zolemba zakuda ndi ma greylists, cbpolicyd imalola woyang'anira Zimbra kukonza chitsimikiziro cha siginecha ya SPF, komanso kuyika zoletsa kulandira ndi kutumiza maimelo kapena deta. Onse angapereke chitetezo chodalirika ku maimelo a spam ndi phishing, ndikuteteza seva ku mabomba a imelo.
Choyambirira chomwe chikufunika kuchokera kwa woyang'anira dongosolo ndikuyambitsa gawo la cbpolicyd, lomwe limayikidwa kale mu Zimbra Collaboration Suite OSE pa seva ya MTA ya zomangamanga. Izi zimachitika pogwiritsa ntchito lamulo zmprov ms `zmhostname` +zimbraServiceEnabled cbpolicyd. Pambuyo pake, muyenera yambitsani mawonekedwe a intaneti kuti muzitha kuyendetsa bwino cbpolicyd. Kuti muchite izi, muyenera kulola kulumikizana pa intaneti nambala 7780, pangani ulalo wophiphiritsa pogwiritsa ntchito lamulo. ln -s /opt/zimbra/common/share/webui/opt/zimbra/data/httpd/htdocs/webui, ndiyeno sinthani zosinthazo pogwiritsa ntchito nano command /opt/zimbra/data/httpd/htdocs/webui/includes/config.php, pomwe muyenera kulemba mizere iyi:
$DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb";
$DB_USER="muzu";
$DB_TABLE_PREFIX="";
Pambuyo pa izi, zomwe zatsala ndikuyambitsanso ntchito za Zimbra ndi Zimbra Apache pogwiritsa ntchito zmcontrol restart ndi zmapachectl restart malamulo. Pambuyo pake, mudzakhala ndi mwayi wogwiritsa ntchito intaneti pa :7780/webui/index.php. Chachikulu ndichakuti khomo lolowera pa intaneti silinatetezedwe mwanjira iliyonse ndipo kuti muteteze anthu osaloledwa kulowamo, mutha kungotseka maulumikizidwe padoko 7780 mukangolowera pa intaneti.
Mutha kudziteteza ku kusefukira kwa maimelo omwe amabwera kuchokera pa netiweki yamkati pogwiritsa ntchito ma quotas potumiza maimelo, omwe amatha kukhazikitsidwa chifukwa cha cbpolicyd. Magawo oterowo amakulolani kuti muyike malire pa kuchuluka kwa zilembo zomwe zitha kutumizidwa kuchokera ku bokosi la makalata limodzi munthawi imodzi. Mwachitsanzo, ngati oyang'anira mabizinesi anu amatumiza maimelo pafupifupi 60-80 pa ola limodzi, ndiye kuti mutha kukhazikitsa maimelo 100 pa ola limodzi, poganizira malire ang'onoang'ono. Kuti akwaniritse gawoli, oyang'anira azitumiza imelo imodzi masekondi 36 aliwonse. Kumbali imodzi, izi ndizokwanira kuti mugwire ntchito mokwanira, ndipo kumbali ina, ndi gawo lotere, oukira omwe alandila makalata a m'modzi wa oyang'anira anu sangayambitse kuphulitsa kwa makalata kapena kuwukira kwakukulu kwa sipamu pabizinesi.
Kuti mukhazikitse gawo loterolo, muyenera kupanga imelo yatsopano yoletsa zoletsa pa intaneti ndikulongosola kuti imagwira ntchito pamakalata otumizidwa mkati mwa domeni komanso makalata otumizidwa ku ma adilesi akunja. Izi zimachitika motere:
Pambuyo pake, mutha kufotokozera mwatsatanetsatane zoletsa zomwe zimagwirizanitsidwa ndi kutumiza makalata, makamaka, ikani nthawi yomwe zoletsazo zidzasinthidwa, komanso uthenga womwe wogwiritsa ntchito wadutsa malire ake adzalandira. Zitatha izi, mukhoza kukhazikitsa choletsa kutumiza makalata. Itha kukhazikitsidwa ngati kuchuluka kwa zilembo zomwe zimatuluka komanso kuchuluka kwa ma byte a chidziwitso chotumizidwa. Pa nthawi yomweyi, makalata omwe amatumizidwa mopitirira malire omwe aperekedwa ayenera kuchitidwa mosiyana. Chifukwa chake, mwachitsanzo, mutha kungowachotsa nthawi yomweyo, kapena mutha kuwasunga kuti atumizidwe nthawi yomweyo pomwe malire otumizira uthenga asinthidwa. Njira yachiwiri ingagwiritsidwe ntchito pozindikira mtengo wokwanira wa malire otumizira maimelo ndi antchito.
Kuphatikiza pa zoletsa kutumiza makalata, cbpolicyd imakupatsani mwayi wokhazikitsa malire pakulandila makalata. Kuchepetsa kotereku, poyang'ana koyamba, ndi njira yabwino kwambiri yodzitetezera ku bomba la makalata, koma kwenikweni, kuyika malire oterowo, ngakhale akulu, kumadzaza ndi mfundo yakuti pansi pazifukwa zina kalata yofunikira sikungafike kwa inu. Ichi ndichifukwa chake sizovomerezeka kwambiri kuti mulole zoletsa zilizonse zamakalata omwe akubwera. Komabe, ngati mutasankhabe kutenga chiopsezo, muyenera kuyandikira kuyika malire a uthenga womwe ukubwera ndi chidwi chapadera. Mwachitsanzo, mutha kuchepetsa kuchuluka kwa maimelo omwe akubwera kuchokera kwa anzawo odalirika kuti ngati seva yawo yamakalata isokonezedwa, siyambitsa kuwukira kwa sipamu pabizinesi yanu.
Kuti muteteze ku kuchuluka kwa mauthenga omwe akubwera panthawi ya mabomba, woyang'anira makina akuyenera kuchita zinthu mwanzeru kuposa kungochepetsa makalata obwera. Njira iyi ikhoza kukhala kugwiritsa ntchito mindandanda yotuwa. Mfundo ya ntchito yawo ndi yakuti pakuyesera koyamba kupereka uthenga kuchokera kwa wotumiza wosadalirika, kugwirizana kwa seva kumasokonekera mwadzidzidzi, chifukwa chake kutumiza kalatayo kumalephera. Komabe, ngati panthawi inayake seva yosadalirika ikuyesera kutumizanso kalata yomweyi, seva siyitseka kulumikizana ndipo kutumiza kwake kumapambana.
Chofunikira pazochitika zonsezi ndikuti mapulogalamu otumizira maimelo ambiri nthawi zambiri samawona momwe uthengawo watumizidwa ndipo samayesa kutumizanso kachiwiri, pomwe munthu amaonetsetsa kuti kalata yake yatumizidwa adilesi kapena ayi.
Muthanso kuloleza greylist mu mawonekedwe a intaneti a cbpolicyd. Kuti chilichonse chigwire ntchito, muyenera kupanga ndondomeko yomwe ingaphatikizepo makalata onse omwe akubwera kwa ogwiritsa ntchito pa seva yathu, ndiyeno, kutengera ndondomekoyi, pangani lamulo la Greylisting, kumene mungathe kukonza nthawi yomwe cbpolicyd idzadikire. kuti muyankhe mobwerezabwereza kuchokera kwa wotumiza munthu wosadziwika. Nthawi zambiri ndi mphindi 4-5. Panthawi imodzimodziyo, mndandanda wa imvi ukhoza kukhazikitsidwa kotero kuti zoyesayesa zonse zopambana ndi zosapambana zotumizira makalata kuchokera kwa otumiza osiyanasiyana zimaganiziridwa ndipo, kutengera chiwerengero chawo, chigamulo chimapangidwa kuti chiwonjezere wotumiza ku mindandanda yoyera kapena yakuda.
Tikukulimbikitsani kuti kugwiritsa ntchito mndandanda wa imvi kuyenera kuchitidwa ndi udindo waukulu. Zingakhale bwino ngati kugwiritsidwa ntchito kwa teknolojiyi kumagwirizana ndi kukonzanso kosalekeza kwa mindandanda yoyera ndi yakuda kuti athetse mwayi wotaya maimelo omwe ali ofunikira kwambiri ku bizinesi.
Kuphatikiza apo, kuwonjezera macheke a SPF, DMARC, ndi DKIM angathandize kuteteza ku bomba la imelo. Nthawi zambiri makalata omwe amafika pobomba makalata samadutsa macheke otere. M'mene tingachitire zimenezi anakambitsirana .
Chifukwa chake, kudziteteza ku chiwopsezo monga kuphulitsa maimelo ndikosavuta, ndipo mutha kuchita izi ngakhale mukamamanga maziko a Zimbra pabizinesi yanu. Komabe, ndikofunikira nthawi zonse kuwonetsetsa kuti kuopsa kogwiritsa ntchito chitetezo chotere sikudutsa phindu lomwe mumalandira.
Source: www.habr.com