ProHoster > Blog > internet nhau > Kuburitswa kwe spam kusefa system SpamAssassin 3.4.3

Kuburitswa kwe spam kusefa system SpamAssassin 3.4.3

Mushure megore rebudiriro inowanikwa kuburitswa kwepuratifomu yekusefa spam - Spam Assassin 3.4.3. SpamAssassin inoshandisa nzira yakabatanidzwa yekusarudza kana kuvharisa: meseji inoiswa kune akati wandei macheki (kuongororwa kwemamiriro ezvinhu, DNSBL nhema uye chena rondedzero, akadzidziswa Bayesian classifiers, siginecha cheki, kutumira chokwadi chekutumira uchishandisa SPF neDKIM, nezvimwewo). Mushure mekuongorora meseji uchishandisa nzira dzakasiyana, imwe huremu coefficient inounganidzwa. Kana iyo yakaverengerwa coefficient yakapfuura imwe nhanho, meseji inovharika kana kumakwa se spam. Zvishandiso zvekugadzirisa otomatiki mitemo yekusefa zvinotsigirwa. Iyo package inogona kushandiswa pane ese mutengi uye server masisitimu. Iyo SpamAssassin kodhi yakanyorwa muPerl uye yakagoverwa pasi peiyo Apache rezinesi.

Features kuburitswa kutsva:

  • Yakawedzera plugin nyowani OLEVBCro, yakagadzirirwa kuona OLE macros uye VB kodhi mukati memagwaro;
  • Iko kumhanyisa uye kuchengetedzeka kwekutarisa maemail hombe kwakagadziridzwa nemaseting body_part_scan_size uye
    rawbody_part_scan_size settings;

  • Tsigiro ye "nosubject" mureza yakawedzerwa kumitemo yekugadzirisa muviri wetsamba kuti urege kutsvaga Musoro weChidzidzo sechikamu chezvinyorwa mumutumbi wetsamba;
  • Nezvikonzero zvekuchengetedza, iyo 'sa-update --allowplugins' sarudzo yakabviswa;
  • Izwi idzva rekuti "subjprefix" rakawedzerwa kune zvigadziriso kuti uwedzere prefix pachinyorwa chetsamba kana mutemo watanga. Iyo "_SUBJPREFIX_" tag yawedzerwa kumatemplate, ichiratidza kukosha kwe "subjprefix" marongero;
  • Iyo rbl_headers sarudzo yawedzerwa kuDNSEval plugin kutsanangura misoro iyo cheki inofanira kuiswa mumazita eRBL;
  • Yakawedzerwa check_rbl_ns_from basa kutarisa DNS server muRBL list. Yakawedzera check_rbl_rcvd basa rekutarisa domains kana IP kero kubva kune ese Akagamuchirwa misoro muRBL;
  • Sarudzo dzakawedzerwa kune cheki_hashbl_emails basa rekuona misoro ine zvinyorwa zvinoda kuongororwa muRBL kana ACL;
  • Yakawedzera check_hashbl_bodyre basa rekutsvaga muviri weemail uchishandisa chirevo chenguva dzose uye kutarisa machisi akawanikwa muRBL;
  • Yakawedzera check_hashbl_uris basa rekuona maURL ari mumuviri weemail uye woatarisa muRBL;
  • A vulnerability (CVE-2018-11805) yakagadziriswa iyo inobvumira mirairo yehurongwa kuti iitwe kubva kuCF mafaira (SpamAssassin configuration files) pasina kuratidza ruzivo pamusoro pekuurayiwa kwavo;
  • Kusagadzikana (CVE-2019-12420) iyo inogona kushandiswa kukonzera kurambwa kwesevhisi kana kugadzirisa email ine yakanyatso gadzirwa chikamu cheMultipart yakagadziriswa.

Vagadziri veSpamAssassin vakazivisawo kugadzirira kwebazi re4.0, iro richaita yakazara yakavakirwa-mukati UTF-8 kugadzirisa. Musi waKurume 2020, 1, kuburitswa kwemitemo ine masiginecha anoenderana neSHA-3.4.2 algorithm kuchamirawo (mukuburitswa 1, SHA-256 yakatsiviwa neSHA-512 uye SHA-XNUMX hashi mabasa).

Source: opennet.ru

Voeg