Ukuqhunyiswa kwe-imeyile yenye yezona ntlobo zakudala zohlaselo lwe-cyber. Embindini wayo, ifana nohlaselo oluqhelekileyo lwe-DoS, kuphela endaweni yezicelo zamaza ezisuka kwiidilesi ezahlukeneyo ze-IP, igagasi le-imeyile lithunyelwa kumncedisi, ezifika ngobuninzi obukhulu kwenye yeedilesi ze-imeyile, ngenxa yokuba umthwalo kuyo kwandisa kakhulu. Uhlaselo olunjalo lunokukhokelela ekungakwazini ukusebenzisa ibhokisi yeposi, kwaye ngamanye amaxesha kunokukhokelela ekungaphumelelini komncedisi wonke. Imbali ende yolu hlobo lwe-cyberattack luye lwakhokelela kwinani lemiphumo emihle kunye nembi kubalawuli benkqubo. Izinto ezintle zibandakanya ulwazi olulungileyo lokuqhushumba ngeposi kunye nokufumaneka kweendlela ezilula zokuzikhusela kuhlaselo olunjalo. Imiba engalunganga ibandakanya inani elikhulu lezisombululo zesoftware ezifumanekayo esidlangalaleni zokwenza ezi ntlobo zohlaselo kunye nokukwazi ukuba umhlaseli azikhusele ngokuthembekileyo ekubhaqweni.
Into ebalulekileyo yolu hlaselo lwe-cyber kukuba phantse akunakwenzeka ukuyisebenzisela inzuzo. Ewe, umhlaseli wathumela i-imeyile kwenye yeebhokisi zeposi, kakuhle, akazange amvumele umntu ukuba asebenzise i-imeyile ngokuqhelekileyo, kakuhle, umhlaseli wagqekeza kwi-imeyile yenkampani yomntu kwaye waqala ukuthumela amawaka eeleta kulo lonke i-GAL, ekuthi. kutheni le nto umncedisi untlithekile okanye waqala ukucotha kangangokuba akunakwenzeka ukuyisebenzisa, kwaye yintoni elandelayo? Kuphantse kungenzeki ukuguqula ulwaphulo-mthetho olunjalo lube yimali yokwenyani, ngoko ke ukubhobhoza nge-imeyile yinto enqabileyo ngoku kwaye abalawuli benkqubo, xa beyila iziseko zophuhliso, banokungasikhumbuli nje isidingo sokukhusela kuhlaselo lwe-cyber.
Nangona kunjalo, ngelixa i-imeyile iziqhushumbisa ibhombu ngokwayo ingumsebenzi ongenanjongo ukusuka kwindawo yentengiso, ihlala iyinxalenye yolunye, uhlaselo lwe-cyber olunzima ngakumbi kunye namanqanaba amaninzi. Ngokomzekelo, xa uqweqwedisa imeyile kwaye uyisebenzisela ukuqweqwedisa iakhawunti kwinkonzo karhulumente ethile, abahlaseli badla βukubhobhozaβ ibhokisi yeposi yexhoba ngoonobumba abangenantsingiselo ukuze ileta yokuqinisekisa ilahleke kumlambo wabo kwaye ingabonwa. Ibhombu yemeyile isenokusetyenziswa njengendlela yoxinzelelo lwezoqoqosho kwishishini. Ke, ukubhobhoza okusebenzayo kwebhokisi yeposi kawonke-wonke yeshishini, efumana izicelo kubathengi, kunokuwenza nzima umsebenzi kunye nabo kwaye, ngenxa yoko, kunokukhokelela ekuphelelweni kwezixhobo zokusebenza, ii-odolo ezingazalisekanga, kunye nokulahleka kwegama kunye nokulahleka kwengeniso.
Yingakho umlawuli wenkqubo akufanele akhohlwe malunga nokuba nokwenzeka kwebhomu ye-imeyile kwaye uhlala ethatha amanyathelo ayimfuneko ukukhusela kwesi songelo. Ukuqwalasela ukuba oku kunokwenziwa kwinqanaba lokwakha isiseko se-imeyile, kwaye kwakhona kuthatha ixesha elincinane kakhulu kunye nomsebenzi ovela kumlawuli wenkqubo, akukho zizathu ezicacileyo zokungaboneleli ngesiseko sakho sokhuseleko ekuqhumeni nge-imeyile . Makhe sijonge ukuba ukhuseleko kolu hlaselo lwe-cyber luphunyezwa njani kwi-Zimbra Collaboration Suite Open-Source Edition.
I-Zimbra isekwe kwi-Postfix, enye yezona zinto zithembekileyo nezisebenzayo ezivulelekileyo ii-Arhente zoThutho lweeMeyile ezikhoyo namhlanje. Kwaye enye yeenzuzo eziphambili zokuvuleka kwayo kukuba ixhasa iintlobo ezininzi zezisombululo zomntu wesithathu ukwandisa ukusebenza. Ngokukodwa, iPostfix ixhasa ngokupheleleyo i-cbpolicyd, into esetyenziswayo ekuqinisekiseni ukhuseleko lwe-imeyile kwiseva. Ukongeza kokukhuselwa kwe-spam kunye nokudalwa kwabamhlophe, uluhlu lwabamnyama kunye ne-greylists, i-cbpolicyd ivumela umlawuli we-Zimbra ukuba alungiselele ukuqinisekiswa kwesignesha ye-SPF, kunye nokubeka izithintelo ekufumaneni nasekuthumeleni i-imeyile okanye idatha. Bobabini banokunika ukhuseleko oluthembekileyo kwi-spam kunye ne-phishing emails, kwaye ukhusele umncedisi kwi-imeyile yebhomu.
Into yokuqala efunekayo kumlawuli wenkqubo kukuvula imodyuli ye-cbpolicyd, efakwe ngaphambili kwi-Zimbra Collaboration Suite OSE kwi-server ye-MTA yesiseko. Oku kwenziwa ngokusebenzisa umyalelo zmprov ms `zmhostname` +zimbraServiceEnabled cbpolicyd. Emva koku, kuya kufuneka uvule ujongano lwewebhu ukuze ukwazi ukulawula ngokukhululeka i-cbpolicyd. Ukwenza oku, kufuneka uvumele uqhagamshelo kwinombolo yewebhu ye-7780, yenza ikhonkco elingumfuziselo usebenzisa umyalelo. ln -s /opt/zimbra/common/share/webui/opt/zimbra/data/httpd/htdocs/webui, kwaye emva koko uhlele ifayile yesethingi usebenzisa umyalelo we-nano /opt/zimbra/data/httpd/htdocs/webui/includes/config.php, apho kufuneka ubhale le migca ilandelayo:
$DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb";
$DB_USER="ingcambu";
$DB_TABLE_PREFIX="";
Emva koku, konke okuseleyo kukuqalisa kwakhona iinkonzo ze-Zimbra kunye neZimbra Apache usebenzisa i-zmcontrol restart kunye ne-zmapachectl restart imiyalelo. Emva koku, uya kuba nokufikelela kujongano lwewebhu kwi :7780/webui/index.php. Eyona nto iphambili kukuba ukungena kolu jongano lwewebhu akukakhuselwanga nangayiphi na indlela kwaye ukuze kuthintelwe abantu abangagunyaziswanga ukuba bangene kuyo, emva kokungena ngakunye kwi-interface yewebhu ungavala ngokulula unxibelelwano kwi-port 7780.
Unokuzikhusela kwisikhukula see-imeyile ezisuka kuthungelwano lwangaphakathi ngokusebenzisa izabelo zokuthumela ii-imeyile, ezinokusetwa enkosi kwi-cbpolicyd. Ezo zabelo zikuvumela ukuba ubeke umda kwinani eliphezulu loonobumba abanokuthunyelwa kwibhokisi yeposi enye kwiyunithi enye yexesha. Ngokomzekelo, ukuba abaphathi beshishini lakho bathumela umyinge we-imeyile ye-60-80 ngeyure, ngoko unokuseta i-quota yee-imeyile ezili-100 ngeyure, ngokuqwalasela umda omncinci. Ukufikelela kwesi sixa, abaphathi kuya kufuneka bathumele i-imeyile enye rhoqo ngemizuzwana engama-36. Kwelinye icala, oku kwanele ukuba usebenze ngokupheleleyo, kwaye kwelinye icala, ngesabelo esinjalo, abahlaseli abafumene ukufikelela kwi-imeyile yomnye wabaphathi bakho abayi kuqalisa ukuqhushumba kwe-imeyile okanye uhlaselo olukhulu logaxekile kwishishini.
Ukuze usete loo quota, kufuneka wenze i-imeyile entsha yokuthumela umgaqo-nkqubo wothintelo kwi-interface yewebhu kwaye ucacise ukuba isebenza kuzo zombini iileta ezithunyelwe ngaphakathi kwendawo kunye nakwiileta ezithunyelwe kwiidilesi zangaphandle. Oku kwenziwa ngolu hlobo lulandelayo:
Emva koko, unokucacisa ngokubanzi izithintelo ezinxulumene nokuthumela iileta, ngokukodwa, ukuseta ixesha lokuphumla emva kokuba izithintelo zihlaziywe, kunye nomyalezo oya kufumana umsebenzisi ogqithise umda wakhe. Emva koku, unokuseta uthintelo ekuthumeleni iileta. Inokumiselwa zombini njengenani leeleta eziphumayo kunye nenani leebhayithi zolwazi oludlulisiweyo. Kwangaxeshanye, iileta ezithunyelwa ngaphaya komda omiselweyo kufuneka zijongwe ngokwahlukileyo. Ke, umzekelo, unokuzicima ngokukhawuleza, okanye ungazigcina ukuze zithunyelwe ngokukhawuleza emva kokuba umda wokuthumela umyalezo uhlaziyiwe. Ukhetho lwesibini lunokusetyenziswa xa kumiselwa ixabiso eliphezulu lomda wokuthumela ii-imeyile ngabasebenzi.
Ukongeza kwizithintelo zokuthumela iileta, i-cbpolicyd ikuvumela ukuba ubeke umda ekufumaneni iileta. Ukukhawulelana okunjalo, ekuboneni kokuqala, kuyisisombululo esihle kakhulu sokukhusela ibhomu ye-imeyile, kodwa ngokwenene, ukubeka umda onjalo, nokuba mkhulu, ugcwele into yokuba phantsi kweemeko ezithile incwadi ebalulekileyo ayinakufikelela kuwe. Yiyo loo nto ingakhuthazwa kakhulu ukwenza naziphi na izithintelo zeimeyile engenayo. Nangona kunjalo, ukuba usathatha isigqibo sokuthatha umngcipheko, kufuneka usondele ekuseteni umda womyalezo ongenayo ngoqwalaselo olulodwa. Ngokomzekelo, unokunciphisa inani lee-imeyile ezingenayo ezivela kubalingane abathembekileyo ukwenzela ukuba ukuba iseva yabo yeposi iphazamisekile, ayiyi kuqalisa ukuhlaselwa kwe-spam kwishishini lakho.
Ukuze ukhusele ekungeneni kwemiyalezo engenayo ngexesha lokubhombuzwa kweposi, umlawuli wenkqubo kufuneka enze into ekrelekrele kunokunciphisa iimeyile engenayo. Esi sisombululo sinokusetyenziswa koluhlu olungwevu. Umgaqo wokusebenza kwabo kukuba kwimizamo yokuqala yokuhambisa umyalezo ovela kumthumeli ongathembekanga, uxhulumaniso kumncedisi luphazamiseka ngokukhawuleza, yingakho ukuhanjiswa kweleta kusilela. Nangona kunjalo, ukuba ngexesha elithile umncedisi ongathembekanga uzama ukuthumela unobumba ofanayo kwakhona, umncedisi akaluvali uxhulumaniso kwaye ukuhanjiswa kwayo kuphumelele.
Inqaku lazo zonke ezi zenzo kukuba iinkqubo zokuthumela ngokuzenzekelayo ii-imeyile ezininzi azikhangeli ukuphumelela kokuthunyelwa komyalezo othunyelweyo kwaye ungazami ukuwuthumela okwesibini, ngelixa umntu ngokuqinisekileyo uya kuqinisekisa ukuba ileta yakhe ithunyelwe idilesi okanye hayi.
Unokwenza uluhlu olungwevu kujongano lwewebhu lwe-cbpolicyd. Ukuze yonke into isebenze, kufuneka wenze umgaqo-nkqubo oya kubandakanya zonke iileta ezingenayo ezibhekiswa kubasebenzisi kwiseva yethu, kwaye emva koko, ngokusekwe kulo mgaqo-nkqubo, wenze umthetho weGreylisting, apho ungaqwalasela ixesha apho i-cbpolicyd iya kulinda. ngempendulo ephindaphindiweyo evela kumthumeli ongaziwayo. Ngokuqhelekileyo yimizuzu emi-4-5. Ngelo xesha, uluhlu olungwevu lunokulungiswa ukwenzela ukuba zonke iinzame eziphumelelayo nezingaphumeleli zokuhambisa iileta ezivela kubathumeli abahlukeneyo zithathelwe ingqalelo kwaye, ngokusekelwe kwinani labo, isigqibo senziwe ukuba songeze ngokuzenzekelayo umthumeli kuluhlu olumhlophe okanye olumnyama.
Sitsala ingqalelo yakho kwinto yokuba ukusetyenziswa koluhlu olumpunga kufuneka lwenziwe ngowona xanduva. Kuya kuba ngcono ukuba ukusetyenziswa kobu buchwepheshe kuhamba kunye nokugcinwa rhoqo koluhlu olumhlophe kunye nolumnyama ukuphelisa amathuba okulahlekelwa yi-imeyile ezibaluleke ngokwenene kwishishini.
Ukongeza, ukongeza i-SPF, i-DMARC, kunye nokuhlolwa kwe-DKIM kunokunceda ukukhusela ngokuchasene nokuqhunyiswa kwe-imeyile. Amaxesha amaninzi iileta ezifika ngenkqubo yokuqhushumba ngeposi azidluli ezo zitshekisho. Indlela yokwenza oku kwaxoxwa ngayo .
Ke, ukuzikhusela kwisoyikiso esinje ngokuqhushumba kwe-imeyile kulula kakhulu, kwaye ungakwenza oku nakwinqanaba lokwakha iziseko zeZimbra zeshishini lakho. Nangona kunjalo, kubalulekile ukuba uhlale uqinisekisa ukuba umngcipheko wokusebenzisa ukhuseleko olunjalo awuze udlule kwiinzuzo ozifumanayo.
umthombo: www.habr.com