SendMail, as a free mail server software, has been widely used in servers of various operating systems on the Internet. such as: Solaris,hpux,aix,irix,linux and so on. With the spread of the Internet, the chances of the mail server being attacked are also greatly increased. Currently, there are two types of attacks on Internet mail servers: one is relay use (Relay), where a remote machine sends a message through your server so that anyone can use your server to send e-mail to any address, and over time, your machine is not only an accomplice to sending spam, It will also increase your network's international traffic, and may be rejected by many mail servers on the Internet. Another type of attack called spam (Spam), which is often referred to as a mail bomb, is that the server may receive a large amount of unwanted mail in a very short time, causing the mail server to become overwhelmed and paralyzed. Both of these attacks can cause the mail server to not function properly. Therefore as a campus network mail server to prevent mail attacks will be indispensable.
Currently, there are two ways to block mail attacks for SendMail mail servers. One is to upgrade the high version of the Server software, leveraging the security features of the software itself. The second is the use of Third-party software, such as dynamic relay validation control function to achieve. The following is an example of SendMail V8.9.3 to describe these methods.
1. Server's own security features
(1) Security Considerations when compiling SendMail
To take advantage of the SendMail 8.9.3 block mail attack feature, you must set up the relevant parameters at system compile time and use the relevant software packages. At present, the main use of the Berkeley DB database functions, Berkeley DB package can be downloaded from the relevant site, and need to compile well beforehand. The relevant parameters of Berkeley DB are then written into the SendMail file.
A. Modifying the Site.config.m4 file
Add the compiled Berkeley DB-related library file path to the Site.config.m4 file so that SendMail can use the Berkeley DB database after compiling. For example:
#cd $/sendmail-8.9.3/buidtools/site
modifying SITE.CONFIG.M4 files