CSF: ConfigServer Firewall, configurando e-mail

CSF: ConfigServer Firewall, configurando e-mail

csf largeVamos explicar neste tutorial como configurar a parte de e-mails do CSF, o ConfigServer Firewal. O CSF é muito utilizado em servidores para gerenciamento das configurações de e-mail, em especial nos servidores com cPanel.

 

Vamos entar configurar cada parte do  CSF.

  1. SMTP
    1. # Block outgoing SMTP except for root, exim and mailman (forces scripts/users
      # to use the exim/sendmail binary instead of sockets access). This replaces the
      # protection as WHM > Tweak Settings > SMTP Tweaks
      #
      # This option uses the iptables ipt_owner module and must be loaded for it to
      # work. It may not be available on some VPS platforms
      #
      # Note: Run /etc/csf/csftest.pl to check whether this option will function on
      # this server
      SMTP_BLOCK =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      # If SMTP_BLOCK is enabled but you want to allow local connections to port 25
      # on the server (e.g. for webmail or web scripts) then enable this option to
      # allow outgoing SMTP connections to 127.0.0.1
      SMTP_ALLOWLOCAL =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      # This is a comma separated list of the ports to block. You should list all
      # ports that exim is configured to listen on
      SMTP_PORTS =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

    2. SMTP_BLOCK =1 : Faz com que as regras de envio do SMTP sejam as do CSF, ignorando as configurações do WHM. É recomendado deixar esta opção em 1 (true, verdadeiro).
      SMTP_ALLOWLOCAL = 1 : Permite que formulários das contas hospedadas na iLax se conectem ao SMTP para enviar um e-mail; Isso é útil para que os formulários enviem e-mails autenticados pelo servidor, diminuindo o risco do e-mail ser considerando SPAM pelo destino; Recomendamos deixar ativado (=1, true).
      SMTP_PORTS = 25 : Define que a porta para acesso ao recurso SMTP seja a 25. Recomendos utilizar a padrão.
    3. # [*]Enable login failure detection of SMTP AUTH connections
      LF_SMTPAUTH =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      LF_SMTPAUTH_PERM =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

    4. LF_SMTPAUTH : Número de vezes que alguém pode se conectar ao SMTP com login ou senha inválidos antes de ser bloqueado.
      LF_SMTPAUTH_PERM : Tempo de bloqueio, em segundos.
  2. POP3
    1. a
    2. b
    3. # [*]Enable login failure detection of courier pop3 connections. This will not
      # trap the older cppop daemon
      LF_POP3D =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      LF_POP3D_PERM =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

    4. LF_POP3D : Número de vezes que alguém pode se conectar ao POP3 com login ou senha inválidos antes de ser bloqueado.
      LF_POP3D_PERM : Tempo de bloqueio, em segundos.
  3. IMAP
    1. # [*]Enable login failure detection of courier imap connections. This will not
      # trap the older cpimap (uwimap) daemon
      LF_IMAPD =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      LF_IMAPD_PERM =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

    2. LF_IMAPD : Número de vezes que alguém pode se conectar ao IMAP com login ou senha inválidos antes de ser bloqueado.
      LF_IMAPD_PERM : Tempo de bloqueio, em segundos.
  4. EXIM
    1. # Enable scanning of the exim mainlog for repeated emails sent from scripts.
      # To use this feature you must add an extended email logging line to WHM >
      # Exim Configuration Editor > Switch to Advanced Mode > in the first textbox
      # add the following line (without the preceding #):
      #
      # log_selector = +arguments +subject
      #
      # If you already use extended exim logging, then you need to either include
      # +arguments or use +all
      #
      # This setting will then send an alert email if more than LF_SCRIPT_LIMIT lines
      # appear with the same cwd= path in them within an hour. This can be useful in
      # identifying spamming scripts on a server, especially PHP scripts running
      # under the nobody account. The email that is sent includes the exim log lines
      # and also attempts to find scripts that send email in the path that may be the
      # culprit
      LF_SCRIPT_ALERT =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      # The limit afterwhich the email alert for email scripts is sent. Care should
      # be taken with this value if you allow clients to use web scripts to maintain
      # pseudo-mailing lists which have large recipients
      LF_SCRIPT_LIMIT =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      # If this option is enabled, the directory identified by LF_SCRIPT_ALERT will
      # be chmod 0 and chattr +i to prevent it being accessed. Set the option to 1
      # to enable.
      #
      # WARNING: This option could cause serious system problems if the identified
      # directory is within the OS directory hierarchy. For this reason we do not
      # recommend enabling it unless absolutely necessary.
      LF_SCRIPT_PERM =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      # Checks the length of the exim queue and sends an alert email if the value of
      # settings is exceeded. If the ConfigServer MailScanner configuration is used
      # then both the pending and delivery queues will be checked.
      #
      # Note: If there are problems sending out email, this alert may not be received
      # To disable set to “0″
      LF_QUEUE_ALERT =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

      # The interval between mail queue checks in seconds. This should not be set too
      # low on servers that often have long queues as the exim binary can use
      # significant resources when checing its queue length
      LF_QUEUE_INTERVAL =

      http://gerencievocemesmo.com.br/site/wp-content/themes/fusion/images/input-bg.png); background-color: transparent; background-position: 0% 0%; background-repeat: no-repeat no-repeat;”>

    2. LF_SCRIPT_ALERT : Analisa se os formulários das páginas hospedadas estão enviando e-mail de forma anormal. Se sim, notifica o administrador.
      LF_SCRIPT_LIMIT : Limite para alertar o administrador sob e-mails enviados via script em uma conta de hospedagem.
      LF_SCRIPT_PERM : Configura as permissões como 0000 no diretório do script que ultrapassou o limite, assim ele cessa o envio de e-mails.
      LF_QUEUE_ALERT : Se o número de e-mails em fila para serem enviados no servidor ultrapassar o limite aqui colocado, ele notifica o administrador.
      LF_QUEUE_INTERVAL : Tempo de verificação, em segundos, do LF_QUEUE_ALERT.

Leave a Reply

Your email address will not be published.

Esse site utiliza o Akismet para reduzir spam. Aprenda como seus dados de comentários são processados.

Abrir chat
💬 Posso Ajudar?