SMTP AUTH ֘A

SMTP AUTH 낤 I ( 1 )

Debian C X g [ SMTP AUTH ȑ M T [ o \ z ܂

SMTP Authentication with qmail on Debian GNU/Linux Woody by SHIBATA Akira
쐬 2004/03/13

spammer ̎ ͂‚ ܂

Ȃ񂿂イ A ŋ spam Ђǂ ł B @ h 炢 [ Ƃ Ɩ Ԃ 100 ʁi2004/03/09,10,11 305 ʁj 炢 ł B @ ܂ ǂ łȂ ɂ Ă Ԃ ham 145 ʂƂ ƂŁA ܂Ƃ߂ Ɩ 150 ʂ̃ C ̂ 100 ʂ ЂƂߌ Ă킩 spam ŁA c 50 A ܂ p ̂ 邩 m Ȃ C Ċ ł H

ƃ} W ɒ ׂĂ݂܂ B @ ̃v C x [ g A h X ɂ C ɂ‚ āc 2004/04/19 00:00 ` 2004/04/27 24:00
v @2,162
ham M E ҂ Ă A i E X 19
T [ o | [ g( cvs Ƃ ) E v X [ X E virus alert 60
C O X g303
spam o C A O E ׂ E 񂱂Ƃ 1,779

܂Ƃ߂ Ɩ 240 ʂ 郁 C ̓ A S ҂ Ăɂ 郁 C 2 ʂŁA S ~ 200 ʂ Ă Ƃł ȁB @

ŁA ̂Ƃ Ŏ󂯎 ̂͋ Ƃ āi ΁j A ς著 o Ȃ 悤 ɂ Ȃ Ƃ˂Ƃ ƂŁA smtp authentication 𓱓 āA ߂Ď ̑ spam ̓ ݑ Ȃ 悤 ɂ 悤 Ǝv 킯 ł B @

Ɏ g smtp auth ȃT [ o ƍ o l ̂ ă C 邶 i j

spam o Ȃ ߂ɂ

v ɓ ݑ ɂȂ Ȃ ΂ B @ smtp T [ o 𑼐l Ɏg Ȃ 悤 ɔ M z X g 肷 B @ ̓ N V [

Ƃ 낪 A d SMTP AUTH ȃT [ o Ă邱 ƂɂȂ B @ z X g Ȃ񂩂ł ₵ Ȃ B @ smtp ɉ 炩 ̔F ؂ ΂ 낵 Ƃ ƂɂȂ B @

smtp F ؂̂ ߂ɂ

SMTP F ؂ɂ

Ȃǂ B @

ŁA ͂ ߂ ɂ

p ӂ
n [ h E F A Ȃ񂩓K PC/AT Dell PowerEdge650
\ t g E F A

̊ { I ȃC X g [ 菇

  1. n [ h DEC21140 i82559 RTL8139/8029 ݒu i v O ̃_ E [ h ̓ ʂ̃l b g [ N p Ɏg j
  2. CD u [ g i UNIX USER 2002 N 9 t ^ j
  3. p [ e B V ͐擪 10MB (/boot p) A 1000MB ( swap p) A c S i / p) ɐ؂
  4. { I ɂ͂ ׂăf t H g
  5. f t H g Ȃ ͎̂ ێ Local time ɂ 邱 MD5 g 悤 ɂ 邱 ƁB @
  6. { C X g [ I A ̊ { ~ p b P [ W C X g [ sudo ssh
  7. \ b R [ visudo Č

{ C X g [ J [ l A b v O [ h 邽 ߂Ƀp b P [ W C X g [

$ sudo apt-get install kernel-package bin86 libncurses5-dev gcc kernel-source-2.4.18
Ƃ Ƃ ̂ ߂ɃG } [ W F V [ ȑI ‚ Ă
$ cd /boot
$ sudo cp vmlinuz-2.4.18-bf2.4 emergency
$ cd ..
$ sudo ln -s boot/emergency emergency
$ sudo vi /etc/lilo.conf
X O /bin/lilo Ă Ƃ 낤 A J [ l R p C ăC X g [ Ƃ Ɏ s ̂ŁA ͂ B @

J [ l R p C J n

$ cd /usr/src
$ sudo tar jxfv kernel-source-2.4.18.tar.bz2
$ cd kernel-source-2.4.18
$ sudo make menuconfig
$ sudo make-kpkg --revision 2004030601 kernel_image
J [ l C X g [
$ cd ..
$ sudo dpkg --install kernel-image-2.4.18_2004030601_i386.deb

悯 [ Ȃ ̂͑S Ƃ߂

$ sudo vi /etc/inetd.conf

e1000 h C o 邺 i C X g [ ܂Ŏ j

$ mkdir e1000
$ cp e1000-5.1.13.tar.gz e1000/
$ cd e1000
$ tar fzxv e1000-5.1.13.tar.gz
$ cd e1000-5.1.13
$ ls
$ cd src
$ sudo make install       ċN     Ă   ΂  ꂾ   ōς 
     R R ŃG   [ ł  B @ J [ l   ̃o [ W       ǂ  Ƃ  E E E
$ uname -r
$ vi Makefile          炵   J [ l   Ń  u [ g   ĂȂ      ̂ŃJ [ l   o [ W         ĂȂ      ̂ʼn   
$ sudo make install
$ find /lib/modules/ -name e1000.o -print
$ /sbin/ifconfig -a
$ sudo vi /etc/modules               h   C o   W   [   e1000   L q   ĂȂ  ƔF      Ȃ 
$ sudo /sbin/shutdown -ht0 now

ŁA { ͂ [

qmail C X g [ ɂ͂

܂ ucspi-tcp \ [ X C X g [ ăR p C

$sudo apt-get install ucspi-tcp-src
$sudo build-ucspi-tcp

qmail ̃\ [ X R p C

$sudo apt-get install qmail-src
$sudo  build-qmail
̃^ C ~ O Ńp b ` 𓖂Ă
$ sudo  build-qmail

This script unpacks the qmail source into a directory, and
compiles it to produce a binary qmail*.deb file.

The directory where this is done will end up containing the source
and package files for the qmail binary package, along with a
directory containing the unpacked source.

Enter a directory where you would like to do this [/tmp/qmail]
dpkg-source: extracting qmail in qmail-1.03

dpkg-source: extracting qmail in qmail-1.03

Binary package qmail will be compiled now 
If you want to apply a custom patch, switch to another console and do it now
This can take long time, depending on your machine

Press ENTER to continue...
悭 ǂ߂΍Ō ̃p O t Ɂu p b ` Ă Ȃ獡 I v ݂ Ȃ Ƃ Ă ̂ ^ [ ~ i 肩 ʃ^ [ ~ i ʼn L s
$ mkdir smtpauth
$ cp qmail-smtpd-auth-0.31.tar.gz  smtpauth/
$ cd smtpauth/
$ tar -xzf qmail-smtpd-auth-0.31.tar.gz
$ ls qmail-smtpd-auth-0.31
CHANGES  README.auth  auth.patch  base64.c  base64.h
$ cd /tmp/qmail/qmail-1.03/
$ sudo cp  ~/smtpauth/qmail-smtpd-auth-0.31/base64.* .
$ cat ~/smtpauth/qmail-smtpd-auth-0.31/auth.patch | sudo patch -p0
patching file Makefile
patching file TARGETS
patching file qmail-smtpd.8
patching file qmail-smtpd.c
Hunk #2 succeeded at 63 (offset 1 line).
Hunk #3 succeeded at 262 (offset 21 lines).
Hunk #4 succeeded at 437 (offset 23 lines).
Hunk #5 succeeded at 667 (offset 23 lines).
^ [ ~ i 肩 ^ [ ~ i ŃR p C p ƃC X g [ ܂Ŏ s B @

cmd5checkpw R p C C X g [ ύX
$ mkdir ~/cmd5checkpwdir
$ cp cmd5checkpw-0.22.tar.gz ~/cmd5checkpwdir/
$ cd ~/cmd5checkpwdir
$ tar xvfz cmd5checkpw-0.22.tar.gz
$ cd ~/cmd5checkpwdir/cmd5checkpw-0.22
$ make
gcc -c -g -Wall -O3   -c -o main.o main.c
main.c:72: warning: return type of `main' is not `int'
gcc -g -o cmd5checkpw main.o md5c.o hmac_md5.o
$ sudo make install
cp cmd5checkpw /bin/ ; cp cmd5checkpw.8 /usr/man/man8/
$ ls -l /bin/cmd5checkpw
-rwxr-xr-x    1 root     root        33689 Apr 18 15:07 /bin/cmd5checkpw
$ sudo useradd smtpauth
$ sudo chown smtpauth /bin/cmd5checkpw
$ sudo chmod a+s /bin/cmd5checkpw
$ ls -l /bin/cmd5checkpw
-rwsr-sr-x    1 smtpauth root        33689 Apr 18 15:07 /bin/cmd5checkpw
/etc/init.d/qmail C
$ sudo mv /etc/init.d/qmail.dpkg-new /etc/init.d/qmail
$ sudo vi /etc/init.d/qmail
qmail-smtpd N Ă Ƃ
        sh -c "start-stop-daemon --start --quiet --user qmaild \
            --exec /usr/bin/tcpserver -- -R -H \
            -u `id -u qmaild` -g `id -g nobody` -x /etc/tcp.smtp.cdb 0 smtp \
            /usr/sbin/qmail-smtpd \
             h   C     \
            /bin/cmd5checkpw \
            /bin/true 2>&1 | $logger -t qmail -p mail.notice &"
ύX Ă Ȃ ƍċN ɃT T ăV O [ h ŋN H ڂɊׂ B @ ܂ A qmail Ɠ 悤 ɐݒ t @ C ( Debian ̏ꍇ /etc/qmail/* ) Ă ܂ 傤 B @
$ sudo chown smtpauth /etc/poppasswd
$ sudo chmod 400 /etc/poppasswd
ł Ă 炨 ܂ Ȃ
$ sudo tcprules /etc/qmail/tcp.smtp.cdb /etc/qmail/tcp.smtp.tmp < /etc/tcp.smtp

[ U lj X N v g

$ sudo cat /usr/local/bin/reguser
#!/bin/sh

#    [ U ID    4  v f ō쐬
#    ŗL L [ ( O   ŋK   $1  ɓ   
#    쐬 N   (    
#    쐬     (  
#    J E   ^ [(   񌅁A   邮     $COUNT  ŗ  p

#  z [   f B   N g   ͍쐬   邪   O C   ł  Ȃ  悤 ɂ    pop  A J E   g    ۑ     (   ̃X N   v g   ɂ͋L q Ȃ )

NEWPASSWD=$(/usr/local/bin/genpasswd)
SMTPAUTHPASS=/etc/poppasswd
COUNTERDATAFILE=/var/log/counterdata

COUNT=$(/bin/cat $COUNTERDATAFILE)
NEWCOUNT=$(( COUNT + 1 ))
echo $NEWCOUNT | /usr/bin/tail -c 3 > $COUNTERDATAFILE

USERNAME=$1$(/bin/date +%y%m)$(echo '00'$NEWCOUNT | /usr/bin/tail -c 3)
/usr/sbin/useradd -s /bin/false -m -k /etc/skel -d /home/$USERNAME $USERNAME

/bin/echo "$USERNAME:$NEWPASSWD" >> $SMTPAUTHPASS
SMTP AUTH 낤 I ( 2 )
Memorandum about Linux and Network | ق ̃W Ă݂ | T C g } b v

Ɛ

beacon

(SHIBATA Akira) , { T C g p ̍ۂɋN 邩 Ȃ s v ɑ΂ , ؐӔC 𕉂 ܂ .