¿À´Â 2006³â 9¿ù 28ÀϺÎÅÍ Á¤º¸Åë½ÅºÎ »êÇÏ Çѱ¹Á¤º¸º¸È£ ÁøÈï¿ø(KISA)°ú ±¹³» ÁÖ¿ä 10´ë Æ÷Å»ÀÌ °øµ¿À¸·Î Âü¿©ÇÏ´Â ÅëÇÕ White Domain µî·ÏÁ¦ ¾È³»¸¦ À§ÇØ ¸ÞÀϵ帳´Ï´Ù.
ÅëÇÕ White Domain µî·ÏÁ¦´Â Á¤»ó ¸ÞÀÏ ¼¹ö°¡ ½ºÆÔ ¹ß¼Û ¼¹ö·Î ¿ÀÀÎµÇ¾î ¸ÞÀÏÀü¼Û¿¡ Á¦ÇÑÀ» ¹Þ´Â °ÍÀ» ÃÖ¼ÒÈÇÏ°í °¢ Æ÷Å» º°·Î white ip¸¦ µî·ÏÇÏ´Â ¹ø°Å·Î¿òÀ» ÁÙÀ̱â À§ÇØ ¸¶·ÃµÈ Á¦µµÀÔ´Ï´Ù.
White Domain¿¡ µî·ÏÀÌ µÇ¸é, 1) ÅëÇÕ White Domain Çѹø µî·ÏÀ¸·Î 10°³ Æ÷Å»¿¡ µ¿½Ã Àû¿ëµÇ¸ç, 2) Çѹø µî·ÏÀ¸·Î ±¹³» 10´ë ÁÖ¿ä Æ÷Å»·ÎÀÇ Á¤»óÀûÀÎ ´ë·® ¸ÞÀÏ Àü¼ÛÀÌ º¸ÀåµÇ´Â ÇýÅÃÀÌ ÀÖ½À´Ï´Ù.
ÅëÇÕ µî·ÏÁ¦ ½ÃÇà¿¡ µû¶ó 9¿ù 28ÀÏ ÀÌÈÄ °¢ Æ÷Å»º° white ip µî·Ï ¹× ¿î¿µÀÌ ÁߴܵǿÀ´Ï, ÁÖ¿ä Æ÷Å»·Î ¸ÞÀÏÀ» ¾ÈÁ¤ÀûÀ¸·Î ¹ß¼ÛÇÏ½Ç ¼ö ÀÖµµ·Ï ¾Æ·¡ ³»¿ëÀÇ Áؼö¸¦ ºÎŹµå¸³´Ï´Ù |
1. ½ÃÇàÀÏÁ¤ - °¢Æ÷Å»»ç¿¡¼ ±âÁ¸¿¡ ½ÃÇàÇÏ´ø IP½Ç¸íÁ¦µîÀ» ÅëÇØ white ip¸¦ µî·ÏÇϼ̾ 9¿ù 27ÀϱîÁö ²À ÅëÇÕ White Domain¿¡ º°µµ·Î µî·ÏÇÏ¼Å¾ß ÇÕ´Ï´Ù.
2. White Domain µî·Ï¿ä°Ç ¹× ¹æ¹ý - ´ë»ó : À̸ÞÀÏ ¹ß¼Û µµ¸ÞÀÎÀ» °¡Áø ±¹³» ¸ðµç ±â°ü/¾÷ü ¹× °³ÀÎ. - µî·Ï¹æ¹ý : KISA-RBL ȨÆäÀÌÁö¸¦ ÅëÇØ ¿Â¶óÀÎ µî·Ï. |
|
- ±âŸ ÅëÇÕ White Domain µî·ÏÁ¦ ½ÃÇà¿¡ °üÇÑ º¸´Ù ÀÚ¼¼ÇÑ ³»¿ëÀº KISA-RBL ȨÆäÀÌÁö ( www.kisarbl.or.kr )¸¦ ÂüÁ¶ÇÏ¿© Áֽñ⠹ٶø´Ï´Ù.
3. SPF Record ÃâÆÇ - White Domain À» µî·ÏÇϱâ À§Çؼ´Â ¸ÞÀÏ ¼¹ö µî·ÏÁ¦(SPF : Sender Policy Framework)¿¡ µû¸¥ Á¤º¸(Record)¸¦ ³×ÀÓ¼¹ö»ó¿¡¼ ¼³Á¤, ÃâÆÇÇØÁÖ¾î¾ß ÇÕ´Ï´Ù. SPF Record ÃâÆÇ¿¡ ´ëÇؼ´Â ¾Æ·¡ÀÇ ³»¿ëÀ» Âü°íÇϽñ⠹ٶø´Ï´Ù.
| |
1-SPF ·¹ÄÚµå ÀÛ¼º
SPF ·¹ÄÚµå´Â DNS ¼¹öÀÇ Á¸(Zone) ÆÄÀÏ TXT RR(Resource Record)¿¡ ¼³Ä¡µÇ¾î ÀÚ»çÀÇ ¸ÞÀÏÁ¤Ã¥À» ¿ÜºÎ¿¡ ¾Ë¸®´Â ¿ªÇÒÀ» ÇÑ´Ù. ¹ß½Å µµ¸ÞÀÎÀÇ ¸ÞÀÏÁ¤Ã¥À» ³ªÅ¸³»´Â ÀÌ ·¹ÄÚµå´Â ¸ÞÀϼö½Å Ãʱâ´Ü°è¿¡¼ DNS Äõ¸®¸¦ ÅëÇØ ¾ò¾îÁö¸ç À̶§ ¾ò¾îÁø ¹ß½Åµµ¸ÞÀÎÀÇ ¸ÞÀÏÁ¤Ã¥¿¡ ÀÇ°ÅÇÏ¿© 󸮵ȴÙ.
À̶§ ¹ß½ÅÁö µµ¸ÞÀο¡¼ ÀÚ½ÅÀÇ µµ¸ÞÀο¡¼ ¹ß¼ÛµÇÁö ¾ÊÀº ¸ÞÀÏÀÇ °ÅºÎÁ¤Ã¥À» Ç¥¸íÇÏ¿´´Ù¸é ¹ß¼Ûµµ¸ÞÀÎ ÀÌ¿ÜÀÇ Àå¼Ò¿¡¼ ¹ß¼ÛµÈ À§Á¶µÈ ¸ÞÀÏÀº ¼ö½Åµµ¸ÞÀο¡ Àü¼ÛµÇÁö ¾Ê°í ¼ö½ÅÀÌ °ÅºÎµÈ´Ù.
http://www.kisarbl.or.kr/ ¿¡¼ SPF µî·Ïµµ¿ì¹Ì¸¦ ÀÌ¿ëÇϸé ZONE¿¡ ¼³Á¤À» ÇÒ¼ö ÀÖ´Â °ªÀ» ¾Ë·ÁÁØ´Ù.
ex) -µµ¸ÞÀθí -¼¹ö¾ÆÀÌÇÇ
1-¿¹)kisarbl.or.kr. IN TXT "v=spf1 ip4:61.251.112.142 -all"
ÀǹÌ: À§ ¸ÞÀϹ߼ÛIP¸¦ À§Á¶ÇÏ¿© º¸³»¿Â ¸ÞÀÏÀº ¼ö½ÅÀÚÀÇ ¸ÞÀϼ¹ö¿¡¼ drop½ÃÄѶó
2-¿¹)kisarbl.or.kr. IN TXT "v=spf1 ip4:61.251.112.142 ~all"
ÀǹÌ: À§ ¸ÞÀϹ߼ÛIP¸¦ À§Á¶ÇÏ¿© º¸³»¿Â ¸ÞÀÏÀº ¼ö½ÅÀÚÀÇ ¸ÞÀϼ¹öÀÇ Á¤Ã¥¿¡ µû¶ó ÆÇ´ÜÇ϶ó
SPF ·¹Äڵ尡 ÀÚ»çÀÇ ¸ÞÀÏÁ¤Ã¥À» ¿ÜºÎ¿¡ ¾Ë¸®´Â ¿ªÇÒÀ» Çϴµ¥ ¹ÝÇÏ¿© SPF È®ÀÎ ÀåÄ¡´Â ¸ÞÀÏ ¼ö½ÅºÎÀÇ MTA1(Mail Transfer Agent)¿¡ ¼³Ä¡µÇ¾î ÀÚ½ÅÀÇ µµ¸ÞÀο¡ ¼ö½ÅµÈ ¸ÞÀÏ¿¡ ´ëÇÏ¿© ¼Û½Åµµ¸ÞÀÎÀÇ Á¤Ã¥¿¡ ÀÇ°ÅÇÏ¿© ¼ö½ÅµÈ ¸ÞÀÏÀ» ó¸®ÇÑ´Ù. À̶§ SPF ·¹ÄÚµåÀÇ Ã³¸®´Â ³»¿ëºÐ¼®(Content
Filtering) Àü ´Ü°è¿¡¼ ½Ç½ÃÇÏ¿© ¸ÞÀÏÁ¤Ã¥¿¡ À§¹èµÇ´Â ¸ÞÀÏÀ» SMTP2 data°¡ Àü¼ÛµÇ±â Àü Ä¿³Ø¼Ç
´Ü°è¿¡¼ Â÷´ÜÇÔÀÌ °¡Àå °æÁ¦ÀûÀÎ ¹æ¹ýÀÌ´Ù. SPF3¸¦ Àû¿ëÇϱâ À§Çؼ´Â SendmailÀÇ °æ¿ì ¹öÀü
8.12ÀÌ»óÀÌ¸ç ¹ÐÅÍ(milter) ±â´ÉÀÌ ÄÄÆÄÀÏ(compile) µÇ¾îÀÖ¾î¾ß ÇÑ´Ù. Âü°í·Î Sendmail ¹öÀü 8.13ÀÌ»óÀº ¹ÐÅÍ ±â´ÉÀÌ ±âº»À¸·Î ÄÄÆÄÀÏ µÇµµ·Ï µÇ¾îÀÖ´Ù. PostfixÀÇ ¹öÀü 2.1 ÀÌ»óÀÏ °æ¿ì SPF ÆÐÄ¡¸¦ ¼³Ä¡Çϰųª °ø½Ä SPF »çÀÌÆ®ÀÎ spf.pobox.com¿¡¼ Á¦°øÇÏ´Â Policy DaemonÀ» ¼³Ä¡ÇÏ¿©
SPF ±â´ÉÀ» »ç¿ëÇÒ ¼ö ÀÖ´Ù. À̵é Áß ÀÚ»çÀÇ ¸ÞÀϼ¹öÀÇ »ý»ê¼º¿¡ °¡Àå ÀûÀº ¿µÇâÀ» ¹ÌÄ¡´Â ¹æ¹ýÀº ¸ÞÀϼ¹ö ¾Õ¿¡ À§Ä¡ÇÑ ½ºÆÔ¼Ö·ç¼Ç¿¡¼ SPF Å×½ºÆ®¸¦ ½Ç½ÃÇÏ´Â °ÍÀ̳ª ÀÌ´Â ÇØ´ç µµ¸ÞÀο¡¼
»ç¿ëÇÏ´Â ½ºÆÔ¼Ö·ç¼Ç¿¡ SPF È®Àαâ´ÉÀÌ ÀÖ¾î¾ß ÇÑ´Ù.
qmail ¿¡ °üÇÑ ³»¿ë¸¸ Æ÷ÇÔ ±âŸ ´Ù¸¥ ¸ÞÀϼ¹ö´Â (http://www.spamcop.or.kr/kisa/spam/jsp/spam_data_view.jsp?g_id=spam&cgubun=&keyField=title&gid=spam&b_gubun=03&cpage=1&page=1&dno=1&d_no=1&r_no=0&keyWord=)
È®ÀÎ ÇÊ¿ä
Qmail
1)´Ù¿î·Îµå qmail SPF ÆÐÄ¡
http://www.saout.de/misc/spf/¿¡¼ qmail-1.03¿ë (qmail-spf-rc5.patch)ÆÐÄ¡ ÆÄÀÏÀ» ´Ù¿î¹Þ´Â´Ù.
2)´Ù¿î¹ÞÀº ÆÐÄ¡ÆÄÀÏÀ» ¼³Ä¡ÇÑ´Ù.
¿¹) patch -p1 </path/to/qmail-spt-rc5.patch
3)SPF º¯¼ö ¼³Á¤
/var/qmail/control¿¡ À§Ä¡ÇÑ È¯°æº¯¼ö¸¦ ¼³Á¤ÇÑ´Ù.
spfbehavior º¯¼ö
0: SPFÈ®ÀÎ ÇÏÁö ¾ÊÀ½ , SPF-Received Çì´õ Ãß°¡ÇÏÁö ¾ÊÀ½
1: SPF-Received Çì´õ¸¸ Ãß°¡, ¸ÞÀϰźαâ´É »ç¿ëÇÏÁö ¾ÊÀ½
2: DNS ÂüÁ¶¿¡·¯¹ß»ý½Ã Temperr »ç¿ë
3: ¡°fail¡± ÆÇÁ¤¸ÞÀϰźÎ
4: ¡°Softfail¡± ÆÇÁ¤¸ÞÀϰźÎ
5: ¡°neutral¡± ÆÇÁ¤¸ÞÀϰźÎ
6: ¡°pass¡±ÀÌ¿ÜÀÇ ¸ðµç ÆÇÁ¤°ª°ÅºÎ