Sender Policy Framework (SPF) is a relatively new method of fighting spam. As more time passes, this protocol will be used as one of the standard methods of fighting spam on the internet. Essentially, an SPF record is a type TXT record placed into a domain’s DNS zone. The string placed within the TXT record specifies a list of authorized host names/IP addresses that mail can originate from for a given domain name. Once this entry is placed within the DNS zone, no further configuration is necessary to take advantage of servers that incorporate SPF checking into their anti-spam systems. These are added the same way as a regular A, MX, or CNAME record would be.
A typical example TXT record for SPF looks like this:
serverbuddies.com. IN TXT v=spf1 a:mail.serverbuddies.com ~all
serverbuddies.com. IN TXT “v=spf1 a mx ~all”
source for this information can be found here: http://www.openspf.org/SPF_Record_Syntax
SPF Record Testing Tools
http://www.kitterman.com/spf/validate.html
SELinux Policy for Your Parallels Plesk Panel Server
To configure SELinux you need to know the rules that should be added into the system policy.
SELinux reports all denied messages into the /var/log/audit/audit.log file and these messages can be easily converted into the rules using the /usr/bin/audit2allow utility.
cat /var/log/messages | /usr/bin/audit2allow
Also, /var/log/messages.* files can be examined for the SELinux deny messages.
Security - Install And Configure Advanced Policy Firewall (APF) On CentOS
From Advanced Policy Firewall’s website:
“Advanced Policy Firewall (APF) is an IPTables(Netfilter) based firewall system designed around the essential needs of today’s Linux servers. The configuration is designed to be very informative and easy to follow. The management on a day-to-day basis is conducted from the command line with the ‘apf’ command, which includes detailed usage information on all the features.”
Installation
Downloading and extracting.
wget http://www.rfxn.com/downloads/apf-current.tar.gz
tar -zxvf http://www.rfxn.com/downloads/apf-current.tar.gz
cd apf-9.7-1
and Run:
APF will display locations of it’s executable and configuration files as well as ports detected as being used.
Configuration
APF’s basic configuration file is /etc/apf/conf.apf
By default everything is locked and You have to configure APF to open ports You need to use.
DEVEL_MODE=”1″ - be sure to set this option to 1 until You’re satisfied with the settings.
SET_MONOKERN=”0″ - APF supports monolithic kernels.
IFACE_IN=”eth0″ and IFACE_OUT=”eth0″ - untrusted interfaces connected to the network, mostly the Internet.
Testing
Start APF:
We can use the following parameters:
-s - start APF
-r - restart APF
-f - stop APF
-l - list statistics
-st - status of APF
-a host - allow connections from “host”
-d host - deny connections from “host”
Advanced Policy Firewall - http://www.rfxn.com/projects/advanced-policy-firewall
