Postfix + Clamav + Amavisd-new 在 Red Hat Linux 9 上
linux-dash
A beautiful web dashboard for Linux
项目地址:https://gitcode.com/gh_mirrors/li/linux-dash
免费下载资源
·
Postfix + Clamav + Amavisd-new 在 Red Hat Linux 9 上的安装
出处:疯狂老头的博客 作者:疯狂老头 时间:2006-9-5 23:25:00
出处:疯狂老头的博客 作者:疯狂老头 时间:2006-9-5 23:25:00
Amavisd-new是邮件代理伺服器(MTA)和防毒软件之间的中介程式,搭配其他病毒扫描软件,如Clam Antivirus、Sophos Sweep等,就可以让邮件伺服器过滤含有病毒的邮件。
这套软件的安装比较复杂,因为防毒的需要,涉及到其他很多的模块,类似Rar 、Zip等等,在装Amavisd-new前一定要装好它们;
需要的模块分为两部份,下面分别列出。
一、外部的程式
compress,
nomarch (or arc),
arj (or unarj),
rar (or unrar),
zoo,
freeze (or unfreeze or melt),
nomarch (or arc),
arj (or unarj),
rar (or unrar),
zoo,
freeze (or unfreeze or melt),
在安装这些模块之前,可以用rpm -ihv来查询一下,你的Linux下面有没有自帶的,如果有,那最好不过了,可以跳过它来安装接下来模块。
如果没有,可以到这个网址上面去下载它的rpm包,网址: http://dag.wieers.com/pack...,下载之后,直接安装它。也可以直接到它们自己的官方网站上下载。
因为compress没有rpm包,只能下载它的tar ball安装档案,所以跟其他的套件的安装方式不同,这里对它进行说明一下:
如果没有,可以到这个网址上面去下载它的rpm包,网址: http://dag.wieers.com/pack...,下载之后,直接安装它。也可以直接到它们自己的官方网站上下载。
因为compress没有rpm包,只能下载它的tar ball安装档案,所以跟其他的套件的安装方式不同,这里对它进行说明一下:
# wget
ftp://ftp.warwick.ac.uk/pu...
解压缩到/usr/local/src/compress(你也可以把它解压到你想要的目录里面或者你的~目录里,由你自己选择,这里以 /usr/local/src/compress 为例,没有什么特别的用意,纯属个人喜欢问题)
# mkdir /usr/local/src/compress
# tar -zxvf compress-4.0.1.tar.gz -C /usr/local/src/compress
# cd /usr/local/src/compress
# make
# make install
# tar -zxvf compress-4.0.1.tar.gz -C /usr/local/src/compress
# cd /usr/local/src/compress
# make
# make install
Ok安装完成。
假设你把以上所需套件都安装全了,我们接着往下进行Clamav相关套件的安装。
假设你把以上所需套件都安装全了,我们接着往下进行Clamav相关套件的安装。
二、Clamav的安装
安装clamav-0.88.tar.gz
安装clamav-0.88.tar.gz
http://www.clamav.net/
# /usr/sbin/groupadd clamav
# /usr/sbin/adduser -s /bin/false -c "Amavis User" -d /var/amavis amavis
# /usr/sbin/useradd -g clamav -s/bin/false -d/dev/null clamav
# wget http://nchc.dl.sourceforge...
# tar zxvf clamav-0.88.tar.gz
# cd clamav-0.88
# ./configure
# make
# make install
# /usr/sbin/groupadd clamav
# /usr/sbin/adduser -s /bin/false -c "Amavis User" -d /var/amavis amavis
# /usr/sbin/useradd -g clamav -s/bin/false -d/dev/null clamav
# wget http://nchc.dl.sourceforge...
# tar zxvf clamav-0.88.tar.gz
# cd clamav-0.88
# ./configure
# make
# make install
# mkdir /var/log/clamav
# chown –c clamav /var/log/clamav
# chgrp –c clamav /var/log/clamav
# chown –c clamav /var/log/clamav
# chgrp –c clamav /var/log/clamav
# vi /usr/local/etc/clamd.conf
========================================================
#Example 注释掉Example行
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 1M
LogVerbose
LogTime
LocalSocket /tmp/clamav.socket
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
MaxDirectoryRecursion 15
User amavis
ScanMail
ScanArchive
ClamukoMaxFileSize 6M
ArchiveMaxFileSize 10M
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000
========================================================
#Example 注释掉Example行
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 1M
LogVerbose
LogTime
LocalSocket /tmp/clamav.socket
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
MaxDirectoryRecursion 15
User amavis
ScanMail
ScanArchive
ClamukoMaxFileSize 6M
ArchiveMaxFileSize 10M
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000
========================================================
# /usr/local/sbin/clamd ##启动 clamd 程序
编辑/usr/local/etc/freshclam.conf
# vi /usr/local/etc/freshclam.conf
========================================================
#Example 注释掉Example行
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/clamav-update.log
LogSyslog
LogVerbose
DatabaseOwner amavis
#Check for updates every two hours. That is the official recommendation
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd
========================================================
#Example 注释掉Example行
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/clamav-update.log
LogSyslog
LogVerbose
DatabaseOwner amavis
#Check for updates every two hours. That is the official recommendation
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd
========================================================
# chown –c amavis /var/log/clamav
# chown –c amavis /usr/local/share/clamav
# chown –c amavis /usr/local/share/clamav
# /usr/local/bin/freshclam ## 执行 Clamavs病毒库升级
3. 建立clamd的启动脚本:
# vi /etc/init.d/clamd
# vi /etc/init.d/clamd
========================================================
#! /bin/bash
#
# crond Start/Stop the clam antivirus daemon.
#
# chkconfig: 2345 90 60
# description: clamdis a standard UNIX program that scans for Viruses.
# processname: clamd
# config: /usr/local/etc/clamd.conf
# pidfile: /var/run/clamav/clamd.pid
#! /bin/bash
#
# crond Start/Stop the clam antivirus daemon.
#
# chkconfig: 2345 90 60
# description: clamdis a standard UNIX program that scans for Viruses.
# processname: clamd
# config: /usr/local/etc/clamd.conf
# pidfile: /var/run/clamav/clamd.pid
# Source function library.
. /etc/init.d/functions
. /etc/init.d/functions
RETVAL=0
# See how we were called.
prog="clamd"
progdir="/usr/local/sbin"
progdir="/usr/local/sbin"
# Source configuration
if [ -f /etc/sysconfig/$prog ] ; then
. /etc/sysconfig/$prog
fi
if [ -f /etc/sysconfig/$prog ] ; then
. /etc/sysconfig/$prog
fi
start() {
echo -n $"Starting $prog: "
daemon $progdir/$prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/run/clamav/clamd.pid
return $RETVAL
}
echo -n $"Starting $prog: "
daemon $progdir/$prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/run/clamav/clamd.pid
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/run/clamav/clamd.pid
return $RETVAL
}
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/run/clamav/clamd.pid
return $RETVAL
}
rhstatus() {
status clamd
}
status clamd
}
restart() {
stop
start
}
stop
start
}
reload() {
echo -n $"Reloading clam daemon configuration: "
killproc clamd -HUP
retval=$?
echo
return $RETVAL
}
echo -n $"Reloading clam daemon configuration: "
killproc clamd -HUP
retval=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
status)
rhstatus
;;
condrestart)
[ -f /var/lock/subsys/clamd ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
exit 1
esac
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
status)
rhstatus
;;
condrestart)
[ -f /var/lock/subsys/clamd ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
exit 1
esac
exit 0
========================================================
设置 clamav 为自启动项
========================================================
设置 clamav 为自启动项
# chmod 755 /etc/init.d/clamd
# /sbin/chkconfig --add clamd
# /sbin/chkconfig clamd on
# /sbin/chkconfig --add clamd
# /sbin/chkconfig clamd on
# clamscan -r test 对 test 文件夹进行病毒扫描
三、Perl相关套件的安装
Amavisd-new对Perl的依赖程度相当高,因为它本身大部份都是用Perl写成的包括它的执行档,透过它所需要的Perl模组就可以很清楚地知道了。
官方网站列出它所需的Perl模组,如下:
Archive::Tar (Archive-Tar-x.xx)
Archive::Zip (Archive-Zip-x.xx) (1.14 or later should be used!)
Compress::Zlib (Compress-Zlib-x.xx)
Convert::TNEF (Convert-TNEF-x.xx)
Convert::UUlib (Convert-UUlib-x.xxx) (stick to the new versions!)
MIME::Base64 (MIME-Base64-x.xx)
MIME::Parser (MIME-Tools-x.xxxx) (latest version from CPAN - currently 5.415)
Mail::Internet (MailTools-1.58 or later have workarounds for Perl 5.8.0 bugs)
Net::Server (Net-Server-x.xx)
Net::SMTP (libnet-x.xx) (use libnet-1.16 or latter for performance)
Digest::MD5 (Digest-MD5-x.xx)
IO::Stringy (IO-stringy-x.xxx)
Time::HiRes (Time-HiRes-x.xx) (use 1.49 or later, some older cause problems)
Unix::Syslog (Unix-Syslog-x.xxx)
BerkeleyDB with bdb library 3.2 or later (4.2 or later preferred)
这些是基本的模组,也就是说安装Amavisd-new前必需安装以下的Perl模组,少一个都不行。
我们可以透过Perl的CPAN方式来进行安装,先在终端机视窗里执行下面这条指令。
Amavisd-new对Perl的依赖程度相当高,因为它本身大部份都是用Perl写成的包括它的执行档,透过它所需要的Perl模组就可以很清楚地知道了。
官方网站列出它所需的Perl模组,如下:
Archive::Tar (Archive-Tar-x.xx)
Archive::Zip (Archive-Zip-x.xx) (1.14 or later should be used!)
Compress::Zlib (Compress-Zlib-x.xx)
Convert::TNEF (Convert-TNEF-x.xx)
Convert::UUlib (Convert-UUlib-x.xxx) (stick to the new versions!)
MIME::Base64 (MIME-Base64-x.xx)
MIME::Parser (MIME-Tools-x.xxxx) (latest version from CPAN - currently 5.415)
Mail::Internet (MailTools-1.58 or later have workarounds for Perl 5.8.0 bugs)
Net::Server (Net-Server-x.xx)
Net::SMTP (libnet-x.xx) (use libnet-1.16 or latter for performance)
Digest::MD5 (Digest-MD5-x.xx)
IO::Stringy (IO-stringy-x.xxx)
Time::HiRes (Time-HiRes-x.xx) (use 1.49 or later, some older cause problems)
Unix::Syslog (Unix-Syslog-x.xxx)
BerkeleyDB with bdb library 3.2 or later (4.2 or later preferred)
这些是基本的模组,也就是说安装Amavisd-new前必需安装以下的Perl模组,少一个都不行。
我们可以透过Perl的CPAN方式来进行安装,先在终端机视窗里执行下面这条指令。
( 以下两个源文件安装包至关重要 !!!)
# wget http://search.cpan.org/CPA...
# tar zxvf Digest-MD5-2.33.tar.gz
# cd Digest-MD5-2.33
# export LC_ALL=C
# echo ${LC_ALL}
C
# perl Makefile.PL
# make
# make install
# wget http://search.cpan.org/CPA...
# tar zxvf Digest-MD5-2.33.tar.gz
# cd Digest-MD5-2.33
# export LC_ALL=C
# echo ${LC_ALL}
C
# perl Makefile.PL
# make
# make install
# wget
http://search.cpan.org/CPA...
# tar zxvf Time-HiRes-1.82.tar.gz
# cd Time-HiRes-1.82
# perl Makefile.PL
# make
# make install
# tar zxvf Time-HiRes-1.82.tar.gz
# cd Time-HiRes-1.82
# perl Makefile.PL
# make
# make install
# /usr/bin/perl -MCPAN -e shell ## 在安装前确定你的系统语言不是UTF-8
Warning [/etc/inputrc line 11]:
Invalid variable `mark-symlinked-directories'
Warning [/etc/inputrc line 11]:
Invalid variable `mark-symlinked-directories'
cpan shell -- CPAN exploration and modules installation (v1.7601)
ReadLine support enabled
ReadLine support enabled
cpan>
而后安装以上所列出来的模块
而后安装以上所列出来的模块
cpan> install Archive::Tar
cpan> install Archive::Zip
cpan> install Compress::Zlib ( 系统已安装,可忽略 )
cpan> install Convert::TNEF
cpan> install Convert::UUlib
cpan> install MIME::Base64 ( 系统已安装,可忽略 )
cpan> install MIME::Parser ( 系统已安装,可忽略 )
cpan> install Mail::Internet ( 系统已安装,可忽略 )
cpan> install Net::Server
cpan> install Net::SMTP
cpan> install Digest::MD5 ( 系统已安装,可忽略 )
cpan> install IO::Stringy ( 系统已安装,可忽略 )
cpan> install Time::HiRes ( 系统已安装,可忽略 )
cpan> install Unix::Syslog
cpan> install BerkeleyDB
cpan> install Digest::SHA1
cpan> install DBI
cpan> install DB_File
cpan> install Net::DNS
cpan> install IP::Country
cpan> install Archive::Zip
cpan> install Compress::Zlib ( 系统已安装,可忽略 )
cpan> install Convert::TNEF
cpan> install Convert::UUlib
cpan> install MIME::Base64 ( 系统已安装,可忽略 )
cpan> install MIME::Parser ( 系统已安装,可忽略 )
cpan> install Mail::Internet ( 系统已安装,可忽略 )
cpan> install Net::Server
cpan> install Net::SMTP
cpan> install Digest::MD5 ( 系统已安装,可忽略 )
cpan> install IO::Stringy ( 系统已安装,可忽略 )
cpan> install Time::HiRes ( 系统已安装,可忽略 )
cpan> install Unix::Syslog
cpan> install BerkeleyDB
cpan> install Digest::SHA1
cpan> install DBI
cpan> install DB_File
cpan> install Net::DNS
cpan> install IP::Country
============ 可选安装项 ======================
cpan> install Mail::SPF::Query ( NOT OK )
cpan> install Razor2 ( skip )
cpan> install Net::Ident ( NOT OK )
cpan> install IO::Socket::INET6 ( skip )
cpan> install IO::Socket::SSL ( skip )
============ 可选安装项 ======================
cpan> install Mail::SpamAssassin
cpan> exit
cpan> install Mail::SPF::Query ( NOT OK )
cpan> install Razor2 ( skip )
cpan> install Net::Ident ( NOT OK )
cpan> install IO::Socket::INET6 ( skip )
cpan> install IO::Socket::SSL ( skip )
============ 可选安装项 ======================
cpan> install Mail::SpamAssassin
cpan> exit
四、安装与设定Amavisd-new
在安装完需要的套件之后,我们就可以安装Amavisd-new了。
首先在 http://www.ijs.si/software...这里下载最新版的Amavisd-new,我这里用的版本是2.3.3,
所以我下载下来的档案是amavisd-new-2.3.3.tar.gz。
我把它解压到了/usr/local/src/,解压前它自动在/usr/local/src里面创建了一个叫做amavisd-new-2.3.3的文件夹,
所有解压出来的文件都放在里面了。
# tar xzvf amavisd-new-2.3.3.tar.gz
接着在它的家目录里,建立四个子目录,在配置Amavisd-new时需要用到它们:
# mkdir /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home
为了系统与套件的安全性,不能让那些普通用户去读写/var/amavis,需要把/var/amavis设定为只有amavis拥有读写权限,
也就是把/var/amavis的拥有者设为amavis即可,执行如下的命令:
# chown -R amavis:amavis /var/amavis
# chmod -R 750 /var/amavis
假设你现在不在/usr/local/src/amavisd-new-2.3.3下面,我们用下面的命令进到里面去:
# cd /usr/local/src/amavisd-new-2.3.3
把里面的amavisd档案复制到/usr/local/sbin里面
# cp amavisd /usr/local/sbin/
并且为了提高它的安全性,需要设为只有超级管理员才可以读取它,因为这个档案是用Perl写成的,可以用一般的文字编辑器浏览它。
# chown root /usr/local/sbin/amavisd
赋给它可执行的属性
# chmod 755 /usr/local/sbin/amavisd
把Amavisd-new的配置文件amavisd.conf复制到/etc下面,以方便套件在运行时载入它。
# cp amavisd.conf /etc/
把/etc/amavisd.conf的拥有者设为root
# chown root /etc/amavisd.conf
改变它的文件属性
# chmod 644 /etc/amavisd.conf
设置 amavisd 为自启动项
# cp amavisd_init.sh /etc/init.d/amavisd
# chmod 744 /etc/init.d/amavisd
# /sbin/chkconfig --add amavisd
# /sbin/chkconfig amavisd on
# vi /etc/init.d/amavisd
prog="/usr/local/sbin/amavisd"
创建一个文件夹,用于在amavisd扫描到病毒时,把感染病毒的邮件放进去进行隔离;它也可以用来存贮垃圾邮件。
# mkdir /var/virusmails
改变 /var/virusmails的拥有者
# chown amavis:amavis /var/virusmails
改变 /var/virusmails的属性
# chmod 750 /var/virusmails
现在我们现再来编辑amavisd-new的配置文件,用你习惯的文字编辑器打开
# vi /etc/amavisd.conf
======================================================
$max_servers = 8;
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'test.com'; 设置域名
$MYHOME = '/var/amavis';
$TEMPBASE = "$MYHOME/tmp";
$QUARANTINEDIR = '/var/virusmails';
$db_home = "$MYHOME/db";
$helpers_home = "$MYHOME/var";
$pid_file = "$MYHOME/var/amavisd.pid";
$lock_file = "$MYHOME/var/amavisd.lock";
$inet_socket_port = 10024;
$sa_spam_subject_tag = '***SPAM*** ';
$notify_method = $forward_method;
$forward_method = 'smtp:127.0.0.1:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
( D_DISCARD表示丢弃,D_BOUNCE表示后来弹回信息, D_REJECT表示阻止,D_PASS表示允许通过 )
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
=======================================================
在安装完需要的套件之后,我们就可以安装Amavisd-new了。
首先在 http://www.ijs.si/software...这里下载最新版的Amavisd-new,我这里用的版本是2.3.3,
所以我下载下来的档案是amavisd-new-2.3.3.tar.gz。
我把它解压到了/usr/local/src/,解压前它自动在/usr/local/src里面创建了一个叫做amavisd-new-2.3.3的文件夹,
所有解压出来的文件都放在里面了。
# tar xzvf amavisd-new-2.3.3.tar.gz
接着在它的家目录里,建立四个子目录,在配置Amavisd-new时需要用到它们:
# mkdir /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home
为了系统与套件的安全性,不能让那些普通用户去读写/var/amavis,需要把/var/amavis设定为只有amavis拥有读写权限,
也就是把/var/amavis的拥有者设为amavis即可,执行如下的命令:
# chown -R amavis:amavis /var/amavis
# chmod -R 750 /var/amavis
假设你现在不在/usr/local/src/amavisd-new-2.3.3下面,我们用下面的命令进到里面去:
# cd /usr/local/src/amavisd-new-2.3.3
把里面的amavisd档案复制到/usr/local/sbin里面
# cp amavisd /usr/local/sbin/
并且为了提高它的安全性,需要设为只有超级管理员才可以读取它,因为这个档案是用Perl写成的,可以用一般的文字编辑器浏览它。
# chown root /usr/local/sbin/amavisd
赋给它可执行的属性
# chmod 755 /usr/local/sbin/amavisd
把Amavisd-new的配置文件amavisd.conf复制到/etc下面,以方便套件在运行时载入它。
# cp amavisd.conf /etc/
把/etc/amavisd.conf的拥有者设为root
# chown root /etc/amavisd.conf
改变它的文件属性
# chmod 644 /etc/amavisd.conf
设置 amavisd 为自启动项
# cp amavisd_init.sh /etc/init.d/amavisd
# chmod 744 /etc/init.d/amavisd
# /sbin/chkconfig --add amavisd
# /sbin/chkconfig amavisd on
# vi /etc/init.d/amavisd
prog="/usr/local/sbin/amavisd"
创建一个文件夹,用于在amavisd扫描到病毒时,把感染病毒的邮件放进去进行隔离;它也可以用来存贮垃圾邮件。
# mkdir /var/virusmails
改变 /var/virusmails的拥有者
# chown amavis:amavis /var/virusmails
改变 /var/virusmails的属性
# chmod 750 /var/virusmails
现在我们现再来编辑amavisd-new的配置文件,用你习惯的文字编辑器打开
# vi /etc/amavisd.conf
======================================================
$max_servers = 8;
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'test.com'; 设置域名
$MYHOME = '/var/amavis';
$TEMPBASE = "$MYHOME/tmp";
$QUARANTINEDIR = '/var/virusmails';
$db_home = "$MYHOME/db";
$helpers_home = "$MYHOME/var";
$pid_file = "$MYHOME/var/amavisd.pid";
$lock_file = "$MYHOME/var/amavisd.lock";
$inet_socket_port = 10024;
$sa_spam_subject_tag = '***SPAM*** ';
$notify_method = $forward_method;
$forward_method = 'smtp:127.0.0.1:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
( D_DISCARD表示丢弃,D_BOUNCE表示后来弹回信息, D_REJECT表示阻止,D_PASS表示允许通过 )
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
=======================================================
到现在为止,这个程式安装的差不多了,现在可以执行它来看看测试信息。如下面指令:
# /usr/local/sbin/amavisd -u amavis debug
# /usr/local/sbin/amavisd -u amavis debug
Apr 12 20:20:17 mail.js.act-cn.com /usr/sbin/amavisd[3911]: Net::Server: Parent ready for children.
Apr 12 20:20:17 mail.js.act-cn.com /usr/sbin/amavisd[3912]: TIMING [total 113 ms] - bdb-open: 113 (100%), rundown: 0 (0%)
Apr 12 20:20:17 mail.js.act-cn.com /usr/sbin/amavisd[3913]: TIMING [total 96 ms] - bdb-open: 96 (100%), rundown: 0 (0%)
出现以上最后面两句信息时,一般来说表示套件安装成功。
Apr 12 20:20:17 mail.js.act-cn.com /usr/sbin/amavisd[3912]: TIMING [total 113 ms] - bdb-open: 113 (100%), rundown: 0 (0%)
Apr 12 20:20:17 mail.js.act-cn.com /usr/sbin/amavisd[3913]: TIMING [total 96 ms] - bdb-open: 96 (100%), rundown: 0 (0%)
出现以上最后面两句信息时,一般来说表示套件安装成功。
启动 clamd 和 amavis
# /usr/local/sbin/clamd
# /usr/local/sbin/amavisd –u amavis start
# /usr/local/sbin/amavisd –u amavis start
用下面的指令来测试:
#telnet 127 .0.0.1 10024
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
如果你的终端机里面出现以上信息,那你的这个套件就安装成功了。
#telnet 127 .0.0.1 10024
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
如果你的终端机里面出现以上信息,那你的这个套件就安装成功了。
五、配置Postfix与Amavisd-new,实现过滤病毒邮件。
用编辑器打开你postfix的master.cf档案,在最后加入下面的语句,你最好用复制的方法,下面的语句贴到你的master.cf档案里,以减小手动输入时产生的错误,
语句如下:
用编辑器打开你postfix的master.cf档案,在最后加入下面的语句,你最好用复制的方法,下面的语句贴到你的master.cf档案里,以减小手动输入时产生的错误,
语句如下:
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=40
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=40
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
保存配置文件,退出编辑器,而后再编辑postfix的另外一个配置文件main.cf,在里面增加一句指令,这句指令如下:
content_filter=smtp-amavis:[127.0.0.1]:10024
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
保存配置文件,退出编辑器,而后再编辑postfix的另外一个配置文件main.cf,在里面增加一句指令,这句指令如下:
content_filter=smtp-amavis:[127.0.0.1]:10024
重新载入postfix的配置文件
#/etc/init.d/postfix reload.
执行如下的测试指令
#/etc/init.d/postfix reload.
执行如下的测试指令
#telnet 127.0.0.1 10025
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 yourhost.example.com ESMTP Postfix
--> quit
221 Bye
Connection closed by foreign host.
如果出现了上面的信息就表示程式配置成功,可以使用它了。
如果你还想进一步测式看看你的邮件伺服器是否真的会通过amavisd-new来扫描病毒,就需要执行下面的测试。
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 yourhost.example.com ESMTP Postfix
--> quit
221 Bye
Connection closed by foreign host.
如果出现了上面的信息就表示程式配置成功,可以使用它了。
如果你还想进一步测式看看你的邮件伺服器是否真的会通过amavisd-new来扫描病毒,就需要执行下面的测试。
测试病毒扫描
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
如果这个用户能够收到有病度提示的邮件说明病毒过滤已经成功!
邮件病毒扫描日志将被记录在/var/log/clamav/clamav.log中!
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
如果这个用户能够收到有病度提示的邮件说明病毒过滤已经成功!
邮件病毒扫描日志将被记录在/var/log/clamav/clamav.log中!
-> $ telnet 127.0.0.1 10024
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
--> MAIL FROM:
250 2.1.0 Sender test@example.com OK
--> RCPT TO:
250 2.1.5 Recipient postmaster OK
--> DATA
354 End data with .
--> Subject: test1
-->
--> test1
--> .
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
--> MAIL FROM:
250 2.1.0 Sender test@example.com OK
--> RCPT TO:
250 2.1.5 Recipient postmaster OK
--> DATA
354 End data with .
--> Subject: test1
-->
--> test1
--> .
*** 250 2.6.0 Ok, id=31859-01, from MTA: 250 Ok: queued as 90B7F16F
--> MAIL FROM:
250 2.1.0 Sender test@example.com OK
--> RCPT TO:
250 2.1.5 Recipient postmaster OK
--> DATA
354 End data with .
--> Subject: test2 - virus test pattern
-->
--> X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
--> .
250 2.1.0 Sender test@example.com OK
--> RCPT TO:
250 2.1.5 Recipient postmaster OK
--> DATA
354 End data with .
--> Subject: test2 - virus test pattern
-->
--> X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
--> .
you should get one of the following replies (or similar), depending on
the $final_virus_destiny and *virus_lovers* settings in amavisd.conf:
*** 550 5.7.1 Message content rejected, id=16968-01 - VIRUS: EICAR-AV-Test
*** 250 2.5.0 Ok, but 1 BOUNCE
*** 250 2.7.1 Ok, discarded, id=16984-01 - VIRUS: EICAR-AV-Test
*** 250 2.6.0 Ok, id=17041-01, from MTA: 250 Ok: queued as 3F1841A5F5
the $final_virus_destiny and *virus_lovers* settings in amavisd.conf:
*** 550 5.7.1 Message content rejected, id=16968-01 - VIRUS: EICAR-AV-Test
*** 250 2.5.0 Ok, but 1 BOUNCE
*** 250 2.7.1 Ok, discarded, id=16984-01 - VIRUS: EICAR-AV-Test
*** 250 2.6.0 Ok, id=17041-01, from MTA: 250 Ok: queued as 3F1841A5F5
--> QUIT
221 2.0.0 [127.0.0.1] (amavisd) closing transmission channel
Connection closed by foreign host.
如果得到上面的信息,那么恭喜你了,你的病毒扫描程式运行很顺畅。
221 2.0.0 [127.0.0.1] (amavisd) closing transmission channel
Connection closed by foreign host.
如果得到上面的信息,那么恭喜你了,你的病毒扫描程式运行很顺畅。
=============== 给 amavis 打补丁 ========================
# cd /usr/local/src/amavisd-new-2.3.3
# patch -p0 patching file amavisd
patching file amavisd.conf-sample
# cd /usr/local/src/amavisd-new-2.3.3
# patch -p0 patching file amavisd
patching file amavisd.conf-sample
amavisd-new-courier.patch 这个补丁的作用是,stop amavis时关闭uvsan.如果不打补丁,当你amavis stop后,10024没有被释放。
再次启动amavis会提示你有程序正在使用10024端口。
=======================================================================================
再次启动amavis会提示你有程序正在使用10024端口。
=======================================================================================
六、安装Spamassassin 3.0.3
前面装amavis的时候已经装好了,如果没装,请按如下方式安装
# perl -MCPAN -e shell
cpan>; install HTML:Parser
cpan>; install DB_File
cpan>; install Net:DNS (when prompted to enable tests, choose no)
cpan>; install Digest::SHA1
cpan>; install Mail::SpamAssassin
# perl -MCPAN -e shell
cpan>; install HTML:Parser
cpan>; install DB_File
cpan>; install Net:DNS (when prompted to enable tests, choose no)
cpan>; install Digest::SHA1
cpan>; install Mail::SpamAssassin
# vi /etc/mail/spamassassin/local.cf (修改后不用重新启动 SpamAssassin,立即生效)
report_safe 0
use_bayes 1
bayes_path /var/amavisd/.spamassassin/bayes
bayes_auto_learn 1
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# 是否能够进行 DNS 查询。直接设定为 yes 将有效加快 amavis 的启动速度
dns_available yes
# 检查是否为由内部网络所寄出的信件。
# 若是,则永远不判断为垃圾邮件。(评分减 50 分)
# 其中的 example.net 请替换成您的 Domain Name..
header LOCAL_RCVD Received =~ /.*\(\S+\.domain\.com\s+\[.*\]\)/
describe LOCAL_RCVD Received from local machine
score LOCAL_RCVD -50
# 垃圾邮件计分规则
score DCC_CHECK 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score RAZOR2_CHECK 2.500
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
report_safe 0
use_bayes 1
bayes_path /var/amavisd/.spamassassin/bayes
bayes_auto_learn 1
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# 是否能够进行 DNS 查询。直接设定为 yes 将有效加快 amavis 的启动速度
dns_available yes
# 检查是否为由内部网络所寄出的信件。
# 若是,则永远不判断为垃圾邮件。(评分减 50 分)
# 其中的 example.net 请替换成您的 Domain Name..
header LOCAL_RCVD Received =~ /.*\(\S+\.domain\.com\s+\[.*\]\)/
describe LOCAL_RCVD Received from local machine
score LOCAL_RCVD -50
# 垃圾邮件计分规则
score DCC_CHECK 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score RAZOR2_CHECK 2.500
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000
新建文件/var/amavisd/.spamassassin/user_prefs
# touch /var/amavis/.spamassassin/user_prefs
# touch /var/amavis/.spamassassin/user_prefs
检查local.cf语法
# spamassassin --lint
# spamassassin --lint
bayes(计划中)
启动spamd
# /usr/bin/spamd --daemonize --pidfile /var/run/spamd.pid
# /usr/bin/spamd --daemonize --pidfile /var/run/spamd.pid
下载中文垃圾垃圾邮件过滤规则Chinese_rules.cf
# wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/C...
# wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/C...
# ps –ef | grep spamd
察看spamd进程的PID,然后
# kill -HUP PID
察看spamd进程的PID,然后
# kill -HUP PID
#!/bin/sh
#
# Startup / shutdown script for SpamAssassin daemon
#
# Startup / shutdown script for SpamAssassin daemon
case "$1" in
start)
/usr/bin/spamd -d -v -u vpopmail -F 0 && echo -n 'spamd'
;;
start)
/usr/bin/spamd -d -v -u vpopmail -F 0 && echo -n 'spamd'
;;
stop)
spamdpid=`ps -ax | grep spamd | grep -v grep | grep -v sh | awk '{ print $1 }'`
if [ "$spamdpid" != "" ]; then
kill $spamdpid > /dev/null 2>&1
echo -n " spamd"
fi
;;
spamdpid=`ps -ax | grep spamd | grep -v grep | grep -v sh | awk '{ print $1 }'`
if [ "$spamdpid" != "" ]; then
kill $spamdpid > /dev/null 2>&1
echo -n " spamd"
fi
;;
*)
echo "Usage: `basename $0` {start|stop}" >&2
;;
esac
echo "Usage: `basename $0` {start|stop}" >&2
;;
esac
exit 0
自动更新中文垃圾垃圾邮件过滤规则
# vi /etc/crontab (加一行)
0 0 1 * * root wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/C... -HUP `cat /var/run/spamd.pid`
# vi /etc/crontab (加一行)
0 0 1 * * root wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/C... -HUP `cat /var/run/spamd.pid`
测试病毒扫描
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
如果这个用户能够收到有病度提示的邮件说明病毒过滤已经成功!
邮件病毒扫描日志将被记录在/var/log/clamav/clamav.log中!
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
如果这个用户能够收到有病度提示的邮件说明病毒过滤已经成功!
邮件病毒扫描日志将被记录在/var/log/clamav/clamav.log中!
测试垃圾邮件扫描
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
然后查看邮件日志看看,发出的邮件是否被BOUNCE或DISCARD了
使用其他邮件系统用户给该系统的用户发送邮件,包含以下内容:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
然后查看邮件日志看看,发出的邮件是否被BOUNCE或DISCARD了
建立maildrop过滤脚本(如果你使用amavisd-new来对spamassassin进行操作的话,跳过该项)
# vi /etc/maildroprc
if ( $SIZE < 26144 )
{
exception {
xfilter "/usr/bin/spamassassin"
}
}
# vi /etc/maildroprc
if ( $SIZE < 26144 )
{
exception {
xfilter "/usr/bin/spamassassin"
}
}
if (/^X-Spam-Flag: *YES/)
{
exception {
to "$HOME$DEFAULT/.Spam/"
}
}
else
{
exception {
to "$HOME$DEFAULT"
}
}
{
exception {
to "$HOME$DEFAULT/.Spam/"
}
}
else
{
exception {
to "$HOME$DEFAULT"
}
}
<script type=text/javascript charset=utf-8 src="http://static.bshare.cn/b/buttonLite.js#style=-1&uuid=&pophcol=3&lang=zh"></script> <script type=text/javascript charset=utf-8 src="http://static.bshare.cn/b/bshareC0.js"></script>
阅读(1681) | 评论(0) | 转发(0) |
相关热门文章
给主人留下些什么吧!~~
评论热议
GitHub 加速计划 / li / linux-dash
10.39 K
1.2 K
下载
A beautiful web dashboard for Linux
最近提交(Master分支:2 个月前 )
186a802e
added ecosystem file for PM2 4 年前
5def40a3
Add host customization support for the NodeJS version 4 年前
旨在为数千万中国开发者提供一个无缝且高效的云端环境,以支持学习、使用和贡献开源项目。
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)