1.安裝clamav
官方下載地址:http://www.clamav.net/stable.php#pagestart
wget http://easynews.dl.sourceforge.net/sourceforge/clamav/clamav-0.88.4.tar.gz
增加clamav所需用戶和組:?
groupadd clamav
useradd -g clamav -s/bin/false -d/dev/null clamav
解壓安裝:
tar zxvf clamav-0.88.4.tar.gz
cd clamav-0.88.4
./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
make
make check
make install?
修改配置文件:
vi /usr/local/clamav/etc/clamd.conf
LogSyslog
LogVerbose
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd
StreamMaxLength 10M
User amavis
ScanMail
ScanArchive
ScanRAR
注:要用“#”注釋文件中Example這行
修改病毒更新配置文件:
vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseOwner amavis
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd
注:要用“#”注釋文件中Example這行
添加amavis用戶和組,配合amavisd使用
groupadd amavis
useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis
創建日志文件夾并設置權限
mkdir /var/log/clamav
chmod -R 744 /var/log/clamav
chown -R amavis:amavis /var/log/clamav
chown -R amavis.amavis /usr/local/share/clamav
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown amavis.amavis /var/run/clamav
手動更新病毒庫
/usr/local/clamav/bin/freshclam
設置自動更新病毒庫
crontab -e
0 4 * * * root /usr/local/clamav/bin/freshclam --quiet -l /var/log/clamd.log
啟動|停止
# /usr/local/clamav/sbin/clamd start|stop
2.安裝amavisd
官方下載地址:http://www.ijs.si/software/amavisd/#download
wget http://www.ijs.si/software/amavisd/amavisd-new-2.4.3.tar.gz
?
升級file,可以通過file -v看一下版本,要求4.06版本以上
wget ftp://ftp.astron.com/pub/file/file-4.17.tar.gz
?
安裝以下文件,這些都是安裝amavisd需要的?
perl -MCPAN -e shell
cpan>install Archive::Tar??
cpan>install Archive::Zip??
cpan>install Compress::Zlib
cpan>install Convert::UUlib
cpan>install MIME::Base64??
cpan>install Mail::Internet
cpan>install Net::Server???
cpan>install Net::SMTP?????
cpan>install Digest::MD5??
cpan>install IO::Stringy???
cpan>install Time::HiRes??
cpan>install Unix::Syslog??
cpan>install BerkeleyDB
cpan>install Convert::TNEF
cpan>install MIME::Parser
cpan>install MIME::Tools????
注:如果使用上述方法不能安裝某些模塊時,就去: http://search.cpan.org/ 搜索相應模塊安裝.
perl模塊安裝方法:
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/Digest-MD5-2.36.tar.gz
tar zxvf Digest-MD5-2.36
cd Digest-MD5-2.36
perl Makefile.pl
make
make test
make install
升級perl到最新版本,至少5.8.2以上版本
wget http://www.perl.com/CPAN/src/stable.tar.gz
tar zvxf stable.tar.gz
cd perl-5.8.8
./configure.gnu --prefix=/usr -Dpager="/bin/less -isR"
make
make test?? 測試一下,沒問題后再install
make install
注意升級perl的話,可能會造成系統的其他perl應用不正常,請慎重升級,一般redhat9.0默認的5.8.0應該也沒問題
?
mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home
?
chown -R amavis:amavis /var/amavis
chmod -R 750 /var/amavis
?
cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755? /usr/local/sbin/amavisd
?
cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644? /etc/amavisd.conf
?
mkdir /var/virusmails
chown amavis:amavis /var/virusmails
chmod 750 /var/virusmails
#=====================================
?
修改 /etc/amavisd.conf?
$mydomain = 'example.com';??? ??? ??? ???
$myhostname= 'mail.example.com';? ?
$virus_admin?????????????? = "postmaster\@$mydomain";? # notifications recip.
$mailfrom_notify_admin???? = "postmaster\@$mydomain";? # notifications sender
$mailfrom_notify_recip???? = "postmaster\@$mydomain";? # notifications sender
$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
$max_servers = 10;
$sa_spam_subject_tag = '[垃圾郵件] ';
@local_domains_maps = qw(.);
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 5.0;
并增加如下參數(默認amavisd.conf沒有):
$sa_spam_modifies_subj = 0; # don't modify subject
$remove_existing_x_scanned_headers= 1; # remove existing headers
$remove_existing_spam_headers = 1;
注:$sa_spam_modifies_subj = 1;則代表修改郵件主題。
加入對Clamav 的支持:
# ### http://www.clamav.net/
?['ClamAV-clamd',
?? \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
?? qr/\bOK$/, qr/\bFOUND$/,
?? qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
在110行左右,修改投遞/攔截的方法:
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS;
注意上述4個設置中,對spam(垃圾郵件)默認會直接反彈(BOUNCE),現在修改為繼續投遞(PASS)但在信頭中增加相關X-Spam-
Status信息等。這樣可以很方便的在extmail中設置將被標記為垃圾郵件的mail投遞到“垃圾郵件箱”中,便于用戶翻查,這樣就避免誤判垃圾郵件而引起的損失。
=====================================
3.安裝SpamAssassin
perl -MCPAN -e shell
cpan>install Digest::SHA1
cpan>install HTML::Parser
cpan>install Net::DNS
cpan>install Mail::SPF::Query
cpan>install IP::Country
cpan>install Net::Ident
cpan>install IO::Socket::INET6
cpan>install IO::Socket::SSL
cpan>install DBI
cpan>install LWP::UserAgent
cpan>install Mail::SpamAssassin
注:如果使用上述方法不能安裝某些模塊時,就去: http://search.cpan.org/ 搜索相應模塊安裝.
測試amavis
# /usr/local/sbin/amavisd debug
?
啟動停止服務
# /usr/local/sbin/amavisd start|stop
?
4.讓postfix使用amavisd
vi /etc/postfix/main.cf,增加如下內容:
# Content-Filter
content_filter = smtp:[127.0.0.1]:10024
receive_override_options = no_address_mappings
注意:receive_override_options 這里必須增加,禁止地址展開/影射,否則如果遇到別名的時候會引起冗余郵件的產生。
vi /etc/postfix/master.cf,增加如下內容:
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o receive_override_options=
保存后/etc/init.d/postfix restart|reload
#============================================
?
5. 測試測試Clamav
輸入如下命令(藍色字代表命令行輸入): 每輸入一行后等待1秒左右:
telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.extmail.org ESMTP Postfix - by extmail.org
mail from:<test@example.com>
250 2.1.0 Ok
rcpt to:<test@example.com>
250 2.1.5 Ok
data
354 End data with .
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
.
250 2.0.0 Ok: queued as BC24E85260
quit
221 2.0.0 Bye
Connection closed by foreign host.
tail -f /var/log/maillog 查看郵件日志,看到有Blocked字樣,并且沒有錯誤信息。表明Clamav+Amavisd-new工作正常。
測試SpamAssassin
輸入如下命令(藍色字代表命令行輸入): 每輸入一行后等待1秒左右:
telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.extmail.org ESMTP Postfix - by extmail.org
mail from:<test@example.com>
250 2.1.0 Ok
rcpt to:<test@example.com>
250 2.1.5 Ok
data
354 End data with .
Subject: XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
SpamMail test
.
250 2.0.0 Ok: queued as BC24E85260
quit
221 2.0.0 Bye
Connection closed by foreign host.
tail -f /var/log/maillog 查看郵件日志,看到有amavis[10579]: (10579-06) Passed SPAM字樣,并且沒有錯誤信息。表明SpamAssassin+Amavisd-new工作正常。
參考文檔:
http://blog.5ilinux.com/archives/2006/05/postfixamavisdn.htmlhttp://www.extmail.org/docs/extmail_solution_linux/#authlib
posted on 2006-10-08 15:38
想飛的魚 閱讀(1254)
評論(0) 編輯 收藏 所屬分類:
linux