postfix中编译安装Amavisd-New + Clamav + SpamAssassin

wiflish

浏览: 459472 次
性别:
来自: 深圳

最近访客更多访客>>

Peak_

呵呵呵123

gybing

liaoshuiping

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

linux

Perl .net Socket Linux PHP

1.安装clamav

官方下载地址：http://www.clamav.net/stable.php#pagestart

wget http://easynews.dl.sourceforge.net/sourceforge/clamav/clamav-0.88.4.tar.gz

增加clamav所需用户和组:

groupadd clamav
useradd -g clamav -s/bin/false -d/dev/null clamav

解压安装：
tar zxvf clamav-0.88.4.tar.gz
cd clamav-0.88.4
./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
make
make check
make install

修改配置文件：
vi /usr/local/clamav/etc/clamd.conf

LogSyslog
LogVerbose
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd
StreamMaxLength 10M
User amavis
ScanMail
ScanArchive
ScanRAR
注：要用“#”注释文件中Example这行

修改病毒更新配置文件：
vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseOwner amavis
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd
注：要用“#”注释文件中Example这行

添加amavis用户和组,配合amavisd使用

groupadd amavis
useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis

创建日志文件夹并设置权限
mkdir /var/log/clamav
chmod -R 744 /var/log/clamav
chown -R amavis:amavis /var/log/clamav

chown -R amavis.amavis /usr/local/share/clamav
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown amavis.amavis /var/run/clamav

手动更新病毒库
/usr/local/clamav/bin/freshclam

设置自动更新病毒库
crontab -e
0 4 * * * root /usr/local/clamav/bin/freshclam --quiet -l /var/log/clamd.log

启动|停止
# /usr/local/clamav/sbin/clamd start|stop

2.安装amavisd

官方下载地址：http://www.ijs.si/software/amavisd/#download
wget http://www.ijs.si/software/amavisd/amavisd-new-2.4.3.tar.gz

升级file，可以通过file -v看一下版本，要求4.06版本以上
wget ftp://ftp.astron.com/pub/file/file-4.17.tar.gz

安装以下文件，这些都是安装amavisd需要的
perl -MCPAN -e shell
cpan>install Archive::Tar
cpan>install Archive::Zip
cpan>install Compress::Zlib
cpan>install Convert::UUlib
cpan>install MIME::Base64
cpan>install Mail::Internet
cpan>install Net::Server
cpan>install Net::SMTP
cpan>install Digest::MD5
cpan>install IO::Stringy
cpan>install Time::HiRes
cpan>install Unix::Syslog
cpan>install BerkeleyDB
cpan>install Convert::TNEF
cpan>install MIME::Parser
cpan>install MIME::Tools
注：如果使用上述方法不能安装某些模块时，就去: http://search.cpan.org/ 搜索相应模块安装.

perl模块安装方法:
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/Digest-MD5-2.36.tar.gz
tar zxvf Digest-MD5-2.36
cd Digest-MD5-2.36
perl Makefile.pl
make
make test
make install

升级perl到最新版本，至少5.8.2以上版本
wget http://www.perl.com/CPAN/src/stable.tar.gz
tar zvxf stable.tar.gz
cd perl-5.8.8
./configure.gnu --prefix=/usr -Dpager="/bin/less -isR"
make
make test 测试一下，没问题后再install
make install

注意升级perl的话，可能会造成系统的其他perl应用不正常，请慎重升级，一般redhat9.0默认的5.8.0应该也没问题

mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home

chown -R amavis:amavis /var/amavis
chmod -R 750 /var/amavis

cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755 /usr/local/sbin/amavisd

cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644 /etc/amavisd.conf

mkdir /var/virusmails
chown amavis:amavis /var/virusmails
chmod 750 /var/virusmails

#=====================================

修改 /etc/amavisd.conf

$mydomain = 'example.com';                
$myhostname= 'mail.example.com';   

$virus_admin               = "postmaster\@$mydomain";  # notifications recip.
$mailfrom_notify_admin     = "postmaster\@$mydomain";  # notifications sender
$mailfrom_notify_recip     = "postmaster\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

$max_servers = 10;
$sa_spam_subject_tag = '[垃圾邮件] ';
@local_domains_maps = qw(.);
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 5.0;

并增加如下参数（默认amavisd.conf没有）：

$sa_spam_modifies_subj = 0; # don't modify subject  
$remove_existing_x_scanned_headers= 1; # remove existing headers
$remove_existing_spam_headers = 1;

注：$sa_spam_modifies_subj = 1;则代表修改邮件主题。

加入对Clamav 的支持：

# ### http://www.clamav.net/

 ['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

在110行左右，修改投递/拦截的方法：

$final_virus_destiny      = D_DISCARD;
$final_banned_destiny     = D_BOUNCE;
$final_spam_destiny       = D_PASS;
$final_bad_header_destiny = D_PASS;

注意上述4个设置中，对spam（垃圾邮件）默认会直接反弹（BOUNCE），现在修改为继续投递（PASS）但在信头中增加相关X-Spam- Status信息等。这样可以很方便的在extmail中设置将被标记为垃圾邮件的mail投递到“垃圾邮件箱”中，便于用户翻查，这样就避免误判垃圾邮件而引起的损失。

=====================================

3.安装SpamAssassin

perl -MCPAN -e shell
cpan>install Digest::SHA1
cpan>install HTML::Parser
cpan>install Net::DNS
cpan>install Mail::SPF::Query
cpan>install IP::Country
cpan>install Net::Ident
cpan>install IO::Socket::INET6
cpan>install IO::Socket::SSL
cpan>install DBI
cpan>install LWP::UserAgent
cpan>install Mail::SpamAssassin

注：如果使用上述方法不能安装某些模块时，就去: http://search.cpan.org/ 搜索相应模块安装.

测试amavis

# /usr/local/sbin/amavisd debug

启动停止服务
# /usr/local/sbin/amavisd start|stop

4.让postfix使用amavisd

vi /etc/postfix/main.cf，增加如下内容：

# Content-Filter
content_filter = smtp:[127.0.0.1]:10024
receive_override_options = no_address_mappings

注意： receive_override_options 这里必须增加，禁止地址展开/影射，否则如果遇到别名的时候会引起冗余邮件的产生。

vi /etc/postfix/master.cf，增加如下内容：

127.0.0.1:10025 inet    n       -       n       -       -       smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o receive_override_options=

保存后/etc/init.d/postfix restart|reload
#============================================

5. 测试

测试Clamav

输入如下命令（蓝色字代表命令行输入）：每输入一行后等待1秒左右：

telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.extmail.org ESMTP Postfix - by extmail.org
mail from:<test@example.com>

250 2.1.0 Ok
rcpt to:<test@
example.com

>

250 2.1.5 Ok
data

354 End data with .
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
.

250 2.0.0 Ok: queued as BC24E85260
quit

221 2.0.0 Bye
Connection closed by foreign host.

tail -f /var/log/maillog 查看邮件日志，看到有Blocked字样，并且没有错误信息。表明Clamav+Amavisd-new工作正常。

测试SpamAssassin

输入如下命令（蓝色字代表命令行输入）：每输入一行后等待1秒左右：

telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.extmail.org ESMTP Postfix - by extmail.org
mail from:<test@example.com>

250 2.1.0 Ok
rcpt to:<test@
example.com

>

250 2.1.5 Ok
data

354 End data with .
Subject: XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

SpamMail test
.

250 2.0.0 Ok: queued as BC24E85260
quit

221 2.0.0 Bye
Connection closed by foreign host.

tail -f /var/log/maillog 查看邮件日志，看到有amavis[10579]: (10579-06) Passed SPAM字样，并且没有错误信息。表明SpamAssassin+Amavisd-new工作正常。

参考文档:

http://blog.5ilinux.com/archives/2006/05/postfixamavisdn.html
http://www.extmail.org/docs/extmail_solution_linux/#authlib

分享到：

在换与不换之间的徘徊 | crontab的用法

2006-10-08 15:38
浏览 1583
评论(0)
查看更多

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论