以下给stfix邮件系统加上防病毒和防垃圾邮件系统
==amavisd==按装配置
下载地址:http://mirror.mainloop.se/amavisd/#download
文件名:amavisd-new-2.5.2.tar.gz
==amavisd==按装所需要的文件,实际这些文件名在amavised解压后的INSTALL里有列表
#perl -MCPAN -e shell
cpan>install Archive::Tar
cpan>install Archive::Zip
cpan>install Compress::Zlib
cpan>install Convert::UUlib
cpan>install MIME::Base64
cpan>install Mail::Internet
cpan>install Net::Server
cpan>install Net::SMTP
cpan>install Digest::MD5
cpan>install IO::Stringy
cpan>install Time::HiRes
cpan>install Unix::Syslog
cpan>install BerkeleyDB
cpan>install Convert::TNEF
cpan>install MIME::Parser
cpan>install MIME::Tools
=amavisd==配置,INSTALL中有详细的按装说明
==amavisd==进入解压目录
添加用户:
# groupadd amavis
# useradd -g amavis -s /bin/false -c "Clam AntiVirus" amavis
建立目录
# mkdir /var/amavis
# mkdir /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home
# chown -R amavis:amavis /var/amavis
# chmod -R 750 /var/amavis
复制amavisd文件
# cp amavisd /usr/local/sbin/
# chown root /usr/local/sbin/amavisd
# chmod 755 /usr/local/sbin/amavisd
复制amavisd.conf
# cp amavisd.conf /etc/
# chown root /etc/amavisd.conf
# chmod 644 /etc/amavisd.conf
建立quarantine area
#mkdir /var/virusmails
#chown amavis:amavis /var/virusmails
#chmod 750 /var/virusmails
此目录下是放标记为病毒或垃圾的邮件
# vi /etc/amavisd.conf
修改amavisd.conf
$max_servers = 10; # num of pre-forked children (2..15 is common), -m
$daemon_user = ‘amavis‘; # (no default; customary: vscan or amavis), -u
$daemon_group = ‘amavis‘; # (no default; customary: vscan or amavis), -g
$MYHOME = ‘/var/amavis‘;
$TEMPBASE = "$MYHOME/tmp";
$db_home = "$MYHOME/db";
$sa_spam_subject_tag = ‘[SPAM] ‘;
$mydomain = ‘mail.extmail.org‘;
$myhostname = ‘mail.extmail.org‘;
@local_domains_maps = qw(.);
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 5.0;
增加 三行:
$sa_spam_modifies_subj = 0; # don‘t modify subject
$remove_existing_x_scanned_headers= 1; # remove existing headers
$remove_existing_spam_headers = 1;
# cp amavisd_init.sh /etc/init.d/amavisd
# chmod 744 /etc/init.d/amavisd
# vi /etc/init.d/amavisd
prog="/usr/local/sbin/amavisd"
# chkconfig --add amavisd
# chkconfig amavisd on
# service amavisd restart
会有错误提示,暂不用理会
而且此时从其它邮件服务器给刚配置的邮件服务器发邮件会提示
(connect to 127.0.0.1[127.0.0.1]: Connection refused
只需要配置好spamassassin后,重启amavisd
配置Postfix 集成amavisd-new
编辑/etc/postfix/master.cf
增加如下内容:
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o receive_override_options=
编辑/etc/postfix/main.cf
增加如下内容
#Content-Filter
content_filter = smtp:[127.0.0.1]:10024
receive_override_options = no_address_mappings
==SpamAssassin==按装配置安装
==SpamAssassin==按装相关的包
方法一:
下载地址:http://spamassassin.apache.org/
文件名:Mail-SpamAssassin-3.2.3.tar.gz
进入解压目录:
# perl Makefile.PL
# make
# make install
方法二:
perl -MCPAN -e shell
cpan>install Digest::SHA1
cpan>install HTML::Parser
cpan>install Net::DNS
cpan>install Mail::SPF::Query
cpan>install IP::Country
cpan>install Net::Ident
cpan>install IO::Socket::INET6
cpan>install IO::Socket::SSL
cpan>install DBI
cpan>install LWP::UserAgent
cpan>install Mail::SpamAssassin
用上述两种方法之一按spamassassin即可
修改配置文件/etc/mail/spamassassin/local.cf文件
# How many hits before a message is considered spam.
required_hits 9.5
# Text to prepend to subject if rewrite_subject is used
rewrite_header Subject *****垃圾邮件*****
# Encapsulate spam in an attachment
report_safe 1
# Enable the Bayes system
use_bayes 1
# Enable Bayes auto-learning
bayes_auto_learn 1
# Enable or disable network checks
skip_rbl_checks 1
use_razor2 0
use_dcc 0
use_pyzor 0
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_languages all
# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales all
=========local.cf内容结束处
增加Chinese_rules.cf支持
Chinese_rules.cf是教育科研网的反垃圾邮件小组对大量垃圾邮件和正常邮件进行分析后得出的一
个关键字/分数规则集,用于处理中文(简体)垃圾邮件还是比较有效的。这里我们通过如下命令
增加到系统:
wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf
由于该规则每周更新一次,为了达到最好效果,最好在crontab里增加自动更新的内容,输入:
/usr/bin/crontab -e
然后输入如下的内容:
0 0 1 * * wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf; /etc/init.d/amavisd restart
==clamav==按装配置
下载地址:http://www.clamav.org/download/sources/
文件名:clamav-0.91.2.tar.gz
进入解压目录
#groupadd clamav
#useradd -g clamav -s /bin/false -d /dev/null clamav
#./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
#make
#make check
#make install
vi /usr/local/clamav/etc/clamd.conf
LogSyslog yes
LogVerbose yes
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd
StreamMaxLength 10M
User amavis
ScanMail yes
ScanArchive yes
vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog yes
LogVerbose yes
DatabaseOwner amavis
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd /usr/local/clamav/etc/clamd.conf
注意:注释掉两个文件中Example那行
创建日志文件夹并设置权限
mkdir /var/log/clamav
chmod -R 744 /var/log/clamav
chown -R amavis:amavis /var/log/clamav
chown -R amavis:amavis /usr/local/share/clamav
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown amavis.amavis /var/run/clamav
手动更新病毒库
/usr/local/clamav/bin/freshclam
启动
# /usr/local/clamav/sbin/clamd
编辑/etc/rc.local加入
/usr/local/clamav/sbin/clamd
设置自动更新病毒库
crontab -e
0 4 * * * root /usr/local/clamav/bin/freshclam --quiet -l /var/log/clamav/clamd.log
配置Amavisd与Clamav结合
为了使Amavisd-new能与clamav结合,需要修改/etc/amavisd.conf文件,打开clamav的支持代码,
编辑 /etc/amavisd.conf文件,大概在300行左右,去掉clamav的支持代码注释,并将socket路径
改为 /var/run/clamav/clamd.sock,如下:
[‘ClamAV-clamd‘,
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
在110行左右,修改投递/拦截的方法:
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS;
注意上述4个设置中,对spam(垃圾邮件)默认会直接反弹(BOUNCE),现在修改为继续投递
(PASS)但在信头中增加相关X-Spam- Status信息等。这样可以很方便的在extmail中设置将被标
记为垃圾邮件的mail投递到“垃圾邮件箱”中,便于用户翻查。
.
分页: [1] [2]
TAG: 服务器 CENTOS MAIL