2006年1月22日 星期日

Postfix+Amavisd-new+ SpamAssassin+ClamAV 防毒防垃圾信

Postfix:郵件伺服器軟體
Amavisd-new:郵件介面軟體,它就是郵件伺服器軟體及內容檢查軟體之間的橋樑軟體。
SpamAssassin:垃圾郵件過濾軟體。
ClamAV:免費的防毒軟體。

e-mail --> [postifx (*:25)] -->[amavisd-new (127.0.0.1:10024)]
-->[SpamAssassine過濾垃圾郵件,ClamAV掃毒]
-->[postfix (127.0.0.1:10025)] -->[delivery agent (local/smtp/...)]


一、安裝:
1.安裝Postfix
#cd /usr/ports/mail/postfix
#make install clean

2.安裝Clamav
#cd /usr/ports/security/clamav
#make install clean #全都不勾選

3.安裝Amavisd-new
#cd /usr/ports/security/amavisd-new
#make install clean #全都不勾選

4.安裝Amavisd-new會自動加裝 SpamAssassin


二、設定:
1.設定Postfix
#vi /usr/local/etc/postfix/main.conf
增加 content_filter = smtp-amavis:[127.0.0.1]:10024
#vi /usr/local/etc/postfix/master.conf
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
#cd /usr/local/etc/postfix/
#vi aliases
virusalert: root
spamalert: root
#postalias aliases

2.設定Amavisd-new
#vi /usr/local/etc/amavisd.conf
$MYHOME = '/var/amavis';
$mydomain = 'mail.tles.tyc.edu.tw'; 
$daemon_user = 'vscan';
$daemon_group = 'vscan';

$log_level = 0;

$DO_SYSLOG = 0;

$sa_spam_subject_tag = '***SPAM*** ';
$sa_spam_modifies_subj = 1;

$virus_admin = "virusalert@$mydomain";
$spam_admin = "spamalert@$mydomain";
$mailfrom_notify_admin = "virusalert@$mydomain";
$mailfrom_notify_recip = "virusalert@$mydomain";
$mailfrom_notify_spamadmin = "spamalert@$mydomain";

$inet_socket_bind = '127.0.0.1';
$forward_method = 'smtp:127.0.0.1:10025';

$notify_method = $forward_method;
$inet_socket_port = 10024;
$max_servers = 2; 

$final_virus_destiny = D_BOUNCE; # (defaults to D_DISCARD)
$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_spam_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS)

['Clam Antivirus-clamd',
&ask_daemon, ["CONTSCAN {}n", '/tmp/clamd'], qr/bOK$/, qr/bFOUND$/,
qr/^.*?: (?!InfectedArchive)(.*) FOUND$/ ],

新增 log 檔所要使用的目錄及改變目錄權限:
#mkdir /var/log/amavis
#chown vscan:vscan amavis
#cd amavis
#touch amavis.log
#chown vscan amavis.log
#cd /var
#chown -R vscan:clamav amavis

3.設定SpamAssassin
#vi /usr/local/etc/mail/spamassassin/local.cf
# How many hits before a message is considered spam. 得分多少以上就會被判定為垃圾郵件.
required_hits 10
# Whether to change the subject of suspected spam. 在垃圾郵件上之標題上加上註記.
rewrite_header Subject ****SPAM(_SCORE_)****
# Encapsulate spam in an attachment.
# 要如何處理垃圾郵件。因為郵件還會經過防毒程式的處理,所以必須設定為 0。
# 0:將資訊寫入郵件表頭。
# 1:將垃圾郵件轉為附件。
# 2:將垃圾郵件轉為純文字附件。 
report_safe 0
# Use terse version of the spam report. 用精簡的方式來回報垃圾給管理者
use_terse_report 0
# Enable the Bayes system. 使用貝氏學習系統
use_bayes 1
# Enable Bayes auto-learning. 開起貝氏自動學習功能
auto_learn 1
# Enable or Disable network checks. 略過 RBLs 之檢查、使用 Razor version 2、使用 DCC (Distributed Checksum Clearinghouse)、使用 Pyzor
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# Blacklist. 黑色清單,判定減 - 100 分
blacklist_from *@sohu.com *@mailfb.com
# Whitelist . 白色清單,判定加 +100 分
whitelist_from *@tles.tyc.edu.tw
whitelist_from 
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - chinese
ok_languages zh en
# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales zh en
# Disabled scores. 防止中文主旨和中文收件者誤判,建議再加上下列幾行
score HEADER_8BITS 0
score HTML_COMMENT_8BITS 0
score SUBJ_FULL_OF_8BITS 0
score UPPERCASE_25_50 0
score UPPERCASE_50_75 0
score UPPERCASE_75_100 0

4.設定ClamAV
#vi /usr/local/etc/clamd.conf
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 2M
LogTime
LogSyslog
LogVerbose
PidFile /var/run/clamav/clamd.pid
LocalSocket /var/run/clamav/clamd
MaxDirectoryRecursion 20
User clamav
AllowSupplementaryGroups
ScanMail
ScanArchive
ScanRAR
ArchiveMaxFileSize 15M
ArchiveMaxRecursion 8
ArchiveMaxFiles 1500
ClamukoScanOnOpen
ClamukoScanOnClose
ClamukoScanOnExec
ClamukoIncludePath /home
ClamukoMaxFileSize 1M

5.開機自動執行
#cd /usr/local/etc
#cp freshclam.conf.default freshclam.conf #clamav 病毒更新程式
#vi /etc/rc.conf
sendmail_enable="YES" #啟動Postfix
amavisd_enable="YES"
spamd_enable="YES"
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
張貼者:
標籤: