« Maildrop安装调试笔记 | 首页 | openssh快速编译安装howto »

May 12, 2006

在postfix下编译安装amavisd-new+clamav+SpamAssassin

前几天给大家介绍了postfix + cyrus-sasl2 + courier-authlib + Courier-IMAP + postfixadminmaidrop的安装,基本邮件系统已经可以使用,今天继续给大家讲怎么给postfix邮件系统加上防病毒和防垃圾邮件系统

1.安装clamav
wget http://keihanna.dl.sourceforge.net/sourceforge/clamav/clamav-0.88.tar.gz
 
groupadd clamav
useradd -g clamav -s/bin/false -d/dev/null clamav
./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav
make
make check
make install 
 

vi /usr/local/clamav/etc/clamd.conf

LogSyslog
LogVerbose
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd
StreamMaxLength 10M
User amavis
ScanMail
ScanArchive
ScanRAR

vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseOwner amavis
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd

注意:注释掉两个文件中Example那行


添加amavis用户和组,配合amavisd使用
groupadd amavis
useradd -g amavis -s /bin/false -c "Amavis User" -d /dev/null amavis

创建日志文件夹并设置权限
mkdir /var/log/clamav
chmod -R 744 /var/log/clamav
chown -R amavis:amavis /var/log/clamav

chown -R amavis.amavis /usr/local/share/clamav
mkdir /var/run/clamav
chmod 700 /var/run/clamav
chown amavis.amavis /var/run/clamav

手动更新病毒库
/usr/local/clamav/bin/freshclam

设置自动更新病毒库
crontab -e
0 4 * * * root /usr/local/clamav/bin/freshclam --quiet -l /var/log/clamd.log

启动
# /usr/local/clamav/sbin/clamd


2.安装amavisd
 
wget http://www.ijs.si/software/amavisd/amavisd-new-2.4.1.tar.gz
 
升级file,可以通过file -v看一下版本,要求4.06版本以上
wget ftp://ftp.astron.com/pub/file/file-4.17.tar.gz
 
 
安装以下文件,这些都是安装amavisd需要的
 
perl -MCPAN -e shell
cpan>install Archive::Tar  
cpan>install Archive::Zip  
cpan>install Compress::Zlib
cpan>install Convert::UUlib
cpan>install MIME::Base64  
cpan>install Mail::Internet
cpan>install Net::Server   
cpan>install Net::SMTP     
cpan>install Digest::MD5  
cpan>install IO::Stringy   
cpan>install Time::HiRes  
cpan>install Unix::Syslog  
cpan>install BerkeleyDB
cpan>install Convert::TNEF
cpan>install MIME::Parser
cpan>install MIME::Tools    
 
升级perl到最新版本,至少5.8.2以上版本
wget http://www.perl.com/CPAN/src/stable.tar.gz
tar zvxf stable.tar.gz
cd perl-5.8.8
./configure.gnu --prefix=/usr -Dpager="/bin/less -isR"
make
make test   测试一下,没问题后再install
make install

注意升级perl的话,可能会造成系统的其他perl应用不正常,请慎重升级,一般redhat9.0默认的5.8.0应该也没问题
 
mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home
 
chown -R amavis:amavis /var/amavis
chmod -R 750 /var/amavis
 
cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755  /usr/local/sbin/amavisd
 
cp amavisd.conf /etc/
chown root /etc/amavisd.conf
chmod 644  /etc/amavisd.conf
 
mkdir /var/virusmails
chown amavis:amavis /var/virusmails
chmod 750 /var/virusmails
 

#=====================================
 
修改 /etc/amavisd.conf
 
$mydomain = 'example.com';
 
$virus_admin               = "postmaster\@$mydomain";  # notifications recip.
$mailfrom_notify_admin     = "postmaster\@$mydomain";  # notifications sender
$mailfrom_notify_recip     = "postmaster\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
 

加入对Clamav 的支持
# ### http://www.clamav.net/
 ['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], 
 
 
3.安装SpamAssassin
perl -MCPAN -e shell
cpan>install Digest::SHA1
cpan>install HTML::Parser
cpan>install Net::DNS
cpan>install Mail::SPF::Query
cpan>install IP::Country
cpan>install Net::Ident
cpan>install IO::Socket::INET6
cpan>install IO::Socket::SSL
cpan>install DBI
cpan>install LWP::UserAgent
cpan>install Mail::SpamAssassin

SA的配置我这里不讲了,如果你想了解一点,也可参考我在这里的blog笔记
 
测试amavis
# /usr/local/sbin/amavisd debug
 
启动停止服务
# /usr/local/sbin/amavisd start|stop
 

4.让postfix使用amavisd
 
在/usr/local/etc/postfix/main.cf 加入
 
content_filter = smtp-amavis:[127.0.0.1]:10024
在/usr/local/etc/postfix/master.cf 加入
 
smtp-amavis unix -   -   n     -       2  smtp
        -o smtp_data_done_timeout=1200
        -o disable_dns_lookups=yes
                                                                                
127.0.0.1:10025 inet n -       n       -       -  smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
 
#============================================
 
参考文档
 
http://www.xjtusky.com/article.asp?id=109
http://genco.gen.tc/postfix_virtual.php#amavisdclamav
http://www.toping.net/bbs/htm_data/10/0602/1042.html
http://www.freespamfilter.org/FC4.html

由 frank 发表于 May 12, 2006 7:21 AM

相关文章

  • 在postfix下编译安装amavisd-new+clamav+SpamAssassin
  • 难道google也发垃圾评论
  • 让CBL结合SpamAssassin使用
  • SpamAssassin的简单应用
  • 安装SpamAssassin遇到问题的解决

    • 本则 Blog 所属的Tag:

    本网所有文章建立在 创作公用 协议下。版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及以上“创作共用”声明。

    您好,我是一个初学BSD的管理员,我想问一下,我升级了perl到 5.8.8版本, 但是我在安装SPAMASSASSIN 3.1.1.4的时候提示找不到PERL 5.8或版本太低, 我想问一下是不是PERL没有启动或者是什么其它原因呢? 请您详细指导一下,谢谢您的帮助!

    Joshoneil 发表于 May 28, 2006 9:27 PM

    joshoneil: 你的spam是不是手动编译呀,你最好用perl -MCPAN -e shell命令编译试试,会自动寻找到perl的最新版本

    frank 发表于 May 29, 2006 1:11 PM

    你好

    我在安裝上有個問題,安裝到重啟postfix後,mailq會出現 (delivery temporarily suspended: transport is unavailable),查了一下網路的資料,也許問題出在telnet 127.0.0.1 10024時是有回應,但telnet 127.0.0.1 10025會卡住,也沒有出現220 xxx ESMTP POSTFIX等字,打任何指令都沒回應,不知是否能請你幫忙一下?

    由 SeanHung 发表于 October 18, 2006 5:15 PM

    发表评论




    是否保存个人讯息?