[url]http://205498.blog.51cto.com/195498/844877[/url]


[color=red][b]安装病毒扫描与垃圾邮件过滤[/b][/color]
首先安装:[url]http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm[/url]
Amavisd-new 及 ClamAV 可从RPMForge软件仓库安装
首先,安装[color=red][b]amavisd-new[/b][/color]、[color=red][b]clamav[/b][/color]及[color=red][b]spamassassin[/b][/color]:
[color=darkblue]sudo yum -y install amavisd-new clamav clamav-devel clamd spamassassin[/color]

安装完毕后,三个新的服务应已被加进系统内:
[color=darkblue]chkconfig --list | grep "amavisd\|clamd\|spamassassin"[/color]
amavisd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
clamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
spamassassin 0:off 1:off 2:off 3:off 4:off 5:off 6:off
spamassassin 这个启动spamd的服务可以被停用,因为Amavisd-new不会应用spamassassin的常驻进程,而是直接载入spamassassin作为一个模块。

[color=red][b]设定[/b][/color]
事实上SpamAssassin并不须要特别的设定便可配合Amavisd-new,它可即装即用。这并不等于你无法通过/etc/mail/spamassassin/local.cf域该目录内的自订cf档来设定它。

ClamAV的设定存放在/etc/clamd.conf内,我们必须编辑/etc/clamd.conf让ClamAV知道Amavisd-new将会利用本地的UNIX通讯端而不是tcp端口来与它沟通,以及该通讯端在哪里。请如下编辑LocalSocket的设定并备注掉TCPSocket:
### /etc/clamd.conf
#
# 设定 clam 的 LocalSocket
# 它必须与 /etc/amavisd.conf 內设定吻合
#
[color=darkblue]LocalSocket /var/run/clamav/clamd.sock[/color]
#
# 备注掉 TCPSocket 这个设定:
[color=darkblue]# TCPSocket 3310[/color]

Amavisd-new把它的配置文件放在/etc/amavisd.conf中。
首先,我们可以通过解除以下数行的注释来停止检查病毒域垃圾邮件(由于下面数行是被注释掉的,因此病毒及垃圾邮件在预设中是被启动的):

### /etc/amavisd.conf:
#
# To disable virus or spam checks, uncomment the following:
#
[color=darkblue]@bypass_virus_checks_maps = (1); # controls running of anti-virus code
@bypass_spam_checks_maps = (1); # controls running of anti-spam code
$bypass_decode_parts = 1; # controls running of decoders & dearchivers[/color]


接着,请留意以下数行,纵使它们无须被修改:
$max_servers = 2; # num of pre-forked children (2..30 is common), -m
$daemon_user = "amavis"; # (no default; customary: vscan or amavis), -u
$daemon_group = "amavis"; # (no default; customary: vscan or amavis), -g
$inet_socket_port = 10024; # listen on this local TCP port(s)
# $notify_method = 'smtp:[127.0.0.1]:10025';
# $forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter!
$max_servers 设定同步执行的Amavisd-new进程数量,而且必须与/etc/postfix/master.cf内的amavisfeed服务的maxproc栏相吻合
$daemon_user及$daemon_group应该吻合用来执行Amavisd-new的用户及群组。
$inet_socket_port 定义Amavisd-new将会在哪一个tcp端口接纳来自Postfix的连接。
$notify_method及$forward_method定义Amavisd-new把邮件重新注入Postfix的途径。

以下设定必须被修改(涉及$mydomain和$myhostname时)及解除注释(移除行首的#):
[color=darkblue]$mydomain = 'panyongzheng.vicp.cc';
$MYHOME = '/var/amavis';
$helpers_home = "$MYHOME/var";
$lock_file = "$MYHOME/var/amavisd.lock";
$pid_file = "$MYHOME/var/amavisd.pid";
$myhostname = 'mail.example.com';[/color]


接着是一些SpamAssassin设定来置换预设的SpamAssassin设定:
[color=darkblue]$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.2; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam
$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?[/color]
你不一定要修改它们,但是你值得知道它们的存在,因为这里是最方便修改垃圾邮件限制的地方。
$sa_tag_level_deflt 指定Amavisd-new由哪一个级别开始写入X-Spam-Flag、X-Spam-Score、X-Spam-Status等垃圾邮件资讯标头,假如你想为所有邮件加入资讯标头,请把此值设为 -999
$sa_tag2_level_deflt 指定由哪一个级别开始在垃圾邮件的标头上标签它们。
$sa_kill_level_deflt 指定Amavisd-new由哪一个级别开始拦截和扣留邮件。这个用途很大,因为SpamAssassin在预设情况下不会这样做。
$sa_dsn_cutoff_level 指定由哪一个级别开始寄件失败通告不会被发送给寄件人。由于多数垃圾邮件寄件者的地址都是伪造的,不为明显的垃圾邮件发送寄件失败通告是最合理的,要不然你只会加剧反向散寄的问题。
$sa_quarantine_cutoff_level 指定哪一个级别开始不必扣留垃圾邮件。这个选项预设是被注释掉的,意思是所有邮件都会被扣留。


接下来是发送通告的邮件地址:
[color=darkblue]$virus_admin = "virusalert\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender[/color]

你大概会将它们设定为postmaster\@$mydomain或其它你想收到垃圾邮件通告的邮箱。

最后,我们需要为ClamAV的部份解除注释:

### http://www.clamav.net/
[color=darkblue]['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
qr/\bOK$/m, qr/\bFOUND$/m,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],[/color]
请留意/var/run/clamav/clamd.sock这个设定必须与我们先前在/etc/clamd.conf内输入的LocalSocket /var/run/clamav/clamd.sock设定相吻合。

[b][color=red]Postfix的相关设定[/color][/b](以下修改两个地方)
然后我们需要设定Postfix内的服务(/etc/postfix/master.cf)好让邮件会被传给Amavisd-new进行过滤及再次注入Postfix。
打开/etc/postfix/master.cf加入以下名为amavisfeed的服务:
[color=darkblue]sudo gedit /etc/postfix/master.cf[/color]
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
#
[color=darkblue]amavisfeed unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o smtp_tls_note_starttls_offer=no
-o disable_dns_lookups=yes
-o max_use=20[/color]


请留意在maxproc栏内的数值(2)必须要与/etc/amavisd.conf内的$max_servers设定吻合。有关各选项的详细解释请参阅Amavisd-new的文档(/usr/share/doc/amavisd-new-2.6.6/README.postfix.html)。

然后我们定义一个专用的服务把邮件重新注入Postfix。我们为此在/etc/postfix/master.cf内加入一个在localhost(127.0.0.1)的tcp 10025端口(/etc/amavisd.conf的预设值)上监听的smtp服务:
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
[color=darkblue]127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
-o local_header_rewrite_clients=
-o smtpd_milters=
-o local_recipient_maps=[/color]
[color=red]以上两项首行前面一定不能有空格,否则会出错[/color]
最后,在/etc/postfix/main.cf加入以下设定来启用邮件过滤:
[color=darkblue]sudo gedit /etc/postfix/main.cf[/color]
[i][color=darkblue]content_filter = amavisfeed:[127.0.0.1]:10024[/color][/i] 设定端口监听

在/etc/postfix/master.cf作出改动后,我们必须重新加载postfix,好让这些改动能生效:
# [color=darkblue]sudo postfix reload[/color]

[color=red][b]测试[/b][/color]
首先,启动clamd及amavisd服务:

# [color=darkblue]sudo service clamd restart[/color]
# [color=darkblue]sudo service amavisd restart[/color]

现在利用telnet测试amavisd这个服务正在127.0.0.1:10024上监听:
# [color=darkblue]telnet localhost 10024[/color]
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
[color=darkblue]ehlo panyongzheng.vicp.cc[/color] <<这里是手动输入
250-[127.0.0.1]
250-VRFY
250-PIPELINING
250-SIZE
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 XFORWARD NAME ADDR PORT PROTO HELO SOURCE

接下来测试Postfix的smtpd正在127.0.0.1:10025上监听:
# [color=darkblue]telnet localhost 10025[/color]
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.example.com ESMTP Postfix
[color=darkblue]ehlo panyongzheng.vicp.cc[/color] <<这里是手动输入
250-mail.example.com
250-PIPELINING
250-SIZE 20480000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN CRAM-MD5
250-AUTH=PLAIN LOGIN CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

[color=red][b]进行垃圾邮件的测试:[/b][/color]
# cd /usr/share/doc/spamassassin-3.3.1/
# [color=darkblue]sendmail test@panyongzheng.vicp.cc < sample-spam.txt[/color]

查看/var/log/maillog的日志:
[color=darkblue]sudo gedit /var/log/maillog[/color]
Jun 7 15:27:01 localhost postfix/pickup[6659]: C0F67342507: uid=500 from=<pandy>
Jun 7 15:27:01 localhost postfix/cleanup[6770]: C0F67342507: message-id=<GTUBE1.1010101@example.net>
Jun 7 15:27:01 localhost postfix/qmgr[6658]: C0F67342507: from=<pandy@panyongzheng.vicp.cc>, size=928, nrcpt=1 (queue active)
Jun 7 15:27:01 localhost postfix/smtpd[6756]: connect from localhost[127.0.0.1]
Jun 7 15:27:01 localhost postfix/smtpd[6756]: E9969342508: client=localhost[127.0.0.1]
Jun 7 15:27:01 localhost postfix/cleanup[6770]: E9969342508: message-id=<GTUBE1.1010101@example.net>
Jun 7 15:27:01 localhost postfix/qmgr[6658]: E9969342508: from=<pandy@panyongzheng.vicp.cc>, size=1313, nrcpt=1 (queue active)
Jun 7 15:27:01 localhost amavis[6749]: (06749-01) Passed CLEAN {RelayedInbound}, <pandy@panyongzheng.vicp.cc> -> <test@panyongzheng.vicp.cc>, Message-ID: <GTUBE1.1010101@example.net>, mail_id: xSMUA-febcTX, Hits: -, size: 928, queued_as: E9969342508, 97 ms
Jun 7 15:27:01 localhost postfix/smtp[6774]: C0F67342507: to=<test@panyongzheng.vicp.cc>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.26, delays=0.11/0.05/0.01/0.1, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as E9969342508)
Jun 7 15:27:01 localhost postfix/qmgr[6658]: C0F67342507: [color=red][b]removed[/b][/color]

[color=red][b]外网测试:[/b][/color]


.

阿里云国内75折 回扣 微信号:monov8
阿里云国际,腾讯云国际,低至75折。AWS 93折 免费开户实名账号 代冲值 优惠多多 微信号:monov8 飞机:@monov6
标签: centos