- 论坛徽章:
- 0
|
- 1. 下载软件包:
- clamav-0.65.tar.gz
- unrar-3.2.3-2.9.i386.rpm
- zoo-2.10-11.9.i386.rpm
- unzoo-4.4-2.i386.rpm
- arc-5.21e-6.i386.rpm
- nomarch-1.3-1mdk.i586.rpm
- unarj-2.65-3.9.i386.rpm
- arj-3.10-0.1.i386.rpm
- freeze-2.5.0-7.i386.rpm
- compress-4.0.1.tar.gz
- amavisd-new-20030616-p6.tar.gz
- 2. 安装clamav:
- # tar zvxf clamav-0.65.tar.gz
- # cd clamav-0.65
- # groupadd clamav
- # useradd -g clamav -d /var/run/clamav -s /bin/false clamav
- # ./configure
- # make
- # make install
- # vi /usr/local/etc/clamav.conf
- =================================================================
- #Example
- LogFile /var/log/clamd.log
- LogFileMaxSize 1M
- LogVerbose
- LogTime
- LocalSocket /var/amavis/clamd/clamav.socket
- PidFile /var/run/clamav/clamd.pid
- DataDirectory /usr/local/share/clamav
- MaxDirectoryRecursion 15
- User root
- ScanMail
- ScanArchive
- ClamukoMaxFileSize 6M
- ArchiveMaxFileSize 10M
- ArchiveMaxRecursion 5
- ArchiveMaxFiles 1000
- =================================================================
- # clamd ##运行程序
- # freshclam ##升级病毒库
- # ps -aux | grep clamd
- clamav 2653 0.0 3.1 23556 12228 ? S 13:59 0:00
- 3. 建立clamd的启动脚本:
- # vi /etc/init.d/clamd
- =================================================================
- #! /bin/bash
- #
- # crond Start/Stop the clam antivirus daemon.
- #
- # chkconfig: 2345 90 60
- # description: clamdis a standard UNIX program that scans for Viruses.
- # processname: clamd
- # config: /usr/local/etc/clamd.conf
- # pidfile: /var/run/clamav/clamd.pid
- # Source function library.
- . /etc/init.d/functions
- RETVAL=0
- # See how we were called.
- prog="clamd"
- progdir="/usr/local/sbin"
- # Source configuration
- if [ -f /etc/sysconfig/$prog ] ; then
- . /etc/sysconfig/$prog
- fi
- start() {
- echo -n $"Starting $prog: "
- daemon $progdir/$prog
- RETVAL=$?
- echo
- [ $RETVAL -eq 0 ] && touch /var/run/clamav/clamd.pid
- return $RETVAL
- }
- stop() {
- echo -n $"Stopping $prog: "
- killproc $prog
- RETVAL=$?
- echo
- [ $RETVAL -eq 0 ] && rm -f /var/run/clamav/clamd.pid
- return $RETVAL
- }
- rhstatus() {
- status clamd
- }
- restart() {
- stop
- start
- }
- reload() {
- echo -n $"Reloading clam daemon configuration: "
- killproc clamd -HUP
- retval=$?
- echo
- return $RETVAL
- }
- case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- restart)
- restart
- ;;
- reload)
- reload
- ;;
- status)
- rhstatus
- ;;
- condrestart)
- [ -f /var/lock/subsys/clamd ] && restart || :
- ;;
- *)
- echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
- exit 1
- esac
- exit 0
- =================================================================
- # chmod 755 /etc/init.d/clamd
- # chkconfig --add clamd
- # chkconfig clamd on
- # clamscan -r test ##测试杀毒
- # touch /var/log/clam-update.log ##病毒库升级日志
- # chmod 644 /var/log/clam-update.log
- # chown clamav /var/log/clam-update.log
- # freshclam -d -c 2 -l /var/log/clam-update.log
- # crontab –e ##建立定时升级任务
- =================================================================
- 00 10 * * * /usr/local/bin/freshclam --quiet -d -c 2 –l \ /var/log/clam-update.log
- =================================================================
- 4. 安装amavisd-new
- # rpm -ivh unrar-3.2.3-2.9.i386.rpm
- # rpm -ivh zoo-2.10-11.9.i386.rpm
- # rpm -ivh unzoo-4.4-2.i386.rpm
- # rpm -ivh arc-5.21e-6.i386.rpm
- # rpm -ivh nomarch-1.3-1mdk.i586.rpm
- # rpm -ivh unarj-2.65-3.9.i386.rpm
- # rpm -ivh arj-3.10-0.1.i386.rpm
- # rpm -ivh freeze-2.5.0-7.i386.rpm
- # mkdir cmpress
- # tar -zxvf compress-4.0.1.tar.gz -C compress
- # cd compress
- # make
- # make install
- # perl -MCPAN -e shell ##在安装前确定你的系统语言不是UTF-8
- =================================================================
- cpan>;
- Instalando
- -----------
- cpan>; install File::MMagic
- cpan>; install Config::IniFiles
- cpan>; install Convert::TNEF
- cpan>; install Convert::UUlib
- cpan>; install Compress::Zlib
- cpan>; install Archive::Tar
- cpan>; install Archive::Zip
- cpan>; install Unix::Syslog
- cpan>; install MIME::Base64
- cpan>; install Net::Server
- cpan>; install Net::SMTP
- Should all FTP connections be passive (y|n) ? [no] no
- cpan>; install Digest::MD5
- cpan>; install Time::HiRes
- cpan>; install Mail::SpamAssassin
- cpan>; exit
- =================================================================
- # adduser -s /bin/false -c "Amavis User" -d /var/amavis amavis
- # tar -zxvf amavisd-new-20030616-p6.tar.gz
- # cd amavisd-new-20030616
- # mkdir -p /var/amavis/clamd
- # chown -R amavis:amavis /var/amavis
- # chmod -R 750 /var/amavis/
- # cp amavisd /usr/local/sbin/
- # ln -s /usr/local/sbin/amavisd /usr/sbin/amavisd
- # cp amavisd.conf /etc/
- # mkdir /var/virusmails
- # chown amavis:amavis /var/virusmails
- # cp amavisd_init.sh /etc/init.d/amavisd
- # chmod 744 /etc/init.d/amavisd
- # chkconfig --add amavisd
- # chkconfig amavisd on
- # vi /etc/amavisd.conf
- ============================================================================
- $MYHOME = '/var/amavis'; # (default is '/var/amavis')
- $mydomain = 'nero.3322.org'; # (no useful default)
- $daemon_user = 'amavis'; # (no default; customary: vscan or amavis)
- $daemon_group = 'amavis'; # (no default; customary: vscan or amavis)
- $QUARANTINEDIR = '/var/virusmails';
- $log_level = 0;
- $final_virus_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
- $final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
- $final_spam_destiny = D_REJECT; # (defaults to D_REJECT)
- $final_bad_header_destiny = D_PASS; # (defaults to D_PASS)
- $sa_spam_subject_tag = '***SPAM***'
- $virus_admin = "root\@$mydomain";
- $mailfrom_notify_admin = "root\@$mydomain";
- $mailfrom_notify_recip = "root\@$mydomain";
- $forward_method = 'smtp:127.0.0.1:10025';
- $notify_method = $forward_method;
- $inet_socket_port = 10024;
- $max_servers = 2;
- ['Clam Antivirus-clamd',
- \&ask_daemon, ["CONTSCAN {}\n", '/var/amavis/clamd/clamav.socket'],
- qr/\bOK$/, qr/\bFOUND$/,
- qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
- ============================================================================
- # amavisd debug
- ====================================================================
- Mar 20 10:36:21 home amavisd[1252]: starting. amavisd at home amavisd-new-20030616-p6, Unicode aware, LANG=en_US
- Mar 20 10:36:21 home amavisd[1252]: Perl version 5.008
- Mar 20 10:36:21 home amavisd[1252]: Module Amavis::Conf 1.15
- Mar 20 10:36:21 home amavisd[1252]: Module Archive::Tar 1.08
- Mar 20 10:36:21 home amavisd[1252]: Module Archive::Zip 1.09
- Mar 20 10:36:21 home amavisd[1252]: Module Compress::Zlib 1.33
- Mar 20 10:36:21 home amavisd[1252]: Module Convert::TNEF 0.17
- Mar 20 10:36:21 home amavisd[1252]: Module Convert::UUlib 1.01
- ====================================================================
- 启动amavisd服务
- # service amavisd start
- 测试amavis的工作情况
- # telnet 127.0.0.1 10024
- Trying 127.0.0.1...
- Connected to home (127.0.0.1).
- Escape character is '^]'.
- 220 [127.0.0.1] ESMTP amavisd-new service ready
- QUIT
- 221 2.0.0 [127.0.0.1] (amavisd) closing transmission channel
- Connection closed by foreign host.
- 5.设置postfix,在/etc/postfix/master.cf添加如下内容
- ============================================================================
- smtp-amavis unix - - n - 2 smtp
- -o smtp_data_done_timeout=1200
- -o disable_dns_lookups=yes
-
- 127.0.0.1:10025 inet n - n - - smtpd
- -o content_filter=
- -o local_recipient_maps=
- -o relay_recipient_maps=
- -o smtpd_restriction_classes=
- -o smtpd_client_restrictions=
- -o smtpd_helo_restrictions=
- -o smtpd_sender_restrictions=
- -o mynetworks=127.0.0.0/8
- ============================================================================
- 设置postfix,在/etc/postfix/main.cf添加如下内容
- ============================================================================
- content_filter = smtp-amavis:[127.0.0.1]:10024
- ===============================================测试postfix是否工作
- # telnet 127.0.0.1 10025
- Trying 127.0.0.1...
- Connected to localhost (127.0.0.1).
- Escape character is '^]'.
- 220 nero.3322.org ESMTP Postfix
- QUIT
- 221 Bye
- Connection closed by foreign host.
- 6. 功能测试:
- 扫描/home/data下的所有邮件,并将扫描结果保存在/root下的scan_report文件中
- # clamscan -r -l /root/scan_report /home/data
- # less scan_report
- ===============================================
- /home/data/mail/test/Maildir/courierimapkeywords/.3597840.1079351764.M170269P1241V0000000000000302I00093221_0.home,S=733: Empty file.
- /home/data/mail/test/Maildir/courierimapuiddb: OK
- /home/data/mail/llzqq/Maildir/courierimapuiddb: OK
- /home/data/mail/.bash_history: OK
- ----------- SCAN SUMMARY -----------
- Known viruses: 20482
- Scanned directories: 20
- Scanned files: 3
- Infected files: 0
- Data scanned: 0.00 MB
- I/O buffer size: 131072 bytes
- Time: 0.681 sec (0 m 0 s)
- [root@home root]# less scan_report
- --------------------------------------
- Scan started: Tue Mar 16 10:46:09 2004
- -- summary --
- Known viruses: 20482
- Scanned directories: 20
- Scanned files: 3
- Infected files: 0
- Data scanned: 0.00 MB
- I/O buffer size: 131072 bytes
- Time: 0.681 sec (0 m 0 s)
- ===============================================
复制代码 |
|