- 论坛徽章:
- 0
|
下面全部是测试信息及我碰到的错误的地方..
下面我e用httpd WEB MAIL登录 发送一个.exe 的扩展名的文件。这是服务器端邮件日志
Jul 18 18:21:44 huzi mimedefang.pl[3866]: filter: m6IALeFS004120: drop_with_warning=1
Jul 18 18:21:44 huzi sendmail[4120]: m6IALeFS004120: Milter delete (noop): header: X-Spam-Score
Jul 18 18:21:44 huzi sendmail[4120]: m6IALeFS004120: Milter change: header Content-Type: from multipart/mixed;\n\tboundary="----=OPENWEBMAIL_ATT_0.133654083914251" to multipart/mixed;\n\tboundary="----=OPENWEBMAIL_ATT_0.133654083914251"
Jul 18 18:21:44 huzi sendmail[4120]: m6IALeFS004120: Milter change: header MIME-Version: from 1.0 to 1.0
Jul 18 18:21:44 huzi sendmail[4120]: m6IALeFS004120: Milter message: body replaced
Jul 18 18:21:44 huzi sendmail[4120]: m6IALeFS004120: Milter add: header: X-Scanned-By: MIMEDefang 2.64 on 192.168.1.180
Jul 18 18:21:44 huzi sendmail[4123]: m6IALeFS004120: to=<huzi@huzi.uplookinghuzi.com>, ctladdr=<huzi@mail.uplookinghuzi.com> (500/500), delay=00:00:04, xdelay=00:00:00, mailer=local, pri=31694, dsn=2.0.0, stat=Sent
客户端收到邮件的信息如下
说明 MIMEDefang 已经成功应用
WARNING: This e-mail has been altered by MIMEDefang. Following this
paragraph are indications of the actual changes made. For more
information about your site's MIMEDefang policy, contact
MIMEDefang Administrator's Server <liuguan269@163.com>. For more information about MIMEDefang, see:
http://www.roaringpenguin.com/mimedefang/enduser.php3
An attachment named open.exe was removed from this document as it
constituted a security hazard. If you require this document, please contact
the sender and arrange an alternate means of receiving it.
测试完成。设置所有服务开机启动
[root@huzi conf]# chkconfig clamd on
[root@huzi conf]# chkconfig sendmailon
[root@huzi conf]# chkconfig spamassassin on
[root@huzi conf]# chkconfig saslauthd on
[root@huzi conf]# chkconfig dovecot on
mimedefang 用chkconfig 设置开机启动不行。我们就把他放到/etc/rc.local文件中
/etc/init.d/mimedefang start
Openwebmail 要输入很长一个网址才可以打开,所以我们把/var/www/html里面新建一个index.html
里面的内容为
<META HTTP-EQUIV=REFRESH CONTENT="0;URL=http://mail.uplookinghuzi.com/cgi-bin/openwebmail/openwebmail.pl">
这 个mimedefang + spamassassin 本人已经在一台邮件服务器上用过,效果比较不错,具体spamassassin的防垃圾邮件规则,大家可以到spam中国网站下载相应的规则放到/usr /share/spamassassin目录就可以了.mimedefang的默认规则就已经很不错了。大家也可以自己去研究,个人感觉这已经足够了,不 过具体环境具体对待!mimedefang是用perl 编译写的,俺不怎么懂perl !
邮件服务器防垃圾是一个很长久的事情,要一步 一步测试,为什么我写这个文档!是因为之前公司台湾的邮件服务器用的是sendmail .老板一天最多时候收到近万封垃圾邮件(可能有些夸张,不过,我去给老板看过,确实多得不得了,收也收不完,由于台湾的MIS已经离职,这个任务就给我了。而且他在那里做的是生产系统这块。邮件他很少管),我就用了mimedefang。然后垃圾邮件少了很多,多几千到几十。这是他自己说的,不过我确实帮他看过,那是没有弄之前,一打开OUTLOOK。邮件就刷刷的下载,弄过之后,也没有听见他说过会挡住正常的邮件!呵呵!我在www.extmail.org里面下载了一些规则!
注
Clamav 出错的信息:如果你按照前面的做的,应该不会出现我这样的信息!如果出现了,你要想办法让clamd 是以defang用户的身份去运行,确定可以正常运行,因为clamd运行一段时间后为把自己锁住。主要是因为没有办法访问/var/spool /MIMEDefang下面的clamd.socket文件 。所以我们把clamd运行由defang用户来执行
如果不是,看日志会出 现以下错误信息:其实文件已经存在。就是权限的问题!但是安装完mimedefang后,提示设置权限为700 或者750而且所属主为defang 。结果我把权限设置为750同样报错,发不了邮件。clamd服务同样启动不了,所以解决的方法只有一个。clamd服务运行的权限由defang用户来 执行。上面已经有详细说明!如果整合mimedefang和clamav不成功,只有这方面问题(软件安装正常的情况)
下面是不成功的/var/log/messages 的clamd启动不了的错误提示信息
ul 17 22:10:34 huzi freshclam[10149]: daily.inc is up to date (version: 7736, sigs: 43573, f-level: 33, builder: arnaud)
Jul 17 22:11:56 huzi clamd[10199]: Loaded 355013 signatures.
Jul 17 22:11:56 huzi clamd[10199]: Algorithmic detection enabled.
Jul 17 22:24:36 huzi clamd[10512]: Loaded 355013 signatures.
Jul 17 22:24:36 huzi clamd[10512]: Socket file /var/spool/MIMEDefang/clamd.socket could not be bound: Permission denied
Jul 17 22:28:04 huzi clamd[10749]: Loaded 355013 signatures.
Jul 17 22:28:04 huzi clamd[10749]: Socket file /var/spool/MIMEDefang/clamd.socket could not be bound: Permission denied
Jul 17 22:28:17 huzi clamd[10784]: Loaded 355013 signatures.
Jul 17 22:28:17 huzi clamd[10784]: Socket file /var/spool/MIMEDefang/clamd.socket could not be bound: Permission denied
Jul 17 22:28:58 huzi clamd[10955]: Loaded 355013 signatures.
这是我的文件
[root@huzi mail]# ll /var/spool/MIMEDefang/
total 8
srwxrwxrwx 1 defang defang 0 Jul 18 18:14 clamd.socket
-rw-r----- 1 defang defang 5 Jul 18 18:14 mimedefang-multiplexor.pid
srw------- 1 defang defang 0 Jul 18 18:14 mimedefang-multiplexor.sock
-rw-r----- 1 defang defang 5 Jul 18 18:14 mimedefang.pid
srwxr-x--- 1 defang defang 0 Jul 18 18:14 mimedefang.sock
功能发送邮件给163,注意看到Mail OK字样!当然这个域名不存在,163不可能可以发送给我,所以,如果生产环境中碰到不可以发送或者错误,要仔细查看日志
ul 17 23:38:16 huzi sendmail[12904]: m6HEcDwM011784: to=<liuguan269@163.com>, ctladdr=<root@huzi.uplookinghuzi.com> (0/0), delay=00:59:50, xdelay=00:00:02, mailer=esmtp, pri=210353, relay=163mx02.mxmail.netease.com. [220.181.12.62], dsn=2.0.0, stat=Sent (Mail OK queued as mx12,PsCowLD7mwJUZ39IpJvfCw==.31298S2 1216309076)
Jul 17 23:38:58 huzi sendmail[12904]: m6HEcDwO011784: to=<liuguan269@163.com>, ctladdr=<root@huzi.uplookinghuzi.com> (0/0), delay=01:00:28, xdelay=00:00:42, mailer=esmtp, pri=210353, relay=163mx02.mxmail.netease.com. [220.181.12.62], dsn=2.0.0, stat=Sent (Mail OK queued as mx12,PsCowLD7mwJUZ39IpJvfCw==.31298S4 1216309119)
到我的163信箱中可以看到
日 期: 2008-07-18 18:10:47
发件人:
root <root@huzi.uplookinghuzi.com>
添加到通讯录
拒收
邀请
收件人: liuguan269@163.com
抄送人: (无)
主 题: huzi [举报垃圾邮件]
附 件:
以下是我安装配置过程中出现的错误信息
希望大家不要出现这样的问题!
Jul 17 22:28:04 huzi clamd[10749]: Socket file /var/spool/MIMEDefang/clamd.socket could not be bound: Permission denied
Jul 17 22:28:15 huzi clamd[10784]: clamd daemon 0.92.1 (OS: linux-gnu, ARCH: i386, CPU: i386)
Jul 17 22:28:15 huzi clamd[10784]: Running as user clamav (UID 100, GID 101)
Jul 17 22:28:15 huzi clamd[10784]: Log file size limit disabled.
Jul 17 22:28:15 huzi clamd[10784]: Reading databases from /var/clamav
Jul 17 22:28:15 huzi clamd[10784]: Not loading PUA signatures.
Jul 17 22:28:17 huzi clamd[10784]: Loaded 355013 signatures.
Jul 17 22:28:17 huzi clamd[10784]: Bound to address 127.0.0.1 on tcp port 3310
Jul 17 22:28:17 huzi clamd[10784]: Setting connection queue length to 30
Jul 17 22:28:17 huzi clamd[10784]: Socket file /var/spool/MIMEDefang/clamd.socket could not be bound: Permission denied
[root@huzi mail]# ll /var/spool/MIMEDefang/
发现启动clamd 服务后启动又停止了
这时候我们要把/var/spool/MIMEDefang 目录的权限改一下
我是把clamav加入到defang组中。同时候设置目录权限为750 然后重新启动clamd服务,然后clamd.socket文件就会生成。这时候再启动clamd 服务!
chown defang.defang /var/spool/MIMEDefang
chmod 700 /var/spool/MIMEdefang
然后我们发邮件会发现发不出去。观察日志内容如下
[root@huzi ~]# tail -f /var/log/maillog
Jul 17 22:27:48 huzi mimedefang-multiplexor[10664]: started; minSlaves=2, maxSlaves=10, maxRequests=500, maxIdleTime=300, busyTimeout=600, clientTimeout=10
Jul 17 22:27:48 huzi mimedefang-multiplexor[10664]: Starting slave 0 (pid 10665) (1 running): Bringing slaves up to minSlaves (2)
Jul 17 22:27:48 huzi mimedefang[10680]: MIMEDefang alive. slavesReservedForLoopback=-1 AllowNewConnectionsToQueue=0 doRelayCheck=0 doHeloCheck=0 doSenderCheck=0 doRecipientCheck=0
Jul 17 22:27:48 huzi mimedefang[10680]: Multiplexor alive - entering main loop
Jul 17 22:27:51 huzi mimedefang-multiplexor[10664]: Starting slave 1 (pid 10682) (2 running): Bringing slaves up to minSlaves (2)
Jul 17 22:30:07 huzi sendmail[10962]: m6HEU7mQ010962: from=root, size=48, class=0, nrcpts=1, msgid=<200807171430.m6HEU7mQ010962@huzi.uplookinghuzi.com>, relay=root@localhost
Jul 17 22:30:07 huzi sendmail[10963]: m6HEU7vh010963: Milter (mimedefang): local socket name /var/spool/MIMEDefang/mimedefang.sock unsafe
Jul 17 22:30:07 huzi sendmail[10963]: m6HEU7vh010963: Milter (mimedefang): to error state
Jul 17 22:30:07 huzi sendmail[10963]: m6HEU7vh010963: Milter: initialization failed, temp failing commands
Jul 17 22:30:07 huzi sendmail[10962]: m6HEU7mQ010962: to=root@localhost, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30048, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.2 Please try again later
Jul 17 22:31:12 huzi mimedefang-multiplexor[10664]: Received SIGTERM: Stopping slaves and terminating
Jul 17 22:31:12 huzi mimedefang-multiplexor[10664]: Reap: slave 0 (pid 10665) exited normally with status 0
Jul 17 22:31:12 huzi mimedefang-multiplexor[10664]: Slave 0 resource usage: req=0, scans=0, user=0.348, sys=0.042, nswap=0, majflt=0, minflt=4712, maxrss=0, bi=0, bo=0
Jul 17 22:31:12 huzi mimedefang-multiplexor[10664]: Reap: slave 1 (pid 10682) exited normally with status 0
Jul 17 22:31:12 huzi mimedefang-multiplexor[10664]: Slave 1 resource usage: req=0, scans=0, user=0.346, sys=0.050, nswap=0, majflt=0, minflt=4714, maxrss=0, bi=0, bo=0
Jul 17 22:31:13 huzi mimedefang[10680]: MIMEDefang-2.64: mi_stop=1
Jul 17 22:31:15 huzi mimedefang-multiplexor[11018]: started; minSlaves=2, maxSlaves=10, maxRequests=500, maxIdleTime=300, busyTimeout=600, clientTimeout=10
Jul 17 22:31:15 huzi mimedefang-multiplexor[11018]: Starting slave 0 (pid 11019) (1 running): Bringing slaves up to minSlaves (2)
Jul 17 22:31:15 huzi mimedefang[11034]: MIMEDefang alive. slavesReservedForLoopback=-1 AllowNewConnectionsToQueue=0 doRelayCheck=0 doHeloCheck=0 doSenderCheck=0 doRecipientCheck=0
Jul 17 22:31:15 huzi mimedefang[11034]: Multiplexor alive - entering main loop
Jul 17 22:31:18 huzi mimedefang-multiplexor[11018]: Starting slave 1 (pid 11036) (2 running): Bringing slaves up to minSlaves (2)
Jul 17 22:31:29 huzi sendmail[11039]: m6HEVSUH011039: from=root, size=56, class=0, nrcpts=1, msgid=<200807171431.m6HEVSUH011039@huzi.uplookinghuzi.com>, relay=root@localhost
Jul 17 22:31:29 huzi sendmail[11040]: m6HEVTkv011040: Milter (mimedefang): local socket name /var/spool/MIMEDefang/mimedefang.sock unsafe
Jul 17 22:31:29 huzi sendmail[11040]: m6HEVTkv011040: Milter (mimedefang): to error state
然后重新启动sendmail 服务。同样报错误
原因是权限问题 /var/spool/MIMeDefang 的用户要为defang 权限要为700才可以,但是这样。Clamd重新启动后又被锁住了。所以只有把clamd的文件及日志所属主改为defang用户来运行。就可以了!
Jul 17 23:17:55 huzi mimedefang.pl[11725]: MDLOG,m6HFHqkf012590,mail_in,,,<root@localhost.localdomain>,<liuguanhu@wanxin-sz.com.cn>,this is a test page
Jul 17 23:17:55 huzi sendmail[12590]: m6HFHqkf012590: Milter delete (noop): header: X-Spam-Score
Jul 17 23:17:55 huzi sendmail[12590]: m6HFHqkf012590: Milter add: header: X-Scanned-By: MIMEDefang 2.64 on 192.168.1.180
Jul 17 23:17:55 huzi sendmail[12589]: m6HFHq1m012589: to=liuguanhu@wanxin-sz.com.cn, ctladdr=root (0/0), delay=00:00:03, xdelay=00:00:03, mailer=relay, pri=30066, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (m6HFHqkf012590 Message accepted for delivery)
Jul 17 23:17:56 huzi sendmail[12594]: m6HFHqkf012590: to=<liuguanhu@wanxin-sz.com.cn>, ctladdr=<root@localhost.localdomain> (0/0), delay=00:00:04, xdelay=00:00:01, mailer=esmtp, pri=120372, relay=wanxin-sz.com.cn. [58.61.45.210], dsn=5.0.0, stat=Service unavailable
Jul 17 23:17:56 huzi sendmail[12594]: m6HFHqkf012590: m6HFHukf012594: DSN: Service unavailable (对方说我的域名不合法。呵呵,我的域名是localhost.localdomian 而且用的是私有地址,所以,无法发送到对方邮件服务器)
Jul 17 23:17:56 huzi sendmail[12594]: m6HFHukf012594: to=<root@localhost.localdomain>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31680, dsn=2.0.0, stat=Sent
Jul 17 23:17:55 huzi sendmail[12590]: m6HFHqkf012590: Milter delete (noop): header: X-Spam-Score
Jul 17 23:17:55 huzi sendmail[12590]: m6HFHqkf012590: Milter add: header: X-Scanned-By: MIMEDefang 2.64 on 192.168.1.180
Jul 17 23:17:55 huzi sendmail[12589]: m6HFHq1m012589: to=liuguanhu@wanxin-sz.com.cn, ctladdr=root (0/0), delay=00:00:03, xdelay=00:00:03, mailer=relay, pri=30066, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (m6HFHqkf012590 Message accepted for delivery)
Jul 17 23:17:56 huzi sendmail[12594]: m6HFHqkf012590: to=<liuguanhu@wanxin-sz.com.cn>, ctladdr=<root@localhost.localdomain> (0/0), delay=00:00:04, xdelay=00:00:01, mailer=esmtp, pri=120372, relay=wanxin-sz.com.cn. [58.61.45.210], dsn=5.0.0, stat=Service unavailable
Jul 17 23:17:56 huzi sendmail[12594]: m6HFHqkf012590: m6HFHukf012594: DSN: Service unavailable
Jul 17 23:17:56 huzi sendmail[12594]: m6HFHukf012594: to=<root@localhost.localdomain>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31680, dsn=2.0.0, stat=Sent |
|