论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2009-07-16 14:06 |只看该作者 |倒序浏览

1.安装clamav防病毒软件;
[root@mail ~]# yum install clamav
Dependencies Resolved
=============================================================================
Package                Arch    Version       Repository       Size
=============================================================================
Installing:
clamav                i386    0.91.2-1.el4.rf  dag             1.1 M
Installing for dependencies:
clamav-db             i386    0.91.2-1.el4.rf  dag             10 M
Transaction Summary
=============================================================================
Install    2 Package(s)
Update    0 Package(s)
Remove    0 Package(s)
Total download size: 11 M
Is this ok [y/N]: y
Downloading Packages:
Downloading Packages:
(1/2): clamav-0.91.2-1.el 100% |=========================| 1.1 MB 02:31
(2/2): clamav-db-0.91.2-1 100% |=========================|  10 MB 21:27
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: clamav-db                   ######################### [1/2]
  Installing: clamav                      ######################### [2/2]
Installed: clamav.i386 0:0.91.2-1.el4.rf
Dependency Installed: clamav-db.i386 0:0.91.2-1.el4.rf
Complete!
上面clamav也可手工下载到:
[url]http://www.baxitek.com/pub/clamav/[/url]
wget
[url]http://www.baxitek.com/pub/clamav/clamav-db-0.91.2-1.i386.rpm[/url]
wget
[url]http://www.baxitek.com/pub/clamav/clamav-0.91.2-1.i386.rpm[/url]
2.更新杀毒软件病毒定义；
[root@mail ~]# /usr/bin/freshclam
ClamAV update process started at Fri Aug 31 18:55:00 2007
Downloading daily.cvd [100%]
daily.cvd updated (version: 4110, sigs: 16448, f-level: 21, builder: acab)
Database updated (149611 signatures) from db.cn.clamav.net (IP: 58.221.222.69)
WARNING: Clamd was NOT notified: Can't find or parse configuration file /etc/clamd.conf

3.鉴于上面升级病毒码的警告信息：是因为通过yum RPM包方式安装的clamav时，所生成的配置文件，不在/etc目录下，且文件名叫clamav.conf,按下面操作：
[root@mail etc]# find / -name clam*
find: /proc/801/task: No such file or directory
find: /proc/802/task: No such file or directory
find: /proc/803/task: No such file or directory
find: /proc/928/task: No such file or directory
find: /proc/936/task: No such file or directory
/etc/log.d/conf/services/clamav.conf
[root@mail etc]# cp /etc/log.d/conf/services/clamav.conf /etc/clamd.conf
4.安装spamassassin防垃圾软件；
[root@mail ~]# yum -y  install  spamassassin
Dependencies Resolved
=============================================================================
Package                Arch    Version       Repository       Size
=============================================================================
Installing:
spamassassin          i386    3.2.3-1.el4.rf dag             1.0 M
Installing for dependencies:
perl-Archive-Tar       noarch    1.32-1.el4.rf dag             47 k
perl-Digest-HMAC       noarch    1.01-13       base             11 k
perl-Digest-SHA1       i386    2.07-5          base             19 k
perl-IO-Socket-SSL    noarch    1.07-2.el4.rf dag             43 k
perl-IO-Zlib          noarch    1.05-1.el4.rf dag             15 k
perl-Net-DNS          i386    0.61-1.el4.rf dag             271 k
perl-Net-IP          noarch    1.25-1.el4.rf dag             30 k
perl-Net-SSLeay       i386    1.30-4.el4.centos  extras          198 k
perl-Time-HiRes       i386    1.55-3          base             22 k
Updating for dependencies:
perl-HTML-Parser       i386    3.55-1.el4.rf dag             140 k
Transaction Summary
=============================================================================
Install    10 Package(s)
Update    1 Package(s)
Remove    0 Package(s)
Total download size: 1.8 M
Downloading Packages:
(1/11): perl-HTML-Parser- 100% |=========================| 140 kB 00:24
(2/11): perl-Digest-HMAC- 100% |=========================|  11 kB 00:05
(3/11): perl-Net-DNS-0.61 100% |=========================| 271 kB 00:35
(4/11): perl-Net-SSLeay-1 100% |=========================| 198 kB 00:06
(5/11): perl-Digest-SHA1- 100% |=========================|  19 kB 00:04
(6/11): perl-Net-IP-1.25- 100% |=========================|  30 kB 00:06
(7/11): perl-Time-HiRes-1 100% |=========================|  22 kB 00:04
(8/11): perl-IO-Socket-SS 100% |=========================|  43 kB 00:06
(9/11): perl-Archive-Tar- 100% |=========================|  47 kB 00:07
(10/11): spamassassin-3.2 100% |=========================| 1.0 MB 02:19
(11/11): perl-IO-Zlib-1.0 100% |=========================|  15 kB 00:02
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: perl-Digest-SHA1          ####################### [ 1/12]
  Updating  : perl-HTML-Parser          ####################### [ 2/12]
  Installing: perl-Digest-HMAC          ####################### [ 3/12]
  Installing: perl-IO-Zlib                ####################### [ 4/12]
  Installing: perl-Archive-Tar          ####################### [ 5/12]
  Installing: perl-Time-HiRes             ####################### [ 6/12]
  Installing: perl-Net-IP                ####################### [ 7/12]
  Installing: perl-Net-DNS                ####################### [ 8/12]
  Installing: perl-Net-SSLeay             ####################### [ 9/12]
  Installing: perl-IO-Socket-SSL          ####################### [10/12]
  Installing: spamassassin                ####################### [11/12]
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
      LANGUAGE = (unset),
      LC_ALL = (unset),
      LANG = "en_US.en"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
      LANGUAGE = (unset),
      LC_ALL = (unset),
      LANG = "en_US.en"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
  Cleanup : perl-HTML-Parser          ####################### [12/12]
Installed: spamassassin.i386 0:3.2.3-1.el4.rf
Dependency Installed: perl-Archive-Tar.noarch 0:1.32-1.el4.rf perl-Digest-HMAC.noarch 0:1.01-13 perl-Digest-SHA1.i386 0:2.07-5 perl-IO-Socket-SSL.noarch 0:1.07-2.el4.rf perl-IO-Zlib.noarch 0:1.05-1.el4.rf perl-Net-DNS.i386 0:0.61-1.el4.rf perl-Net-IP.noarch 0:1.25-1.el4.rf perl-Net-SSLeay.i386 0:1.30-4.el4.centos perl-Time-HiRes.i386 0:1.55-3
Dependency Updated: perl-HTML-Parser.i386 0:3.55-1.el4.rf
Complete!
[root@mail ~]#

5.针对上面红色字体的告警信息，我们修改一下/etc/sysconfig/i18n文件，如果不修改在安装MailScanner时候，每次重新启动都提示，但是暂不知道有没有什么其它的影响！
[root@mail ~]# vi /etc/sysconfig/i18n
添加以下命令行：
LC_ALL="C"
并将：LANG="en_US.UTF-8"
改为：LANG="en_US"

6.接下来我们安装MailScanner,首先我们要下载，可以到官方网上下，地址：
[url]http://www.mailscanner.info/[/url]
上下载。
[root@mail tmp]# wget
[url]http://www.mailscanner.info/files/4/rpm/MailScanner-4.62.9-3.rpm.tar.gz[/url]
--16:40:51--
[url]http://www.mailscanner.info/files/4/rpm/MailScanner-4.62.9-3.rpm.tar.gz[/url]
         => `MailScanner-4.62.9-3.rpm.tar.gz'
Resolving
[url]http://www.mailscanner.info/[/url]
... 81.17.252.15
Connecting to
[url]http://www.mailscanner.info/[/url]
|81.17.252.15|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4,239,584 (4.0M) [application/x-gzip]
100%[====================================>] 4,239,584    6.74K/s ETA 00:00
16:50:54 (6.88 KB/s) - `MailScanner-4.62.9-3.rpm.tar.gz' saved [4239584/4239584]
[root@mail tmp]# tar zxvf MailScanner-4.62.9-3.rpm.tar.gz  #解压缩此包
[root@mail tmp]# cd MailScanner-4.62.9-3
[root@mail MailScanner-4.62.9-3]# ./install.sh #此过程较长，此时可以喝一杯去，哈哈！
Good. You have the patch command.
Good, you have /usr/src/redhat in place.
Writing a .rpmmacros file in your home directory to stop
unpackaged files breaking the build process.
You can delete it once MailScanner is installed if you want to.
Now to install MailScanner itself.
NOTE: If you get lots of errors here, run the install.sh script
NOTE: again with the command "./install.sh nodeps"
Preparing...             ########################################### [100%]
1:mailscanner          ########################################### [100%]
Good, SpamAssassin site rules found in /etc/mail/spamassassin
To activate MailScanner run the following commands:
service sendmail stop
chkconfig sendmail off
chkconfig --level 2345 MailScanner on
service MailScanner start
For technical support, please read the MAQ at
[url]www.mailscanner.biz/maq/[/url]
and buy the book at
[url]www.mailscanner.info/store[/url]
----------------------------------------------------------
Please buy the MailScanner book from
[url]http://www.mailscanner.info/[/url]
!
It is a very useful administration guide and introduction
to MailScanner. All the proceeds go directly to making
MailScanner a better supported package than it is today.

7.配置MainScanner及设置POSTFIX使用MailScanner调用clamav及SA;(红色字为待修改，绿色为修改后的内容.
[root@mail MailScanner-4.62.9-3]# vi /etc/MailScanner/MailScanner.conf
%org-name% = yoursite
%org-name% = centosmail

%org-long-name% = Your Organisation Name Here
%org-long-name% = CentosMail_Leeki.Yan

%web-site% =
[url]http://www.your-organisation.com/[/url]
%web-site% =
[url]http://www.centos.eb.cn/[/url]
Run As User =
Run As User = postfix

Run As Group =
Run As Group = postfix

Incoming Queue Dir = /var/spool/mqueue.in
Incoming Queue Dir = /var/spool/postfix/hold

Outgoing Queue Dir = /var/spool/mqueue
Outgoing Queue Dir = /var/spool/postfix/incoming

MTA = sendmail
MTA = postfix
Virus Scanners = auto
Virus Scanners = clamav

Always Include SpamAssassin Report = no
Always Include SpamAssassin Report = yes
SpamAssassin User State Dir =
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

Incoming Work User =
Incoming Work Group =
Incoming Work User = postfix
Incoming Work Group = postfix

SpamAssassin Install Prefix =
SpamAssassin Install Prefix = /usr/bin

Quarantine User =
Quarantine Group =
Quarantine User = postfix
Quarantine Group = postfix

[root@mail MailScanner-4.62.9-3]# vi /etc/MailScanner/MailScanner.conf
[root@mail MailScanner-4.62.9-3]# cd /var/spool/MailScanner/
[root@mail MailScanner]# ls -al
total 20
drwxr-xr-x 4 root root 4096 Aug 31 20:34 .
drwxr-xr-x  16 root root 4096 Aug 31 20:34 ..
drwxr-xr-x 8 root root 4096 Aug 31 21:01 incoming
drwxr-xr-x 2 root root 4096 Aug 31 20:34 quarantine
[root@mail MailScanner]# mkdir spamassassin
[root@mail MailScanner]# mkdir .spamassassin
[root@mail MailScanner]# chown -R postfix:postfix /var/spool/MailScanner/*
[root@mail MailScanner]# ls  -al
total 28
drwxr-xr-x 6 root root 4096 Aug 31 21:48 .
drwxr-xr-x  16 root root 4096 Aug 31 20:34 ..
drwxr-xr-x 2 root root 4096 Aug 31 21:48 .spamassassin
drwxr-xr-x 8 postfix postfix 4096 Aug 31 21:01 incoming
drwxr-xr-x 2 postfix postfix 4096 Aug 31 20:34 quarantine
drwxr-xr-x 2 postfix postfix 4096 Aug 31 21:48 spamassassin
修改main.cf文件，让其使用MainScanner;
[root@mail MailScanner]# vi /etc/postfix/main.cf
将：  #header_checks = regexp:/etc/postfix/header_checks
改为：header_checks = regexp:/etc/postfix/header_checks
[root@mail MailScanner]# mv /etc/postfix/header_checks /etc/postfix/header_checks.bak
[root@mail MailScanner]# vi /etc/postfix/header_checks
增加如下命令：
(注意，空格处要使用 tab 键,添加如下内容）
/^Received:/ HOLD
[root@mail MailScanner]# chkconfig spamassassin on
[root@mail MailScanner]# service spamassassin start
Starting spamd:                                           [  OK  ]
[root@mail MailScanner]#
[root@mail MailScanner]# chkconfig postfix off #关闭postfix自启动，因MailScanner启动时，自动启动postfix
[root@mail MailScanner]# chkconfig MailScanner on
[root@mail MailScanner]# /etc/rc.d/init.d/MailScanner start
Starting MailScanner daemons:
      incoming postfix:                               [  OK  ]
      outgoing postfix:                               [  OK  ]
      MailScanner:                                     [  OK  ]
查看clamav有没有启动，使用下面命令：
[root@mail MailScanner]# ps -aux | grep clamd
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
root    12603  0.0  0.2  2992  444 pts/0 S+ 22:08 0:00 grep clamd

8.重新启动一下机器，开始测试吧！
[root@mail~]#tail -f /var/log/maillog
开始测试发一封邮件，可以在日志中查到到以下内容：
Aug 31 22:23:18 mail MailScanner[2600]: Using locktype = flock
Aug 31 22:23:18 mail MailScanner[3338]: Using SpamAssassin results cache
Aug 31 22:23:18 mail MailScanner[3338]: Connected to SpamAssassin cache database
Aug 31 22:23:18 mail MailScanner[3338]: Enabling SpamAssassin auto-whitelist functionality...
Aug 31 22:23:33 mail MailScanner[2709]: Using locktype = flock
Aug 31 22:23:36 mail MailScanner[3264]: Using locktype = flock
Aug 31 22:23:38 mail MailScanner[3336]: Using locktype = flock
Aug 31 22:23:39 mail MailScanner[3338]: Using locktype = flock
Aug 31 22:24:13 mail pop3-login: Login: leeki.yan [::ffff:10.0.0.25]
Aug 31 22:25:39 mail postfix/smtpd[3345]: connect from unknown[10.0.0.25]
Aug 31 22:25:39 mail postfix/smtpd[3345]: C38C71702CA: client=unknown[10.0.0.25]
Aug 31 22:25:40 mail postfix/cleanup[3348]: C38C71702CA: hold: header Received: from ts (unknown [10.0.0.25])??by mail.centos.eb.cn (Postfix) with SMTP id C38C71702CA??for leeki.yan@centos.eb.cn[/email]
>; Fri, 31 Aug 2007 22:25:39 +0800 (CST) from unknown[10.0.0.25]; from=leeki.yan@centos.eb.cn[/email]
> to=leeki.yan@centos.eb.cn[/email]
> proto=SMTP helo=
Aug 31 22:25:40 mail postfix/cleanup[3348]: C38C71702CA: message-id=
Aug 31 22:25:40 mail postfix/smtpd[3345]: disconnect from unknown[10.0.0.25]
Aug 31 22:25:43 mail MailScanner[3264]: New Batch: Scanning 1 messages, 934 bytes
Aug 31 22:25:59 mail pop3-login: Login: leeki.yan [::ffff:10.0.0.25]
Aug 31 22:25:59 mail MailScanner[3264]: Virus and Content Scanning: Starting
Aug 31 22:26:14 mail MailScanner[3264]: Requeue: C38C71702CA.8937F to 14A741702E8
Aug 31 22:26:14 mail MailScanner[3264]: Uninfected: Delivered 1 messages
Aug 31 22:26:14 mail postfix/qmgr[2579]: 14A741702E8: from=leeki.yan@centos.eb.cn[/email]
>, size=1212, nrcpt=1 (queue active)
Aug 31 22:26:14 mail postfix/local[3361]: 14A741702E8: to=<<A href="mailto:leeki.yan@centos.eb.cn

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u3/94651/showart_1998066.html

文库|博客

返回列表

Chinaunix › 论坛 › 操作系统 › Linux新手园地 › Linux文档专区 › clamav mailscanner spam

clamav mailscanner spam [复制链接]