postfix邮件服务器安装反垃圾,反病毒组件(续上)

一,安装反病毒测试

debian @ apt-get install amavisd-new spamassassin clamav clamav-daemon clamav-freshclam arc bzip2 lzop zoo cpio

->在/etc/postfix/main.cf 加入

content_filter = smtp-amavis:[127.0.0.1]:10024

->在/etc/postfix/master.cf 加入

smtp-amavis unix -   -   n   -     2 smtp

 -o smtp_data_done_timeout=1200

 -o disable_dns_lookups=yes

#前面有空格,空格表示续上行

127.0.0.1:10025 inet n -        n       -       -       smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
       -o strict_rfc821_envelopes=yes

->配置amavisd-new ,编辑/etc/amavis/amavisd.conf,修改下面的内容

$mydomain = 'wader.com';

->跟据你自己的需要修改发现病毒垃圾邮件等的处理方法

->D_DISCARD 丢弃，D_BOUNCE 退信，D_REJECT 拒绝，D_PASS 通过

$final_virus_destiny      = D_DISCARD; # (defaults to D_BOUNCE)
$final_banned_destiny     = D_BOUNCE;  # (defaults to D_BOUNCE)
$final_spam_destiny       = D_REJECT;  # (defaults to D_REJECT)
$final_bad_header_destiny = D_PASS;  # (defaults to D_PASS), D_BOUNCE suggested

->配置spamassassin,修改/etc/default/spamassassin

ENABLED=1

->配置clamav 以支持amavisd-new 杀毒

->编辑/etc/clamav/clamd.conf,将User clamav 改为

User amavis

->修改目录的权限

debian @/etc/clamav# chown -R amavis:amavis /var/log/clamav/

debian @/etc/clamav# chown -R amavis:amavis /var/run/clamav/

debian @/etc/clamav# chown -R amavis:amavis /var/lib/clamav

->编辑/etc/clamav/freshclam.con,将DatabaseOwner clamav改为

DatabaseOwner amavis

->重启服务

debian @/etc/clamav# /etc/init.d/clamav-daemon restart

debian @/etc/clamav# /etc/init.d/clamav-freshclam restart

->发病毒测试

debian @/# telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.nubb.com ESMTP Mail System

ehlo test
250-mail.nubb.com
250-PIPELINING
250-SIZE 20480000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:<test@test.com>
250 2.1.0 Ok
rcpt to:<test@wader.com>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
X5O!P%@AP[4/PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
.
250 2.0.0 Ok: queued as 5AD321C5024
quit
221 2.0.0 Bye
Connection closed by foreign host.

->所产生的mail.log

May 20 22:52:18 mail postfix/qmgr[2900]: 8032C31B8B: from=test@test.com>, size=392, nrcpt=1 (queue active)

May 20 22:52:18 mail postfix/smtpd[3371]: connect from localhost[127.0.0.1]

May 20 22:52:18 mail postfix/smtpd[3371]: 46E6831B8C: client=localhost[127.0.0.1]

May 20 22:52:18 mail postfix/qmgr[2900]: 46E6831B8C: from=>, size=2268, nrcpt=1 (queue active)

May 20 22:52:18 mail amavis[2687]: (02687-02) INFECTED (Eicar-Test-Signature), test@test.com> -> test@extmail.org>, quarantine virus-20060520-225218-02687-02, Message-ID:20060520145157.8032C31B8B@mail.extmail.org>, Hits: -

May 20 22:52:18 mail postfix/smtp[3370]: 8032C31B8B: to=test@extmail.org>, relay=127.0.0.1[127.0.0.1], delay=21,status=sent (250 2.7.1 Ok, discarded, id=02687-02 - VIRUS: Eicar-Test-Signature)

May 20 22:52:18 mail postfix/qmgr[2900]: 8032C31B8B: removed

二,安装反垃圾组件

安装slockd

可以选择Tarball 安装法:

下载地址：http://www.extmail.org/download/

解压到/usr/local/slockd目录下，注意，必须使用root身份进行

->安装perl模块(包括)

debian@ /# apt-get install libdigest-md4-perl,libdigest-hmac-perl,libdigest-sha1-perl,libnet-ip-perl

->安装Net::DNS模块

->安装前必须确定Net-IP模块是否已经安装好了，方法很简单

debian@ /# perl -e 'use Net::IP'

->如果没有错误返回则表示安装已经好了

->安装Net-DNS

debian@ /# apt-get install libnet-dns-perl

->再次检测

->配置slockd

->编辑/usr/local/slockd/config/main.cf

host            localhost
port            10030
listen          1024

log_file        /var/log/slockd.log
pid_file        /var/run/slockd.pid

修改slockd 目config录下的 main.cf ，将setsid 1 的注释去掉

->默认情况下，slockd将只监听127.0.0.1（localhost）的10030端口，公网是无法访问这一服务的，这样做是为了安全起见，防止被其他有心人利用来做坏事。

 ->配置resolv.conf

请确认/etc/resolv.conf里的dns服务器是离你的邮件服务器最近，速度最快的dns server，slockd很依赖dns的好坏，因此给系统配置一个快速的dns能大幅度提高处理速度。

->启动slockd

./slockd

->测试slockd

->进入/usr/local/slockd/tools 目录

perl policy_sig -h localhost -p 10030 --helo FOOBAR --ip 192.168.0.1 --from test@foo.com --to test@bar.com

-> 此时，程序应该返回如下错误信息(看日志)

debian@ # tail -f /var/log/slockd.log

 action=504 <FOOBAR>: rejected, see http://bl.extmail.org/cgi/why?fqdn

->配置MTA

->编辑/etc/postfix/main.cf

->将“check_policy_service inet:127.0.0.1:10030”记录增加到smtpd_recipient_restrictions 里

smtpd_recipient_restrictions =
 permit_mynetworks,
 permit_sasl_authenticated,
 reject_non_fqdn_hostname,
 reject_non_fqdn_sender,
 reject_non_fqdn_recipient,
 reject_unauth_destination,
 reject_unauth_pipelining,
 reject_invalid_hostname,
 check_policy_service inet:127.0.0.1:10030

->重载postfix

debian@# /etc/init.d/postfix reload

->以后台方式运行slockd

debain@# killall slockd

/usr/local/slockd/slockd-init start

->至此，反垃圾组件安装成功。