设为首页收藏本站

 找回密码
 注册
搜索
热搜: 回贴
微赢网络技术论坛 门户 服务器 Linux/BSD 查看内容

RedHat EL5/CentOS 5 配置postfix全功能服务器4--配置杀毒过滤扫描

2009-12-20 13:08| 发布者: admin| 查看: 122| 评论: 0|原作者: 江海


安装maildrop
wget
http://voxel.dl.sourceforge.net/sourceforge/courier/maildrop-2.0.4.tar.bz2

[root@mail /home/down]#tar jxvf maildrop-2.0.4.tar.bz2
[root@mail /home/down/maildrop-2.0.4]#cd maildrop-2.0.4
[root@mail /home/down/maildrop-2.0.4]#ln -sv /usr/local/authlib/bin/courierauthconfig /usr/bin
创建指向“/usr/local/authlib/bin/courierauthconfig”的符号链接“/usr/bin/courierauthconfig”
[root@mail /home/down/maildrop-2.0.4]#ln -sv /usr/local/authlib/include/* /usr/include
创建指向“/usr/local/authlib/include/courier_auth_config.h”的符号链接“/usr/include/courier_auth_config.h”
创建指向“/usr/local/authlib/include/courierauthdebug.h”的符号链接“/usr/include/courierauthdebug.h”
创建指向“/usr/local/authlib/include/courierauth.h”的符号链接“/usr/include/courierauth.h”
创建指向“/usr/local/authlib/include/courierauthsaslclient.h”的符号链接“/usr/include/courierauthsaslclient.h”
创建指向“/usr/local/authlib/include/courierauthsasl.h”的符号链接“/usr/include/courierauthsasl.h”
创建指向“/usr/local/authlib/include/ltdl.h”的符号链接“/usr/include/ltdl.h”

[root@mail /mnt/Server]#rpm -ivh pcre-devel-6.6-1.1.i386.rpm
[root@mail /home/down/maildrop-2.0.4]#./configure --prefix=/usr/local/maildrop --enable-sendmail=/usr/sbin/sendmail --enable-trusted-users='root vmail' --enable-syslog=1 --enable-maildirquota --enable-maildrop-uid=1001 --enable-maildrop-gid=1001 --with-trashquota --with-dirsync

[root@mail /home/down/maildrop-2.0.4]#make
[root@mail /home/down/maildrop-2.0.4]#make install
[root@mail /home/down/maildrop-2.0.4]#cp /usr/local/maildrop/bin/maildrop /usr/bin
[root@mail /home/down/maildrop-2.0.4]#maildrop -v
maildrop 2.0.4 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled. 要有这行
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
[root@mail /home/down/maildrop-2.0.4]#


[root@mail /home/down/maildrop-2.0.4]#vi /etc/maildroprc
logfile "/var/log/maildrop.log"
VERBOSE="4"


安装clamav
rpm -ivh lcms-1.15-1.2.2.i386.rpm
rpm -ivh libwmf-0.2.8.4-10.1.i386.rpm
rpm -ivh ImageMagick-6.2.8.0-3.el5.4.i386.rpm

[root@mail /home/down]#tar zxvf clamav-0.91.2.tar.gz
[root@mail /home/down]#cd clamav-0.91.2
[root@mail /home/down/clamav-0.91.2]#./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav --disable-zlib-vcheck --sysconfdir=/etc/clamav
[root@mail /home/down/clamav-0.91.2]#make
[root@mail /home/down/clamav-0.91.2]#make install

新建相关的文件及目录
[root@mail /home/down/clamav-0.91.2]#mkdir /var/log/clamav
[root@mail /home/down/clamav-0.91.2]#chown -R amavis:amavis /var/log/clamav
[root@mail /home/down/clamav-0.91.2]#chown -R amavis.amavis /usr/local/share/clamav
[root@mail /home/down/clamav-0.91.2]#mkdir /var/run/clamav
[root@mail /home/down/clamav-0.91.2]#chmod 700 /var/run/clamav
[root@mail /home/down/clamav-0.91.2]#chown amavis.amavis /var/run/clamav
[root@mail /home/down/clamav-0.91.2]#mv /etc/clamav/freshclam.conf /etc/clamav/freshclam.conf.old
[root@mail /home/down/clamav-0.91.2]#vi /etc/clamav/freshclam.conf

DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose yes
LogSyslog yes
LogFacility LOG_MAIL
PidFile /var/run/freshclam.pid
DatabaseOwner amavis
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
DatabaseMirror database.clamav.net

[root@mail /home/down/clamav-0.91.2]#mv /etc/clamav/clamd.conf /etc/clamav/clamd.conf.old
[root@mail /home/down/clamav-0.91.2]#vi /etc/clamav/clamd.conf

LogFile /var/log/clamav/clamd.log
LogSyslog yes
LogFacility LOG_MAIL
LogVerbose yes
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
LocalSocket /var/run/clamav/clamd.socket
StreamMaxLength 20M
User amavis
ScanELF yes
ScanPDF yes
ScanMail yes
PhishingSignatures yes


配置库文件及开机自启动
[root@mail /home/down/clamav-0.91.2]#cp contrib/init/RedHat/clamd /etc/rc.d/init.d/clamd
[root@mail /home/down/clamav-0.91.2]#cp contrib/init/RedHat/clamav-milter /etc/rc.d/init.d/clamav-milter
[root@mail /home/down/clamav-0.91.2]#chkconfig --add clamd
[root@mail /home/down/clamav-0.91.2]#chkconfig --add clamav-milter
[root@mail /home/down/clamav-0.91.2]#chkconfig --level 2345 clamd on
[root@mail /home/down/clamav-0.91.2]#chkconfig --level 2345 clamav-milter on
[root@mail /home/down/clamav-0.91.2]#echo "/usr/local/clamav/lib" >> /etc/ld.so.conf
[root@mail /home/down/clamav-0.91.2]#ldconfig -v
[root@mail /home/down/clamav-0.91.2]#vi /etc/rc.d/init.d/clamd
progdir="/usr/local/clamav/sbin" //19行

启动服务及添加自动任务
[root@mail /home/down/clamav-0.91.2]#crontab –e
37 * * * * /usr/local/clamav/bin/freshclam

安装amavisd
[root@mail /home/down]#tar zxvf amavisd-new-2.6.1.tar.gz
[root@mail /home/down]#cd amavisd-new-2.6.1
[root@mail /home/down/amavisd-new-2.6.1]#mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis
[root@mail /home/down/amavisd-new-2.6.1]#chown -R amavis:amavis /var/amavis
[root@mail /home/down/amavisd-new-2.6.1]#chmod -R 750 /var/amavis
[root@mail /home/down/amavisd-new-2.6.1]#cp amavisd /usr/local/sbin/
[root@mail /home/down/amavisd-new-2.6.1]# chown root /usr/local/sbin/amavisd
[root@mail /home/down/amavisd-new-2.6.1]#chmod 755 /usr/local/sbin/amavisd
[root@mail /home/down/amavisd-new-2.6.1]#cp amavisd.conf /etc/
[root@mail /home/down/amavisd-new-2.6.1]#chown root /etc/amavisd.conf
[root@mail /home/down/amavisd-new-2.6.1]#chmod 644 /etc/amavisd.conf
[root@mail /home/down/amavisd-new-2.6.1]#mkdir /var/virusmails
[root@mail /home/down/amavisd-new-2.6.1]#chown amavis:amavis /var/virusmails
[root@mail /home/down/amavisd-new-2.6.1]#chmod 750 /var/virusmails

配置amavisd.conf文件
[root@mail /home/down]#vi /etc/amavisd.conf
max_servers=8;
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'mail.com';
$db_home = "$MYHOME/db";
$inet_socket_port = 10024;
$sa_tag_level_deflt = -100;
$sa_tag2_level_deflt = 6.3;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$virus_admin = "virusalert@$mydomain";
$sa_spam_subject_tag = '***SPAM*** ';
$notify_method = $forward_method;
$forward_method = 'smtp:127.0.0.1:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_PASS;
$virus_admin = "postmaster\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "postmaster\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
['ClamAV-clamd',
&ask_daemon, ["CONTSCAN {}n", "/var/run/clamav/clamd.socket"],
qr/bOK$/, qr/bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],


[root@mail /usr]#/usr/local/sbin/amavisd debug
ERROR: MISSING REQUIRED BASIC MODULES:
IO::Wrap
IO::Stringy
Unix::Syslog
MIME::Words
MIME::Head
MIME::Body
MIME::Entity
MIME::Parser
MIME::Decoder
MIME::Decoder::Base64
MIME::Decoder::Binary
MIME::Decoder::QuotedPrint
MIME::Decoder::NBit
MIME::Decoder::UU
MIME::Decoder::Gzip64
Net::Server
Net::Server::PreFork
BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 232.

[root@mail /home/down]#perl -MCPAN -e shell
cpan> install IO::Wrap
cpan> install IO::Stringy
修正:用cpan 加模块名(如 cpan Compress::Zlib),比较省事.
解决"Can't locate Crypt/OpenSSL/RSA.pm in @IN"报错的方法:cpan Crypt::OpenSSL::RSA即可.其它的perl模块可如法炮制.

错误:Can't locate BerkeleyDB

解决"Can't locate Crypt/OpenSSL/RSA.pm in @IN"报错的方法:cpan Crypt::OpenSSL::RSA即可.其它的perl模块可如法炮制.
解决方法:install BerkeleyDB

Problem in Amavis::DKIM code: Can't locate Mail/DKIM/Verifier.pm in @INC
cpan> install Mail::DKIM::Verifier
cpan> install Crypt::OpenSSL::RSA
cpan> install Convert::TNEF
cpan> install Convert::UUlib
cpan> install Archive::Zip
测试启动
[root@mail /usr]#/usr/local/sbin/amavisd debug




测试启动spamassassin
[root@mail /root]#vi /etc/mail/spamassassin/local.cf

# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)

# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.

required_hits 10.0
report_safe 1
rewrite_header Subject [SPAM]
required_hits 10.0
rewrite_subject 1
use_bayes 1
bayes_auto_learn 1
skip_rbl_checks 1
use_razor2 0
use_pyzor 0
ok_locales all

[root@mail /root]#spamassassin -d --lint

如果出现以下错误,可把local.cf里的rewrite_subject 1注释掉,即在前面加#,不影响使用
[1034] warn: config: failed to parse line, skipping: rewrite_subject 1
[1034] warn: lint: 1 issues detected, please rerun with debug enabled for more information

启动进程,并将其加入到自动启动队列
[root@mail /root]#/usr/bin/spamd -d
[root@mail /root]#echo "/usr/bin/spamd -d" >> /etc/rc.local

启动amavis并测试postfix ,正常情况下应出现下面的提示
[root@mail /root]#/usr/local/sbin/amavisd
[root@mail /root]#postfix start
postfix/postfix-script: starting the Postfix mail system

如果出现这个错误
[root@mail /root]#telnet localhost 25
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused

[root@mail /mnt/Server]#rpm -ivh xinetd-2.3.14-10.el5.i386.rpm
[root@mail /mnt/Server]#rpm -ivh telnet-server-0.17-38.el5.i386.rpm
[root@mail /mnt/Server]#service xinetd restart

[root@mail /root]#tail -f /var/log/maillog
发现
Aug 28 01:54:15 mail postfix/smtpd[9450]: fatal: open database /etc/aliases.db: No such file or directory

[root@mail /root]# postfix stop
postfix/postfix-script: stopping the Postfix mail system
postfix/postfix-script: waiting for the Postfix mail system to terminate
[root@mail /root]#newaliases
[root@mail /root]#cd /etc
[root@mail /etc]#touch aliases.db
[root@mail /etc]#chmod 755 aliases.db
[root@mail /etc]#postalias aliases
[root@mail /etc]#postfix start
postfix/postfix-script: starting the Postfix mail system


[root@mail /etc]#telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to mail.com (127.0.0.1).
Escape character is '^]'.
220 Welcome to our redhat.mail.com ESMTP,Warning: Version not Available!
EHLO mail.com
250-redhat.mail.com
250-PIPELINING
250-SIZE 1433600
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.

[root@mail /etc]#telnet 127.0.0.1 10025
Trying 127.0.0.1...
Connected to mail.com (127.0.0.1).
Escape character is '^]'.
220 Welcome to our redhat.mail.com ESMTP,Warning: Version not Available!
EHLO mail.com
250-redhat.mail.com
250-PIPELINING
250-SIZE 1433600
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.





收藏 分享 邀请

最新评论

相关分类

QQ|小黑屋|最新主题|手机版|微赢网络技术论坛 ( 苏ICP备08020429号 )

GMT+8, 2024-9-29 15:34 , Processed in 0.100179 second(s), 12 queries , Gzip On, MemCache On.

Powered by Discuz! X3.5

© 2001-2023 Discuz! Team.

返回顶部