安裝四個下載的軟件包:
# dpkg -i *.deb
修改/etc/amavis/amavisd.conf:
@inet_acl = qw( 127/8 1.2.3.4/32 ); # 1.2.3.4 is your external ip .. because want maybe also accept mail from that interface, it's up to you.
$warnvirussender = 1; # I want to warn people, who have got virus.
$warnvirusrecip = 1; # I want to warn my users about virus send to them.
$warn_offsite = 1; # I want to warn senders/recipients, that are not located on my server
$mailfrom_notify_admin = '[email protected]'; #
$mailfrom_notify_recip = '[email protected]'; # Change these to the appropriate email-adresses, you wish to use as sender
$mailfrom_notify_spamadmin = '[email protected]'; # for spam and virus warnings
$hdrfrom_notify_sender = 'AMaViS (content filter) <[email protected]>';
$virus_admin = '[email protected]'; #
$spam_admin = '[email protected]'; #
指定使用uvscan:
@av_scanners = (
['NAI McAfee AntiVirus (uvscan)', 'uvscan',
'--secure -rv --summary --noboot {}', [0], [13],
qr/(?x) Found (?:
/ the/ (.+)/ (?:virus|trojan) |
/ (?:virus|trojan)/ or/ variant/ ([^ ]+) |
:/ (.+)/ NOT/ a/ virus)/ ],
);
找到/etc/postfix/master.cf如下行:
smtp inet n - n - - smtpd
改為如下:
smtp inet n n n - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o local_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o strict_rfc821_envelopes=yes
重啟postfix,這樣在收到病毒郵件的時候能夠在日志文件看到如下的信息:
Jul 16 15:34:22 xxx amavis[30997]: (30997-09) INFECTED (W32/Nimda.gen@MM), (?) -> <[email protected]>, quarantine virus-20030716-153422-30997-09, Message-ID: <20030716073414.520D3E5C2F@xxx>
三、防垃圾郵件部分
垃圾郵件的防范必須掌握好尺度,postfix本身提供了header_check、body_check、access、classes等方式來拒絕郵件,可以參考如下地址的樣例,結合自己的情況進行修改也能阻止一部分垃圾郵件:
http://www.XXXX.com/guides/postfix_uce_header.html
http://www.XXXX.com/guides/postfix_uce_body.html
http://www.XXXX.com/guides/postfix_uce_access.html
http://www.XXXX.com/guides/postfix_uce_class.html
不過以上配置文件需要管理員根據自己情況手工進行修改,如果直接采用的話,那么國內很多郵件你將收不到。
SpamAssassin和AMaViS可以很好的結合,它能夠幫管理員自動處理一些垃圾郵件。SpamAssassin很有趣,它對解碼后的郵件進行掃描后打分,如果分數達到用戶指定的分數,那么就認為是垃圾郵件,而且它還有學習功能,管理員也可以自己重新定義各種分值或自定義分值。
1、SpamAssassin的安裝
由于已經安裝了AMaViS,所以自然就選擇了SpamAssassin。SpamAssassin可以通過CPAN安裝:
# perl -MCPAN -e shell
install Mail::SpamAssassin
2、SpamAssassin配置
創建/var/lib/amavis/.spamassassin/user_prefs文件:
# SpamAssassin config file for version 2.5x
# generated by http://www.yrex.com/spam/spamconfig.php (version 1.01)
# How many hits before a message is considered spam.
required_hits 5.0
# Whether to change the subject of suspected spam
rewrite_subject 1
# Text to prepend to subject if rewrite_subject is used
subject_tag *****SPAM*****
# Encapsulate spam in an attachment
report_safe 1
# Use terse version of the spam report
use_terse_report 0
# Enable the Bayes system
use_bayes 1
# Enable Bayes auto-learning
auto_learn 1
# Enable or disable network checks
skip_rbl_checks 1
use_razor2 0
use_dcc 0
use_pyzor 0
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - chinese english
ok_languages zh en
