前情提要:郵件伺服器 Part-1:Postfix+Dovecot+SASL+Procmail
郵件伺服器全系列:Postfix+Dovecot+SASL+Procmail+Postgrey+Mailscanner+Spamassassin+ClamAV+Mailscanner-mrtg+MailWatch+Openwebmail+MySPAM
MailScanner+ClamAV+SpamAssassin可涵蓋郵件的內容及病毒過濾
A.安裝mailscanner
1.安裝相關元件
yum install perl-MIME-tools
2.下載MailScanner
elinks http://www.mailscanner.info/downloads.html
下載Version 4.70.7-1 for RedHat, Fedora and Mandrake Linux (and other RPM-based Linux distributions)
3.安裝MailScanner
tar -zxvf MailScanner-4.70.7-1.rpm.tar.gz
cd MailScanner-4.70.7-1
./install.sh
4.啟動MailScanner
chkconfig postfix off
chkconfig –level 2345 MailScanner on
service MailScanner start
5.設定MailScanner設定檔案
基本設定
Run As User = postfix (啟動的使用者)
Run As Group = postfix (啟動的群組)
Incoming Queue Dir = /var/spool/postfix/hold (收信佇列)
Outgoing Queue Dir = /var/spool/postfix/incoming (寄信佇列)
MTA = postfix (使用的MTA)
Max Children = 5 (產生子程序的上限)
Virus Scanning = yes (啟動病毒掃瞄)
Virus Scanners = clamav (設定掃毒套件,多個掃毒套件時以空白字元分隔)
Spam Checks = yes (啟動SPAM掃瞄)
Use SpamAssassin = yes (使用 SpamAssassin 偵測SPAM)
SpamAssassin Site Rules Dir = /etc/mail/spamassassin (SpamAssassin規則檔路徑)
Deliver Unparsable TNEF = yes (增加使用Outlook的相容性)
High Scoring Spam Actions = deliver header “X-Spam-Status: Yes” (高積分時在header標記X-Spam)
效能調教(可參考修改)
Max Unscanned Bytes Per Scan = 300m (每批不被掃瞄大小的上限)
Max Unsafe Bytes Per Scan = 150m (每批被掃瞄大小的上限)
Max Unscanned Messages Per Scan = 300 (每批不被掃瞄數目的上限)
Max Unsafe Messages Per Scan = 300 (每批被掃瞄數目的上限)
其他設定
Spam Subject Text = **SPAM** (普通SPAM的附加標題)
High Scoring Spam Subject Text = **SPAM** (高分SPAM的附加標題)
Send Notices = no (感染信件通知管理員)
Notices Include Full Headers = no (通知信件包含完整表頭)
Required SpamAssassin Score = 6 (普通SPAM積分)
High SpamAssassin Score = 10 (高SPAM積分)
Delivery Method = batch (批次掃描)
6.附件過濾設定(依需求調整)
過濾附件副檔名屬性設定
過濾附件類型屬性設定
7.佇列環境配置
chown postfix.postfix /var/spool/MailScanner/quarantine
8.設定postfix將信件移到佇列
/^Received:/ HOLD
9.規則設定
設定郵件白名單
10.重新啟動MailScanner
B.安裝SpamAssassin+clamav
1.安裝razor
2.安裝pyzor
3.安裝dcc
elinks www.rhyolite.com/anti-spam/dcc/source
下載dcc-dccd.tar.Z
cd dcc-dccd-1.3.39/
./configure
make
make install
4.安裝unrar
5.安裝ClamAV
6.排程更新clamav病毒碼
(每天0,12點更新病毒碼)
0 0,12 * * * root /usr/bin/freshclam
7.啟動spamassassin
service spamassassin start
8.修改資料夾權限
C.規則設定
1.spamassassin預設規則
2.可到下列網址取得基本設定
規則CF檔放置於/etc/mail/spamassassin/即可,中文規則需用上傳不可直接複製貼上複製
3.下載中文過濾規則
D.啟動spamassassin自動學習
1.建立bayes資料庫
無資料庫時出現debug: bayes: no dbs present, cannot tie DB R/O: /var/spool/MailScanner/spamassassin/bayes_toks
執行sa-learn –sync在/var/spool/MailScanner/spamassassin/裡建立bayes_seen/bayes_toks等資料庫檔案
2.建立黑名單帳號
3.建立白名單帳號
4.收到誤判或漏判信件時,”以附加檔案方式轉寄”給blacklist或whitelist
5.學習黑名單
6.學習白名單
7.每小時自動學習黑/白名單
在/etc/cron.daily建立Script
SPAM=/var/mail/spam
NOSPAM=/var/mail/nospam
LOGFILE=/var/log/spamlearn.log
=/etc/MailScanner/spam.assassin.prefs.conf
=/usr/bin/sa-learn
date >> $LOGFILE
if [ -f $SPAM ]; then
BOX=${SPAM}.processing
mv $SPAM $BOX
sleep 5
$ –prefs-file=$ –spam –mbox $BOX >> $LOGFILE 2>&1
rm -f $BOX
fi
if [ -f $NOSPAM ]; then
BOX=${NOSPAM}.processing
mv $NOSPAM $BOX
sleep 5
$ –prefs-file=$ –ham –mbox $BOX >> $LOGFILE 2>&1
rm -f $BOX
fi
#
重新啟動crond
来自:唉呦~MIS先生
回复自“郵件伺服器 Part-2:MailScanner+ClamAV+SpamAssassin”
发表回复