Virtuelle Benutzer Und Domains Mit Postfix, Courier Und MySQL (Fedora 8) - Seite 4


Als wir ClamAV installiert haben, wurde ein Cron Job installiert, der versucht, die ClamAV virus Datenbank alle drei Stunden zu aktualisieren. Das funktioniert allerdings nur wenn wir es in /etc/sysconfig/freshclam and /etc/freshclam.conf freischalten:

vi /etc/sysconfig/freshclam

Kommentiere die Zeile FRESHCLAM_DELAY am Ende aus:
## When changing the periodicity of freshclam runs in the crontab,
## this value must be adjusted also. Its value is the timespan between ## two subsequent freshclam runs in minutes. E.g. for the default ## ## | 0 */3 * * * ... ## ## crontab line, the value is 180 (minutes). # FRESHCLAM_MOD= ## A predefined value for the delay in seconds. By default, the value is ## calculated by the 'hostid' program. This predefined value guarantees ## constant timespans of 3 hours between two subsequent freshclam runs. ## ## This option accepts two special values: ## 'disabled-warn' ... disables the automatic freshclam update and ## gives out a warning ## 'disabled' ... disables the automatic freshclam silently # FRESHCLAM_DELAY= ### !!!!! REMOVE ME !!!!!! ### REMOVE ME: By default, the freshclam update is disabled to avoid ### REMOVE ME: network access without prior activation #FRESHCLAM_DELAY=disabled-warn # REMOVE ME

vi /etc/freshclam.conf

Kommentiere die Example Zeile aus:
[...]
# Comment or remove the line below. #Example [...]
Lass uns nun die System Startup Links für ClamAV und amavisd-new erstellen, die Virus Signatur Datenbank von ClamAV aktualisieren und beide Dienste starten:

chkconfig --levels 235 amavisd on
chkconfig --levels 235 clamd.amavisd on
/usr/bin/freshclam
/etc/init.d/amavisd start
/etc/init.d/clamd.amavisd start

Nun müssen wir Postfix konfigurieren, um eingehende E-Mails durch amavisd-new zu leiten:

postconf -e 'content_filter = amavis:[127.0.0.1]:10024'
postconf -e 'receive_override_options = no_address_mappings'

Füge danach folgende Zeile zu /etc/postfix/master.cf:

vi /etc/postfix/master.cf


[...]
amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bind_address=127.0.0.1
und starte Postfix neu:

/etc/init.d/postfix restart


12 Installation von Razor, Pyzor Und DCC Und Konfiguration von SpamAssassin

Razor, Pyzor und DCC sind Spamfilter, die ein gemeinschaftliches Filternetzwerk verwenden. Um Razor und Pyzor zu installieren, lass Folgendes laufen

yum install perl-Razor-Agent pyzor

Initialisiere dann beide Dienste:

chmod -R a+rX /usr/share/doc/pyzor-0.4.0 /usr/bin/pyzor /usr/bin/pyzord
chmod -R a+rX /usr/lib/python2.5/site-packages/pyzor
su -m amavis -c 'pyzor --homedir /var/spool/amavisd discover'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -create'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -register'

Dann installieren wir DCC wie folgt:

cd /tmp
wget http://www.dcc-servers.net/dcc/source/dcc-dccproc.tar.Z
tar xzvf dcc-dccproc.tar.Z
cd dcc-dccproc-1.3.72
./configure --with-uid=amavis
make
make install
chown -R amavis:amavis /var/dcc
ln -s /var/dcc/libexec/dccifd /usr/local/bin/dccifd

Nun müssen wir SpamAssassin mitteilen, diese drei Programme zu verwenden. Bearbeite /etc/mail/spamassassin/local.cf sodass es wie folgt aussieht:

vi /etc/mail/spamassassin/local.cf


# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details) # These should be safe assumptions and allow for simple visual sifting # without risking lost emails. #required_hits 5 #report_safe 0 #rewrite_header Subject [SPAM] # dcc use_dcc 1 dcc_path /usr/local/bin/dccproc #pyzor use_pyzor 1 pyzor_path /usr/bin/pyzor #razor use_razor2 1 razor_config /var/spool/amavisd/razor-agent.conf #bayes use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1
Dann müssen wir den DCC plugin im SpamAssassin aktivieren. Öffne /etc/mail/spamassassin/v310.pre und aktiviere die loadplugin Mail::SpamAssassin::Plugin::DCC Zeile:

vi /etc/mail/spamassassin/v310.pre


# This is the right place to customize your installation of SpamAssassin.
# # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be # tweaked. # # This file was installed during the installation of SpamAssassin 3.1.0, # and contains plugin loading commands for the new plugins added in that # release. It will not be overwritten during future SpamAssassin installs, # so you can modify it to enable some disabled-by-default plugins below, # if you so wish. # # There are now multiple files read to enable plugins in the # /etc/mail/spamassassin directory; previously only one, "init.pre" was # read. Now both "init.pre", "v310.pre", and any other files ending in # ".pre" will be read. As future releases are made, new plugins will be # added to new files, named according to the release they're added in. ########################################################################### # DCC - perform DCC message checks. # # DCC is disabled here because it is not open source. See the DCC # license for more details. # loadplugin Mail::SpamAssassin::Plugin::DCC # Pyzor - perform Pyzor message checks. # loadplugin Mail::SpamAssassin::Plugin::Pyzor # Razor2 - perform Razor2 message checks. # loadplugin Mail::SpamAssassin::Plugin::Razor2 # SpamCop - perform SpamCop message reporting # loadplugin Mail::SpamAssassin::Plugin::SpamCop # AntiVirus - some simple anti-virus checks, this is not a replacement # for an anti-virus filter like Clam AntiVirus # #loadplugin Mail::SpamAssassin::Plugin::AntiVirus # AWL - do auto-whitelist checks # loadplugin Mail::SpamAssassin::Plugin::AWL # AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning # loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold # TextCat - language guesser # #loadplugin Mail::SpamAssassin::Plugin::TextCat # AccessDB - lookup from-addresses in access database # #loadplugin Mail::SpamAssassin::Plugin::AccessDB # WhitelistSubject - Whitelist/Blacklist certain subject regular expressions # loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject ########################################################################### # experimental plugins # DomainKeys - perform DomainKeys verification # # External modules required for use, see INSTALL for more information. # Note that this may be redundant if you also plan to use the DKIM plugin. # #loadplugin Mail::SpamAssassin::Plugin::DomainKeys # MIMEHeader - apply regexp rules against MIME headers in the message # loadplugin Mail::SpamAssassin::Plugin::MIMEHeader # ReplaceTags # loadplugin Mail::SpamAssassin::Plugin::ReplaceTags
Du kannst Deine SpamAssassin Konfiguration überprüfen, indem Du Folgendes ausführst:

spamassassin --lint

Dies sollte keine Fehlermeldungen anzeigen.

Lass danach Folgendes laufen:

/etc/init.d/amavisd restart

Nun möchte ich einige gebräuchliche Rulesets einfügen, die im Internet zu finden sind. Ich habe diese Rulesets getestet und sie bewirken, dass das Filtern viel effektiver wird. Erstelle die Datei /usr/local/sbin/sa_rules_update.sh:

vi /usr/local/sbin/sa_rules_update.sh


#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/71_sare_redirect_pre3.0.0.cf -O 71_sare_redirect_pre3.0.0.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf -O 70_sare_bayes_poison_nxm.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html.cf -O 70_sare_html.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html4.cf -O 70_sare_html4.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html_x30.cf -O 70_sare_html_x30.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header0.cf -O 70_sare_header0.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header3.cf -O 70_sare_header3.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header_x30.cf -O 70_sare_header_x30.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_specific.cf -O 70_sare_specific.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_adult.cf -O 70_sare_adult.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/72_sare_bml_post25x.cf -O 72_sare_bml_post25x.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_sare_fraud_post25x.cf -O 99_sare_fraud_post25x.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_spoof.cf -O 70_sare_spoof.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_random.cf -O 70_sare_random.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_oem.cf -O 70_sare_oem.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj0.cf -O 70_sare_genlsubj0.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj3.cf -O 70_sare_genlsubj3.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj_x30.cf -O 70_sare_genlsubj_x30.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_unsub.cf -O 70_sare_unsub.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_uri.cf -O 70_sare_uri.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf -O bogus-virus-warnings.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.yackley.org/sa-rules/evilnumbers.cf -O evilnumbers.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.stearns.org/sa-blacklist/random.current.cf -O random.current.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_body.cf -O 88_FVGT_body.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_rawbody.cf -O 88_FVGT_rawbody.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_subject.cf -O 88_FVGT_subject.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_headers.cf -O 88_FVGT_headers.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_uri.cf -O 88_FVGT_uri.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_DomainDigits.cf -O 99_FVGT_DomainDigits.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf -O 99_FVGT_Tripwire.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_meta.cf -O 99_FVGT_meta.cf &> /dev/null cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.nospamtoday.com/download/mime_validate.cf -O mime_validate.cf &> /dev/null /etc/init.d/amavis restart &> /dev/null exit 0
Veranlasse, dass das Skript ausführbar wird:

chmod 755 /usr/local/sbin/sa_rules_update.sh

Lass dann das Skript einmal laufen, es wird diese Rulesets holen und in SpamAssassin einfügen:

/usr/local/sbin/sa_rules_update.sh

Wir erstellen einen Cron Job sodass diese Rulesets regelmäßig aktualisiert werden. Lass Folgendes laufen

crontab -e

um den Cron Job Editor zu öffnen. Erstelle folgenden Cron Job:
23 4 */2 * * /usr/local/sbin/sa_rules_update.sh &> /dev/null
Dies wird die Rulesets jeden zweiten Tag um 4.23 Uhr aktualisieren.

0 Kommentar(e)

Zum Posten von Kommentaren bitte