构建反病毒反垃圾邮件系统(六)
作者 佚名技术
来源 服务器技术
浏览
发布时间 2012-07-05
|
|
安装四个下载的软件包:
# dpkg -i *.deb
修改/etc/amavis/amavisd.conf:
@inet_acl = qw( 127/8 1.2.3.4/32 ); # 1.2.3.4 is your external ip .. because want maybe also accept mail from that interface, it''s up to you. $warnvirussender = 1; # I want to warn people, who have got virus. $warnvirusrecip = 1; # I want to warn my users about virus send to them. $warn_offsite = 1; # I want to warn senders/recipients, that are not located on my server $mailfrom_notify_admin = ''virusalert@example.com''; # $mailfrom_notify_recip = ''virusalert@example.com''; # Change these to the appropriate email-adresses, you wish to use as sender $mailfrom_notify_spamadmin = ''spam.police@example.com''; # for spam and virus warnings $hdrfrom_notify_sender = ''AMaViS (content filter) ''; $virus_admin = ''virus-admin@example.com''; # $spam_admin = ''spam-admin@example.com''; #
指定使用uvscan:
@av_scanners = (
[''NAI McAfee AntiVirus (uvscan)'', ''uvscan'', ''--secure -rv --summary --noboot {}'', [0], [13], qr/(?x) Found (?: \ the\ (.+)\ (?:virus|trojan) | \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | :\ (.+)\ NOT\ a\ virus)/ ],
);
找到/etc/postfix/master.cf如下行:
smtp inet n - n - - smtpd
改为如下:
smtp inet n n n - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024 smtp-amavis Unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o local_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o strict_rfc821_envelopes=yes
重启postfix,这样在收到病毒邮件的时候能够在日志文件看到如下的信息:
Jul 16 15:34:22 xxx amavis[30997]: (30997-09) INFECTED (W32/Nimda.gen@MM), (?) -> , quarantine virus-20030716-153422-30997-09, Message-ID: <20030716073414.520D3E5C2F@xxx>
三、防垃圾邮件部分
垃圾邮件的防范必须掌握好尺度,postfix本身提供了header_check、body_check、Access、classes等方式来拒绝邮件,可以参考如下地址的样例,结合自己的情况进行修改也能阻止一部分垃圾邮件:
http://www.XXXX.com/guides/postfix_uce_header.HTML http://www.XXXX.com/guides/postfix_uce_body.html http://www.XXXX.com/guides/postfix_uce_access.html http://www.XXXX.com/guides/postfix_uce_class.html
不过以上配置文件需要管理员根据自己情况手工进行修改,如果直接采用的话,那么国内很多邮件你将收不到。
SpamAssassin和AMaViS可以很好的结合,它能够帮管理员自动处理一些垃圾邮件。SpamAssassin很有趣,它对解码后的邮件进行扫描后打分,如果分数达到用户指定的分数,那么就认为是垃圾邮件,而且它还有学习功能,管理员也可以自己重新定义各种分值或自定义分值。
1、SpamAssassin的安装
由于已经安装了AMaViS,所以自然就选择了SpamAssassin。SpamAssassin可以通过CPAN安装:
# perl -MCPAN -e shell install Mail::SpamAssassin
2、SpamAssassin配置
创建/var/lib/amavis/.spamassassin/user_prefs文件:
# SpamAssassin config file for version 2.5x # generated by http://www.yrex.com/spam/spamconfig.PHP (version 1.01)
# How many hits before a message is considered spam. required_hits 5.0
# Whether to change the subject of suspected spam rewrite_subject 1
# Text to prepend to subject if rewrite_subject is used subject_tag *****SPAM*****
# Encapsulate spam in an attachment report_safe 1
# Use terse version of the spam report use_terse_report 0
# Enable the Bayes system use_bayes 1
# Enable Bayes auto-learning auto_learn 1
# Enable or disable network checks skip_rbl_checks 1 use_razor2 0 use_dcc 0 use_pyzor 0
# Mail using languages used in these country codes will not be marked # as being possibly spam in a foreign language. # - chinese english ok_languages zh en
# Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales en zh |
|
凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务,公司网站:http://www.lingzhong.cn
为了给广大客户了解更多的技术信息,本技术文章收集来源于网络,凌众科技尊重文章作者的版权,如果有涉及你的版权有必要删除你的文章,请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息,谢谢!
|