clamav 安裝防毒過濾系統

1.

sendmail sendmail-cf dovecot cyrus-sasl cyrus-sasl-devel cyrus-sasl-plain cyrus-sasl-md5 perl spamassassin

2.clamav 安裝防毒過濾系統
使用 rpmforge 安裝程序

• CentOS5
  • 64 bits 環境 : rpm -Uvh http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
  • 32 bits 環境 : rpm -Uvh http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
• CentOS4
  • 64 bits 環境 : rpm -Uvh http://apt.sw.be/redhat/el4/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el4.rf.x86_64.rpm
  • 32 bits 環境 : rpm -Uvh http://apt.sw.be/redhat/el4/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el4.rf.i386.rpm

yum install clamav clamd
service clamd start
chkconfig clamd on

3.

3 安裝 MailScanner

• http://www.mailscanner.info/downloads.html

詳細安裝程序

su - root
yum install rpm-build binutils glibc-devel gcc make
mkdir -p /root/MailSource
cd /root/MailSource
wget http://www.mailscanner.info/files/4/rpm/MailScanner-4.75.11-1.rpm.tar.gz
tar -zxvf MailScanner-4.75.11-1.rpm.tar.gz
cd MailScanner-4.75.11-1
./install.sh

vi /etc/crontab

:
:
# MailScanner
37      5 * * * /usr/sbin/update_phishing_sites
07      * * * * /usr/sbin/update_bad_phishing_sites
58     23 * * * /usr/sbin/clean.quarantine
42      * * * * /usr/sbin/update_virus_scanners
3,23,43 * * * * /usr/sbin/check_mailscanner

service crond restart

3.1 設定 MailScanner 定義檔

• 新安裝編輯 /etc/MailScanner/MailScanner.conf

vi /etc/MailScanner/MailScanner.conf

:
%org-name% = Trysoft
:
%org-long-name% = Trysoft Corp.
:
%web-site% = www.ichiayi.com
:
Virus Scanners = auto
:
Sign Clean Messages = no
:
Spam Subject Text = [*Trysoft-SPAM*]
:
High Scoring Spam Subject Text = [*Trysoft-SPAM*]
:
Send Notices = no
:
Spam List = SBL+XBL spamhaus-PBL CBL DSBL spamhaus-ZEN  # You can un-comment this to enable them
:
Is Definitely Spam = %rules-dir%/spam.blacklist.rules
:
Spam Actions = store
:
High Scoring Spam Actions = store
:
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
:
SpamAssassin Install Prefix = /usr
:

• 升級的自動調整設定方式

upgrade_MailScanner_conf

cd /etc/MailScanner
upgrade_MailScanner_conf MailScanner.conf MailScanner.conf.rpmnew > MailScanner.new
mv -f MailScanner.conf MailScanner.old
mv -f MailScanner.new  MailScanner.conf

3.2 設定 sendmail 與 MailScanner 啟動方式

• 設定 sendmail 啟動方式
  

  service sendmail stop
  chkconfig sendmail off
  chkconfig --level 2345 sendmail off

• 設定 MailScanner 啟動方式
  

  chkconfig MailScanner on
  chkconfig --level 2345 MailScanner on
  service MailScanner start

• 當出現 MailScanner: No programs allowed (msg-xxxxx-xxx.txt) 的誤判病毒問題, 可以直接改 /etc/MailScanner/filetype.rules.conf 內容後, 重新啟動 MailScanner 解決
  

  vi /etc/MailScanner/filetype.rules.conf

  :
  deny    self-extract    No self-extracting archives     No self-extracting archives allowed
  #deny   executable      No executables          No programs allowed
  #EXAMPLE: deny  -       x-dosexec       No DOS executables      No DOS programs allowed
  #deny   ELF             No executables          No programs allowed
  deny    Registry        No Windows Registry entries     No Windows Registry files allowed
  
  #deny   MPEG            No MPEG movies          No MPEG movies allowed
  :

  service MailScannser restart