Inhaltsverzeichnis

Virenschutz mit Hilfe von AMaViS und SpamAssassin

Zur weiteren Absicherung unseres Mailservers bzw. -verkehrs bedienen wir uns der beiden Dienste amavisd-new und spamassassin.

Installation

Wie üblich installieren wir die benötiten Programmpakete via YUM.

yum install amavisd-new spamassassin clamav clamd

Programminfo

amavisd-new

Info

Was uns amavisd-new bietet, entnehmen wir am einfachsten dem rpm

# yum info amavisd-new

Name   : amavisd-new
...
Summary: Mail virus-scanner
Description: AMaViS is a program that interfaces a mail transfer agent (MTA) with one or more virus scanners.  
Amavisd-new is a branch created by Mark Martinec that adds serveral performance and robustness features. It's 
partly based on work being done on the official amavisd branch. Please see the README.amavisd-new-RELNOTES 
file for a detailed description.

Programmpfade und -inhalte

Über die einzelnen Dateien und Pfade der installierten Programme, informieren wir uns mittels:

# rpm -ql amavisd-new

/etc/amavisd.conf
/etc/cron.daily/amavisd
/etc/logrotate.d/amavisd
/etc/openldap/schema/amavisd-new.schema
/etc/rc.d/init.d/amavisd
/etc/sysconfig/amavisd
/usr/sbin/amavisd
/usr/sbin/amavisd-agent
/usr/sbin/amavisd-nanny
/usr/sbin/amavisd-release
/usr/sbin/p0f-analyzer
/usr/share/doc/amavisd-new-2.6.4
/usr/share/doc/amavisd-new-2.6.4/AAAREADME.first
/usr/share/doc/amavisd-new-2.6.4/LDAP.schema
/usr/share/doc/amavisd-new-2.6.4/LICENSE
/usr/share/doc/amavisd-new-2.6.4/MANIFEST
/usr/share/doc/amavisd-new-2.6.4/README.banned
/usr/share/doc/amavisd-new-2.6.4/README.chroot
/usr/share/doc/amavisd-new-2.6.4/README.contributed
/usr/share/doc/amavisd-new-2.6.4/README.courier
/usr/share/doc/amavisd-new-2.6.4/README.courier-old
/usr/share/doc/amavisd-new-2.6.4/README.customize
/usr/share/doc/amavisd-new-2.6.4/README.exim_v3
/usr/share/doc/amavisd-new-2.6.4/README.exim_v3_app
/usr/share/doc/amavisd-new-2.6.4/README.exim_v4
/usr/share/doc/amavisd-new-2.6.4/README.exim_v4_app
/usr/share/doc/amavisd-new-2.6.4/README.exim_v4_app2
/usr/share/doc/amavisd-new-2.6.4/README.ldap
/usr/share/doc/amavisd-new-2.6.4/README.lookups
/usr/share/doc/amavisd-new-2.6.4/README.milter
/usr/share/doc/amavisd-new-2.6.4/README.old.scanners
/usr/share/doc/amavisd-new-2.6.4/README.performance
/usr/share/doc/amavisd-new-2.6.4/README.policy-on-notifications
/usr/share/doc/amavisd-new-2.6.4/README.postfix
/usr/share/doc/amavisd-new-2.6.4/README.postfix.html
/usr/share/doc/amavisd-new-2.6.4/README.protocol
/usr/share/doc/amavisd-new-2.6.4/README.sendmail
/usr/share/doc/amavisd-new-2.6.4/README.sendmail-dual
/usr/share/doc/amavisd-new-2.6.4/README.sendmail-dual.old
/usr/share/doc/amavisd-new-2.6.4/README.sql
/usr/share/doc/amavisd-new-2.6.4/README.sql-mysql
/usr/share/doc/amavisd-new-2.6.4/README.sql-pg
/usr/share/doc/amavisd-new-2.6.4/RELEASE_NOTES
/usr/share/doc/amavisd-new-2.6.4/amavisd-new-docs.html
/usr/share/doc/amavisd-new-2.6.4/amavisd.conf
/usr/share/doc/amavisd-new-2.6.4/amavisd.conf-default
/usr/share/doc/amavisd-new-2.6.4/amavisd.conf-sample
/usr/share/doc/amavisd-new-2.6.4/amavisd.conf.orig
/usr/share/doc/amavisd-new-2.6.4/images
/usr/share/doc/amavisd-new-2.6.4/images/blank.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts
/usr/share/doc/amavisd-new-2.6.4/images/callouts/1.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/10.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/11.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/12.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/13.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/14.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/15.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/2.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/3.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/4.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/5.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/6.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/7.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/8.png
/usr/share/doc/amavisd-new-2.6.4/images/callouts/9.png
/usr/share/doc/amavisd-new-2.6.4/images/caution.png
/usr/share/doc/amavisd-new-2.6.4/images/draft.png
/usr/share/doc/amavisd-new-2.6.4/images/home.png
/usr/share/doc/amavisd-new-2.6.4/images/important.png
/usr/share/doc/amavisd-new-2.6.4/images/next.png
/usr/share/doc/amavisd-new-2.6.4/images/note.png
/usr/share/doc/amavisd-new-2.6.4/images/prev.png
/usr/share/doc/amavisd-new-2.6.4/images/tip.png
/usr/share/doc/amavisd-new-2.6.4/images/toc-blank.png
/usr/share/doc/amavisd-new-2.6.4/images/toc-minus.png
/usr/share/doc/amavisd-new-2.6.4/images/toc-plus.png
/usr/share/doc/amavisd-new-2.6.4/images/up.png
/usr/share/doc/amavisd-new-2.6.4/images/warning.png
/usr/share/doc/amavisd-new-2.6.4/screen.css
/usr/share/doc/amavisd-new-2.6.4/test-messages
/usr/share/doc/amavisd-new-2.6.4/test-messages/README
/usr/share/doc/amavisd-new-2.6.4/test-messages/sample.tar.gz.compl
/var/amavis
/var/amavis/db
/var/amavis/tmp
/var/amavis/var
/var/log/amavis.log
/var/virusmails

spamassassin

Info

Auch beim Paket spamassassin informieren wir uns erst einmal an Hand der RPM-Info:

yum info spamassassin

Name   : spamassassin
...
Summary: Spam-Filter für E-Mails, der durch Mail-Agenten aufgerufen werden kann.
Description:
SpamAssassin provides you with a way to reduce if not completely eliminate
Unsolicited Commercial Email (SPAM) from your incoming email.  It can
be invoked by a MDA such as sendmail or postfix, or can be called from
a procmail script, .forward file, etc.  It uses a genetic-algorithm
evolved scoring system to identify messages which look spammy, then
adds headers to the message so they can be filtered by the user's mail
reading software.  This distribution includes the spamd/spamc components
which create a server that considerably speeds processing of mail.

To enable spamassassin, if you are receiving mail locally, simply add
this line to your ~/.procmailrc:
INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc

To filter spam for all users, add that line to /etc/procmailrc
(creating if necessary).

Programmpfade und -inhalte

Über die einzelnen Dateien und Pfade der installierten Programme, informieren wir uns auch hier mittels:

rpm -ql spamassassin
/etc/cron.d/sa-update
/etc/logrotate.d/sa-update
/etc/mail/spamassassin
/etc/mail/spamassassin/init.pre
/etc/mail/spamassassin/local.cf
/etc/mail/spamassassin/spamassassin-default.rc
/etc/mail/spamassassin/spamassassin-helper.sh
/etc/mail/spamassassin/spamassassin-spamc.rc
/etc/mail/spamassassin/v310.pre
/etc/mail/spamassassin/v312.pre
/etc/mail/spamassassin/v320.pre
/etc/rc.d/init.d/spamassassin
/etc/sysconfig/spamassassin
/usr/bin/sa-compile
/usr/bin/sa-learn
/usr/bin/sa-update
/usr/bin/spamassassin
/usr/bin/spamc
/usr/bin/spamd
/usr/lib/perl5/vendor_perl/5.8.8/Mail
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/AICache.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/ArchiveIterator.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/AsyncLoop.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/AutoWhitelist.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Bayes
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Bayes.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Bayes/CombineChi.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Bayes/CombineNaiveBayes.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/DBM.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/MySQL.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/PgSQL.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/SDBM.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/SQL.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Client.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf/LDAP.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf/Parser.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf/SQL.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Constants.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/DBBasedAddrList.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Dns.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/DnsResolver.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/HTML.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locales.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker/Flock.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker/UnixNFSSafe.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker/Win32.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger/File.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger/Stderr.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger/Syslog.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/MailingList.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message/Metadata
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message/Metadata.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message/Metadata/Received.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message/Node.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/NetSet.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PerMsgLearner.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PerMsgStatus.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PersistentAddrList.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/ASN.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/AWL.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/AccessDB.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/AntiVirus.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/AutoLearnThreshold.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Bayes.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/BodyEval.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Check.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DCC.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DKIM.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DNSEval.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DomainKeys.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/HTMLEval.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/HTTPSMismatch.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Hashcash.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/HeaderEval.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/ImageInfo.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/MIMEEval.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/MIMEHeader.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Pyzor.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Razor2.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/RelayCountry.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/RelayEval.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/ReplaceTags.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Rule2XSBody.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/SPF.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Shortcircuit.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/SpamCop.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Test.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/TextCat.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/URIDNSBL.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/URIDetail.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/URIEval.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/VBounce.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/WLBLEval.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/WhiteListSubject.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PluginHandler.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Reporter.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/SQLBasedAddrList.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/SpamdForkScaling.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/SubProcBackChannel.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Timeout.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util/DependencyInfo.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util/Progress.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util/RegistrarBoundaries.pm
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util/TieOneStringHash.pm
/usr/lib/perl5/vendor_perl/5.8.8/spamassassin-run.pod
/usr/share/doc/spamassassin-3.2.4
/usr/share/doc/spamassassin-3.2.4/CREDITS
/usr/share/doc/spamassassin-3.2.4/Changes
/usr/share/doc/spamassassin-3.2.4/LICENSE
/usr/share/doc/spamassassin-3.2.4/NOTICE
/usr/share/doc/spamassassin-3.2.4/README
/usr/share/doc/spamassassin-3.2.4/TRADEMARK
/usr/share/doc/spamassassin-3.2.4/UPGRADE
/usr/share/doc/spamassassin-3.2.4/USAGE
/usr/share/doc/spamassassin-3.2.4/sample-nonspam.txt
/usr/share/doc/spamassassin-3.2.4/sample-spam.txt
/usr/share/man/man1/sa-compile.1.gz
/usr/share/man/man1/sa-learn.1.gz
/usr/share/man/man1/sa-update.1.gz
/usr/share/man/man1/spamassassin-run.1.gz
/usr/share/man/man1/spamassassin.1.gz
/usr/share/man/man1/spamc.1.gz
/usr/share/man/man1/spamd.1.gz
/usr/share/man/man3/Mail::SpamAssassin.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::AICache.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::ArchiveIterator.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::AsyncLoop.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::AutoWhitelist.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Bayes.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::BayesStore.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::BayesStore::MySQL.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::BayesStore::PgSQL.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::BayesStore::SQL.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Client.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Conf.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Conf::LDAP.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Conf::Parser.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Conf::SQL.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::DnsResolver.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Logger.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Logger::File.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Logger::Stderr.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Logger::Syslog.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Message.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Message::Metadata.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Message::Node.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::PerMsgLearner.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::PerMsgStatus.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::PersistentAddrList.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::ASN.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::AWL.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::AccessDB.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::AntiVirus.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::AutoLearnThreshold.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::BodyRuleBaseExtractor.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::Check.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::DCC.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::DKIM.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::DomainKeys.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::Hashcash.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::MIMEHeader.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::OneLineBodyRuleType.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::Pyzor.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::Razor2.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::RelayCountry.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::ReplaceTags.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::Rule2XSBody.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::SPF.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::Shortcircuit.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::SpamCop.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::Test.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::TextCat.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::URIDNSBL.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::URIDetail.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::VBounce.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Plugin::WhiteListSubject.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::PluginHandler.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::SQLBasedAddrList.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::SubProcBackChannel.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Timeout.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Util.3pm.gz
/usr/share/man/man3/Mail::SpamAssassin::Util::Progress.3pm.gz
/usr/share/man/man3/spamassassin-run.3pm.gz
/usr/share/spamassassin
/usr/share/spamassassin/10_default_prefs.cf
/usr/share/spamassassin/20_advance_fee.cf
/usr/share/spamassassin/20_body_tests.cf
/usr/share/spamassassin/20_compensate.cf
/usr/share/spamassassin/20_dnsbl_tests.cf
/usr/share/spamassassin/20_drugs.cf
/usr/share/spamassassin/20_dynrdns.cf
/usr/share/spamassassin/20_fake_helo_tests.cf
/usr/share/spamassassin/20_head_tests.cf
/usr/share/spamassassin/20_html_tests.cf
/usr/share/spamassassin/20_imageinfo.cf
/usr/share/spamassassin/20_meta_tests.cf
/usr/share/spamassassin/20_net_tests.cf
/usr/share/spamassassin/20_phrases.cf
/usr/share/spamassassin/20_porn.cf
/usr/share/spamassassin/20_ratware.cf
/usr/share/spamassassin/20_uri_tests.cf
/usr/share/spamassassin/20_vbounce.cf
/usr/share/spamassassin/23_bayes.cf
/usr/share/spamassassin/25_accessdb.cf
/usr/share/spamassassin/25_antivirus.cf
/usr/share/spamassassin/25_asn.cf
/usr/share/spamassassin/25_dcc.cf
/usr/share/spamassassin/25_dkim.cf
/usr/share/spamassassin/25_domainkeys.cf
/usr/share/spamassassin/25_hashcash.cf
/usr/share/spamassassin/25_pyzor.cf
/usr/share/spamassassin/25_razor2.cf
/usr/share/spamassassin/25_replace.cf
/usr/share/spamassassin/25_spf.cf
/usr/share/spamassassin/25_textcat.cf
/usr/share/spamassassin/25_uribl.cf
/usr/share/spamassassin/30_text_de.cf
/usr/share/spamassassin/30_text_fr.cf
/usr/share/spamassassin/30_text_it.cf
/usr/share/spamassassin/30_text_nl.cf
/usr/share/spamassassin/30_text_pl.cf
/usr/share/spamassassin/30_text_pt_br.cf
/usr/share/spamassassin/50_scores.cf
/usr/share/spamassassin/60_awl.cf
/usr/share/spamassassin/60_shortcircuit.cf
/usr/share/spamassassin/60_whitelist.cf
/usr/share/spamassassin/60_whitelist_dk.cf
/usr/share/spamassassin/60_whitelist_dkim.cf
/usr/share/spamassassin/60_whitelist_spf.cf
/usr/share/spamassassin/60_whitelist_subject.cf
/usr/share/spamassassin/72_active.cf
/usr/share/spamassassin/languages
/usr/share/spamassassin/sa-update-pubkey.txt
/usr/share/spamassassin/sa-update.cron
/usr/share/spamassassin/user_prefs.template
/var/lib/spamassassin
/var/run/spamassassin

clamav

Info

Die Leistung(en) des clamav entnehmen wir dem rpm

yum info clamav

Name   : clamav
...
Summary: Anti-virus software
Description:
Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of
this software is the integration with mail servers (attachment scanning).
The package provides a flexible and scalable multi-threaded daemon, a
command line scanner, and a tool for automatic updating via Internet.

The programs are based on a shared library distributed with the Clam
AntiVirus package, which you can use with your own software. Most
importantly, the virus database is kept up to date

Programmpfade und -inhalte

Über die einzelnen Dateien und Pfade des installierten clamav-Paketes, informieren wir uns auch hier mittels:

rpm -ql clamav

/etc/freshclam.conf
/usr/bin/clamscan
/usr/bin/freshclam
/usr/bin/sigtool
/usr/lib/libclamav.so.5
/usr/lib/libclamav.so.5.0.3
/usr/lib/libclamunrar.so.5
/usr/lib/libclamunrar.so.5.0.3
/usr/lib/libclamunrar_iface.so.5
/usr/lib/libclamunrar_iface.so.5.0.3
/usr/share/doc/clamav-0.94.1
/usr/share/doc/clamav-0.94.1/AUTHORS
/usr/share/doc/clamav-0.94.1/BUGS
/usr/share/doc/clamav-0.94.1/COPYING
/usr/share/doc/clamav-0.94.1/ChangeLog
/usr/share/doc/clamav-0.94.1/FAQ
/usr/share/doc/clamav-0.94.1/INSTALL
/usr/share/doc/clamav-0.94.1/NEWS
/usr/share/doc/clamav-0.94.1/README
/usr/share/doc/clamav-0.94.1/clamav-mirror-howto.pdf
/usr/share/doc/clamav-0.94.1/clamdoc.pdf
/usr/share/doc/clamav-0.94.1/freshclam.conf
/usr/share/doc/clamav-0.94.1/phishsigs_howto.pdf
/usr/share/doc/clamav-0.94.1/signatures.pdf
/usr/share/doc/clamav-0.94.1/test
/usr/share/doc/clamav-0.94.1/test/.split
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-aspack.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-aspack.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-fsg.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-fsg.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-mew.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-mew.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-nsis.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-nsis.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-pespin.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-pespin.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-petite.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-petite.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-upack.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-upack.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-upx.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-upx.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-v2.raraa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-v2.rarab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-v3.raraa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-v3.rarab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-wwpack.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam-wwpack.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.arjaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.arjab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.bz2.zipaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.bz2.zipab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.cabaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.cabab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.chmaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.chmab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.d64.zipaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.d64.zipab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.ea05.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.ea05.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.ea06.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.ea06.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.binhexaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.binhexab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.bz2aa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.bz2ab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.htmlaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.htmlab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.mbox.base64aa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.mbox.base64ab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.mbox.uuaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.mbox.uuab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.rtfaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.rtfab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.szddaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.szddab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exeaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.exeab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.impl.zipaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.impl.zipab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.mailaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.mailab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.ole.docaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.ole.docab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.pdfaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.pdfab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.pptaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.pptab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.sisaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.sisab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.tar.gzaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.tar.gzab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.tnefaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.tnefab
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.zipaa
/usr/share/doc/clamav-0.94.1/test/.split/split.clam.zipab
/usr/share/doc/clamav-0.94.1/test/Makefile
/usr/share/doc/clamav-0.94.1/test/Makefile.am
/usr/share/doc/clamav-0.94.1/test/Makefile.in
/usr/share/doc/clamav-0.94.1/test/README
/usr/share/doc/clamav-0.94.1/test/clam-aspack.exe
/usr/share/doc/clamav-0.94.1/test/clam-fsg.exe
/usr/share/doc/clamav-0.94.1/test/clam-mew.exe
/usr/share/doc/clamav-0.94.1/test/clam-nsis.exe
/usr/share/doc/clamav-0.94.1/test/clam-pespin.exe
/usr/share/doc/clamav-0.94.1/test/clam-petite.exe
/usr/share/doc/clamav-0.94.1/test/clam-upack.exe
/usr/share/doc/clamav-0.94.1/test/clam-upx.exe
/usr/share/doc/clamav-0.94.1/test/clam-v2.rar
/usr/share/doc/clamav-0.94.1/test/clam-v3.rar
/usr/share/doc/clamav-0.94.1/test/clam-wwpack.exe
/usr/share/doc/clamav-0.94.1/test/clam.arj
/usr/share/doc/clamav-0.94.1/test/clam.bz2.zip
/usr/share/doc/clamav-0.94.1/test/clam.cab
/usr/share/doc/clamav-0.94.1/test/clam.chm
/usr/share/doc/clamav-0.94.1/test/clam.d64.zip
/usr/share/doc/clamav-0.94.1/test/clam.ea05.exe
/usr/share/doc/clamav-0.94.1/test/clam.ea06.exe
/usr/share/doc/clamav-0.94.1/test/clam.exe
/usr/share/doc/clamav-0.94.1/test/clam.exe.binhex
/usr/share/doc/clamav-0.94.1/test/clam.exe.bz2
/usr/share/doc/clamav-0.94.1/test/clam.exe.html
/usr/share/doc/clamav-0.94.1/test/clam.exe.mbox.base64
/usr/share/doc/clamav-0.94.1/test/clam.exe.mbox.uu
/usr/share/doc/clamav-0.94.1/test/clam.exe.rtf
/usr/share/doc/clamav-0.94.1/test/clam.exe.szdd
/usr/share/doc/clamav-0.94.1/test/clam.impl.zip
/usr/share/doc/clamav-0.94.1/test/clam.mail
/usr/share/doc/clamav-0.94.1/test/clam.ole.doc
/usr/share/doc/clamav-0.94.1/test/clam.pdf
/usr/share/doc/clamav-0.94.1/test/clam.ppt
/usr/share/doc/clamav-0.94.1/test/clam.sis
/usr/share/doc/clamav-0.94.1/test/clam.tar.gz
/usr/share/doc/clamav-0.94.1/test/clam.tnef
/usr/share/doc/clamav-0.94.1/test/clam.zip
/usr/share/man/man1/clamscan.1.gz
/usr/share/man/man1/freshclam.1.gz
/usr/share/man/man1/sigtool.1.gz
/usr/share/man/man5/freshclam.conf.5.gz

clamd

Info

Was uns clamd leistet, finden wir im rpm

yum info clamd

Name   : clamd
...
Summary: The Clam AntiVirus Daemon
Description:
The Clam AntiVirus Daemon

Na ja, nicht gerade viel, aber immerhin kurz und prägnant. ;)

Programmpfade und -inhalte

Über die einzelnen Dateien und Pfade des installierten clamad-Paketes, informieren wir uns auch hier mittels:

rpm -ql clamd

/etc/clamd.conf
/etc/logrotate.d/clamav
/etc/rc.d/init.d/clamd
/usr/bin/clamconf
/usr/bin/clamdscan
/usr/sbin/clamd
/usr/share/doc/clamd-0.94.1
/usr/share/doc/clamd-0.94.1/clamd.conf
/usr/share/doc/clamd-0.94.1/clamdwatch
/usr/share/doc/clamd-0.94.1/clamdwatch/clamdwatch.tar.gz
/usr/share/man/man1/clamconf.1.gz
/usr/share/man/man1/clamdscan.1.gz
/usr/share/man/man5/clamd.conf.5.gz
/usr/share/man/man8/clamd.8.gz
/var/clamav
/var/log/clamav
/var/run/clamav

erste Programmstarts

amavisd

Als erstes starten wir mal unseren A MAil Virus Scanner via:

 # service amavisd start
 Mail Virus Scanner (amavisd) starten:                      [  OK  ]

Im /var/log/maillog wird der erfolgreiche Start ausreichend dokumentiert:

Jul 14 19:58:46 nss amavis[16065]: starting.  /usr/sbin/amavisd at amavis.nausch.org amavisd-new-2.6.4 (20090625), Unicode aware, LANG="de_DE.UTF-8"
Jul 14 19:58:46 nss amavis[16065]: user=103, EUID: 103 (103);  group=, EGID: 106 106 (106 106)
Jul 14 19:58:46 nss amavis[16065]: Perl version               5.008008
Jul 14 19:58:47 nss amavis[16065]: SpamControl: scanner SpamAssassin, module Amavis::SpamControl::SpamAssassin
Jul 14 19:58:47 nss amavis[16065]: INFO: SA version: 3.2.5, 3.002005, no optional modules: Net::CIDR::Lite Sys::Hostname::Long Encode::Detect Razor2::Client::Agent IP::Coun
try::Fast Image::Info Image::Info::GIF Image::Info::JPEG Image::Info::PNG Image::Info::TIFF Mail::SPF Mail::SPF::Server Mail::SPF::Request Mail::SPF::Mech Mail::SPF::Mech::
A Mail::SPF::Mech::PTR Mail::SPF::Mech::All Mail::SPF::Mech::Exists Mail::SPF::Mech::IP4 Mail::SPF::Mech::IP6 Mail::SPF::Mech::Include Mail::SPF::Mech::MX Mail::SPF::Mod Ma
il::SPF::Mod::Exp Mail::SPF::Mod::Redirect Mail::SPF::SenderIPAddrMech Mail::SPF::v1::Record Mail::SPF::v2::Record NetAddr::IP NetAddr::IP::Util auto::NetAddr::IP::Util::in
et_n2dx auto::NetAddr::IP::Util::ipv6_n2d auto::NetAddr::IP::Util::ipv6_n2x Error
Jul 14 19:58:47 nss amavis[16065]: SpamControl: init_pre_chroot on SpamAssassin done
Jul 14 19:58:47 nss amavis[16106]: Net::Server: Process Backgrounded
Jul 14 19:58:47 nss amavis[16106]: Net::Server: 2009/07/14-19:58:47 Amavis (type Net::Server::PreForkSimple) starting! pid(16106)
Jul 14 19:58:47 nss amavis[16106]: Net::Server: Binding to UNIX socket file /var/amavis/amavisd.sock using SOCK_STREAM
Jul 14 19:58:47 nss amavis[16106]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
Jul 14 19:58:47 nss amavis[16106]: Net::Server: Group Not Defined.  Defaulting to EGID '106 106'
Jul 14 19:58:47 nss amavis[16106]: Net::Server: User Not Defined.  Defaulting to EUID '103'
Jul 14 19:58:47 nss amavis[16106]: config files read: /etc/amavisd.conf
Jul 14 19:58:47 nss amavis[16106]: Module Amavis::Conf        2.207
Jul 14 19:58:47 nss amavis[16106]: Module Archive::Zip        1.16
Jul 14 19:58:47 nss amavis[16106]: Module BerkeleyDB          0.36
Jul 14 19:58:47 nss amavis[16106]: Module Compress::Zlib      2.02
Jul 14 19:58:47 nss amavis[16106]: Module Convert::TNEF       0.17
Jul 14 19:58:47 nss amavis[16106]: Module Convert::UUlib      1.051
Jul 14 19:58:47 nss amavis[16106]: Module Crypt::OpenSSL::RSA 0.25
Jul 14 19:58:47 nss amavis[16106]: Module DBD::mysql          4.012
Jul 14 19:58:47 nss amavis[16106]: Module DBI                 1.52
Jul 14 19:58:47 nss amavis[16106]: Module DB_File             1.814
Jul 14 19:58:47 nss amavis[16106]: Module Digest::MD5         2.36
Jul 14 19:58:47 nss amavis[16106]: Module Digest::SHA         5.47
Jul 14 19:58:47 nss amavis[16106]: Module Digest::SHA1        2.11
Jul 14 19:58:47 nss amavis[16106]: Module IO::Socket::INET6   2.51
Jul 14 19:58:47 nss amavis[16106]: Module MIME::Entity        5.420
Jul 14 19:58:47 nss amavis[16106]: Module MIME::Parser        5.420
Jul 14 19:58:47 nss amavis[16106]: Module MIME::Tools         5.420
Jul 14 19:58:47 nss amavis[16106]: Module Mail::DKIM::Verifier 0.36
Jul 14 19:58:47 nss amavis[16106]: Module Mail::Header        1.77
Jul 14 19:58:47 nss amavis[16106]: Module Mail::Internet      1.77
Jul 14 19:58:47 nss amavis[16106]: Module Mail::SpamAssassin  3.002005
Jul 14 19:58:47 nss amavis[16106]: Module Net::DNS            0.59
Jul 14 19:58:47 nss amavis[16106]: Module Net::Server         0.97
Jul 14 19:58:47 nss amavis[16106]: Module Socket6             0.19
Jul 14 19:58:47 nss amavis[16106]: Module Time::HiRes         1.9715
Jul 14 19:58:47 nss amavis[16106]: Module URI                 1.35
Jul 14 19:58:47 nss amavis[16106]: Module Unix::Syslog        1.1
Jul 14 19:58:47 nss amavis[16106]: Amavis::DB code      loaded
Jul 14 19:58:47 nss amavis[16106]: Amavis::Cache code   loaded
Jul 14 19:58:47 nss amavis[16106]: SQL base code        NOT loaded
Jul 14 19:58:47 nss amavis[16106]: SQL::Log code        NOT loaded
Jul 14 19:58:47 nss amavis[16106]: SQL::Quarantine      NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Lookup::SQL code     NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Lookup::LDAP code    NOT loaded
Jul 14 19:58:47 nss amavis[16106]: AM.PDP-in proto code loaded
Jul 14 19:58:47 nss amavis[16106]: SMTP-in proto code   loaded
Jul 14 19:58:47 nss amavis[16106]: Courier proto code   NOT loaded
Jul 14 19:58:47 nss amavis[16106]: SMTP-out proto code  loaded
Jul 14 19:58:47 nss amavis[16106]: Pipe-out proto code  NOT loaded
Jul 14 19:58:47 nss amavis[16106]: BSMTP-out proto code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Local-out proto code loaded
Jul 14 19:58:47 nss amavis[16106]: OS_Fingerprint code  NOT loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-VIRUS code      loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-SPAM code       loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-SPAM-EXT code   NOT loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-SPAM-C code     NOT loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-SPAM-SA code    loaded
Jul 14 19:58:47 nss amavis[16106]: Unpackers code       loaded
Jul 14 19:58:47 nss amavis[16106]: DKIM code            NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Tools code           NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Found $file            at /usr/bin/file
Jul 14 19:58:47 nss amavis[16106]: No $altermime,         not using it
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .mail
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .asc 
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .uue 
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .hqx 
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .ync 
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .F    at /usr/bin/unfreeze
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .Z    at /usr/bin/uncompress
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .gz   at /usr/bin/gzip -d
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .gz   (backup, not used)
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .bz2  at /usr/bin/bzip2 -d
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .lzo  at /usr/bin/lzop -d
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .rpm  at /usr/bin/rpm2cpio
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .cpio at /usr/bin/pax
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .tar  at /usr/bin/pax
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .deb  at /usr/bin/ar
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .zip 
Jul 14 19:58:47 nss amavis[16106]: No decoder for       .7z   tried: 7zr, 7za, 7z
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .rar  at /usr/bin/unrar
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .arj  at /usr/bin/arj
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .arc  at /usr/bin/nomarch
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .zoo  at /usr/bin/zoo
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .lha  at /usr/bin/lha
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .cab  at /usr/bin/cabextract
Jul 14 19:58:47 nss amavis[16106]: No decoder for       .tnef tried: tnef
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .tnef
Jul 14 19:58:47 nss amavis[16106]: Found decoder for    .exe  at /usr/bin/unrar; /usr/bin/lha; /usr/bin/arj
Jul 14 19:58:47 nss amavis[16106]: Using primary internal av scanner code for ClamAV-clamd
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: KasperskyLab AVP - aveclient
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: KasperskyLab AntiViral Toolkit Pro (AVP)
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: KasperskyLab AVPDaemonClient
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: CentralCommand Vexira (new) vascan
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Avira AntiVir
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Command AntiVirus for Linux
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Symantec CarrierScan via Symantec CommandLineScanner
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Symantec AntiVirus Scan Engine
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: F-Secure Antivirus for Linux servers
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: CAI InoculateIT
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: CAI eTrust Antivirus
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: MkS_Vir for Linux (beta)
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: MkS_Vir daemon
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: ESET NOD32 Linux Mail Server - command line interface
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: ESET NOD32 for Linux File servers
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Norman Virus Control v5 / Linux
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Panda CommandLineSecure 9 for Linux
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: NAI McAfee AntiVirus (uvscan)
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: VirusBuster
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: CyberSoft VFind
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: avast! Antivirus
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Ikarus AntiVirus for Linux
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: BitDefender
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: BitDefender
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: ArcaVir for Linux
Jul 14 19:58:47 nss amavis[16106]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: F-PROT Antivirus for UNIX
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: FRISK F-Prot Antivirus
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: Trend Micro FileScanner
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: drweb - DrWeb Antivirus
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: Kaspersky Antivirus v5.5
Jul 14 19:58:47 nss amavis[16106]: Creating db in /var/amavis/db/; BerkeleyDB 0.36, libdb 4.3
Jul 14 19:58:47 nss amavis[16106]: initializing Mail::SpamAssassin
Jul 14 19:58:47 nss amavis[16106]: SpamAssassin debug facilities: info
Jul 14 19:58:49 nss amavis[16106]: SpamAssassin loaded plugins: AWL, AutoLearnThreshold, Bayes, BodyEval, Check, DNSEval, HTMLEval, HTTPSMismatch, Hashcash, HeaderEval, Ima
geInfo, MIMEEval, MIMEHeader, Pyzor, Razor2, RelayEval, ReplaceTags, SPF, SpamCop, URIDNSBL, URIDetail, URIEval, VBounce, WLBLEval, WhiteListSubject
Jul 14 19:58:49 nss amavis[16106]: SpamControl: init_pre_fork on SpamAssassin done
Jul 14 19:58:49 nss amavis[16106]: DKIM signature verification disabled, corresponding features not available. If not intentional, consider enabling it by setting: $enable_
dkim_verification to 1, or explicitly disable it by setting it to 0 to quench down this warning.
Jul 14 19:58:49 nss amavis[16130]: TIMING [total 7 ms] - bdb-open: 7 (100%)100, rundown: 0 (0%)100
Jul 14 19:58:49 nss amavis[16131]: TIMING [total 6 ms] - bdb-open: 6 (100%)100, rundown: 0 (0%)100
Jul 14 19:58:49 nss amavis[16132]: TIMING [total 7 ms] - bdb-open: 7 (100%)100, rundown: 0 (0%)100
Jul 14 19:58:49 nss amavis[16133]: TIMING [total 6 ms] - bdb-open: 6 (100%)100, rundown: 0 (0%)100 

Über den Port 10024 sollte nun unser daemon ansprechbar sein. Was wir auch sehr einfach mittels lsof überprüfen können:

lsof -i :10024
COMMAND   PID   USER   FD   TYPE  DEVICE SIZE NODE NAME
amavisd 29499 amavis    6u  IPv4 6036705       TCP localhost.localdomain:10024 (LISTEN)
amavisd 29501 amavis    6u  IPv4 6036705       TCP localhost.localdomain:10024 (LISTEN)
amavisd 29502 amavis    6u  IPv4 6036705       TCP localhost.localdomain:10024 (LISTEN)

Via telnet localhost 10024 können wir uns nun zum virusscanner-daemon verbinden.

telnet localhost 10024
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
quit
221 2.0.0 [127.0.0.1] amavisd-new closing transmission channel
Connection closed by foreign host.

clamav

Hier haben wir es einfach, da der Virenkiller on-demand gestartet wird.

Lediglich über die Virenpattern-Updates müssen wir uns Gedanken machen.