Virenschutz mit Hilfe von AMaViS und SpamAssassin
Zur weiteren Absicherung unseres Mailservers bzw. -verkehrs bedienen wir uns der beiden Dienste amavisd-new und spamassassin.
Installation
Wie üblich installieren wir die benötiten Programmpakete via YUM.
yum install amavisd-new spamassassin clamav clamd
Programminfo
amavisd-new
Info
Was uns amavisd-new bietet, entnehmen wir am einfachsten dem rpm
# yum info amavisd-new Name : amavisd-new ... Summary: Mail virus-scanner Description: AMaViS is a program that interfaces a mail transfer agent (MTA) with one or more virus scanners. Amavisd-new is a branch created by Mark Martinec that adds serveral performance and robustness features. It's partly based on work being done on the official amavisd branch. Please see the README.amavisd-new-RELNOTES file for a detailed description.
Programmpfade und -inhalte
Über die einzelnen Dateien und Pfade der installierten Programme, informieren wir uns mittels:
# rpm -ql amavisd-new /etc/amavisd.conf /etc/cron.daily/amavisd /etc/logrotate.d/amavisd /etc/openldap/schema/amavisd-new.schema /etc/rc.d/init.d/amavisd /etc/sysconfig/amavisd /usr/sbin/amavisd /usr/sbin/amavisd-agent /usr/sbin/amavisd-nanny /usr/sbin/amavisd-release /usr/sbin/p0f-analyzer /usr/share/doc/amavisd-new-2.6.4 /usr/share/doc/amavisd-new-2.6.4/AAAREADME.first /usr/share/doc/amavisd-new-2.6.4/LDAP.schema /usr/share/doc/amavisd-new-2.6.4/LICENSE /usr/share/doc/amavisd-new-2.6.4/MANIFEST /usr/share/doc/amavisd-new-2.6.4/README.banned /usr/share/doc/amavisd-new-2.6.4/README.chroot /usr/share/doc/amavisd-new-2.6.4/README.contributed /usr/share/doc/amavisd-new-2.6.4/README.courier /usr/share/doc/amavisd-new-2.6.4/README.courier-old /usr/share/doc/amavisd-new-2.6.4/README.customize /usr/share/doc/amavisd-new-2.6.4/README.exim_v3 /usr/share/doc/amavisd-new-2.6.4/README.exim_v3_app /usr/share/doc/amavisd-new-2.6.4/README.exim_v4 /usr/share/doc/amavisd-new-2.6.4/README.exim_v4_app /usr/share/doc/amavisd-new-2.6.4/README.exim_v4_app2 /usr/share/doc/amavisd-new-2.6.4/README.ldap /usr/share/doc/amavisd-new-2.6.4/README.lookups /usr/share/doc/amavisd-new-2.6.4/README.milter /usr/share/doc/amavisd-new-2.6.4/README.old.scanners /usr/share/doc/amavisd-new-2.6.4/README.performance /usr/share/doc/amavisd-new-2.6.4/README.policy-on-notifications /usr/share/doc/amavisd-new-2.6.4/README.postfix /usr/share/doc/amavisd-new-2.6.4/README.postfix.html /usr/share/doc/amavisd-new-2.6.4/README.protocol /usr/share/doc/amavisd-new-2.6.4/README.sendmail /usr/share/doc/amavisd-new-2.6.4/README.sendmail-dual /usr/share/doc/amavisd-new-2.6.4/README.sendmail-dual.old /usr/share/doc/amavisd-new-2.6.4/README.sql /usr/share/doc/amavisd-new-2.6.4/README.sql-mysql /usr/share/doc/amavisd-new-2.6.4/README.sql-pg /usr/share/doc/amavisd-new-2.6.4/RELEASE_NOTES /usr/share/doc/amavisd-new-2.6.4/amavisd-new-docs.html /usr/share/doc/amavisd-new-2.6.4/amavisd.conf /usr/share/doc/amavisd-new-2.6.4/amavisd.conf-default /usr/share/doc/amavisd-new-2.6.4/amavisd.conf-sample /usr/share/doc/amavisd-new-2.6.4/amavisd.conf.orig /usr/share/doc/amavisd-new-2.6.4/images /usr/share/doc/amavisd-new-2.6.4/images/blank.png /usr/share/doc/amavisd-new-2.6.4/images/callouts /usr/share/doc/amavisd-new-2.6.4/images/callouts/1.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/10.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/11.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/12.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/13.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/14.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/15.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/2.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/3.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/4.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/5.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/6.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/7.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/8.png /usr/share/doc/amavisd-new-2.6.4/images/callouts/9.png /usr/share/doc/amavisd-new-2.6.4/images/caution.png /usr/share/doc/amavisd-new-2.6.4/images/draft.png /usr/share/doc/amavisd-new-2.6.4/images/home.png /usr/share/doc/amavisd-new-2.6.4/images/important.png /usr/share/doc/amavisd-new-2.6.4/images/next.png /usr/share/doc/amavisd-new-2.6.4/images/note.png /usr/share/doc/amavisd-new-2.6.4/images/prev.png /usr/share/doc/amavisd-new-2.6.4/images/tip.png /usr/share/doc/amavisd-new-2.6.4/images/toc-blank.png /usr/share/doc/amavisd-new-2.6.4/images/toc-minus.png /usr/share/doc/amavisd-new-2.6.4/images/toc-plus.png /usr/share/doc/amavisd-new-2.6.4/images/up.png /usr/share/doc/amavisd-new-2.6.4/images/warning.png /usr/share/doc/amavisd-new-2.6.4/screen.css /usr/share/doc/amavisd-new-2.6.4/test-messages /usr/share/doc/amavisd-new-2.6.4/test-messages/README /usr/share/doc/amavisd-new-2.6.4/test-messages/sample.tar.gz.compl /var/amavis /var/amavis/db /var/amavis/tmp /var/amavis/var /var/log/amavis.log /var/virusmails
spamassassin
Info
Auch beim Paket spamassassin informieren wir uns erst einmal an Hand der RPM-Info:
yum info spamassassin Name : spamassassin ... Summary: Spam-Filter für E-Mails, der durch Mail-Agenten aufgerufen werden kann. Description: SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email (SPAM) from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system to identify messages which look spammy, then adds headers to the message so they can be filtered by the user's mail reading software. This distribution includes the spamd/spamc components which create a server that considerably speeds processing of mail. To enable spamassassin, if you are receiving mail locally, simply add this line to your ~/.procmailrc: INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc To filter spam for all users, add that line to /etc/procmailrc (creating if necessary).
Programmpfade und -inhalte
Über die einzelnen Dateien und Pfade der installierten Programme, informieren wir uns auch hier mittels:
rpm -ql spamassassin /etc/cron.d/sa-update /etc/logrotate.d/sa-update /etc/mail/spamassassin /etc/mail/spamassassin/init.pre /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/spamassassin-default.rc /etc/mail/spamassassin/spamassassin-helper.sh /etc/mail/spamassassin/spamassassin-spamc.rc /etc/mail/spamassassin/v310.pre /etc/mail/spamassassin/v312.pre /etc/mail/spamassassin/v320.pre /etc/rc.d/init.d/spamassassin /etc/sysconfig/spamassassin /usr/bin/sa-compile /usr/bin/sa-learn /usr/bin/sa-update /usr/bin/spamassassin /usr/bin/spamc /usr/bin/spamd /usr/lib/perl5/vendor_perl/5.8.8/Mail /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/AICache.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/ArchiveIterator.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/AsyncLoop.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/AutoWhitelist.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Bayes /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Bayes.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Bayes/CombineChi.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Bayes/CombineNaiveBayes.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/DBM.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/MySQL.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/PgSQL.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/SDBM.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/BayesStore/SQL.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Client.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf/LDAP.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf/Parser.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Conf/SQL.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Constants.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/DBBasedAddrList.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Dns.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/DnsResolver.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/HTML.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locales.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker/Flock.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker/UnixNFSSafe.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Locker/Win32.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger/File.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger/Stderr.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Logger/Syslog.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/MailingList.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message/Metadata /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message/Metadata.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message/Metadata/Received.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Message/Node.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/NetSet.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PerMsgLearner.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PerMsgStatus.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PersistentAddrList.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/ASN.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/AWL.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/AccessDB.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/AntiVirus.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/AutoLearnThreshold.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Bayes.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/BodyEval.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Check.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DCC.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DKIM.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DNSEval.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DomainKeys.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/HTMLEval.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/HTTPSMismatch.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Hashcash.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/HeaderEval.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/ImageInfo.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/MIMEEval.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/MIMEHeader.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Pyzor.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Razor2.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/RelayCountry.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/RelayEval.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/ReplaceTags.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Rule2XSBody.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/SPF.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Shortcircuit.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/SpamCop.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/Test.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/TextCat.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/URIDNSBL.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/URIDetail.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/URIEval.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/VBounce.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/WLBLEval.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/WhiteListSubject.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/PluginHandler.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Reporter.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/SQLBasedAddrList.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/SpamdForkScaling.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/SubProcBackChannel.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Timeout.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util/DependencyInfo.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util/Progress.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util/RegistrarBoundaries.pm /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Util/TieOneStringHash.pm /usr/lib/perl5/vendor_perl/5.8.8/spamassassin-run.pod /usr/share/doc/spamassassin-3.2.4 /usr/share/doc/spamassassin-3.2.4/CREDITS /usr/share/doc/spamassassin-3.2.4/Changes /usr/share/doc/spamassassin-3.2.4/LICENSE /usr/share/doc/spamassassin-3.2.4/NOTICE /usr/share/doc/spamassassin-3.2.4/README /usr/share/doc/spamassassin-3.2.4/TRADEMARK /usr/share/doc/spamassassin-3.2.4/UPGRADE /usr/share/doc/spamassassin-3.2.4/USAGE /usr/share/doc/spamassassin-3.2.4/sample-nonspam.txt /usr/share/doc/spamassassin-3.2.4/sample-spam.txt /usr/share/man/man1/sa-compile.1.gz /usr/share/man/man1/sa-learn.1.gz /usr/share/man/man1/sa-update.1.gz /usr/share/man/man1/spamassassin-run.1.gz /usr/share/man/man1/spamassassin.1.gz /usr/share/man/man1/spamc.1.gz /usr/share/man/man1/spamd.1.gz /usr/share/man/man3/Mail::SpamAssassin.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::AICache.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::ArchiveIterator.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::AsyncLoop.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::AutoWhitelist.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Bayes.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::BayesStore.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::BayesStore::MySQL.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::BayesStore::PgSQL.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::BayesStore::SQL.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Client.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Conf.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Conf::LDAP.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Conf::Parser.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Conf::SQL.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::DnsResolver.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Logger.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Logger::File.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Logger::Stderr.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Logger::Syslog.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Message.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Message::Metadata.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Message::Node.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::PerMsgLearner.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::PerMsgStatus.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::PersistentAddrList.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::ASN.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::AWL.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::AccessDB.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::AntiVirus.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::AutoLearnThreshold.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::BodyRuleBaseExtractor.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::Check.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::DCC.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::DKIM.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::DomainKeys.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::Hashcash.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::MIMEHeader.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::OneLineBodyRuleType.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::Pyzor.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::Razor2.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::RelayCountry.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::ReplaceTags.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::Rule2XSBody.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::SPF.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::Shortcircuit.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::SpamCop.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::Test.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::TextCat.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::URIDNSBL.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::URIDetail.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::VBounce.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Plugin::WhiteListSubject.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::PluginHandler.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::SQLBasedAddrList.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::SubProcBackChannel.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Timeout.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Util.3pm.gz /usr/share/man/man3/Mail::SpamAssassin::Util::Progress.3pm.gz /usr/share/man/man3/spamassassin-run.3pm.gz /usr/share/spamassassin /usr/share/spamassassin/10_default_prefs.cf /usr/share/spamassassin/20_advance_fee.cf /usr/share/spamassassin/20_body_tests.cf /usr/share/spamassassin/20_compensate.cf /usr/share/spamassassin/20_dnsbl_tests.cf /usr/share/spamassassin/20_drugs.cf /usr/share/spamassassin/20_dynrdns.cf /usr/share/spamassassin/20_fake_helo_tests.cf /usr/share/spamassassin/20_head_tests.cf /usr/share/spamassassin/20_html_tests.cf /usr/share/spamassassin/20_imageinfo.cf /usr/share/spamassassin/20_meta_tests.cf /usr/share/spamassassin/20_net_tests.cf /usr/share/spamassassin/20_phrases.cf /usr/share/spamassassin/20_porn.cf /usr/share/spamassassin/20_ratware.cf /usr/share/spamassassin/20_uri_tests.cf /usr/share/spamassassin/20_vbounce.cf /usr/share/spamassassin/23_bayes.cf /usr/share/spamassassin/25_accessdb.cf /usr/share/spamassassin/25_antivirus.cf /usr/share/spamassassin/25_asn.cf /usr/share/spamassassin/25_dcc.cf /usr/share/spamassassin/25_dkim.cf /usr/share/spamassassin/25_domainkeys.cf /usr/share/spamassassin/25_hashcash.cf /usr/share/spamassassin/25_pyzor.cf /usr/share/spamassassin/25_razor2.cf /usr/share/spamassassin/25_replace.cf /usr/share/spamassassin/25_spf.cf /usr/share/spamassassin/25_textcat.cf /usr/share/spamassassin/25_uribl.cf /usr/share/spamassassin/30_text_de.cf /usr/share/spamassassin/30_text_fr.cf /usr/share/spamassassin/30_text_it.cf /usr/share/spamassassin/30_text_nl.cf /usr/share/spamassassin/30_text_pl.cf /usr/share/spamassassin/30_text_pt_br.cf /usr/share/spamassassin/50_scores.cf /usr/share/spamassassin/60_awl.cf /usr/share/spamassassin/60_shortcircuit.cf /usr/share/spamassassin/60_whitelist.cf /usr/share/spamassassin/60_whitelist_dk.cf /usr/share/spamassassin/60_whitelist_dkim.cf /usr/share/spamassassin/60_whitelist_spf.cf /usr/share/spamassassin/60_whitelist_subject.cf /usr/share/spamassassin/72_active.cf /usr/share/spamassassin/languages /usr/share/spamassassin/sa-update-pubkey.txt /usr/share/spamassassin/sa-update.cron /usr/share/spamassassin/user_prefs.template /var/lib/spamassassin /var/run/spamassassin
clamav
Info
Die Leistung(en) des clamav entnehmen wir dem rpm
yum info clamav Name : clamav ... Summary: Anti-virus software Description: Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date
Programmpfade und -inhalte
Über die einzelnen Dateien und Pfade des installierten clamav-Paketes, informieren wir uns auch hier mittels:
rpm -ql clamav /etc/freshclam.conf /usr/bin/clamscan /usr/bin/freshclam /usr/bin/sigtool /usr/lib/libclamav.so.5 /usr/lib/libclamav.so.5.0.3 /usr/lib/libclamunrar.so.5 /usr/lib/libclamunrar.so.5.0.3 /usr/lib/libclamunrar_iface.so.5 /usr/lib/libclamunrar_iface.so.5.0.3 /usr/share/doc/clamav-0.94.1 /usr/share/doc/clamav-0.94.1/AUTHORS /usr/share/doc/clamav-0.94.1/BUGS /usr/share/doc/clamav-0.94.1/COPYING /usr/share/doc/clamav-0.94.1/ChangeLog /usr/share/doc/clamav-0.94.1/FAQ /usr/share/doc/clamav-0.94.1/INSTALL /usr/share/doc/clamav-0.94.1/NEWS /usr/share/doc/clamav-0.94.1/README /usr/share/doc/clamav-0.94.1/clamav-mirror-howto.pdf /usr/share/doc/clamav-0.94.1/clamdoc.pdf /usr/share/doc/clamav-0.94.1/freshclam.conf /usr/share/doc/clamav-0.94.1/phishsigs_howto.pdf /usr/share/doc/clamav-0.94.1/signatures.pdf /usr/share/doc/clamav-0.94.1/test /usr/share/doc/clamav-0.94.1/test/.split /usr/share/doc/clamav-0.94.1/test/.split/split.clam-aspack.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-aspack.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-fsg.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-fsg.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-mew.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-mew.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-nsis.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-nsis.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-pespin.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-pespin.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-petite.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-petite.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-upack.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-upack.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-upx.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-upx.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-v2.raraa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-v2.rarab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-v3.raraa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-v3.rarab /usr/share/doc/clamav-0.94.1/test/.split/split.clam-wwpack.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam-wwpack.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.arjaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.arjab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.bz2.zipaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.bz2.zipab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.cabaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.cabab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.chmaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.chmab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.d64.zipaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.d64.zipab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.ea05.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.ea05.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.ea06.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.ea06.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.binhexaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.binhexab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.bz2aa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.bz2ab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.htmlaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.htmlab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.mbox.base64aa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.mbox.base64ab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.mbox.uuaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.mbox.uuab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.rtfaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.rtfab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.szddaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exe.szddab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exeaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.exeab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.impl.zipaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.impl.zipab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.mailaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.mailab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.ole.docaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.ole.docab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.pdfaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.pdfab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.pptaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.pptab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.sisaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.sisab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.tar.gzaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.tar.gzab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.tnefaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.tnefab /usr/share/doc/clamav-0.94.1/test/.split/split.clam.zipaa /usr/share/doc/clamav-0.94.1/test/.split/split.clam.zipab /usr/share/doc/clamav-0.94.1/test/Makefile /usr/share/doc/clamav-0.94.1/test/Makefile.am /usr/share/doc/clamav-0.94.1/test/Makefile.in /usr/share/doc/clamav-0.94.1/test/README /usr/share/doc/clamav-0.94.1/test/clam-aspack.exe /usr/share/doc/clamav-0.94.1/test/clam-fsg.exe /usr/share/doc/clamav-0.94.1/test/clam-mew.exe /usr/share/doc/clamav-0.94.1/test/clam-nsis.exe /usr/share/doc/clamav-0.94.1/test/clam-pespin.exe /usr/share/doc/clamav-0.94.1/test/clam-petite.exe /usr/share/doc/clamav-0.94.1/test/clam-upack.exe /usr/share/doc/clamav-0.94.1/test/clam-upx.exe /usr/share/doc/clamav-0.94.1/test/clam-v2.rar /usr/share/doc/clamav-0.94.1/test/clam-v3.rar /usr/share/doc/clamav-0.94.1/test/clam-wwpack.exe /usr/share/doc/clamav-0.94.1/test/clam.arj /usr/share/doc/clamav-0.94.1/test/clam.bz2.zip /usr/share/doc/clamav-0.94.1/test/clam.cab /usr/share/doc/clamav-0.94.1/test/clam.chm /usr/share/doc/clamav-0.94.1/test/clam.d64.zip /usr/share/doc/clamav-0.94.1/test/clam.ea05.exe /usr/share/doc/clamav-0.94.1/test/clam.ea06.exe /usr/share/doc/clamav-0.94.1/test/clam.exe /usr/share/doc/clamav-0.94.1/test/clam.exe.binhex /usr/share/doc/clamav-0.94.1/test/clam.exe.bz2 /usr/share/doc/clamav-0.94.1/test/clam.exe.html /usr/share/doc/clamav-0.94.1/test/clam.exe.mbox.base64 /usr/share/doc/clamav-0.94.1/test/clam.exe.mbox.uu /usr/share/doc/clamav-0.94.1/test/clam.exe.rtf /usr/share/doc/clamav-0.94.1/test/clam.exe.szdd /usr/share/doc/clamav-0.94.1/test/clam.impl.zip /usr/share/doc/clamav-0.94.1/test/clam.mail /usr/share/doc/clamav-0.94.1/test/clam.ole.doc /usr/share/doc/clamav-0.94.1/test/clam.pdf /usr/share/doc/clamav-0.94.1/test/clam.ppt /usr/share/doc/clamav-0.94.1/test/clam.sis /usr/share/doc/clamav-0.94.1/test/clam.tar.gz /usr/share/doc/clamav-0.94.1/test/clam.tnef /usr/share/doc/clamav-0.94.1/test/clam.zip /usr/share/man/man1/clamscan.1.gz /usr/share/man/man1/freshclam.1.gz /usr/share/man/man1/sigtool.1.gz /usr/share/man/man5/freshclam.conf.5.gz
clamd
Info
Was uns clamd leistet, finden wir im rpm
yum info clamd Name : clamd ... Summary: The Clam AntiVirus Daemon Description: The Clam AntiVirus Daemon
Na ja, nicht gerade viel, aber immerhin kurz und prägnant. ;)
Programmpfade und -inhalte
Über die einzelnen Dateien und Pfade des installierten clamad-Paketes, informieren wir uns auch hier mittels:
rpm -ql clamd /etc/clamd.conf /etc/logrotate.d/clamav /etc/rc.d/init.d/clamd /usr/bin/clamconf /usr/bin/clamdscan /usr/sbin/clamd /usr/share/doc/clamd-0.94.1 /usr/share/doc/clamd-0.94.1/clamd.conf /usr/share/doc/clamd-0.94.1/clamdwatch /usr/share/doc/clamd-0.94.1/clamdwatch/clamdwatch.tar.gz /usr/share/man/man1/clamconf.1.gz /usr/share/man/man1/clamdscan.1.gz /usr/share/man/man5/clamd.conf.5.gz /usr/share/man/man8/clamd.8.gz /var/clamav /var/log/clamav /var/run/clamav
erste Programmstarts
amavisd
Als erstes starten wir mal unseren A MAil Virus Scanner via:
# service amavisd start Mail Virus Scanner (amavisd) starten: [ OK ]
Im /var/log/maillog wird der erfolgreiche Start ausreichend dokumentiert:
Jul 14 19:58:46 nss amavis[16065]: starting. /usr/sbin/amavisd at amavis.nausch.org amavisd-new-2.6.4 (20090625), Unicode aware, LANG="de_DE.UTF-8"
Jul 14 19:58:46 nss amavis[16065]: user=103, EUID: 103 (103); group=, EGID: 106 106 (106 106)
Jul 14 19:58:46 nss amavis[16065]: Perl version 5.008008
Jul 14 19:58:47 nss amavis[16065]: SpamControl: scanner SpamAssassin, module Amavis::SpamControl::SpamAssassin
Jul 14 19:58:47 nss amavis[16065]: INFO: SA version: 3.2.5, 3.002005, no optional modules: Net::CIDR::Lite Sys::Hostname::Long Encode::Detect Razor2::Client::Agent IP::Coun
try::Fast Image::Info Image::Info::GIF Image::Info::JPEG Image::Info::PNG Image::Info::TIFF Mail::SPF Mail::SPF::Server Mail::SPF::Request Mail::SPF::Mech Mail::SPF::Mech::
A Mail::SPF::Mech::PTR Mail::SPF::Mech::All Mail::SPF::Mech::Exists Mail::SPF::Mech::IP4 Mail::SPF::Mech::IP6 Mail::SPF::Mech::Include Mail::SPF::Mech::MX Mail::SPF::Mod Ma
il::SPF::Mod::Exp Mail::SPF::Mod::Redirect Mail::SPF::SenderIPAddrMech Mail::SPF::v1::Record Mail::SPF::v2::Record NetAddr::IP NetAddr::IP::Util auto::NetAddr::IP::Util::in
et_n2dx auto::NetAddr::IP::Util::ipv6_n2d auto::NetAddr::IP::Util::ipv6_n2x Error
Jul 14 19:58:47 nss amavis[16065]: SpamControl: init_pre_chroot on SpamAssassin done
Jul 14 19:58:47 nss amavis[16106]: Net::Server: Process Backgrounded
Jul 14 19:58:47 nss amavis[16106]: Net::Server: 2009/07/14-19:58:47 Amavis (type Net::Server::PreForkSimple) starting! pid(16106)
Jul 14 19:58:47 nss amavis[16106]: Net::Server: Binding to UNIX socket file /var/amavis/amavisd.sock using SOCK_STREAM
Jul 14 19:58:47 nss amavis[16106]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
Jul 14 19:58:47 nss amavis[16106]: Net::Server: Group Not Defined. Defaulting to EGID '106 106'
Jul 14 19:58:47 nss amavis[16106]: Net::Server: User Not Defined. Defaulting to EUID '103'
Jul 14 19:58:47 nss amavis[16106]: config files read: /etc/amavisd.conf
Jul 14 19:58:47 nss amavis[16106]: Module Amavis::Conf 2.207
Jul 14 19:58:47 nss amavis[16106]: Module Archive::Zip 1.16
Jul 14 19:58:47 nss amavis[16106]: Module BerkeleyDB 0.36
Jul 14 19:58:47 nss amavis[16106]: Module Compress::Zlib 2.02
Jul 14 19:58:47 nss amavis[16106]: Module Convert::TNEF 0.17
Jul 14 19:58:47 nss amavis[16106]: Module Convert::UUlib 1.051
Jul 14 19:58:47 nss amavis[16106]: Module Crypt::OpenSSL::RSA 0.25
Jul 14 19:58:47 nss amavis[16106]: Module DBD::mysql 4.012
Jul 14 19:58:47 nss amavis[16106]: Module DBI 1.52
Jul 14 19:58:47 nss amavis[16106]: Module DB_File 1.814
Jul 14 19:58:47 nss amavis[16106]: Module Digest::MD5 2.36
Jul 14 19:58:47 nss amavis[16106]: Module Digest::SHA 5.47
Jul 14 19:58:47 nss amavis[16106]: Module Digest::SHA1 2.11
Jul 14 19:58:47 nss amavis[16106]: Module IO::Socket::INET6 2.51
Jul 14 19:58:47 nss amavis[16106]: Module MIME::Entity 5.420
Jul 14 19:58:47 nss amavis[16106]: Module MIME::Parser 5.420
Jul 14 19:58:47 nss amavis[16106]: Module MIME::Tools 5.420
Jul 14 19:58:47 nss amavis[16106]: Module Mail::DKIM::Verifier 0.36
Jul 14 19:58:47 nss amavis[16106]: Module Mail::Header 1.77
Jul 14 19:58:47 nss amavis[16106]: Module Mail::Internet 1.77
Jul 14 19:58:47 nss amavis[16106]: Module Mail::SpamAssassin 3.002005
Jul 14 19:58:47 nss amavis[16106]: Module Net::DNS 0.59
Jul 14 19:58:47 nss amavis[16106]: Module Net::Server 0.97
Jul 14 19:58:47 nss amavis[16106]: Module Socket6 0.19
Jul 14 19:58:47 nss amavis[16106]: Module Time::HiRes 1.9715
Jul 14 19:58:47 nss amavis[16106]: Module URI 1.35
Jul 14 19:58:47 nss amavis[16106]: Module Unix::Syslog 1.1
Jul 14 19:58:47 nss amavis[16106]: Amavis::DB code loaded
Jul 14 19:58:47 nss amavis[16106]: Amavis::Cache code loaded
Jul 14 19:58:47 nss amavis[16106]: SQL base code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: SQL::Log code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: SQL::Quarantine NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Lookup::SQL code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Lookup::LDAP code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: AM.PDP-in proto code loaded
Jul 14 19:58:47 nss amavis[16106]: SMTP-in proto code loaded
Jul 14 19:58:47 nss amavis[16106]: Courier proto code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: SMTP-out proto code loaded
Jul 14 19:58:47 nss amavis[16106]: Pipe-out proto code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: BSMTP-out proto code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Local-out proto code loaded
Jul 14 19:58:47 nss amavis[16106]: OS_Fingerprint code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-VIRUS code loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-SPAM code loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-SPAM-EXT code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-SPAM-C code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: ANTI-SPAM-SA code loaded
Jul 14 19:58:47 nss amavis[16106]: Unpackers code loaded
Jul 14 19:58:47 nss amavis[16106]: DKIM code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Tools code NOT loaded
Jul 14 19:58:47 nss amavis[16106]: Found $file at /usr/bin/file
Jul 14 19:58:47 nss amavis[16106]: No $altermime, not using it
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .mail
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .asc
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .uue
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .hqx
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .ync
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .F at /usr/bin/unfreeze
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .Z at /usr/bin/uncompress
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .gz at /usr/bin/gzip -d
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .gz (backup, not used)
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .bz2 at /usr/bin/bzip2 -d
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .lzo at /usr/bin/lzop -d
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .rpm at /usr/bin/rpm2cpio
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .cpio at /usr/bin/pax
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .tar at /usr/bin/pax
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .deb at /usr/bin/ar
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .zip
Jul 14 19:58:47 nss amavis[16106]: No decoder for .7z tried: 7zr, 7za, 7z
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .rar at /usr/bin/unrar
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .arj at /usr/bin/arj
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .arc at /usr/bin/nomarch
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .zoo at /usr/bin/zoo
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .lha at /usr/bin/lha
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .cab at /usr/bin/cabextract
Jul 14 19:58:47 nss amavis[16106]: No decoder for .tnef tried: tnef
Jul 14 19:58:47 nss amavis[16106]: Internal decoder for .tnef
Jul 14 19:58:47 nss amavis[16106]: Found decoder for .exe at /usr/bin/unrar; /usr/bin/lha; /usr/bin/arj
Jul 14 19:58:47 nss amavis[16106]: Using primary internal av scanner code for ClamAV-clamd
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: KasperskyLab AVP - aveclient
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: KasperskyLab AntiViral Toolkit Pro (AVP)
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: KasperskyLab AVPDaemonClient
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: CentralCommand Vexira (new) vascan
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Avira AntiVir
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Command AntiVirus for Linux
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Symantec CarrierScan via Symantec CommandLineScanner
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Symantec AntiVirus Scan Engine
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: F-Secure Antivirus for Linux servers
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: CAI InoculateIT
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: CAI eTrust Antivirus
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: MkS_Vir for Linux (beta)
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: MkS_Vir daemon
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: ESET NOD32 Linux Mail Server - command line interface
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: ESET NOD32 for Linux File servers
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Norman Virus Control v5 / Linux
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Panda CommandLineSecure 9 for Linux
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: NAI McAfee AntiVirus (uvscan)
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: VirusBuster
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: CyberSoft VFind
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: avast! Antivirus
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: Ikarus AntiVirus for Linux
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: BitDefender
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: BitDefender
Jul 14 19:58:47 nss amavis[16106]: No primary av scanner: ArcaVir for Linux
Jul 14 19:58:47 nss amavis[16106]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: F-PROT Antivirus for UNIX
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: FRISK F-Prot Antivirus
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: Trend Micro FileScanner
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: drweb - DrWeb Antivirus
Jul 14 19:58:47 nss amavis[16106]: No secondary av scanner: Kaspersky Antivirus v5.5
Jul 14 19:58:47 nss amavis[16106]: Creating db in /var/amavis/db/; BerkeleyDB 0.36, libdb 4.3
Jul 14 19:58:47 nss amavis[16106]: initializing Mail::SpamAssassin
Jul 14 19:58:47 nss amavis[16106]: SpamAssassin debug facilities: info
Jul 14 19:58:49 nss amavis[16106]: SpamAssassin loaded plugins: AWL, AutoLearnThreshold, Bayes, BodyEval, Check, DNSEval, HTMLEval, HTTPSMismatch, Hashcash, HeaderEval, Ima
geInfo, MIMEEval, MIMEHeader, Pyzor, Razor2, RelayEval, ReplaceTags, SPF, SpamCop, URIDNSBL, URIDetail, URIEval, VBounce, WLBLEval, WhiteListSubject
Jul 14 19:58:49 nss amavis[16106]: SpamControl: init_pre_fork on SpamAssassin done
Jul 14 19:58:49 nss amavis[16106]: DKIM signature verification disabled, corresponding features not available. If not intentional, consider enabling it by setting: $enable_
dkim_verification to 1, or explicitly disable it by setting it to 0 to quench down this warning.
Jul 14 19:58:49 nss amavis[16130]: TIMING [total 7 ms] - bdb-open: 7 (100%)100, rundown: 0 (0%)100
Jul 14 19:58:49 nss amavis[16131]: TIMING [total 6 ms] - bdb-open: 6 (100%)100, rundown: 0 (0%)100
Jul 14 19:58:49 nss amavis[16132]: TIMING [total 7 ms] - bdb-open: 7 (100%)100, rundown: 0 (0%)100
Jul 14 19:58:49 nss amavis[16133]: TIMING [total 6 ms] - bdb-open: 6 (100%)100, rundown: 0 (0%)100
Über den Port 10024 sollte nun unser daemon ansprechbar sein. Was wir auch sehr einfach mittels lsof überprüfen können:
lsof -i :10024 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME amavisd 29499 amavis 6u IPv4 6036705 TCP localhost.localdomain:10024 (LISTEN) amavisd 29501 amavis 6u IPv4 6036705 TCP localhost.localdomain:10024 (LISTEN) amavisd 29502 amavis 6u IPv4 6036705 TCP localhost.localdomain:10024 (LISTEN)
Via telnet localhost 10024 können wir uns nun zum virusscanner-daemon verbinden.
telnet localhost 10024 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 [127.0.0.1] ESMTP amavisd-new service ready quit 221 2.0.0 [127.0.0.1] amavisd-new closing transmission channel Connection closed by foreign host.
clamav
Hier haben wir es einfach, da der Virenkiller on-demand gestartet wird.
Lediglich über die Virenpattern-Updates müssen wir uns Gedanken machen.
django