Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung | Nächste ÜberarbeitungBeide Seiten der Revision | ||
centos:mailserver:grundinstallation_von_amavis [28.11.2011 21:22. ] – [Grundkonfiguration] Rechtschreibkorrektur django | centos:mailserver:grundinstallation_von_amavis [12.04.2012 11:18. ] – [Virenschutz mit AMaViS] django | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | ====== Virenschutz mit AMaViS ====== | ||
+ | Für die eMailkommunikation in unserem SOHO(( Small Office Home Office ))-LAN bedienen wir uns des SMTP-Server **Postfix**. Zur weiteren Absichereung (Viren- und Spam-Schutz) nutzen wir weitere Programme und Dämonen, wie [[http:// | ||
+ | ===== Postfix-AMaViS-Cyrus Zusammenspiel ===== | ||
+ | <uml width=550 title=" | ||
+ | |||
+ | state " | ||
+ | smtp_25 : (Mail Transport Agent) | ||
+ | smtp_25 : andere SMTP-Server | ||
+ | smtp_25 : im Internet bzw. Intranet | ||
+ | smtp_25 : TCP/IP - Port 25 | ||
+ | |||
+ | state Postfix { | ||
+ | state " | ||
+ | smtpd_25 : SMTP-Daemon | ||
+ | smtpd_25 : TCP/IP Port 25 | ||
+ | smtpd_25 : mit smtpd_proxy_filter | ||
+ | |||
+ | state " | ||
+ | smtpd_10025 : SMTP-Daemon | ||
+ | smtpd_10025 : TCP/IP Port 10025 | ||
+ | smtpd_10025 : *ohne* smtpd_proxy_filter | ||
+ | |||
+ | state " | ||
+ | work : weitere Be-/ | ||
+ | work : der eMail durch den | ||
+ | work : Mail-Transport-Agent Postfix | ||
+ | } | ||
+ | |||
+ | state AMaViS { | ||
+ | state " | ||
+ | smtpd_10024 : SMTP-Daemon | ||
+ | smtpd_10024 : TCP/IP Port 10024 | ||
+ | |||
+ | state " | ||
+ | amavis : Master Prozess | ||
+ | amavis : (Frontend-System) | ||
+ | | ||
+ | state " | ||
+ | packer : Backend-System zum | ||
+ | packer : Entpacken von Dateianhängen | ||
+ | state " | ||
+ | virus : Backend-System zum | ||
+ | virus : Prüfen der eMail und der | ||
+ | virus : Anhänge auf Schadcode | ||
+ | state " | ||
+ | spam : Backend-System zum | ||
+ | spam : Prüfen der eMail auf | ||
+ | spam : unerwünschte Inhalte | ||
+ | } | ||
+ | |||
+ | state Cyrus { | ||
+ | state " | ||
+ | smtpd_24 : Mail-Delivery-Agent | ||
+ | smtpd_24 : Cyrus IMAP-Server | ||
+ | } | ||
+ | |||
+ | |||
+ | | ||
+ | | ||
+ | |||
+ | | ||
+ | | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | virus -up-> amavis | ||
+ | | ||
+ | spam -right-> amavis | ||
+ | |||
+ | | ||
+ | |||
+ | work -right-> smtpd_24 | ||
+ | </ | ||
+ | |||
+ | ===== Installation ===== | ||
+ | Die Installation erfolgt, wie soll es auch anders sein, wie gewohnt via **yum**: | ||
+ | < | ||
+ | ==== Info ==== | ||
+ | Was uns // | ||
+ | < | ||
+ | |||
+ | Name : amavisd-new | ||
+ | ... | ||
+ | Summary: Mail virus-scanner | ||
+ | Description: | ||
+ | Amavisd-new is a branch created by Mark Martinec that adds serveral performance and robustness features. It' | ||
+ | partly based on work being done on the official amavisd branch. Please see the README.amavisd-new-RELNOTES | ||
+ | file for a detailed description.</ | ||
+ | |||
+ | ==== Programmpfade und -inhalte ==== | ||
+ | Über die einzelnen Dateien und Pfade der installierten Programme, informieren wir uns mittels: | ||
+ | < | ||
+ | |||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | /var/amavis | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | |||
+ | ===== Konfiguration ===== | ||
+ | ==== Grundkonfiguration ==== | ||
+ | Für die weitere Viren- und Spam-Prüfung der uns angetragenen elektronischen Post, verwenden wir die **smtp_proxy_filter**-Funktionen, | ||
+ | \\ | ||
+ | Der externe Mailserver versucht mit unserer neuen Konfiguration eine eMail bei uns auf Port **25** abzusetzen. Unser Postfix reicht diese direkt an den Port 10024 unseres **AMaViS-Daemon** weiter, der die Nachricht // | ||
+ | \\ | ||
+ | Im ersten Schritt definieren wir also die ersten drei Parameter, **Hostnamen**, | ||
+ | < | ||
+ | |||
+ | $myhostname = ' | ||
+ | $mydomain = ' | ||
+ | |||
+ | ... | ||
+ | |||
+ | $inet_socket_port = 10024; | ||
+ | |||
+ | ...</ | ||
+ | ==== Gesamtkonfiguration ==== | ||
+ | Unser lauffähges System benötigt eine umfangreiche Konfiguration, | ||
+ | < | ||
+ | use strict; | ||
+ | $max_servers = 5; # num of pre-forked children (2..30 is common), -m | ||
+ | $daemon_user | ||
+ | $daemon_group = " | ||
+ | $myhostname = ' | ||
+ | $mydomain = ' | ||
+ | $MYHOME = '/ | ||
+ | $TEMPBASE = " | ||
+ | $ENV{TMPDIR} = $TEMPBASE; | ||
+ | $QUARANTINEDIR = "/ | ||
+ | $db_home | ||
+ | $helpers_home = " | ||
+ | $lock_file = " | ||
+ | $pid_file | ||
+ | $log_level = 3; # verbosity 0..5, -d | ||
+ | $log_recip_templ = undef; | ||
+ | $DO_SYSLOG = 1; # log via syslogd (preferred) | ||
+ | $syslog_facility = ' | ||
+ | # e.g.: mail, daemon, user, local0, ... local7 | ||
+ | $syslog_priority = ' | ||
+ | # choose from: emerg, alert, crit, err, warning, notice, info, debug | ||
+ | $enable_db = 1; # enable use of BerkeleyDB/ | ||
+ | $enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1 | ||
+ | $nanny_details_level = 2; # nanny verbosity: 1: traditional, | ||
+ | $enable_dkim_verification = 1; # enable DKIM signatures verification | ||
+ | $enable_dkim_signing = 1; # load DKIM signing code, keys defined by dkim_key | ||
+ | @local_domains_maps = ( [" | ||
+ | @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 | ||
+ | 10.0.0.0/8 172.16.0.0/ | ||
+ | $unix_socketname = " | ||
+ | # option(s) -p overrides $inet_socket_port and $unix_socketname | ||
+ | $inet_socket_port = 10024; | ||
+ | $policy_bank{' | ||
+ | originating => 1, # is true in MYNETS by default, but let's make it explicit | ||
+ | os_fingerprint_method => undef, | ||
+ | }; | ||
+ | $interface_policy{' | ||
+ | $policy_bank{' | ||
+ | originating => 1, # declare that mail was submitted by our smtp client | ||
+ | allow_disclaimers => 1, # enables disclaimer insertion if available | ||
+ | # notify administrator of locally originating malware | ||
+ | virus_admin_maps => [" | ||
+ | spam_admin_maps | ||
+ | warnbadhsender | ||
+ | # forward to a smtpd service providing DKIM signing service | ||
+ | forward_method => ' | ||
+ | # force MTA conversion to 7-bit (e.g. before DKIM signing) | ||
+ | smtpd_discard_ehlo_keywords => [' | ||
+ | bypass_banned_checks_maps => [1], # allow sending any file names and types | ||
+ | terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option | ||
+ | }; | ||
+ | $interface_policy{' | ||
+ | $policy_bank{' | ||
+ | protocol => ' | ||
+ | auth_required_release => 0, # do not require secret_id for amavisd-release | ||
+ | }; | ||
+ | $sa_tag_level_deflt | ||
+ | $sa_tag2_level_deflt = 6.31; # add 'spam detected' | ||
+ | $sa_kill_level_deflt = 6.31; # triggers spam evasive actions (e.g. blocks mail) | ||
+ | $sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent | ||
+ | $sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From | ||
+ | $penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database) | ||
+ | $penpals_threshold_high = $sa_kill_level_deflt; | ||
+ | $bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces | ||
+ | $sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger | ||
+ | $sa_local_tests_only = 0; # only tests which do not require internet access? | ||
+ | $virus_admin | ||
+ | $mailfrom_notify_admin | ||
+ | $mailfrom_notify_recip | ||
+ | $mailfrom_notify_spamadmin = " | ||
+ | $mailfrom_to_quarantine = ''; | ||
+ | @addr_extension_virus_maps | ||
+ | @addr_extension_banned_maps | ||
+ | @addr_extension_spam_maps | ||
+ | @addr_extension_bad_header_maps = (' | ||
+ | $path = '/ | ||
+ | $MAXLEVELS = 14; | ||
+ | $MAXFILES = 1500; | ||
+ | $MIN_EXPANSION_QUOTA = 100*1024; | ||
+ | $MAX_EXPANSION_QUOTA = 300*1024*1024; | ||
+ | $sa_spam_subject_tag = ' | ||
+ | $defang_virus | ||
+ | $defang_banned = 1; # MIME-wrap passed mail containing banned name | ||
+ | $defang_by_ccat{+CC_BADH.", | ||
+ | $defang_by_ccat{+CC_BADH.", | ||
+ | $defang_by_ccat{+CC_BADH.", | ||
+ | $final_virus_destiny | ||
+ | $final_banned_destiny | ||
+ | $final_spam_destiny | ||
+ | $virus_quarantine_to = undef; | ||
+ | $banned_quarantine_to = undef; | ||
+ | $spam_quarantine_to = undef; | ||
+ | $bad_header_quarantine_to = undef; | ||
+ | @keep_decoded_original_maps = (new_RE( | ||
+ | qr' | ||
+ | qr' | ||
+ | qr' | ||
+ | )); | ||
+ | $banned_filename_re = new_RE( | ||
+ | qr' | ||
+ | [ qr' | ||
+ | qr' | ||
+ | qr' | ||
+ | qr' | ||
+ | qr' | ||
+ | # block certain double extensions in filenames | ||
+ | qr' | ||
+ | qr' | ||
+ | ); | ||
+ | @score_sender_maps = ({ # a by-recipient hash lookup table, | ||
+ | # results from all matching recipient tables are summed | ||
+ | ## site-wide opinions about senders (the ' | ||
+ | ' | ||
+ | | ||
+ | [qr' | ||
+ | [qr' | ||
+ | [qr' | ||
+ | [qr' | ||
+ | [qr' | ||
+ | [qr' | ||
+ | [qr' | ||
+ | ), | ||
+ | { # a hash-type lookup table (associative array) | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | | ||
+ | | ||
+ | # soft-blacklisting (positive score) | ||
+ | ' | ||
+ | ' | ||
+ | }, | ||
+ | ], # end of site-wide tables | ||
+ | }); | ||
+ | @decoders = ( | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | [' | ||
+ | ); | ||
+ | @av_scanners = ( | ||
+ | [' | ||
+ | \& | ||
+ | qr/\bOK$/m, qr/ | ||
+ | qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], | ||
+ | ### http:// | ||
+ | [' | ||
+ | ['/ | ||
+ | '/ | ||
+ | '-p / | ||
+ | [0,3,6,8], qr/ | ||
+ | qr/ | ||
+ | ], | ||
+ | # NOTE: one may prefer [0], | ||
+ | # currupted or protected archives are to be handled | ||
+ | ### http:// | ||
+ | [' | ||
+ | '-* -P -B -Y -O- {}', [0,3,6,8], [2, | ||
+ | qr/ | ||
+ | sub {chdir('/ | ||
+ | sub {chdir($TEMPBASE) or die " | ||
+ | ], | ||
+ | ### The kavdaemon and AVPDaemonClient have been removed from Kasperky | ||
+ | ### products and replaced by aveserver and aveclient | ||
+ | [' | ||
+ | [ '/ | ||
+ | '/ | ||
+ | '/ | ||
+ | '/ | ||
+ | " | ||
+ | # change the startup-script in / | ||
+ | # | ||
+ | # (or perhaps: | ||
+ | # adjusting /var/amavis above to match your $TEMPBASE. | ||
+ | # The ' | ||
+ | # can find, read, and write its pid file, etc., see 'man kavdaemon' | ||
+ | # defUnix.prf: | ||
+ | # | ||
+ | # cd / | ||
+ | # cp AvpDaemonClient /opt/AVP/ | ||
+ | # su - vscan -c " | ||
+ | ### http:// | ||
+ | [' | ||
+ | [' | ||
+ | "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ". | ||
+ | " | ||
+ | [0,3], [1,2,5], | ||
+ | qr/(?x)^\s* (?: | ||
+ | # Adjust the path of the binary and the virus database as needed. | ||
+ | # ' | ||
+ | # the quarantine directory, and the quarantine option can not be disabled. | ||
+ | # If $QUARANTINEDIR is not used, then another directory must be specified | ||
+ | # to appease ' | ||
+ | # protected files are to be considered infected. | ||
+ | ### http:// | ||
+ | ### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus | ||
+ | [' | ||
+ | ' | ||
+ | qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | | ||
+ | (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s' | ||
+ | # NOTE: if you only have a demo version, remove -z and add 214, as in: | ||
+ | # ' | ||
+ | ### http:// | ||
+ | [' | ||
+ | '-all -archive -packed {}', [50], [51,52,53], | ||
+ | qr/ | ||
+ | ### http:// | ||
+ | [' | ||
+ | ' | ||
+ | qr/^Files Infected: | ||
+ | qr/ | ||
+ | ### http:// | ||
+ | [' | ||
+ | ' | ||
+ | [0], qr/ | ||
+ | qr/ | ||
+ | # NOTE: check options and patterns to see which entry better applies | ||
+ | ### http:// | ||
+ | | ||
+ | ['/ | ||
+ | ' | ||
+ | ' | ||
+ | qr/ | ||
+ | # NOTE: internal archive handling may be switched off by ' | ||
+ | # to prevent fsav from exiting with status 9 on broken archives | ||
+ | ['CAI InoculateIT', | ||
+ | '-sec -nex {}', [0], [100], | ||
+ | qr/was infected by virus (.+)/m ], | ||
+ | # see: http:// | ||
+ | ### http:// | ||
+ | ['CAI eTrust Antivirus', | ||
+ | '-arc -nex -spm h {}', [0], [101], | ||
+ | qr/is infected by virus: (.+)/m ], | ||
+ | # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer | ||
+ | # see http:// | ||
+ | ### http:// | ||
+ | [' | ||
+ | '-s {}/*', [0], [1,2], | ||
+ | qr/--[ \t]*(.+)/m ], | ||
+ | ### http:// | ||
+ | [' | ||
+ | '-s -q {}', [0], [1..7], | ||
+ | qr/^... (\S+)/m ], | ||
+ | ### http:// | ||
+ | ['ESET Software ESETS Command Line Interface', | ||
+ | ['/ | ||
+ | ' | ||
+ | qr/: | ||
+ | ## http:// | ||
+ | ['ESET NOD32 for Linux File servers', | ||
+ | ['/ | ||
+ | ' | ||
+ | '-w -a --action=1 -b {}', | ||
+ | [0], [1,10], qr/ | ||
+ | ### http:// | ||
+ | [' | ||
+ | '-c -l:0 -s -u -temp: | ||
+ | qr/(?i).* virus in .* -> \' | ||
+ | ### http:// | ||
+ | [' | ||
+ | ['/ | ||
+ | '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}', | ||
+ | qr/Number of files infected[ .]*: 0+(?!\d)/m, | ||
+ | qr/Number of files infected[ .]*: 0*[1-9]/m, | ||
+ | qr/Found virus :\s*(\S+)/m ], | ||
+ | # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr' | ||
+ | # before starting amavisd - the bases are then loaded only once at startup. | ||
+ | # To reload bases in a signature update script: | ||
+ | # / | ||
+ | # Please review other options of pavcl, for example: | ||
+ | # -nomalw, -nojoke, -nodial, -nohackt, -nospyw, -nocookies | ||
+ | ### http:// | ||
+ | ['NAI McAfee AntiVirus (uvscan)', | ||
+ | ' | ||
+ | qr/(?x) Found (?: | ||
+ | \ the\ (.+)\ (?: | ||
+ | \ (?: | ||
+ | :\ (.+)\ NOT\ a\ virus)/m, | ||
+ | # sub {$ENV{LD_PRELOAD}='/ | ||
+ | # sub {delete $ENV{LD_PRELOAD}}, | ||
+ | ], | ||
+ | # NOTE1: with RH9: force the dynamic linker to look at / | ||
+ | # anything else by setting environment variable LD_PRELOAD=/ | ||
+ | # and then clear it when finished to avoid confusing anything else. | ||
+ | # NOTE2: to treat encrypted files as viruses replace the [13] with: | ||
+ | # qr/ | ||
+ | ### http:// | ||
+ | [' | ||
+ | "{} -ss -i ' | ||
+ | qr/: ' | ||
+ | # VirusBuster Ltd. does not support the daemon version for the workstation | ||
+ | # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of | ||
+ | # binaries, some parameters AND return codes have changed (from 3 to 1). | ||
+ | # See also the new Vexira entry ' | ||
+ | ### http:// | ||
+ | [' | ||
+ | ' | ||
+ | # sub {$ENV{VSTK_HOME}='/ | ||
+ | ], | ||
+ | ### http:// | ||
+ | [' | ||
+ | '-a -i -n -t=A {}', [0], [1], qr/ | ||
+ | ### http:// | ||
+ | [' | ||
+ | ' | ||
+ | ### http:// | ||
+ | [' | ||
+ | ' | ||
+ | qr/ | ||
+ | qr/ | ||
+ | ### http:// | ||
+ | [' | ||
+ | '--arc --mail {}', qr/ | ||
+ | qr/ | ||
+ | qr/ | ||
+ | # consider also: --all --nowarn --alev=15 --flev=15. | ||
+ | # not apply to your version of bdc, check documentation and see 'bdc --help' | ||
+ | ### ArcaVir for Linux and Unix http:// | ||
+ | [' | ||
+ | '-v 1 -summary 0 -s {}', [0], [1,2], | ||
+ | qr/ | ||
+ | ); | ||
+ | @av_scanners_backup = ( | ||
+ | ### http:// | ||
+ | [' | ||
+ | " | ||
+ | [0], qr/: | ||
+ | ### http:// | ||
+ | [' | ||
+ | ' | ||
+ | [0, | ||
+ | qr/ | ||
+ | ### http:// | ||
+ | [' | ||
+ | '-dumb -archive -packed {}', [0,8], [3, | ||
+ | qr/ | ||
+ | ### http:// | ||
+ | [' | ||
+ | '-za -a {}', [0], qr/Found virus/m, qr/Found virus (.+) in/m ], | ||
+ | ### http:// | ||
+ | [' | ||
+ | ['/ | ||
+ | ' | ||
+ | [0,32], [1,9,33], qr' infected (?: | ||
+ | ### http:// | ||
+ | | ||
+ | | ||
+ | '/ | ||
+ | '/ | ||
+ | ' | ||
+ | | ||
+ | ], | ||
+ | ); | ||
+ | 1; # insure a defined return value </ | ||
+ | |||
+ | ===== erster Programmstart ===== | ||
+ | Nun ist es an der Zeit unseren //**A** **MA**il **Vi**rus **S**canner// | ||
+ | # service amavisd start | ||
+ | Mail Virus Scanner (amavisd) starten: | ||
+ | Im **/ | ||
+ | < | ||
+ | Jul 14 19:58:46 nss amavis[16065]: | ||
+ | Jul 14 19:58:46 nss amavis[16065]: | ||
+ | Jul 14 19:58:47 nss amavis[16065]: | ||
+ | Jul 14 19:58:47 nss amavis[16065]: | ||
+ | try::Fast Image::Info Image:: | ||
+ | A Mail:: | ||
+ | il:: | ||
+ | et_n2dx auto:: | ||
+ | Jul 14 19:58:47 nss amavis[16065]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:47 nss amavis[16106]: | ||
+ | Jul 14 19:58:49 nss amavis[16106]: | ||
+ | geInfo, MIMEEval, MIMEHeader, Pyzor, Razor2, RelayEval, ReplaceTags, | ||
+ | Jul 14 19:58:49 nss amavis[16106]: | ||
+ | Jul 14 19:58:49 nss amavis[16106]: | ||
+ | dkim_verification to 1, or explicitly disable it by setting it to 0 to quench down this warning. | ||
+ | Jul 14 19:58:49 nss amavis[16130]: | ||
+ | Jul 14 19:58:49 nss amavis[16131]: | ||
+ | Jul 14 19:58:49 nss amavis[16132]: | ||
+ | Jul 14 19:58:49 nss amavis[16133]: | ||
+ | Über den Port **10024** sollte nun unser daemon ansprechbar sein. Was wir auch sehr einfach mittels **lsof** überprüfen können: | ||
+ | < | ||
+ | COMMAND | ||
+ | amavisd 29499 amavis | ||
+ | amavisd 29501 amavis | ||
+ | amavisd 29502 amavis | ||
+ | Via **telnet localhost 10024** können wir uns nun zum virusscanner-daemon verbinden. | ||
+ | < | ||
+ | Trying 127.0.0.1... | ||
+ | Connected to localhost.localdomain (127.0.0.1). | ||
+ | Escape character is ' | ||
+ | 220 [127.0.0.1] ESMTP amavisd-new service ready | ||
+ | quit | ||
+ | 221 2.0.0 [127.0.0.1] amavisd-new closing transmission channel | ||
+ | Connection closed by foreign host. | ||
+ | </ | ||
+ | |||
+ | ===== automatisches Starten des Dienste beim Systemstart ===== | ||
+ | Damit nun unser AMaViS-Server beim Booten automatisch gestartet wird, nehmen wir noch folgende Konfigurationsschritte vor. | ||
+ | < | ||
+ | Anschließend überprüfen wir noch unsere Änderung: | ||
+ | < | ||
+ | amavisd | ||
+ | ===== Postfix ===== | ||
+ | ==== Konfiguration ==== | ||
+ | Wie schon beim Punkt **// | ||
+ | \\ | ||
+ | Diese Ergänzungen definieren wir in der **vim / | ||
+ | < | ||
+ | |||
+ | # | ||
+ | # Postfix master process configuration file. For details on the format | ||
+ | # of the file, see the master(5) manual page (command: "man 5 master" | ||
+ | # | ||
+ | # ========================================================================== | ||
+ | # service | ||
+ | # | ||
+ | # ========================================================================== | ||
+ | smtp inet n | ||
+ | -o smtpd_proxy_filter=localhost: | ||
+ | -o content_filter= | ||
+ | localhost: | ||
+ | -o content_filter= | ||
+ | -o smtpd_proxy_filter= | ||
+ | -o smtpd_authorized_xforward_hosts=127.0.0.0/ | ||
+ | -o smtp_client_restrictions= | ||
+ | -o smtp_helo_restrictions= | ||
+ | -o smtp_sender_restrictions= | ||
+ | -o smtpd_recipient_restrictions=permit_mynetworks, | ||
+ | -o smtp_data_restrictions= | ||
+ | -o mynetworks=127.0.0.0/ | ||
+ | -o receive_override_options=no_unknown_recipient_checks</ | ||
+ | ==== Neustart ==== | ||
+ | Zur aktivierung unserer Änderung starten wir unseren Mailserver einmal durch: | ||
+ | < | ||
+ | Postfix beenden: | ||
+ | Postfix starten: | ||
+ | ==== Test ==== | ||
+ | Über den Port **10024** sollte nun unser daemon ansprechbar sein. Was wir auch sehr einfach mittels **lsof** überprüfen können: | ||
+ | < | ||
+ | COMMAND | ||
+ | master | ||
+ | smtpd 28242 postfix | ||
+ | Von der Konsole aus testen wir nun den Zugang über Port**25**: | ||
+ | < | ||
+ | |||
+ | Trying 127.0.0.1... | ||
+ | Connected to localhost.localdomain (127.0.0.1). | ||
+ | Escape character is ' | ||
+ | 220 mx1.nausch.org ESMTP Postfix | ||
+ | quit | ||
+ | 221 2.0.0 Bye | ||
+ | Connection closed by foreign host.</ | ||
+ | Für den zweiten Port **10025** machen wir auch noch den gleichen Test. | ||
+ | < | ||
+ | COMMAND | ||
+ | master | ||
+ | smtpd 28248 postfix | ||
+ | Auch hier prüfen wir via telnet, ob unser Postfix auf Anfragen auf Port **10025** reagiert. | ||
+ | < | ||
+ | |||
+ | Trying 127.0.0.1... | ||
+ | Connected to localhost.localdomain (127.0.0.1). | ||
+ | Escape character is ' | ||
+ | 220 mx1.nausch.org ESMTP Postfix | ||
+ | quit | ||
+ | 221 2.0.0 Bye | ||
+ | Connection closed by foreign host. | ||
+ | </ | ||
+ | ===== RAM-Disk für AMaViS ===== | ||
+ | Da sich bei entsprechenden Trafic die Zugriffe auf die Harddisk ungünstig auf die Performance auswirkt, legen wir eine RAM-Disk für den Virenscanner an. Dort kann er dann die Attachments ablegen und entpacken.\\ | ||
+ | \\ | ||
+ | Wir legen uns eine 250 MB große RAM-Disk an: | ||
+ | vim /etc/fstab | ||
+ | / | ||
+ | Anschließend mounten wir unser neues Laufwerk mit | ||
+ | mount / | ||
+ | Je nach Belastung werden nun in unserem Arbeitsverzeichnis die Daten abgelegt | ||
+ | df -h -t tmpfs | ||
+ | | ||
+ | / | ||
+ | |||
+ | ~~DISCUSSION~~ |