<邮件的反垃圾反病毒>，邮件反垃圾病毒

<邮件的反垃圾反病毒>，邮件反垃圾病毒

本章——发送接收邮件的工具为雷鸟

 

安装

# yum install dovecot-mysql.x86_64 dovecot.x86_64 -y

编辑文件

vim 10-mail.conf

mail_location = maildir:/home/vmail/%d/%n/Maildir/ first_valid_uid = 800

开启

!include auth-sql.conf.ext

# vim auth-sql.conf.ext

文件提示让找 args = /etc/dovecot/dovecot-sql.conf.ext  但/etc/dovecot目录下没有这个文件。

提示可以参考模板： # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext

/usr/share/doc/dovecot-2.0.9/example-config cp dovecot-sql.conf.ext /etc/dovecot/

 

# vim dovecot-sql.conf.ext　　//主要修改以下几行

driver = mysql

connect = host=localhost dbname=extmail user=extmail password=extmail

default_pass_scheme = PLAIN

password_query = \   SELECT username, domain, password \   FROM mailbox WHERE username = '%u'

user_query = SELECT maildir, 800 AS uid, 800 AS gid FROM mailbox WHERE username = '%u'

重启dovecot服务 测试豆腐块是否成功：

# telnet localhost 110

user redhat@extmail.org pass redhat

豆腐块SASL认证

首先查看下帮助文档，怎么安装豆腐块的SASl认证库。

cd /usr/share/doc/postfix-2.6.6/README_FILES

# less SASL_README

查看postfix的参数信息 postconf -d | grep smtpd_sasl

将其写入main.cf postfix的主配置文件

postconf -e smtpd_sasl_auth_enable=yes

postconf -e smtpd_sasl_authenticated_header=yes

查看SASL加密那些认证。

postconf -d | grep smtpd_recipient

postconf -e "smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, permit_sasl_authenticated"

smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, permit_sasl_authenticated

开启SASL认证/认证头。

smtpd_sasl_auth_enable = yes

smtpd_sasl_authenticated_header = yes

系统默认的帮助文档做的不怎么好，自己找个包看。

postfix-2.10.2.tar.gz

tar zxf postfix-2.10.2.tar.gz cd postfix-2.10.2

less SASL_README

vim /etc/sasl2/smtpd.conf

pwcheck_method: auxprop

auxprop_plugin: sql

mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM

sql_engine: mysql

sql_hostnames: 127.0.0.1

sql_user: extmail

sql_passwd: extmail

sql_database: extmail sql_select: SELECT

password FROM mailbox WHERE username = '%u@%r'

yum list cyrus-sasl*

rpm -ivh cyrus-sasl-sql-2.1.23-13.el6_3.1.x86_64.rpm

yum install cyrus-sasl-md5.x86_64 cyrus-sasl-devel.x86_64  cyrus-sasl-plain.x86_64 -y

 

认证

postconf -d | grep smtpd_tls  //查找下tls认证的项，写入postfix主文件

postconf -e smtpd_tls_security_level=encrypt cd /etc/pki/tls/certs/ make postfix.pem

postconf -e smtpd_tls_cert_file=/etc/pki/tls/certs/postfix.pem

postconf -e smtpd_tls_received_header=yes

postconf -e "smtpd_tls_session_cache_database=btree:/var/lib/postfix/smtpd_scache"

postconf -e smtpd_tls_auth_only=yes /etc/init.d/postfix restart /etc/init.d/clamd start

 

 

 

 邮件的反垃圾反病毒

yum install spamassassin -y cd /usr/share/spamassassin/

yum localinstall clam* -y

 下载病毒库

# rm -rf virusdb/ # chown clamav.clamav *

# yum install -y rpm-build

# ./install.sh

# vim MailScanner.conf　　//下面的为这个库要修改的选项参数

Incoming Queue Dir = /var/spool/postfix/hold

Outgoing Queue Dir = /var/spool/postfix/incoming Run As User = postfix Run As Group = postfix MTA = postfix

Incoming Work Group = clamav

Incoming Work Permissions = 0640

Virus Scanners = clamd

Monitors for ClamAV Updates = /var/clamav/*.cld /var/clamav/*.cvd

# rpm -ql clamd

# cd /var/run/clamav/ clamd.pid clamd.sock 

Clamd Socket = /var/run/clamav/clamd.sock

Always Include SpamAssassin Report = yes

SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

Spam Actions = delete High Scoring Spam Actions = delete

[root@vm1 MailScanner]# mkdir spamassassin

# chown -R postfix.clamav .

# cd /etc/postfix/

# vim main.cf

把下面的#去掉

header_checks = regexp:/etc/postfix/header_checks

# vim header_checks　　低行下入 /^Received:/    HOLD

下面是检测语法时 的报错，和解决方案

MailScanner –lint

报错解决方案：

ERROR: The "envelope_sender_header" in your spam.assassin.prefs.conf ERROR: is not correct, it should match X-yoursite-MailScanner-From

# cd /etc/MailScanner/

envelope_sender_header X-yoursite-MailScanner-From

报错： config: failed to parse line, skipping, in "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0

注释掉此行 #use_auto_whitelist 0

报错： Unrar is not installed, it should be in /usr/bin/unrar. This is required for RAR archives to be read to check filenames and filetypes. Virus scanning is not affected.

安装软件包 unrar-4.2.4-1.el6.x86_64.rpm

[root@vm1 MailScanner]# /etc/init.d/postfix status master is stopped

[root@vm1 MailScanner]# /etc/init.d/MailScanner start

Starting MailScanner daemons:          incoming postfix:                                 [  OK  ]          outgoing postfix:                                 [  OK  ]          MailScanner:                                      [  OK  ]

[root@vm1 MailScanner]# /etc/init.d/postfix

status master (pid  10891) is running...

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

邮件反病毒：是指监控日常的来往邮件，如发现有病毒，会及时查杀！

反垃圾邮件：是指控制垃圾邮件发送到你的邮箱中。保持你收到的均是正常来往邮件。

两样功能目的不同，指向也不同！

在设置项目里面均有详细的说明，你多研究一下就会明白的！

在卡巴的官方论坛里有一些关于软件的优化设置，当然如果你的电脑配置不算太差的话，一般默认设置就可以了。
 

TurboMail邮件系统的反垃圾功能，是采取九层发反垃圾引擎，反垃圾效果高达96%以上，内置著名的开源杀毒引擎ClamAV，对邮件类病毒具有99.9%的杀灭能力，同时支持嵌入式杀毒和网关杀毒自动定时更新病毒特征库。