个人工具
登录
查看“UbuntuHelp:PostfixAmavisNew”的源代码 - Ubuntu中文
UbuntuHelp
讨论
查看源代码
历史
搜索
导航
首页
最近更改
随机页面
页面分类
帮助
编辑
编辑指南
沙盒
新闻动态
字词处理
工具
链入页面
相关更改
特殊页面
页面信息
查看“UbuntuHelp:PostfixAmavisNew”的源代码
来自Ubuntu中文
←
UbuntuHelp:PostfixAmavisNew
跳转至:
导航
,
搜索
因为以下原因,你没有权限编辑本页:
您所请求的操作仅限于该用户组的用户使用:
用户
您可以查看与复制此页面的源代码。
{{From|https://help.ubuntu.com/community/PostfixAmavisNew}} {{Languages|UbuntuHelp:PostfixAmavisNew}} == Introduction == In this howto, Postfix integration with amavis-new will be presented. Amavis-new is a wrapper that can call any number of content filtering programs for spam detection, antivirus, etc. In this howto, integration with Spamassassin and Clamav will be presented. This is a classical installation of Postfix + Amavis-new + Spamassassin + Clamav. Please note that the packages <code><nowiki>amavisd-new</nowiki></code>, <code><nowiki>clamav</nowiki></code>, <code><nowiki>spamassassin</nowiki></code> are part of the [[UbuntuHelp:UniversePackages]]. That means they will not receive security support from Canonical. You have been warned. == Prerequisite == You should have a functional Postfix server installed. If this is not the case, follow the [[UbuntuHelp:Postfix]] guide. == Installation == Activate Universe and Multiverse repositories. Just follow this howto: [[UbuntuHelp:AddingRepositoriesHowto]]. We explain why Universe is needed in the introduction; multiverse will be necessary for some compress/uncompress utils. To begin, install (see [[UbuntuHelp:InstallingSoftware|InstallingSoftware]]) the following packages: <pre><nowiki> sudo apt-get install amavisd-new spamassassin clamav-daemon </nowiki></pre> Install the optional packages for better spam detection (who does not want better spam detection?): <pre><nowiki> sudo apt-get install libnet-dns-perl libmail-spf-query-perl pyzor razor </nowiki></pre> Install some compress/uncompress utils. Install the following packages: <pre><nowiki> sudo apt-get install arj bzip2 cabextract cpio file gzip lha nomarch pax rar unrar unzip unzoo zip zoo </nowiki></pre> == Configuration == === Clamav === The default behaviour of Clamav will fit our needs. A daemon is launched (clamd) and signatures are fetched every day. For more Clamav configuration options, check the configuration files in <code><nowiki>/etc/clamav</nowiki></code>. Add <code><nowiki>clamav</nowiki></code> user to the <code><nowiki>amavis</nowiki></code> group and vice versa in order for Clamav to have access to scan files: <pre><nowiki> sudo adduser clamav amavis sudo adduser amavis clamav </nowiki></pre> === Spamassassin === Spamasssassin autodetects optional components and will use them if they are present. This means that there is no need to configure <code><nowiki>dcc-client</nowiki></code>, <code><nowiki>pyzor</nowiki></code> and <code><nowiki>razor</nowiki></code>. The fine tuning of Spamassassin rules is beyond the scope of this guide. Please refer to the [[UbuntuHelp:Spamassassin]] page. Edit <code><nowiki>/etc/default/spamassassin</nowiki></code> to activate the Spamassassin daemon change ''ENABLED=0'' to: <pre><nowiki> ENABLED=1 </nowiki></pre> Now start Spamassassin: <pre><nowiki> sudo /etc/init.d/spamassassin start </nowiki></pre> === Amavis === First, activate spam and antivirus detection in Amavis by editing <code><nowiki>/etc/amavis/conf.d/15-content_filter_mode</nowiki></code>: <pre><nowiki> use strict; # You can modify this file to re-enable SPAM checking through spamassassin # and to re-enable antivirus checking. # # Default antivirus checking mode # Uncomment the two lines below to enable it # @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); # # Default SPAM checking mode # Uncomment the two lines below to enable it # @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); 1; # insure a defined return </nowiki></pre> Bouncing spam can be a bad idea as the return address is often faked, so it may have your server put on a blacklist. Consider editing <code><nowiki>/etc/amavis/conf.d/20-debian_defaults</nowiki></code> to set $final_spam_destiny to D_DISCARD rather than D_BOUNCE, as follows: <pre><nowiki> $final_spam_destiny = D_DISCARD; </nowiki></pre> After configuration Amavis needs to be restarted: <pre><nowiki> sudo /etc/init.d/amavis restart </nowiki></pre> === Postfix integration === For postfix integration, you need to add the <code><nowiki>content_filter</nowiki></code> configuration variable to the Postfix configuration file <code><nowiki>/etc/postfix/main.cf</nowiki></code>. This instructs postfix to pass messages to amavis at a given IP address and port: <pre><nowiki> content_filter = smtp-amavis:[127.0.0.1]:10024 </nowiki></pre> The following <code><nowiki>postconf</nowiki></code> command, run as root because of the preceding <code><nowiki>sudo</nowiki></code> command, adds the <code><nowiki>content_filter</nowiki></code> specification line above to <code><nowiki>main.cf</nowiki></code>: <pre><nowiki> sudo postconf -e "content_filter = smtp-amavis:[127.0.0.1]:10024" </nowiki></pre> Alternatively, you can manually edit <code><nowiki>main.cf</nowiki></code> yourself to add the <code><nowiki>content_filter</nowiki></code> line. Next edit <code><nowiki>/etc/postfix/master.cf</nowiki></code> and add the following to the end of the file: <pre><nowiki> smtp-amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks </nowiki></pre> Also add the following two lines immediately below the "pickup" transport service: <pre><nowiki> -o content_filter= -o receive_override_options=no_header_body_checks </nowiki></pre> This will prevent messages that are generated to report on spam from being classified as spam. More information can be found from [http://www.ijs.si/software/amavisd/README.postfix.txt "README.postfix from amavisd-new"] and [http://www200.pair.com/mecham/spam/spamfilter20060701.html "D.J.Fan"] Reload postfix: <pre><nowiki> sudo /etc/init.d/postfix reload </nowiki></pre> Now content filtering with spam and virus detection is enabled. == Test == First, test that the amavis SMTP is listening: <pre><nowiki> telnet localhost 10024 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 [127.0.0.1] ESMTP amavisd-new service ready ^] </nowiki></pre> Check on your <code><nowiki>/var/log/mail.log</nowiki></code> that everything goes well. If you raise the log level, you can check every step of the content filtering: spam check, virus check, etc. Don't forget to lower the log level after your checks! On messages that go through the content filter you should see: <pre><nowiki> X-Spam-Level: X-Virus-Scanned: Debian amavisd-new at example.com X-Spam-Status: No, hits=-2.3 tagged_above=-1000.0 required=5.0 tests=AWL, BAYES_00 X-Spam-Level: </nowiki></pre> == Troubleshooting == If the filtering is not happening, adding the following to <code><nowiki>/etc/amavis/conf.d/50-user</nowiki></code> may help: <pre><nowiki> @local_domains_acl = ( ".$mydomain" ); </nowiki></pre> If you receive mail for other domains, add them to the list. This information was obtained from the Amavis-New FAQ [http://www.ijs.si/software/amavisd/#faq-spam here]. If you see the following error in /var/log/syslog when amavisd is trying to scan a message: <code><nowiki>amavis[30807]: (30807-01) (!!) ask_av (ClamAV-clamd) FAILED - unexpected result: /var/lib/amavis/tmp/amavis-20070615T125025-30807/parts: lstat() failed. ERROR\n</nowiki></code> Try changing the permissions on <code><nowiki>/var/lib/amavis/tmp</nowiki></code>: <pre><nowiki> chmod -R 775 /var/lib/amavis/tmp </nowiki></pre> Another way to trouble shoot errors associated with Amavisd-new, Spamassassin, Postfix, or Clamav is to restart all the services with Amavisd-new being the last one to start: <pre><nowiki> sudo /etc/init.d/postfix restart sudo /etc/init.d/spamassassin restart sudo /etc/init.d/clamav-daemon restart sudo /etc/init.d/amavis restart </nowiki></pre> Then check <code><nowiki>/var/log/mail.log</nowiki></code> and see if the error has gone away. <<BR>> '''Note:''' This guide has been tested on Ubuntu 7.10 (Gutsy Gibbon). ---- [[category:CategoryDocumentation]] [[category:UbuntuHelp]]
该页面使用的模板:
模板:From
(
查看源代码
)
模板:Languages
(
查看源代码
)(受保护)
模板:Languages/Lang
(
查看源代码
)(受保护)
返回至
UbuntuHelp:PostfixAmavisNew
。