“UbuntuHelp:PostfixAmavisNewClamAVSpamAssassin”的版本间的差异

2007年11月30日 (五) 21:05的版本

文章出处:

https://help.ubuntu.com/community/PostfixAmavisNewClamAVSpamAssassin

点击翻译:

English

请不要直接编辑翻译本页，本页将定期与来源同步。

IN PROGRESS

Introduction

This will detail setting up a complete mail server using the following: Ubuntu 5.10, Postfix, Courier, Amavis-new, ClamAV and SpamAssassin. The end result will send & receive email using sasl authentication, check incoming email vs the spamhaus.org known spammer list (optional), filter all incoming email through amavis-new which will then run virus scanning & also check for spam. If viruses are found the email is dumped, if spam is found the subject is relabeled '***SPAM***'. Postmaster is notified of both for monitoring & updating of rules. A related article is on UbuntuHelp:Courier, a more detailed guide by Ivar Abrahamsen on flurdy.com.

Prerequisite

You must be comfortable on the command line & have a reasonable knowledge of the OS in order to accomplish this. This is not for the faint of heart. It is required to activate Universe and Multiverse repositories. Just follow this howto: UbuntuHelp:AddingRepositoriesHowto.

Installation

For beginning, install the main components of the mail system:

sudo apt-get install postfix libsasl2 sasl2-bin libsasl2-modules libdb3-util procmail courier-authdaemon courier-imap courier-imap-ssl courier-pop courier-pop-ssl

Next install the filtering packages:

sudo apt-get install amavisd-new spamassassin clamav-daemon clamav-freshclam

Install the optional packages for increased spam protection:

sudo apt-get install libnet-dns-perl libmail-spf-query-perl pyzor razor

Install some compress/uncompress utils (this allows the filters to scan compressed archives)

sudo apt-get install file arc gzip bzip2 cabextract zip unzip unrar-free cpio tar zoo arj lzop nomarch pax unzoo

Configuration

courier

Courier comes fully configured out of the box. You should setup the Maildirs for the default user and in your existing folders. To do that, read here: Courier. Login to your local IMAP server may not work for uses that don't have a Maildir in their home folder. The very abbreviated approach of creating a Maildir is:

cd ~
maildirmake Maildir

Note: if you already have a maildir, maildirmake should abort and say: maildirmake: File exists

postfix

Postfix will need a little bit of tweaking before we're done. We'll want to use relay_host to relay outgoing mail through your ISP account (otherwise we'll get a lot of denied outgoing email) and also setup some authentication. The last thing we want is to setup an open mail relay for use by spammers! Append the follwing to /etc/postfix/main.cf (relayhost definition should match your ISP smtp settings. Contact them for specifics)

# Relay mail thru ISP
relayhost = mail.your-isp.com
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

Create /etc/postfix/sasl_passwd and add your ISP account information. Example: (this should be the same login information you use to check your ISP email)

mail.your-isp.com username:password

clamav

The default behaviour of clamav will fit our needs. A daemon is launched (clamd) and signatures are fetch every day. If you want to use clamav for mail filtering, check the configuration files in /etc/clamav. Add clamav user in amavis in order clamav can access files:

sudo useradd clamav --gid amavis

amavis

Now, activate spam detection and antivirus detection in amavis by editing /etc/amavis/conf.d/15-content_filter_mode:

use strict;
# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.
#
# Default antivirus checking mode
# Uncomment the two lines below to enable it back
#
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
#
# Default SPAM checking mode
# Uncomment the two lines below to enable it back
#
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
1;  # insure a defined return

spamassassin

Spamasssassin will automagically scan for optional components and use them if available. A few of these, which we will use, are the dcc-client, pyzor and razor. These will not need to be configured. Edit /etc/default/spamassassin to activate the daemon: Edit the following line from ENABLED=0 TO ENABLED=1.

# Change to one to enable spamd
ENABLED=1

Postfix integration

For postfix integration, you only need to add in /etc/postfix/main.cf the following line:

content_filter=smtp-amavis:[127.0.0.1]:10024

Also edit /etc/postfix/master.cf, adding this at the bottom:

smtp-amavis	unix	-	-	-	-	2	smtp
	-o smtp_data_done_timeout=1200
	-o smtp_send_xforward_command=yes
	-o disable_dns_lookups=yes
	-o max_use=20
127.0.0.1:10025	inet	n	-	-	-	-	smtpd
	-o content_filter=
	-o local_recipient_maps=
	-o relay_recipient_maps=
	-o smtpd_restriction_classes=
	-o smtpd_delay_reject=no
	-o smtpd_client_restrictions=permit_mynetworks,reject
	-o smtpd_helo_restrictions=
	-o smtpd_sender_restrictions=
	-o smtpd_recipient_restrictions=permit_mynetworks,reject
	-o smtpd_data_restrictions=reject_unauth_pipelining
	-o smtpd_end_of_data_restrictions=
	-o mynetworks=127.0.0.0/8
	-o smtpd_error_sleep_time=0
	-o smtpd_soft_error_limit=1001
	-o smtpd_hard_error_limit=1000
	-o smtpd_client_connection_count_limit=0
	-o smtpd_client_connection_rate_limit=0
	-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

And add this immediately following the "pickup" transport service:

	 -o content_filter=
	 -o receive_override_options=no_header_body_checks

This will help stop marking messages, reporting spam, as spam. Reload postfix, and now, content filtering with spam and virus detection is enabled.

Test

Test your default installation using the following code segment.

telnet localhost 25

Postfix will prompt like following in the terminal so that you can use to type SMTP commands.

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix (Ubuntu)

Type the following code segment in Postfix's prompt.

ehlo localhost
mail from: root@localhost
rcpt to: root@localhost
data
Subject: First test of Postfix
Hi,
Are you there?
regards,
Me
. (Type the .[dot] in a new Line and press Enter )
quit

@@ 第1行： / 第1行： @@
 {{From|https://help.ubuntu.com/community/PostfixAmavisNewClamAVSpamAssassin}}
 {{Languages|UbuntuHelp:PostfixAmavisNewClamAVSpamAssassin}}
 IN PROGRESS
 == Introduction ==
 This will detail setting up a complete mail server using the following: Ubuntu 5.10, Postfix, Courier, Amavis-new, ClamAV and SpamAssassin.  The end result will send & receive email using sasl authentication, check incoming email vs the spamhaus.org known spammer list (optional), filter all incoming email through amavis-new which will then run virus scanning & also check for spam.  If viruses are found the email is dumped, if spam is found the subject is relabeled '***SPAM***'.  Postmaster is notified of both for monitoring & updating of rules.
 A related article is on [[UbuntuHelp:Courier]], a more detailed guide by [http://flurdy.com/docs/postfix/ Ivar Abrahamsen on flurdy.com].
 == Prerequisite ==
 You must be comfortable on the command line & have a reasonable knowledge of the OS in order to accomplish this.  This is not for the faint of heart.
 It is required to activate Universe and Multiverse repositories. Just follow this howto: [[UbuntuHelp:AddingRepositoriesHowto]].
 == Installation ==
 For beginning, install the main components of the mail system:
 <pre><nowiki>
 sudo apt-get install postfix libsasl2 sasl2-bin libsasl2-modules libdb3-util procmail courier-authdaemon courier-imap courier-imap-ssl courier-pop courier-pop-ssl
 </nowiki></pre>
 Next install the filtering packages:
 <pre><nowiki>
 sudo apt-get install amavisd-new spamassassin clamav-daemon clamav-freshclam
 </nowiki></pre>
 Install the optional packages for increased spam protection:
 <pre><nowiki>
 sudo apt-get install libnet-dns-perl libmail-spf-query-perl pyzor razor
 </nowiki></pre>
 Install some compress/uncompress utils (this allows the filters to scan compressed archives)
 <pre><nowiki>
 sudo apt-get install file arc gzip bzip2 cabextract zip unzip unrar-free cpio tar zoo arj lzop nomarch pax unzoo
 </nowiki></pre>
 == Configuration ==
 === courier ===
 Courier comes fully configured out of the box. You should setup the Maildirs for the default user and in your existing folders. To do that, read here: [[Courier]]. '''Login to your local IMAP server may not work for uses that don't have a Maildir in their home folder.'''
 The very abbreviated approach of creating a Maildir is:
 <pre><nowiki>
@@ 第50行： / 第35行： @@
 Note: if you already have a maildir, maildirmake should abort and say: ''maildirmake: File exists''
 === postfix ===
 Postfix will need a little bit of tweaking before we're done.  We'll want to use <code><nowiki>relay_host</nowiki></code> to relay outgoing mail through your ISP account (otherwise we'll get a lot of denied outgoing email) and also setup some authentication.  The last thing we want is to setup an open mail relay for use by spammers!
 Append the follwing to /etc/postfix/main.cf
 (relayhost definition should match your ISP smtp settings.  Contact them for specifics)
@@ 第60行： / 第43行： @@
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 </nowiki></pre>
 Create /etc/postfix/sasl_passwd and add your ISP account information.  Example:
 (this should be the same login information you use to check your ISP email)
@@ 第66行： / 第48行： @@
 mail.your-isp.com username:password
 </nowiki></pre>
 === clamav ===
 The default behaviour of clamav will fit our needs. A daemon is launched (clamd) and signatures are fetch every day. If you want to use clamav for mail filtering, check the configuration files in <code><nowiki>/etc/clamav</nowiki></code>.
 Add <code><nowiki>clamav</nowiki></code> user in <code><nowiki>amavis</nowiki></code> in order clamav can access files:
 <pre><nowiki>
 sudo useradd clamav --gid amavis
 </nowiki></pre>
 === amavis ===
 Now, activate spam detection and antivirus detection in amavis by editing <code><nowiki>/etc/amavis/conf.d/15-content_filter_mode</nowiki></code>:
 <pre><nowiki>
 use strict;
 # You can modify this file to re-enable SPAM checking through spamassassin
 # and to re-enable antivirus checking.
 #
 # Default antivirus checking mode
 # Uncomment the two lines below to enable it back
 #
 @bypass_virus_checks_maps = (
 \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
 #
 # Default SPAM checking mode
 # Uncomment the two lines below to enable it back
 #
 @bypass_spam_checks_maps = (
 \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
 ;  # insure a defined return
 </nowiki></pre>
 === spamassassin ===
 Spamasssassin will automagically scan for optional components and use them if available.  A few of these, which we will use, are the <code><nowiki>dcc-client</nowiki></code>, <code><nowiki>pyzor</nowiki></code> and <code><nowiki>razor</nowiki></code>.  These will not need to be configured.
 Edit <code><nowiki>/etc/default/spamassassin</nowiki></code> to activate the daemon:
 Edit the following line from ENABLED=0 TO ENABLED=1.
@@ 第116行： / 第82行： @@
 ENABLED=1
 </nowiki></pre>
 === Postfix integration ===
 For postfix integration, you only need to add in <code><nowiki>/etc/postfix/main.cf</nowiki></code> the following line:
 <pre><nowiki>
 content_filter=smtp-amavis:[127.0.0.1]:10024
 </nowiki></pre>
 Also edit /etc/postfix/master.cf, adding this at the bottom:
 <pre><nowiki>
@@ 第131行： / 第94行： @@
 	-o disable_dns_lookups=yes
 	-o max_use=20
 .0.0.1:10025	inet	n	-	-	-	-	smtpd
 	-o content_filter=
@@ 第152行： / 第114行： @@
 	-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
 </nowiki></pre>
 And add this immediately following the "pickup" transport service:
 <pre><nowiki>
 	 -o content_filter=
 	 -o receive_override_options=no_header_body_checks
 </nowiki></pre>
 This will help stop marking messages, reporting spam, as spam.
 Reload postfix, and now, content filtering with spam and virus detection is enabled.
 == Test ==
 Test your default installation using the following code segment.
 <pre><nowiki>
 telnet localhost 25
 </nowiki></pre>
 Postfix will prompt like following in the terminal so that you can use to type SMTP commands.
 <pre><nowiki>
 Trying 127.0.0.1...
@@ 第179行： / 第133行： @@
 localhost.localdomain ESMTP Postfix (Ubuntu)
 </nowiki></pre>
 Type the following code segment in Postfix's prompt.
 <pre><nowiki>
 ehlo localhost
@@ 第195行： / 第147行： @@
 quit
 </nowiki></pre>
 ----
 [[category:CategoryDocumentation]]
 [[category:UbuntuHelp]]

个人工具

“UbuntuHelp:PostfixAmavisNewClamAVSpamAssassin”的版本间的差异 - Ubuntu中文

搜索

导航

编辑

工具