安装四个下载的软件包:
数据挖掘研究院
# dpkg -i *.deb
数据挖掘研究院
修改/etc/amavis/amavisd.conf: 数据挖掘研究院
@inet_acl = qw( 127/8 1.2.3.4/32 ); # 1.2.3.4 is your external ip .. because want maybe also accept mail from that interface, it"s up to you.
$warnvirussender = 1; # I want to warn people, who have got virus.
$warnvirusrecip = 1; # I want to warn my users about virus send to them.
$warn_offsite = 1; # I want to warn senders/recipients, that are not located on my server
$mailfrom_notify_admin = "virusalert@example.com"; #
$mailfrom_notify_recip = "virusalert@example.com"; # Change these to the appropriate email-adresses, you wish to use as sender
$mailfrom_notify_spamadmin = "spam.police@example.com"; # for spam and virus warnings
$hdrfrom_notify_sender = "AMaViS (content filter) <postmaster@example.com>";
$virus_admin = "virus-admin@example.com"; #
$spam_admin = "spam-admin@example.com"; # 数据挖掘研究院
指定使用uvscan: 数据挖掘研究院
@av_scanners = ( 数据挖掘研究院
["NAI McAfee AntiVirus (uvscan)", "uvscan",
"--secure -rv --summary --noboot {}", [0], [13],
qr/(?x) Found (?:
the (.+) (?:virus|trojan) |
(?:virus|trojan) or variant ([^ ]+) |
: (.+) NOT a virus)/ ],
);
数据挖掘研究院
找到/etc/postfix/master.cf如下行:
数据挖掘研究院
smtp inet n - n - - smtpd 数据挖掘研究院
改为如下: 数据挖掘研究院
smtp inet n n n - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o local_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o strict_rfc821_envelopes=yes 数据挖掘研究院
重启postfix,这样在收到病毒邮件的时候能够在日志文件看到如下的信息: 数据挖掘研究院
Jul 16 15:34:22 xxx amavis[30997]: (30997-09) INFECTED (W32/Nimda.gen@MM), (?) -> <xxx@xxx.org>, quarantine virus-20030716-153422-30997-09, Message-ID: <20030716073414.520D3E5C2F@xxx> 数据挖掘研究院
三、防垃圾邮件部分
垃圾邮件的防范必须掌握好尺度,postfix本身提供了header_check、body_check、access、classes等方式来拒绝邮件,可以参考如下地址的样例,结合自己的情况进行修改也能阻止一部分垃圾邮件: 数据挖掘研究院
http://www.XXXX.com/guides/postfix_uce_header.html
http://www.XXXX.com/guides/postfix_uce_body.html
http://www.XXXX.com/guides/postfix_uce_access.html
http://www.XXXX.com/guides/postfix_uce_class.html
数据挖掘实验室
不过以上配置文件需要管理员根据自己情况手工进行修改,如果直接采用的话,那么国内很多邮件你将收不到。
SpamAssassin和AMaViS可以很好的结合,它能够帮管理员自动处理一些垃圾邮件。SpamAssassin很有趣,它对解码后的邮件进行扫描后打分,如果分数达到用户指定的分数,那么就认为是垃圾邮件,而且它还有学习功能,管理员也可以自己重新定义各种分值或自定义分值。 数据挖掘研究院
1、SpamAssassin的安装
由于已经安装了AMaViS,所以自然就选择了SpamAssassin。SpamAssassin可以通过CPAN安装:
# perl -MCPAN -e shell
install Mail::SpamAssassin 数据挖掘实验室
2、SpamAssassin配置
创建/var/lib/amavis/.spamassassin/user_prefs文件:
数据挖掘研究院
# SpamAssassin config file for version 2.5x
# generated by http://www.yrex.com/spam/spamconfig.php (version 1.01)
# How many hits before a message is considered spam.
required_hits 5.0 数据挖掘研究院
# Whether to change the subject of suspected spam
rewrite_subject 1
# Text to prepend to subject if rewrite_subject is used
subject_tag *****SPAM***** 数据挖掘研究院
# Encapsulate spam in an attachment
report_safe 1 数据挖掘研究院
# Use terse version of the spam report
use_terse_report 0
数据挖掘实验室
# Enable the Bayes system
use_bayes 1
数据挖掘研究院
# Enable Bayes auto-learning
auto_learn 1
# Enable or disable network checks
skip_rbl_checks 1
use_razor2 0
use_dcc 0
use_pyzor 0 数据挖掘研究院
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - chinese english
ok_languages zh en
数据挖掘研究院
# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales en zh
