Click here for "Safe Air Conditioner Repair and Proper Freon Recovery".

Debian11.3 : Anti-virus , Mail server

1. Antivirus software Clamav installed

Install Clam AntiVirus, a free anti-virus software for Linux, as an anti-virus measure.
By installing this anti-virus software, you can not only scan the entire server for viruses, but also scan incoming and outgoing mail for viruses if you build and configure a mail server.

1.1 Install

The clamav-related configuration files are installed in the /etc/clamav/ folder.

1.2 Virus Definition Update

If the virus definitions can be updated with the above command, but the following error occurs, change the log settings and run the command again.
ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!

If the above error occurs, delete the log file once and change the log rotate settings as follows.

Edit configuration file

Automatic virus definition update confirmation
Ensure that the service is registered for automatic virus definition updates.

It appears as follows

Logs are recorded in the file /var/log/clamav/freshclam.log.

1.3 Virus Check Confirmation

①Running manual virus checks

Infected files: 0, so no virus

②Virus detection by downloading test viruses
Download a harmless virus and test it for detection.
Log in as a general user and check

As you can see, the virus is notified with the message "FOUND" and "Infected files: 1". The "--remove" option was also added, so the test virus was removed.

1.4 Create a script file to do a full scan

①Create a script file storage directory (/opt/script) in advance.

②Create script file

Contents of clam-full.sh (new)

③execute authorization

④Create a folder for virus quarantine
If not, a runtime error will occur because the above script specifies it as an excluded directory.
⑤Script Execution
Takes quite a long time to complete.
Logs are recorded in the /var/log/clamav/clamscan.log file.

⑤Scheduled virus scan execution with cron
In the above example, it runs regularly every Monday at 2:00 AM.

2. Mail server installation

Postfix was developed as a Mail Transport Agent (MTA) to replace sendmail, and is a mail server that is highly compatible with sendmail, secure, easy to maintain, and fast.
In addition, since Postfix only functions as an SMTP server for sending mail, the POP server Dovecot for receiving mail will be installed separately in the latter half.

2.1 Postfix : Installation Configuration

①Install Postfix
Install Postfix and build an SMTP server; SMTP uses 25/TCP.
To prevent unauthorized mail relay, use the SASL function of Dovecot, described below, and configure Postfix so that authentication is also required for sending.

You will be asked to select general configuration settings, select "No configuration " to set them manually later

②Edit configuration file (main.cf)

Editorial content

③Edit configuration file (master.cf)

Editorial content

Reflect settings, reboot

2.2 Dovecot : Installation Configuration

①Install Dovecot
Install Dovecot and build a POP/IMAP server, using 110/TCP for POP and 143/TCP for IMAP.

②Configure Dovecot to provide SASL functionality for Postfix

③Reflect settings, reboot

2.3 Email User Account Registration

Register a user account for e-mail.
This setting is for when a user account on the OS is also used for e-mail.
If you want to use mail with a user account on the OS, no additional configuration is required, just register the OS user

①Mail client installed

②Mailboxes are set to refer to Maildir

2.4 Opening Ports

2.5 operation check ①

①Send test mail to yourself [mail (user name)@(host name)].
user name : huong

Ctrl + D key to exit the main text

Check incoming mail

2.6 operation check ②

Set up and confirm your account in Mozilla Thunderbird

①Start Thunderbird, and click "Tools", "Account Settings".

②「Account Actions」「Add Mail Account」

③Your full name" is an optional name
Email addtess" is "huong@korodes.com" added earlier
Password" is the password for user huong
Click on "Configure manually"

④Set "INCOMMING SERVER" and "OUTGOING SERVER" as shown below and click "Re-test".

⑤The "Server Found" message appears.(The following settings were found by probinfg the given server)

After clicking "Done," the following "Warning" appears, but there is no problem, so click "Confirm.

⑥Click "Finish" when "Account syccessfuly created" is displayed.

3 Applied ClamAV to mail server Postfix

①Install Amavisd and Clamav Daemon and start Clamav Daemon

Set up Postfix and Clamav to work together to scan incoming and outgoing mail in real time.

If the server is not using a fully qualified domain name (FQDN) as the hostname, Amavis may fail to start. Also, since the OS hostname may change, set a valid hostname directly in the Amavis configuration file
②Virus Scan Enable
③Register your own domain name
④Edit configuration file (Main.cf)
⑤Edit configuration file (master.cf)
Editorial content

⑥Settings reflect

When you send an e-mail to yourself on Thuderbird, etc., it is successful if you see the following message in the header of the incoming e-mail.

4. Install spamassassin in Postfix to prevent spam

①Install

②Preparation for SpamAssassin configuration
Create a directory ".Spam" in Maildir format for storing spam mails. First, log in as an ordinary user (e.g. huong)

③Prepare Procmail
Check if Procmail is installed on the server machine.
If not, install it.

Check the path to Procmail with the following command

④Procmail Settings
The settings are applied to all users by putting them in "/etc/procmailrc", which is in charge of the entire mail filter.
The filter will be applied only to that user if it is written in "/home/username/.procmailrc", which is a mail filter file for each user.
This time, to apply to all users, we will describe it in "/etc/procmailrc".

procmailrc description (newly created)

⑤Edit Postfix main.cf

⑥Reflecting settings, starting up and checking operation
⑦Spam Email Learning
The following command will learn all the contents of all users' ".Spam" directories as spam mail
⑧Normal mail Learning
⑨Create a script and register it with Cron
Name the file "spam-learns.sh" and place it under /opt/script/.
After saving the script, give it executable access as "chmod 750 spam-learns.sh".
spam-learns.sh Contents

After spam-learns.sh is created, create a definition file directly under /lib/systemd/system. The name should end in .service, such as spam-learns.service.
Type is defined by simple
Contents of spam-learns.service

Register the learning script in Cron

Study scripts run daily at 4:00 a.m.

⑩Set to start automatically

⑪Send a blank email to yourself in Thunderbird, etc., and if you see the following message in the header of the received email, you have succeeded.

タイトルとURLをコピーしました