Contents
1. Antivirus software Clamav installed
Install Clam AntiVirus, a free anti-virus software for Linux, as an anti-virus measure.
By installing this anti-virus software, you can not only scan the entire server for viruses, but also scan incoming and outgoing mail for viruses if you build and configure a mail server.
1.1 Install
|
1 |
# apt -y install clamav clamav-daemon |
The clamav-related configuration files are installed in the /etc/clamav/ folder.
1.2 Virus Definition Update
|
1 |
# sed -i -e "s/^NotifyClamd/#NotifyClamd/g" /etc/clamav/freshclam.conf |
|
1 2 3 4 5 6 |
# systemctl stop clamav-freshclam # freshclam Sun Dec 31 09:20:20 2023 -> ClamAV update process started at Sun Dec 31 09:20:20 2023 Sun Dec 31 09:20:20 2023 -> daily.cvd database is up-to-date (version: 27139, sigs: 2049896, f-level: 90, builder: raynman) Sun Dec 31 09:20:20 2023 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) Sun Dec 31 09:20:20 2023 -> bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) |
|
1 |
# systemctl start clamav-freshclam |
Edit configuration file
|
1 2 3 4 |
# vi /etc/logrotate.d/clamav-freshclam create 640 clamav adm ↓ create 640 clamav clamav |
Automatic virus definition update confirmation
Ensure that the service is registered for automatic virus definition updates.
|
1 |
# service clamav-freshclam status |
It appears as follows
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
● clamav-freshclam.service - ClamAV virus database updater Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; disabled; preset: enabled) Active: active (running) since Mon 2024-02-12 12:51:12 JST; 49s ago Docs: man:freshclam(1) man:freshclam.conf(5) https://docs.clamav.net/ Main PID: 1955 (freshclam) Tasks: 1 (limit: 2265) Memory: 2.6M CPU: 11ms CGroup: /system.slice/clamav-freshclam.service mq1955 /usr/bin/freshclam -d --foreground=true Feb 12 12:51:12 Lepard systemd[1]: Started clamav-freshclam.service - ClamAV virus database updater. Feb 12 12:51:12 Lepard freshclam[1955]: Mon Feb 12 12:51:12 2024 -> ClamAV update process started at Mon Feb 12 12:> Feb 12 12:51:12 Lepard freshclam[1955]: Mon Feb 12 12:51:12 2024 -> daily.cvd database is up-to-date (version: 2718> Feb 12 12:51:12 Lepard freshclam[1955]: Mon Feb 12 12:51:12 2024 -> main.cvd database is up-to-date (version: 62, s> Feb 12 12:51:12 Lepard freshclam[1955]: Mon Feb 12 12:51:12 2024 -> bytecode.cvd database is up-to-date (version: 3 |
Logs are recorded in the file /var/log/clamav/freshclam.log.
1.3 Virus Check Confirmation
①Running manual virus checks
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
# clamscan --infected --remove --recursive /home ----------- SCAN SUMMARY ----------- Known viruses: 8684848 Engine version: 1.0.3 Scanned directories: 3 Scanned files: 7 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 19.154 sec (0 m 19 s) Start Date: 2024:02:12 12:52:44 End Date: 2024:02:12 12:53:03 |
Infected files: 0, so no virus
②Virus detection by downloading test viruses
Download a harmless virus and test it for detection.
Log in as a general user and check
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
# apt install clamav-testfiles Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: clamav-testfiles 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 2,836 kB of archives. After this operation, 6,655 kB of additional disk space will be used. Get:1 http://ftp.jp.debian.org/debian bookworm/main amd64 clamav-testfiles all 1.0.3+dfsg-1~deb12u1 [2,836 kB] Fetched 2,836 kB in 1s (2,529 kB/s) Selecting previously unselected package clamav-testfiles. (Reading database ... 32466 files and directories currently installed.) Preparing to unpack .../clamav-testfiles_1.0.3+dfsg-1~deb12u1_all.deb ... Unpacking clamav-testfiles (1.0.3+dfsg-1~deb12u1) ... Setting up clamav-testfiles (1.0.3+dfsg-1~deb12u1) ... |
Detection of installed test viruses
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# clamscan --infected --remove --recursive /usr/share/clamav-testfiles /usr/share/clamav-testfiles/clam-nsis.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-nsis.exe: Removed. /usr/share/clamav-testfiles/clam.arj: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.arj: Removed. /usr/share/clamav-testfiles/clam-wwpack.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-wwpack.exe: Removed. /usr/share/clamav-testfiles/clam.exe.rtf: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.exe.rtf: Removed. /usr/share/clamav-testfiles/clam.zip: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.zip: Removed. /usr/share/clamav-testfiles/clam.pdf: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.pdf: Removed. /usr/share/clamav-testfiles/clam.mail: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.mail: Removed. /usr/share/clamav-testfiles/clam.exe.szdd: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.exe.szdd: Removed. /usr/share/clamav-testfiles/clam.odc.cpio: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.odc.cpio: Removed. /usr/share/clamav-testfiles/clam_ISmsi_ext.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam_ISmsi_ext.exe: Removed. /usr/share/clamav-testfiles/clam.tar.gz: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.tar.gz: Removed. /usr/share/clamav-testfiles/clam.exe.bz2: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.exe.bz2: Removed. /usr/share/clamav-testfiles/clam-petite.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-petite.exe: Removed. /usr/share/clamav-testfiles/clam-pespin.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-pespin.exe: Removed. /usr/share/clamav-testfiles/clam-aspack.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-aspack.exe: Removed. /usr/share/clamav-testfiles/clam_IScab_ext.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam_IScab_ext.exe: Removed. /usr/share/clamav-testfiles/clam_ISmsi_int.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam_ISmsi_int.exe: Removed. /usr/share/clamav-testfiles/clam.ole.doc: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.ole.doc: Removed. /usr/share/clamav-testfiles/clam.bin-le.cpio: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.bin-le.cpio: Removed. /usr/share/clamav-testfiles/clam.exe.html: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.exe.html: Removed. /usr/share/clamav-testfiles/clam.ea05.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.ea05.exe: Removed. /usr/share/clamav-testfiles/clam.bin-be.cpio: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.bin-be.cpio: Removed. /usr/share/clamav-testfiles/clam.impl.zip: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.impl.zip: Removed. /usr/share/clamav-testfiles/clam-upx.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-upx.exe: Removed. /usr/share/clamav-testfiles/clam.cab: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.cab: Removed. /usr/share/clamav-testfiles/clam.ppt: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.ppt: Removed. /usr/share/clamav-testfiles/clam_cache_emax.tgz: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam_cache_emax.tgz: Removed. /usr/share/clamav-testfiles/clam.sis: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.sis: Removed. /usr/share/clamav-testfiles/clam-upack.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-upack.exe: Removed. /usr/share/clamav-testfiles/clam-mew.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-mew.exe: Removed. /usr/share/clamav-testfiles/clam.bz2.zip: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.bz2.zip: Removed. /usr/share/clamav-testfiles/clam.ea06.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.ea06.exe: Removed. /usr/share/clamav-testfiles/clam-yc.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-yc.exe: Removed. /usr/share/clamav-testfiles/clam-fsg.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam-fsg.exe: Removed. /usr/share/clamav-testfiles/clam_IScab_int.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam_IScab_int.exe: Removed. /usr/share/clamav-testfiles/clam.exe.mbox.uu: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.exe.mbox.uu: Removed. /usr/share/clamav-testfiles/clam.chm: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.chm: Removed. /usr/share/clamav-testfiles/clam.exe.mbox.base64: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.exe.mbox.base64: Removed. /usr/share/clamav-testfiles/clam.exe: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.exe: Removed. /usr/share/clamav-testfiles/clam.exe.binhex: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.exe.binhex: Removed. /usr/share/clamav-testfiles/clam.newc.cpio: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.newc.cpio: Removed. /usr/share/clamav-testfiles/clam.d64.zip: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.d64.zip: Removed. /usr/share/clamav-testfiles/clam.tnef: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.tnef: Removed. /usr/share/clamav-testfiles/clam.7z: Clamav.Test.File-6 FOUND /usr/share/clamav-testfiles/clam.7z: Removed. ----------- SCAN SUMMARY ----------- Known viruses: 8684848 Engine version: 1.0.3 Scanned directories: 1 Scanned files: 44 Infected files: 44 Data scanned: 14.04 MB Data read: 6.21 MB (ratio 2.26:1) Time: 30.492 sec (0 m 30 s) Start Date: 2024:02:12 12:54:13 End Date: 2024:02:12 12:54:43 |
As you can see, it notifies me of the virus by displaying "FOUND" and "Removed." and "Infected files: 44". The "--remove" option was added, so the test virus was removed.
Remove clamav-testfiles.
|
1 |
# apt remove clamav-testfiles |
1.4 Create a script file to do a full scan
①Create a script file storage directory (/opt/script) in advance.
|
1 2 3 |
$ su - Password: # mkdir /opt/script |
②Create script file
|
1 |
# vi /opt/script/clam-full.sh |
Contents of clam-full.sh (new)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
#!/bin/sh echo ========================================= date hostname clamscan / \ --infected \ --recursive \ --log=/var/log/clamav/clamscan.log \ --move=/var/log/clamav/virus \ --exclude-dir=^/boot \ --exclude-dir=^/sys \ --exclude-dir=^/proc \ --exclude-dir=^/dev \ --exclude-dir=^/var/log/clamav/virus if [ $? = 0 ]; then echo “virus undetected.” else echo “virus detection!!” fi |
③execute authorization
|
1 |
# chmod +x /opt/script/clam-full.sh |
④Create a folder for virus quarantine
If not, a runtime error will occur because the above script specifies it as an excluded directory.
|
1 |
# mkdir /var/log/clamav/virus |
⑤Script Execution
|
1 |
# /opt/script/clam-full.sh |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
========================================= Sun Dec 31 09:50:18 AM JST 2023 Lepard ----------- SCAN SUMMARY ----------- Known viruses: 8684848 Engine version: 1.0.3 Scanned directories: 3855 Scanned files: 30035 Infected files: 0 Data scanned: 2095.09 MB Data read: 1478.27 MB (ratio 1.42:1) Time: 312.807 sec (5 m 12 s) Start Date: 2024:02:12 12:57:06 End Date: 2024:02:12 13:02:19 “virus undetected.” |
akes quite a long time to complete.
Logs are recorded in the /var/log/clamav/clamscan.log file.
⑤Scheduled virus scan execution with cron
|
1 2 |
# crontab -e 0 2 * * mon /opt/script/clam-full.sh >> /var/log/clamav/clamascan.log |
In the above example, it runs regularly every Monday at 2:00 AM.
2. Mail server installation
Postfix was developed as a Mail Transport Agent (MTA) to replace sendmail, and is a mail server that is highly compatible with sendmail, secure, easy to maintain, and fast.
In addition, since Postfix only functions as an SMTP server for sending mail, the POP server Dovecot for receiving mail will be installed separately in the latter half.
2.1 Postfix : インストール 設定
①Install Postfix
Install Postfix and build an SMTP server; SMTP uses 25/TCP.
To prevent unauthorized mail relay, use the SASL function of Dovecot, described below, and configure Postfix so that authentication is also required for sending.
|
1 |
# apt -y install postfix sasl2-bin |
You will be asked to select general configuration settings, select "No configuration " to set them manually later
②Edit configuration file (main.cf)
|
1 2 |
# cp /usr/share/postfix/main.cf.dist /etc/postfix/main.cf # vi /etc/postfix/main.cf |
editorial content
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
# Line 82:Uncomment mail_owner = postfix # Line 100:Uncomment and specify host name myhostname = mail.<domain name> # Per Line 107:domain add mydomain = <domain name> # Per Line 127:Uncomment myorigin = $mydomain # Per Line 141:Uncomment inet_interfaces = all # Per Line 189:Uncomment mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain # Per Line 232:Uncomment local_recipient_maps = unix:passwd.byname $alias_maps # Per Line 277:Uncomment mynetworks_style = subnet # Per Line 294:Own network addition mynetworks = 127.0.0.0/8, 192.168.11.0/24 # Per Line 416:Uncomment alias_maps = hash:/etc/aliases # Per Line 427:Uncomment alias_database = hash:/etc/aliases # Per Line 449:Uncomment home_mailbox = Maildir/ # Per Line 585:Make it a comment and add below it #smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_banner = $myhostname ESMTP # Per Line 659:add sendmail_path = /usr/sbin/postfix # Per Line 664:add newaliases_path = /usr/bin/newaliases # Per Line 669:add mailq_path = /usr/bin/mailq # Per Line 675:add setgid_group = postdrop # Per Line 679:Comment #html_directory = # Per Line 683:Comment #manpage_directory = # Per Line 688:Comment #sample_directory = # Per Line 692:Comment #readme_directory = # Add to last line # SMTP VRFY command is disabled disable_vrfy_command = yes # Requests a HELO command from the client smtpd_helo_required = yes # Limit sent/received mail size to 10M message_size_limit = 10485760 # Limit mailbox size to 1G mailbox_size_limit = 1073741824 # SMTP-Auth Settings smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, permit_sasl_authenticated, reject |
③Edit configuration file (master.cf)
|
1 |
# vi /etc/postfix/master.cf |
Editorial content
|
1 2 3 4 5 6 7 8 9 10 |
smtp inet n - y - - smtpd #smtp inet n - y - 1 postscreen #smtpd pass - - y - - smtpd #dnsblog unix - - y - 0 dnsblog #tlsproxy unix - - y - 0 tlsproxy submission inet n - y - - smtpd # -o syslog_name=postfix/submission # -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes # -o smtpd_tls_auth_only=yes |
Reflect settings, reboot
|
1 2 |
# newaliases # systemctl restart postfix |
2.2 Dovecot : Installation Configuration
①Install Dovecot
Install Dovecot and build a POP/IMAP server, using 110/TCP for POP and 143/TCP for IMAP.
|
1 |
# apt -y install dovecot-core dovecot-pop3d dovecot-imapd |
②Configure Dovecot to provide SASL functionality for Postfix
|
1 2 3 |
# vi /etc/dovecot/dovecot.conf Line 30:Uncomment listen = *, :: |
|
1 2 3 4 5 |
# vi /etc/dovecot/conf.d/10-auth.conf Line 10:Uncomment and change (also allow plain text authentication) disable_plaintext_auth = no Line 100:add auth_mechanisms = plain login |
|
1 2 3 |
# vi /etc/dovecot/conf.d/10-mail.conf Line 30:Change to Maildir format mail_location = maildir:~/Maildir |
|
1 2 3 4 5 6 7 8 |
# vi /etc/dovecot/conf.d/10-master.conf Line 107-109:Uncommented and added # Postfix smtp-authi unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } |
③Reflect settings, reboot
|
1 |
# systemctl restart dovecot |
2.3 Email User Account Registration
Register a user account for e-mail.
This setting is for when a user account on the OS is also used for e-mail.
If you want to use mail with a user account on the OS, no additional configuration is required, just register the OS user
①Mail client installed
|
1 |
# apt -y install mailutils |
②Mailboxes are set to refer to Maildir
|
1 |
# echo 'export MAIL=$HOME/Maildir/' >> /etc/profile.d/mail.sh |
2.4 Opening Ports
|
1 2 3 4 |
# ufw allow pop3 # ufw allow imap # ufw allow smtp # ufw reload |
2.5 operation check ①
①Send test mail to yourself [mail (user name)@(host name)].
user name : huong
|
1 2 3 4 5 6 7 8 |
# su - huong $ mail huong@localhost # Cc Cc: # Subject: Test Mail # This is the first mail. |
Ctrl + D key to exit the main text
Check incoming mail
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
$ mail "/home/huong/Maildir/": 1 message 1 new >N 1 huong Mon Feb 12 04:43 13/427 Test Mail ? 1 Return-Path: <huong@Lepard> X-Original-To: huong@localhost Delivered-To: huong@localhost Received: by mail.korodes.com (Postfix, from userid 1000) id E7BF76040C; Mon, 12 Feb 2024 13:43:41 +0900 (JST) To: <huong@localhost> Subject: Test Mail User-Agent: mail (GNU Mailutils 3.15) Date: Mon, 12 Feb 2024 13:43:41 +0900 Message-Id: <20240212044341.E7BF76040C@mail.korodes.com> From: huong <huong@Lepard> This is the first mail. ? q Saved 1 message in /home/huong/mbox Held 0 messages in /home/huong/Maildir/ |
2.6 operation check ②
Set up and confirm your account in Mozilla Thunderbird
①Start Thunderbird, and click "Tools", "Account Settings".
②「Account Actions」「Add Mail Account」
③Your full name" is an optional name
Email addtess" is "huong@korodes.com" added earlier
Password" is the password for user huong
Click on "Configure manually"
④Set "INCOMMING SERVER" and "OUTGOING SERVER" as shown below and click "Re-test".
⑤The "Server Found" message appears.(The following settings were found by probinfg the given server)
After clicking "Done," the following "Warning" appears, but there is no problem, so click "Confirm."
⑥Click "Finish" when "Account syccessfuly created" is displayed.
3 Applied ClamAV to mail server Postfix
Set up Postfix and Clamav to work together to scan incoming and outgoing mail in real time.
①Install Amavisd and Clamav Daemon and start Clamav Daemon
|
1 |
# apt -y install clamav-daemon amavisd-new |
If the server is not using a fully qualified domain name (FQDN) as the hostname, Amavis may fail to start. Also, since the OS hostname may change, set a valid hostname directly in the Amavis configuration file
|
1 2 3 4 5 6 7 8 9 10 |
# vi /etc/amavis/conf.d/05-node_id use strict; # $myhostname is used by amavisd-new for node identification, and it is # important to get it right (e.g. for ESMTP EHLO, loop detection, and so on) . chomp($myhostname = `hostname --fqdn`); # To manually set $myhostname, edit the following line with the correct Full y # Qualified Domain Name (FQDN) and remove the # at the beginning of the line . # $myhostname = "mail.<domain name>"; 1; # ensure a defined return |
②Virus Scan Enable
|
1 2 3 4 5 |
# vi /etc/amavis/conf.d/15-content_filter_mode #Line 13-14 : Uncomment and enable virus scan @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); |
③Register your own domain name
|
1 |
# echo '<yourDomain>' > /etc/mailname |
④Edit configuration file (Main.cf)
|
1 2 3 |
# vi /etc/postfix/main.cf Add to last line content_filter=smtp-amavis:[127.0.0.1]:10024 |
⑤Edit configuration file (master.cf)
|
1 |
# vi /etc/postfix/master.cf |
Editorial content
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
# Add all the following lines to the last line smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 |
⑥Settings reflect
|
1 2 3 |
# usermod -G clamav amavis # usermod -G amavis clamav # systemctl restart clamav-daemon amavis postfix |
When you send an e-mail to yourself on Thuderbird, etc., it is successful if you see the following message in the header of the incoming e-mail.
4 Apply spam checks to the mail server
4.1 Spam checking using spamassassin and procmail
①spamassassin and procmail installation
|
1 |
# apt install procmail spamassassin |
➁Configure procmail
If you want to apply the settings to all users
Create /etc/procmailrc
To configure for each individual, create a ~/.procmailrc in each user's home directory.
Create /etc/procmailrc this time
|
1 |
# vi /etc/procmailrc |
Contents of procmailrc
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
SHELL=/bin/bash PATH=/usr/bin:/bin:/usr/local/bin DROPPRIVS=yes MAILDIR=$HOME/Maildir DEFAULT=$MAILDIR/ SPAM=$MAILDIR/.Spam/ LOGFILE=$HOME/.procmail.log # Log output destination VERBOSE=ON # Detailed log output # If there is no "X-Spam-***" in the mail header, spamassassassin will be started. :0fw *!^X-Spam.* |spamassassin # If there is an "X-Spam-Status: Yes" in the mail header, the mail is stored in the ". .Spam" directory. :0 * ^X-Spam-Status: Yes $SPAM |
➂Create a .Spam directory in each user's ~/Maildir directory
|
1 2 |
# su - <user> $ mkdir Maildir/.Spam |
④Edit postfix configuration file
Do it as root user
|
1 2 3 4 |
# vi /etc/postfix/main.cf Per Line 479 : Uncomment mailbox_command = /usr/bin/procmail -a "$EXTENSION" |
⑤Restart postfix and spamassassin
|
1 2 |
# systemctl restart postfix spamd # systemctl enable spamassassin-maintenance.timer |
⑥Confirmed by Thudrtbird
If you send an e-mail to yourself and the header displays the following, it is normal.
4.2 Spam Email Learning
SpamAssassin's email learning functionality improves the accuracy of its judgments
①Learns all contents of ".Spam" directory as spam mail
|
1 2 |
# /usr/bin/sa-learn --spam /home/*/Maildir/.Spam/cur Learned tokens from 0 message(s) (0 message(s) examined) |
➁Learning of non-spam mail (normal mail)
|
1 2 |
# /usr/bin/sa-learn --ham /home/*/Maildir/cur Learned tokens from 7 message(s) (7 message(s) examined) |
➂Creating scripts for automatic learning
|
1 |
# vi /opt/script/spam-learns.sh |
|
1 2 3 4 5 6 7 8 |
#! /bin/sh # Spam Email Learning /usr/bin/sa-learn --spam /home/*/Maildir/.Spam/cur # Learning normal mail /usr/bin/sa-learn --ham /home/*/Maildir/cur # If you want to force the deletion of the contents of the spam mail storage directory, add the following statement /bin/rm -f /home/*/Maildir/.Spam/cur |
|
1 |
# chmod 750 /opt/script/spam-learns.sh |
④SpamAssassin automatically starts at system startup
|
1 |
# systemctl enable spamd |