Fedora41 ; Clamav , Mail Server

1. clamav

1.1 Install

1.2 Edit Clam AntiVirus configuration file

1.3 Virus definition file update settings

1.4 Update virus definition files

1.5 Start Clam AntiVirus

1.6 Conducted virus scan

Download a test virus and perform a virus scan

1.7 Deployment of virus scan auto-execution scripts

clamscan.sh Create in /var/www/system with the following contents

Grant execution permission to scripts

1.8 Exclude sys and proc directories.

Exclude sys and proc directories.

1.9 Scheduled virus scan execution

Run a trial script and do a full scan (takes a while)

2. Mail server(Postfix)

2.1 Postfix Install

Install Postfix and build an SMTP server

Check if Postfix is installed

2.2 Register Postfix to the service

2.3 Edit postfix configuration file

Backup postfix configuration files, main.cf and master.cf files

To prevent unauthorized mail relay, configure Postfix to require authentication for outgoing mail as well, using Dovecot's SASL function.

2.4 Release SMTP port (port 25)

2.5 Postfix start

3. Mail server(Dovecot)

3.1 Dovecot Install

3.2 Edit dovecot.conf file

3.3 Edit 10-auth.conf file

3.4 Edit 10-mail.conf file

3.5 Edit 10-master.conf file

3.6 Edit 10-ssl.conf file

3.7 Register dovecot as a service and start it

3.8 fPermission port opening for POP/IMAP service with firewalld

POP : [110/TCP], IMAP : [143/TCP]

4.Create mail user and check operation

4.1 advance preparation

Pretreatment for new users
When a new user is added, set up the system to automatically send and receive e-mail.

Mail environment pre-processing for existing users
Configure the already created users(huong) to be able to send and receive e-mail.

4.2 User Account Creation

Mail client installation

Add user [linux]

4.3 Operation check ①

Log in as an email user and send a test email.

Check your email

4.4 Operation check ②

Set up and confirm your account in Mozilla Thunderbird (for OS user huong as mail user)
①Start Thunderbird
「Tools」「Account Settings」

②「Account Actions」「Add Mail Account」

③Your full name : Any name
Email addtess : huong@korodes.com
Password : Password for huong
Click on "Configure manually"

④Set "INCOMMING SERVER" and "OUTGOING SERVER" as shown below and click "Re-test".

⑤"The following settings were found by probinfg the given server" Displayed

After clicking "Done," the following "Warning" appears, but there is no problem, so click "Confirm."

⑥Click "Finish" when "Account syccessfuly created" is displayed.

Mail Server : Postfix + Clamav + clamav-milter+SpamAssassin

1.Real-time scanning of e-mails

clamav-milter Install
Virus checks are performed on the mail server side using Clam AntiVirus.
The mail server and Clam AntiVirus are linked using clamav-milter.

clamav-milter configuration

clamav-milter startup and auto-startup settings

Postfix and clamav-milter integration settings
Edit Postfix configuration file

Add postfix user to clamilt group

Postfix Settings Reflected

Check with Thunderbird
When I send a blank email to myself in Thunderbird, the following appears in the header display section of the received email
X-Virus-Scanned: clamav-milter 1.0.7 at Lepard
X-Virus-Status: Clean

X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: xxxxxx@xxxxxx.com
X-Original-To: xxxxxx@xxxxxx.com
Delivered-To: xxxxxx@xxxxxx.com
Received: from [192.168.11.45] (_gateway [192.168.11.1])
by mail.xxxxxx.com (Postfix) with ESMTPA id 94F408050FC
for xxxxxx@xxxxxx.com; Mon, 04 Nov 2024 13:31:23 +0900 (JST)
Message-ID: 13d4f41a-167e-4b80-b971-2d8f210da79b@xxxxxx.com
Date: Mon, 4 Nov 2024 13:31:23 +0900
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: huong xxxxxx@xxxxxx.com
Content-Language: en-US
To: xxxxxx@xxxxxx.com
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 1.0.7 at Lepard
X-Virus-Status: Clean

Try sending yourself an email with the body of the email "X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*" and confirm that the email is discarded and never received

2.Email spam protection

2.1 SpamAssassin, spamass-milter, and postfix settings

SpamAssassin・spamass-milter Install

SpamAssassin start

SpamAssassin Settings

SpamAssassin configuration file modernization script

Grant execute permission to the spamassassin-update script and run it

Confirm that the SpamAssassin configuration file (local.cf) has been created in the /etc/mail/spamassassin directory with the date of the day

Set up cron to automatically run a script daily that updates the SpamAssassin configuration file

spamass-milter startup and automatic startup settings

Postfix and spamass-milter integration settings

Restart postfix

Procmail Settings
Create procmail configuration file

Create procmail log rotation configuration file

Postfix and Procmail integration settings

Postfix Settings Reflected

2.2 Spam mail sorting settings

Mail marked as spam in the mail header by SpamAssassin will be delivered to a spam-only mailbox, while other mail will be delivered to a normal mailbox.

Create a dedicated spam mailbox
For existing users, add a spam-only mailbox to their mailboxes.
For new users, a spam-only mailbox will be automatically created when a user is added.
Created script to create spam-only mailboxes

Run script to create spam-only mailboxes

Measures against new users
Automatic spam-only mailbox creation when adding new users

➁spam mail sorting
Emails identified as spam by SpamAssassin are delivered to a spam-only mailbox.

Spam check confirmation
When you send a blank email to yourself, the following message is appended to the header of the received email
X-Spam-Status: No, score=2.3 required=13.0 tests=ALL_TRUSTED,
CONTENT_TYPE_PRESENT,EMPTY_MESSAGE autolearn=no autolearn_force=no
version=4.0.1
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on Lepard

X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: xxxxx@xxxxxx.com
X-Original-To: xxxxx@xxxxxx.com
Delivered-To: xxxxx@xxxxxx.com
Received: from [192.168.11.45] (_gateway [192.168.11.1])
by mail.xxxxxx.com (Postfix) with ESMTPA id 723608062F0
for xxxxx@xxxxxx.com; Mon, 04 Nov 2024 13:48:04 +0900 (JST)
Message-ID: b72ac886-6f70-4bf4-8f84-ff7b6754be00@xxxxxx.com
Date: Mon, 4 Nov 2024 13:48:03 +0900
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: huong xxxxx@xxxxxx.com
Content-Language: en-US
To: xxxxx@xxxxxx.com
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 1.0.7 at Lepard
X-Virus-Status: Clean
X-Spam-Status: No, score=2.3 required=13.0 tests=ALL_TRUSTED,
CONTENT_TYPE_PRESENT,EMPTY_MESSAGE autolearn=no autolearn_force=no
version=4.0.1
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on Lepard

④Spam check confirmation
Send yourself an email with the body of the email "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X" and make sure the email is not delivered and is sorted into the Spam folder

Copied title and URL