Click here for "Safe Air Conditioner Repair and Proper Freon Recovery".

Fedora35 : Clam AntiVirus , Mail Server

Install Clamav ( anti-virus software )

1.Install Clam AntiVirus

# dnf -y install clamav clamd clamav-update
2.Edit Clam AntiVirus configuration file

# vi /etc/clamd.d/scan.conf
●Line 14.
# Default: disabled
LogFile /var/log/clamd.scan ← Uncomment
●Line 77.
# Default: disabled
PidFile /run/clamd.scan/clamd.pid ← Uncomment
●Line 96.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket /run/clamd.scan/clamd.sock ← Uncomment
●Line 219.
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
#User clamscan ← comment-out

3.Virus definition file update settings

# vi /etc/freshclam.conf
●Line 75.
Insert a "#" at the beginning of the line "DatabaseMirror database.clamav.net" and
Add "DatabaseMirror db.jp.clamav.net"
#DatabaseMirror database.clamav.net
DatabaseMirror db.jp.clamav.net
●Per line 151
Add "NotifyClamd /etc/clamd.d/scan.conf"
#NotifyClamd /path/to/clamd.conf
NotifyClamd /etc/clamd.d/scan.conf
4.Virus definition file update
# freshclam
daily.cvd database is up-to-date (version: 26535, sigs: 1983975, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2)

5.Launch Clam AntiVirus

# systemctl start clamd@scan ← clamd start
# systemctl enable clamd@scan ← clamd auto-startup setting
Created symlink /etc/systemd/system/multi-user.target.wants/clamd@scan.service → /usr/lib/systemd/system/clamd@.service.
# systemctl is-enabled clamd@scan
enabled
# systemctl status clamd@scan ← operation check
clamd@scan.service - clamd scanner (scan) daemon
Loaded: loaded (/usr/lib/systemd/system/clamd@.service; enabled; vendor pr>
Active: active (running)since Sun 2022-05-15 11:08:35 JST; 20s ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://www.clamav.net/documents/
Main PID: 4234 (clamd)
Tasks: 2 (limit: 4614)
Memory: 1.1G
CPU: 17.146s
CGroup: /system.slice/system-clamd.slice/clamd@scan.service
mq4234 /usr/sbin/clamd -c /etc/clamd.d/scan.confMay 15 11:08:35 fedora clamd[4234]: ELF support enabled.
May 15 11:08:35 fedora clamd[4234]: Mail files support enabled.
May 15 11:08:35 fedora clamd[4234]: OLE2 support enabled.
May 15 11:08:35 fedora clamd[4234]: PDF support enabled.
6.Conducted virus scan
■Download a test virus and perform a virus scan
# wget http://www.eicar.org/download/eicar.com
# clamscan --infected --remove --recursive
/root/eicar.com: Win.Test.EICAR_HDB-1 FOUND ← Virus detection
/root/eicar.com: Removed. ← virus removal
----------- SCAN SUMMARY -----------
Known viruses: 8616037
Engine version: 0.103.5
Scanned directories: 1
Scanned files: 10
Infected files: 1
Data scanned: 0.02 MB
Data read: 0.01 MB (ratio 2.00:1)
Time: 27.879 sec (0 m 27 s)
Start Date: 2022:05:09 16:02:51
End Date: 2022:05:09 16:03:19
7.Deployment of virus scan auto-execution scripts
# mkdir -p /var/www/system
# cd /var/www/system

Create clamscan.sh in /var/www/system with the following contents
# vi /var/www/system/clamscan.sh
#!/bin/bash
PATH=/usr/bin:/bin
# excludeopt setup
excludelist=/var/www/system/clamscan.exclude
if [ -s $excludelist ]; then
for i in `cat $excludelist`
do
if [ $(echo "$i"|grep \/$) ]; then
i=`echo $i|sed -e 's/^\([^ ]*\)\/$/\1/p' -e d`
excludeopt="${excludeopt} --exclude-dir=$i"
else
excludeopt="${excludeopt} --exclude=$i"
fi
done
fi
# signature update
freshclam
# virus scan
clamscan --recursive --remove ${excludeopt} /

8.Virus scan exclusion directory settings

# chmod 700 clamscan.sh
# echo "/sys/" >> /var/www/system/clamscan.exclude
# echo "/proc/" >> /var/www/system/clamscan.exclude
Exclude sys and proc directories.
9.Scheduled virus scan
# crontab -e
no crontab for root - using an empty one
Fedora does not have cron by default, so please run the following to install it# dnf install cronie cronie-anacron
again
# crontab -e
0 1 * * * /var/www/system/clamscan.sh > /dev/null 2>&1

Mail Server Install

1. Install Postfix

1.1 Install
Install Postfix and build an SMTP server

# dnf -y install postfix
Check if Postfix is installed
# rpm -qa | grep postfix
postfix-3.6.4-1.fc35.x86_64
1.2 Register Postfix to the service
# systemctl enable postfix.service
Created symlink /etc/systemd/system/multi-user.target.wants/postfix.service → /usr/lib/systemd/system/postfix.service.
# systemctl is-enabled postfix.service
enabled
1.3 Backup postfix configuration files, main.cf and master.cf files
# cp -p /etc/postfix/main.cf `date '+/etc/postfix/main.cf.%Y%m%d'`
# cp -p /etc/postfix/master.cf `date '+/etc/postfix/master.cf.%Y%m%d'`
1.4Edit postfix configuration file
To prevent unauthorized mail relay, configure Postfix to require authentication even for outgoing mail, using Dovecot's SASL function.
# vi /etc/postfix/main.cf
●Per line 96: add
#myhostname = virtual.domain.tld
myhostname = mail.<domain name>
●Per line 103: Add your domain name
#mydomain = domain.tld
mydomain = <domain name>
●Per line 118: Uncomment
myorigin = $mydomain
●Per line 135: change
inet_interfaces = all
●Per line 183: add
Comment out around line 183 and add to line 184.
#mydestination = $myhostname, localhost.$mydomain, localhost
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
●Per line 287: add
#mynetworks = 168.100.189.0/28, 127.0.0.0/8
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
mynetworks = 192.168.11.0/24, 127.0.0.0/8 ←192.168.11.0/24 to suit your environment
●Per line 440: Uncomment
Mail storage format
#home_mailbox = Mailbox
home_mailbox = Maildir/ 
●Per line 447: add
#mail_spool_directory = /var/mail
mail_spool_directory = /var/spool/mail 
●Per line 593: add
#smtpd_banner = $myhostname ESMTP $mail_name
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_banner = $myhostname ESMTP unknown
●Add the following to the last line
#Limit send/receive mail size to 10M
message_size_limit = 10485760
# Limit mailbox size to 1G
mailbox_size_limit = 1073741824
# SMTP-Auth Settings
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous

smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, permit_sasl_authenticated, reject

Release SMTP port (port 25)

# firewall-cmd --add-service=smtp --permanent
success
# firewall-cmd --reload
success
1.5 Start Postfix
# systemctl enable --now postfix 

2.Dovecot Installation

2.1 Install
# dnf -y install dovecot
2.2 Edit dovecot.conf file
# cp -p /etc/dovecot/dovecot.conf `date '+ /etc/dovecot/dovecot.conf.%Y%m%d'`
# vi /etc/dovecot/dovecot.conf
●Per line 25: add
# protocols = imap pop3 lmtp
protocols = imap pop3
●Line 30 : Uncomment
# Remove [::] if listening for IPv4 only
listen = *, ::

2.3 Edit 10-auth.conf file

# vi /etc/dovecot/conf.d/10-auth.conf
●Line 10 : Uncomment  change
If plain text authentication is also allowed
disable_plaintext_auth = no
●Line 100 : add
auth_mechanisms = plain login
2.3 Edit 10-mail.conf file
# vi /etc/dovecot/conf.d/10-mail.conf
●Line 31 : add
mail_location = maildir:~/Maildir
2.4 Edit 10-master.conf file
# vi /etc/dovecot/conf.d/10-master.conf
●Line 107-109 : Uncommented and added
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
2.5 Edit 10-ssl.conf file
# vi /etc/dovecot/conf.d/10-ssl.conf
●Per line 8
Change "ssl = required" to "ssl = yes"
ssl = yes
2.6 Register dovecot as a service and start
# systemctl enable dovecot.service
Created symlink /etc/systemd/system/multi-user.target.wants/dovecot.service → /usr/lib/systemd/system/dovecot.service.
# systemctl is-enabled dovecot.service
Enabled
# systemctl start dovecot.service
2.7 Permission port opening for POP/IMAP service with firewalld
POP is [110/TCP], IMAP is [143/TCP].
# firewall-cmd --permanent --add-service=pop3
# firewall-cmd --permanent --add-service=imap
# firewall-cmd --reload

3.Create mail user and check operation

3.1 advance preparation
①Pretreatment for new users
When a new user is added, set up the system to automatically send and receive e-mail.

# mkdir -p /etc/skel/Maildir/{new,cur,tmp}
# chmod -R 700 /etc/skel/Maildir/
# echo "~/Maildir/"> /etc/skel/.forward
# chmod 600 /etc/skel/.forward

②Mail environment pre-processing for existing users
Configure the already created users to be able to send and receive e-mail.

# mkdir -p /home/huongMaildir/{new,cur,tmp}
# chown -R huong:huong /home/huong/Maildir/
# chmod 700 /home/huong/Maildir
# chmod 700 /home/huong/Maildir/{new,cur,tmp}

3.2 Create User Account

Mail client installation
# dnf -y install mailx

Add user "linux"
# useradd linux
# passwd  linux
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

3.3 operation check ①
Log in as an email user and send a test email.
# su - linux
$ mail linux@localhost
Subject: Test Mail
mail test
.   ← To end the text, type "."
EOT
$ mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/home/linux/Maildir": 1 message 1 new
>N 1 linux@korodes.com Wed May 11 13:05 17/506 "Test Mail"
& 1
Message 1:
From linux@korodes.com Wed May 11 13:05:10 2022
Return-Path: <linux@korodes.com>
X-Original-To: linux@localhost
Delivered-To: linux@localhost
Date: Wed, 11 May 2022 13:05:10 +0900
To: linux@localhost
Subject: test
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: linux@korodes.com
Status: Rmail test& q
Held 1 message in /home/linux/Maildir
3.4 operation check ②
Set up and confirm your account in Mozilla Thunderbird
①Start Thunderbird, "Tools", "Account Settings".
②"Account Actions," "Add Email Account."
③"Your full name" is an arbitrary name
The "Email address" is "linux@korodes.com," which I just added.
Password is user (linux) password
Click on "Configure Manually"
④Set "Incoming Server" and "Outgoing Server" as shown below and click "Re-test".
⑤The "Server Found" message appears.
After clicking "Done" the following "Warning" appears, but there is no problem, so click "Confirm.
⑥Click "Finish"
⑦Your account has been created.

Mail サーバー : Postfix + Clamav + Amavisd+SpamAssassin

1.Real-time scanning of E-mails

①Install Amavisd and Clamav Server
# dnf -y install amavisd-new clamd perl-Digest-SHA1 perl-IO-stringy
➁Configuration File Edit
# vi /etc/clamd.d/scan.conf
●Line 77:change
PidFile /var/run/clamd.scan/clamd.pid
●Line 81:Uncomment
TemporaryDirectory /var/tmp
●Line 96:change
LocalSocket /var/run/clamd.scan/clamd.sock
# touch /var/log/clamd.scan
# chown clamscan. /var/log/clamd.scan
# systemctl enable clamd@scan
➂Setup and start Amavisd

# vi /etc/amavisd/amavisd.conf
●Delete # at the beginning of the line per line 13
@bypass_spam_checks_maps = (1); # controls running of anti-spam code 
● Line 23:Change to your domain name
$mydomain = '<your domain>';
●Comment out per line 28
#$QUARANTINEDIR = undef; # -Q
●Comment out per line 125
# $virus_admin = undef; # notifications recip
●Line 158:Uncomment and change to your own host name
$myhostname = 'mail.<your domain>';

# systemctl enable amavisd 
Created symlink /etc/systemd/system/multi-user.target.wants/amavisd.service → /usr/lib/systemd/system/amavisd.service.

④Postfix Configuration

# vi /etc/postfix/main.cf
# Add to the last line 
content_filter=smtp-amavis:[127.0.0.1]:10024
# vi /etc/postfix/master.cf
# Add to the last line 
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
# systemctl restart postfix
⑤Thunderbirdで自分宛にテストメールを送付し、受信メールのヘッダー表示部分に下記のように
「X-Virus-Scanned: amavisd-new at korodes.」が表示される

2.Email spam protection

 ①SpamAssassin installed to prevent spam
# dnf -y install spamassassin spamass-milter-postfix
# systemctl start spamassassin
# systemctl enable spamassassin
Created symlink /etc/systemd/system/multi-user.target.wants/spamassassin.service → /usr/lib/systemd/system/spamassassin.service.
②SpamAssassin Settings
# vi /etc/mail/spamassassin/v310.pre
●Delete # at the beginning of the line per line 24
loadplugin Mail::SpamAssassin::Plugin::DCC
③SpamAssassin configuration file modernization script
# cd /var/www/system
# vi /var/www/system/spamassassin-update.sh

#!/bin/bash

cd /etc/mail/spamassassin
wget -q https://github.com/kittyfreak/spamassassin_user_prefs/archive/refs/heads/main.zip
[ $? -ne 0 ] && exit
unzip main.zip >/dev/null 2>&1
[ $? -ne 0 ] && exit
rm -f main.zip
mv spamassassin_user_prefs-main/user_prefs .
rm -rf spamassassin_user_prefs-main
diff user_prefs user_prefs.org > /dev/null 2>&1
if [ $? -ne 0 ]; then
cp user_prefs local.cf
echo "report_safe 0" >> local.cf
echo "rewrite_header Subject ***SPAM***" >> local.cf
# SpamAssassin restart
if [ -f /etc/rc.d/init.d/spamassassin ]; then
/etc/rc.d/init.d/spamassassin restart > /dev/null
else
systemctl restart spamassassin > /dev/null
fi
fi
cp user_prefs user_prefs.org

Grant execute permission to the spamassassin-update script and run it

# chmod 700 /var/www/system/spamassassin-update.sh
# /var/www/system/spamassassin-update.sh
Make sure that the SpamAssassin configuration file in the /etc/mail/spamassassin directory is created with the current day's date.
# ls -l /etc/mail/spamassassin
total 176
drwxr-xr-x 2 root root 40 May 15 23:02 channel.d
-rw-r--r-- 1 root root 1194 Jul 24 2021 init.pre
-rw-r--r-- 1 root root 276 Jul 24 2021 local.cf
-rw-r--r-- 1 root root 126639 May 15 23:06 main.zip
drwx------ 2 root root 6 Jul 24 2021 sa-update-keys
-rw-r--r-- 1 root root 62 Jul 24 2021 spamassassin-default.rc
-rwxr-xr-x 1 root root 39 Jul 24 2021 spamassassin-helper.sh
-rw-r--r-- 1 root root 55 Jul 24 2021 spamassassin-spamc.rc
-rw-r--r-- 1 root root 2523 May 15 23:04 v310.pre
Set up cron to automatically run a script daily that updates the SpamAssassin configuration file
#
0 2 * * * /var/www/system/spamassassin-update.sh > /dev/null 2>&1
④Integrate SpamAssassin into Postfix

# vi /etc/postfix/master.cf
●Add "#" to the beginning of line 11 and add SpamAssassin setting to line 12
# smtp inet n - n - - smtpd
smtp inet   n   -   n   -   -   smtpd
-o content_filter=spamassassin
●Add to last line
smtp-amavis unix - - n - 2 smtp
       -o smtp_data_done_timeout=1200
       -o smtp_send_xforward_command=yes
       -o disable_dns_lookups=yes

127.0.0.1:10025 inet n - n - - smtpd
       -o content_filter=
       -o local_recipient_maps=
       -o relay_recipient_maps=
       -o smtpd_restriction_classes=
       -o smtpd_client_restrictions=
       -o smtpd_helo_restrictions=
       -o smtpd_sender_restrictions=
       -o smtpd_recipient_restrictions=permit_mynetworks,reject
       -o mynetworks=127.0.0.0/8
       -o strict_rfc821_envelopes=yes
       -o smtpd_error_sleep_time=0
       -o smtpd_soft_error_limit=1001
       -o smtpd_hard_error_limit=1000

spamassassin unix - n n - - pipe
        user=nobody argv=/usr/bin/spamc -e /usr/sbin/sendmail.postfix -oi -f ${sender} ${recipient}

⑤Restart postfix

# systemctl restart postfix
⑥Thunderbirdで自分宛に空メールを送ると、ヘッダーに次のように表示される。
タイトルとURLをコピーしました