Click here for "Safe Air Conditioner Repair and Proper Freon Recovery".(Japanese Version)

Ubuntu Server 20.04 Anti-virus & mail server

1. Introduction of Clamav anti-virus software

1.1 Install

Clamav-related configuration files are installed in the /etc/clamav/ folder

1.2 Update your virus definitions

The above command will update the virus definitions, but if you get the following error, change the log settings and run it again
ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log)

⚫The default settings are prone to log-related errors during freshclam (virus definition update).
Therefore, once you have deleted the log file and changed the logrotate settings

⚫Change configuration file

1.3 Check for automatic virus definition updates

Installing the clamav package will automatically update your virus definitions.
Check if the service is registered

When you run the above command, you will get the following message.

Active: active (running), automatic updates are active

Logging will be done in /var/log/clamav/freshclam.log file

1.3 Check your virus check

①Run a manual virus check

Infected files: 0, so there is no virus

②Virus detection by downloading a test virus
Download a harmless virus and test it for detection
Check by logging in as a general user

It will notify you of the virus with the message "FOUND" and the message "Infected files: 1".
Also, the "--remove" option has been added, so the test virus has been removed

1.4 Create a script file for a full scan

①Contents of clam-full.sh (new)

②Grant execution permissions

③Create a virus quarantine folder

(If it already exists, it's OK, but if it doesn't, you'll get a runtime error because you've specified it as an excluded directory in the script above)

④Try it out and run it

⑤Regularly run virus scans with cron

2. Mail server installation

2.1 Postfix : Installation/Configuration

Install Postfix and build an SMTP server.      SMTP uses 25/TCP.
To prevent mail from being relayed illegally, use the SASL function of Dovecot described below, and configure Postfix to require authentication for sending mail.

①Install

Installation status screen
You will be asked to select a general configuration setting, select 'No Configuration' to set it manually later.

②Edit configuration file

Editorial content

②The content of the setting reflects

2.2 Dovecot : Installation/Configuration

Install Dovecot and set up a POP/IMAP server.  110/TCP for POP, 143/TCP for IMAP
①Configure Dovecot so that Postfix can provide SASL functionality

②Settings reflect

2.3 Email user account registration

Register a user account for your email.
If you want to use a user account on the operating system for email as well, here are the settings
If you want to use email with a user account on your operating system, no additional configuration is required, just register the OS user.

①Mail client installation

②Mailboxes are configured to refer to Maildir

③Test sending an email
Send a test email to yourself [mail (user name)@(host name)]

Ctrl + D to exit the main text

④Check incoming mail

2.4 ClamAV applied to mail server Postfix

Configure Postfix and Clamav to scan incoming and outgoing emails in real time

①Install Amavisd and Clamav Daemon
Start Clamav Daemon

If you get an error when installing "amavisd-new"

Edit "/etc/amavis/conf.d/05-node_id" and install again
Change the code as follows

# vi /etc/amavis/conf.d/05-node_id

# This file was automatically installed on 2019-12-07T03:53:33.896891
use strict;
# $myhostname is used by amavisd-new for node identification, and it is
# important to get it right (e.g. for ESMTP EHLO, loop detection, and so on).
# chomp($myhostname = `hostname --fqdn`);
# To manually set $myhostname, edit the following line with the correct Fully
# Qualified Domain Name (FQDN) and remove the # at the beginning of the line.
#
#$myhostname = "sample-domain-was-here";
1; # ensure a defined return

Change "sample-domain-was-here" in blue above to "mail.<yourdomain>" in red below

# This file was automatically installed on 2019-12-07T03:53:33.896891
use strict;
# $myhostname is used by amavisd-new for node identification, and it is
# important to get it right (e.g. for ESMTP EHLO, loop detection, and so on).
# chomp($myhostname = `hostname --fqdn`);
# To manually set $myhostname, edit the following line with the correct Fully
# Qualified Domain Name (FQDN) and remove the # at the beginning of the line.
#
$myhostname = "mail.<yourdomain>";
1; # ensure a defined return

②Edit "15-content_filter_mode".

③Register your own domain name

④Edit "Main.cf".

⑤Edit "master.cf"

Editorial content

⑥Settings reflect

2.5 Apply spamassassin to mail server Postfix

①Install spamassassin

②Configuring SpamAssassin

The configuration file is "/etc/mail/spamassassin/local.cf".

  • Use the default settings without any additional configuration
  • Create a Maildir for storing spam mails
  • Create a directory for storing spam mails in Maildir format
  • Create a directory ".Spam" in Maildir format for storing spam mails.
  • Creation is done by the target user

2.6 Prep for Procmail

①Installing Procmail

If it is installed, the following results will be returned

②Procmail configuration

If you put it in "/etc/procmailrc", which controls the whole mail filter, it will be applied to all users.
If you put this in the mail filter file for each user, "/home/username/.procmailrc", the filter will be applied only to that user.
In this case, to apply it to all users, it is written in "/etc/procmailrc".

procmailrc contents (new)

2.7 Postfix Configuration

① Edit main.cf

②Reflection and activation of settings

2.8 Learning about spam emails

Makes all the contents of the ".Spam" directory of all users be learned as spam mail
①Learning about spam emails

②Learning about normal email

③Create a learning script and subscribe to Cron

Name the file "spam-learns.sh" and put it under /opt/script/.
After saving the script, give it executable access as "chmod 750 spam-learns.sh".

spam-learns.sh Contents

When spam-learns.sh is created, create the definition file directly under /lib/systemd/system.

The name should end in .service, such as spam-learns.service.
Type is defined by simple

Contents of spam-learns.service

Subscribe to Cron and run periodically
Copied title and URL