[Debian]Debian lennyで１からサーバーを作ってみる – Postfix+Clam AntiVirus+SpamAssassinでウィルス＆スパムチェック

Postfix+Clam AntiVirus+SpamAssassinでウィルス＆スパムチェック

• amavisとspamassassinをインストール

  # aptitude install amavisd-new spamassassin
  

• spamassassinをデーモンとして動かす。

  # vi /etc/default/spamassassin
  

  ENABLED=0
  ↓
  ENABLED=1
  

• postfix設定

  # vi /etc/postfix/main.cf
  

  # amavis setting
  content_filter = smtp-amavis:[127.0.0.1]:10024 ← 追加
  

  # vi /etc/postfix/master.cf
  

  # 以下をファイル最下部へ追加↓↓
  #
  # amavisd-new + clamav.
  #
  smtp-amavis unix -      -       n       -       2       smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20
  127.0.0.1:10025 inet n  -       n       -       -       smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
  

• amavis設定

  # vi /etc/amavis/conf.d/15-content_filter_mode
  

  #@bypass_virus_checks_maps = (
  #   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
  ↓
  @bypass_virus_checks_maps = (
     \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
  
  #@bypass_spam_checks_maps = (
  #   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
  ↓
  @bypass_spam_checks_maps = (
     \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
  

  # vi /etc/amavis/conf.d/20-debian_defaults
  

  $sa_spam_subject_tag1 = '***possible SPAM*** '; ← 追加
  
  $sa_tag_level_deflt  = 2.0;
  ↓
  $sa_tag_level_deflt  = 4.0;
  
  $sa_tag2_level_deflt = 6.31;
  ↓
  $sa_tag2_level_deflt = 20.0;
  
  $sa_kill_level_deflt = 6.31;
  ↓
  $sa_kill_level_deflt = 20.0;
  
  $sa_dsn_cutoff_level = 10;
  ↓
  $sa_dsn_cutoff_level = 30.0;
  
  $sa_local_tests_only = 0;
  ↓
  #$sa_local_tests_only = 0;
  

  # vi /etc/amavis/conf.d/50-user
  

  use strict;
  
  #
  # Place your configuration directives here.  They will override those in
  # earlier files.
  #
  # See /usr/share/doc/amavisd-new/ for documentation and examples of
  # the directives you can use in this file
  #
  
  $log_level = 2;
  
  $X_HEADER_TAG = 'X-Virus-Scanned';
  
  $remove_existing_x_scanned_headers = 0;
  $remove_existing_spam_headers  = 1;
  
  $replace_existing_extension = 1;
  
  $sa_local_tests_only = 1;   # (default: false)
  $sa_auto_whitelist = 1;     # turn on AWL (default: false)
  $sa_debug = 1;
  
  $max_servers  =  4;     # number of pre-forked children          (default 2)
  $max_requests = 16;     # retire a child after that many accepts (default 10)
  
  #------------ Do not modify anything below this line -------------
  1;  # ensure a defined return
  

• spamassassin設定

  # mkdir /var/lib/amavis/.spamassassin
  # cd /var/lib/amavis/.spamassassin
  # wget -O user_prefs_tlec http://tlec.linux.or.jp/docs/user_prefs
  

  /var/lib/amavis/.spamassassin/user_prefsを作成。

  # vi /var/lib/amavis/.spamassassin/user_prefs
  

  include user_prefs_tlec
  
  required_score 15.0
  use_auto_whitelist 0
  score GB2312_CHARSET 1.0
  score BIG5_CHARSET 1.0
  score WINDOWS_CHARSET 1.0
  score GB2312ENC 0
  score MIMEQENC 0
  score QENCPTR1 0
  score QENCPTR2 0
  score X_MAILER 1.0
  

• # cd /var/lib/amavis
  # chown -R amavis.amavis .spamassassin
  # /etc/init.d/amavis restart
  # /etc/init.d/spamassassin restart
  # /etc/init.d/postfix restart
  # vi /etc/group
  

  clamav:x:108:amavis
  amavis:x:114:clamav
  

  ※ ↓のエラーが/var/log/mail.logに出てたので↑の/etc/groupを弄る。(108や114っていうIDは触らないよ。)

  Aug  7 18:05:37 debian amavis[10436]: (10436-01) (!!)run_av (ClamAV-clamd) FAILED - unexpected , output="/var/lib/amavis/tmp/amavis-20090807T180537-10436/parts: lstat() failed: Permission denied. ERROR\n"
  Aug  7 18:05:37 debian amavis[10436]: (10436-01) (!!)ClamAV-clamd av-scanner FAILED: CODE(0xa252768) unexpected , output="/var/lib/amavis/tmp/amavis-20090807T180537-10436/parts: lstat() failed: Permission denied. ERROR\n" at (eval 86) line 527.
  Aug  7 18:05:37 debian amavis[10436]: (10436-01) (!!)WARN: all primary virus scanners failed, considering backups
  

  # /etc/init.d/clamav-daemon restart