Chia Sẽ Kinh Nghiệm Về IT



Tìm Kiếm Với Google
-


Gởi Ðề Tài Mới  Gửi trả lời
 
Công Cụ Xếp Bài
Tuổi 13-10-2009, 02:00 PM   #1
hoctinhoc
Guest
 
Trả Lời: n/a
Install antivirus and antispam with Clam AntiVirus.

Install antivirus and antispam with Clam AntiVirus.


1. Install antivirus. It's Clam AntiVirus.

[root@mail ~]# yum --enablerepo=dag -y install clamav // install from DAG

Loading "installonlyn" plugin
Loading "fastestmirror" plugin
Setting up Install Process
Setting up repositories
dag 100% |=========================| 1.1 kB 00:00

base 100% |=========================| 1.1 kB 00:00

updates 100% |=========================|951 B 00:00


addons 100% |=========================|951 B 00:00


extras 100% |=========================| 1.1 kB 00:00

Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
primary.xml.gz 100% |=========================| 952 kB 00:00

dag: ######################################### 3118/3118

Added 3118 new packages, deleted 0 old in 12.60 seconds
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav to pack into transaction set.
clamav-0.90.2-1.el5.rf.i3 100% |====================| 9.4 kB 00:00

---> Package Package clamav.i386 0:0.90.2-1.el5.rf set to be updated
--> Processing Dependency: clamav-db = 0.90.2-1.el5.rf for package: clamav
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav-db to pack into transaction set.
clamav-db-0.90.2-1.el5.rf 100% |====================| 3.7 kB 00:00

---> Package clamav-db.i386 0:0.90.2-1.el5.rf set to be updated
--> Running transaction check

Dependencies Resolved

================================================== =========
Package Arch
Version
Repository
Size

================================================== =========
Installing:
clamav i386
0.90.2-1.el5.rf
dag
1.0 M

Installing for dependencies:
clamav-db i386
0.90.2-1.el5.rf
dag
9.1 M


Transaction Summary
================================================== =========
Install 2 Package(s)

Update 0 Package(s)

Remove 0 Package(s)


Total download size: 10 M
Downloading Packages:
(1/2): clamav-0.90.2-1.el 100% |====================| 1.0 MB 00:00

(2/2): clamav-db-0.90.2-1 100% |====================| 9.1 MB 00:00

Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: clamav-db#################################### [1/2]

Installing: clamav#################################### [2/2]

Installed: clamav.i386 0:0.90.2-1.el5.rf
Dependency clamav-db.i386 0:0.90.2-1.el5.rf
Complete!


Trích dẫn:

[root@mail ~]# vi /etc/freshclam.conf

#NotifyClamd /etc/clamd.conf // line 96: make it comment



[root@mail ~]# freshclam // update policy file


ClamAV update process started at Mon Apr 23 00:52:58 2007
main.cvd is up to date (version: 43, sigs: 104500, f-level: 14, builder: sven)
Downloading daily-3147.cdiff [100%]
Downloading daily-3147.cdiff [100%]
daily.cvd updated (version: 3147, sigs: 6671, f-level: 15, builder: sven)
Database updated (111171 signatures) from db.jp.clamav.net (IP: 61.205.61.201)
[root@mail ~]# clamscan --infected --remove --recursive /home


----------- SCAN SUMMARY -----------
Known viruses: 111194
Engine version: 0.90.2
Scanned directories: 23
Scanned files: 33
Infected files: 0
Data scanned: 0.16 MB
Time: 2.721 sec (0 m 2 s)
[root@mail ~]# wget http://www.eicar.org/download/eicar.com // trial virus

Resolving www.eicar.org... 88.198.38.136
Connecting to www.eicar.org|88.198.38.136|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 68 [application/x-msdos-program]
Saving to: `eicar.com'

100%[=======================================>] 68 --.-K/s in 0s

19:26:23 (5.90 MB/s) - `eicar.com' saved [68/68]

[root@mail ~]# clamscan --infected --remove --recursive .

./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed// delete trial virus



----------- SCAN SUMMARY -----------
Known viruses: 111194
Engine version: 0.90.2
Scanned directories: 5
Scanned files: 12
Infected files: 1// just detected


Data scanned: 0.02 MB
Time: 2.599 sec (0 m 2 s)

2. Configure SMTP Server in order to scan email to protect from virus or spam.

Trích dẫn:

[root@mail ~]# yum --enablerepo=dag -y install clamd amavisd-new


---------- many packages are installed ----------


[root@mail ~]# vi /etc/clamd.conf


LocalSocket /var/run/clamav/clamd.sock // line 72: change



#TCPSocket 3310 // line 80: make it comment



AllowSupplementaryGroups yes // line 149: change



[root@mail ~]# vi /etc/amavisd.conf


$mydomain = 'server-linux.info'; // line 20: specify domain name



#$virus_admin = "virusalert\@$mydomain"; // line 80: not notify if virus detected


$myhostname = 'mail.server-linux.info'; // line 113: make valid and specify FQDN


$notify_method = 'smtp:[127.0.0.1]:10025'; // line 115,116: make valid

$forward_method = 'smtp:[127.0.0.1]:10025';

$final_virus_destiny= D_DISCARD; // line 118: make these 4 lines valid

$final_banned_destiny= D_BOUNCE;

$final_spam_destiny= D_BOUNCE;

$final_bad_header_destiny = D_PASS;

['ClamAV-clamd', // line 321: make these 4 lines valid


\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock "], // add

qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

[root@mail ~]# vi /etc/postfix/main.cf


content_filter=smtp-amavis:[127.0.0.1]:10024 // add at the bottom


[root@mail ~]# vi /etc/postfix/master.cf


// add these lines at the bottom

smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000



[root@mail ~]# /etc/rc.d/init.d/clamd start

Stopping Clam AntiVirus Daemon: [ OK ]

Starting Clam AntiVirus Daemon: Running as user clamav (UID 100, GID 101) [ OK ]

[root@mail ~]# /etc/rc.d/init.d/amavisd start


Starting Mail Virus Scanner (amavisd): [ OK ]


[root@mail ~]# /etc/rc.d/init.d/spamassassin start


Starting spamd: [ OK ]

[root@mail ~]# /etc/rc.d/init.d/postfix restart

Shutting down postfix: [ OK ]

Starting postfix: [ OK ]

[root@mail ~]# chkconfig amavisd on

[root@mail ~]# chkconfig spamassassin on

[root@mail ~]# chkconfig clamd on
Following lines are added in header section of email after this configuration.





  Trả lời ngay kèm theo trích dẫn này
Gửi trả lời


Công Cụ
Xếp Bài

Quyền Hạn Của Bạn
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is Mở
Hình Cảm xúc đang Mở
[IMG] đang Mở
Mã HTML đang Tắt




Bây giờ là 11:05 PM. Giờ GMT +7



Diễn đàn tin học QuantriNet
quantrinet.com | quantrimang.co.cc
Founded by Trương Văn Phương | Developed by QuantriNet's members.
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.