@@ -10,13 +10,19 @@ |
|
For RedHat / CentOS, you might need to get the RPM's from [http://dag.wieers.com/rpm/FAQ.php#B|DAG]
|
|
+For Suse/SLES, you should [ftp://ftp.suse.com/pub/projects/clamav/|get the latest clamd] to prevent an odd 5+ minute startup hang. Also, you should [http://www.ijs.si/software/amavisd/#download|upgrade amavis] to 2.4 or later to prevent errors as listed in troubleshooting. |
+ |
+ |
!2. Anti-Virus Configuration
|
Tweak __/etc/amavisd.conf__ with your host information, and uncomment the clamd scanner
|
-{code source="txt"}['ClamAV-clamd',
|
+{code source="txt"}# For very high volume servers, disable db support |
+$enable_db = 0; |
+***snip*** |
+['ClamAV-clamd', |
\&ask_daemon, ["CONTSCAN {}\n", "127.0.0.1:3310"],
|
qr/\bOK$/, qr/\bFOUND$/,
|
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],{/code}
|
-You might need to change the socket listed with "127.0.0.1:3310" as listed above. SpamAssassin settings are made in this file. Also, make sure __$inet_socket_port = 10024;__ See [http://www200.pair.com/mecham/spam/amavisd-settings.html|detailed explanation of amavisd.conf] for more information.
|
+You might need to change the socket listed with "127.0.0.1:3310" as listed above. SpamAssassin settings are made in this file. Also, make sure __$inet_socket_port = 10024;__ See [http://www200.pair.com/mecham/spam/amavisd-settings.html|detailed explanation of amavisd.conf] for more information. db support has [http://www.mail-archive.com/amavis-user@lists.sourceforge.net/msg09069.html|limited impact on features and performance]. |
|
{code souce="bash"}/etc/init.d/clamd start
|
service amavisd start
|
|
|
@@ -80,6 +86,7 @@ |
"{code}
|
#Get the [http://tqmcube.com/files/dnsbl_lists.tar.bz2|latest RBLDNS databases] and move database files to /var/lib/rbldnsd
|
# Gentlepeople, start your daemons: "service restart named; service restart rbldnsd;" Test with telnet localhost 53; and telnet locahost 530;
|
+# Edit your __/etc/resolv.conf__ to include 127.0.0.1 so lookups are performed on the local server first. |
# Preform a test lookup:{code source="text"}
|
$dig @localhost 223.61.83.162.clients.blocked.rbl -t txt
|
;; ANSWER SECTION:
|
|
|
@@ -124,6 +131,11 @@ |
|
# specify what address/port DKIMproxy forwards mail to
|
relay 127.0.0.1:10029
|
+ |
+ |
+ |
+ |
+ |
|
# specify what domains DKIMproxy can sign for (comma-separated, no spaces)
|
domain yourdomain.com
|
|
|
@@ -199,7 +211,17 @@ |
!!!SPF Outbound support
|
The quickest way to get the DNS entries up and running is to [http://www.openspf.org/FAQ/Manage_my_own|follow the wizard].
|
|
-!6. Spamassassin Advanced Tools
|
+!Spam Detection |
+There are two top spam tools - DSPAM and spamassassin. |
+ |
+!6. Spamassassin Configuration |
+#The spamassassin site has a review on [http://wiki.apache.org/spamassassin/IntegratedInPostfixWithAmavis|integrating amavis and spamassassin], which is mostly ready to go by default.symlinking the bayes databases ( __ln -s /var/spool/amavis/.spamassassin /root__ ) is a good idea so you can use sa-learn by hand to stock you bayes database. Review [http://www.ijs.si/software/amavisd/#faq-spam|amavis + spamassassin FAQ] to tweak your configuration parameters. |
+#Configure __sa-update__ - add [http://saupdates.openprotect.com/|OpenProtect Rules] to update daily.{code source="bash"}$ wget http://saupdates.openprotect.com/pub.gpg |
+$ sa-update --nogpg --import pub.gpg |
+$ crontab -e |
+... add ... |
+1 5 0 0 0 sa-update --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org |
+{/code} |
!![http://razor.sourceforge.net/|Razor]
|
#Get the [http://razor.sourceforge.net/|latest SDK source] and install {code source="bash"}wget http://unc.dl.sourceforge.net/sourceforge/razor/razor-agents-sdk-2.07.tar.gz
|
tar xvzf razor-agents-sdk-2.07.tar.gz
|
|
|
@@ -212,6 +234,7 @@ |
razor-admin -create
|
razor-admin -discover
|
razor-admin -register{/code}
|
+# Disable razor logging, else you will quickly fill up /var/. Edit __/var/spool/amavisd/.razor/razor-agent.conf__ and add: debuglevel = 0 |
|
!Troubleshooting
|
*Be sure to watch your logs, such as: tail -f /var/log/maillog
|
|
|
@@ -233,8 +256,10 @@ |
tcp 0 0 *:ssh *:* LISTEN 2064/sshd
|
tcp 0 0 *:smtp *:* LISTEN 19755/master
|
*snip*{/code}
|
+* Error like : {code source="text"}child process [20099]: Error closing main::stdin: Bad file descriptor at /usr/sbin/amavisd line 1872, <GEN8> line 74.\n{/code} Net: :Server 0.91 (or later) introduced a change which makes it incompatible with amavisd-new-2.3.3 (or earlier). Either [http://www.ijs.si/software/amavisd/#download|upgrade amavis] or downgrade your perl Net: :Server |
|
!References and Other tutorails
|
+[http://www.akadia.com/services/postfix_amavisd.html] Similar setup to postmax with mysql and quarantining web app. |
[http://wiki.apache.org/spamassassin/SingleUserUnixInstall]
|
[http://devnull.com/kyler/dspam.20040512.html]
|
[http://howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-mandriva2008.1-p3] |
|
|