导航：首页 > 网络安全 >

postfix安装spamassassin clamav amavis

发表于：2025-01-19 作者：千家信息网编辑

千家信息网最后更新 2025年01月19日，1.postfix搭建根据这个地址自己安装。点此进入2.yum安装，此安装包可以通过RPMForge软件仓库安装。# yum install -y amavisd-new clamav clamav

千家信息网最后更新 2025年01月19日postfix安装spamassassin clamav amavis

1.postfix搭建根据这个地址自己安装。

点此进入

2.yum安装，此安装包可以通过RPMForge软件仓库安装。

# yum install -y  amavisd-new clamav clamav-devel clamd spamassassin

3.查看服务的开机自动启动状态

# chkconfig --list | grep "amavisd\|clamd\|spamassassin"amavisd         0:off   1:off   2:on    3:on    4:on    5:on    6:off clamd           0:off   1:off   2:on    3:on    4:on    5:on    6:off spamassassin    0:off   1:off   2:off   3:off   4:off   5:off   6:off

spamassassin这个服务没有启动，因为awavis-new直接将spamassassin作为一个模块使用。

4.修改spamassassin配置

# vi /etc/mail/spamassassin/local.cfrequired_hits 5report_safe 0rewrite_header Subject [SPAM]use_bayes 1bayes_auto_learn 1skip_rbl_checks 0use_razor2 1use_pyzor 0

5.修改clamav配置

# vim /etc/clamd.conf#利用本地通信LocalSocket /var/run/clamav/clamd.sock#注释掉TCP通信端口#TCPSocket 3310

6.修改amavis配置

# vim /etc/amavisd.conf(1).通过去除以下数行的注释来停止检查病毒域垃圾邮件（由于下面数行默认是被注释掉的，因此病毒及垃圾邮件在预设中默认是被启动的）@bypass_virus_checks_maps = (1);  # controls running of anti-virus code@bypass_spam_checks_maps  = (1);  # controls running of anti-spam code$bypass_decode_parts = 1;         # controls running of decoders&dearchivers(2).接着可以看到下面几行$max_servers = 2;            # num of pre-forked children (2..30 is common), -m$daemon_user  = "amavis";     # (no default;  customary: vscan or amavis), -u $daemon_group = "amavis";     # (no default;  customary: vscan or amavis), -g $inet_socket_port = 10024;   # listen on this local TCP port(s)# $notify_method  = 'smtp:[127.0.0.1]:10025';# $forward_method = 'smtp:[127.0.0.1]:10025';  # set to undef with milter!$max_servers 设定同步执行的Amavisd-new进程数量，而且必须与/etc/postfix/master.cf内的amavisfeed服务的maxproc中相符合$daemon_user及$daemon_group应该用来匹配Amavisd-new的用户及群组$inet_socket_port   定义Amavisd-new将会在哪一个tcp端口接纳来自Postfix的连接$notify_method及$forward_method定义Amavisd-new把邮件重新注入Postfix的途径(3).以下是必须修改项$mydomain = 'meihua.info';  #我这里是free.com域            $MYHOME = '/var/amavis';                 $helpers_home = "$MYHOME/var";           $lock_file = "$MYHOME/var/amavisd.lock"; $pid_file  = "$MYHOME/var/amavisd.pid"; $myhostname = 'mail.meihua.info'; #我这里是mail.meihua.info主机(4).下面是SpamAssassin设定来替换预设的SpamAssassin设置$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level$sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level $sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail) $sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent $sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From # $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off $penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database) $penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on hi spam $bounce_killer_score = 100;  # spam score points to add for joe-jobbed bounces$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger$sa_local_tests_only = 0;    # only tests which do not require internet access?说明，默认不需要修改但你得知道它们和意义，可以方便的帮助我们设置垃圾邮件'$sa_tag_level_deflt  指定Amavisd-new由哪一个级别开始写入X-Spam-Flag、X-Spam-Score、X-Spam-Status等垃圾邮件资讯标头，假如你想为所有邮件加入资讯标头，请把此值设为 -999  $sa_tag2_level_deflt  指定由哪一个级别开始在垃圾邮件的标头上标签它们   $sa_kill_level_deflt  指定Amavisd-new由哪一个级别开始拦截和扣留邮件。这个用途很大，因为SpamAssassin在预设情况下不会这样做   $sa_dsn_cutoff_level  指定由哪一个级别开始寄件失败通告不会被发送给寄件人。由于多数垃圾邮件寄件者的地址都是伪造的，不为明显的垃圾邮件发送寄件失败通告是最合理的，要不然你只会加剧反向散寄的问题   $sa_quarantine_cutoff_level  指定哪一个级别开始不必扣留垃圾邮件。这个选项预设是被注释掉的，意思是所有邮件都会被扣留(5).下面是发送通告的邮件地址（默认是管理员邮箱，接收垃圾邮件通告的邮箱）$virus_admin               = "postmaster\@$mydomain";  # notifications recip.$mailfrom_notify_admin     = "postmaster\@$mydomain";  # notifications sender $mailfrom_notify_recip     = "postmaster\@$mydomain";  # notifications sender $mailfrom_notify_spamadmin = "postmaster\@$mydomain"; # notifications sender(6).设置ClamAV的部分# ### http://www.clamav.net/ ['ClamAV-clamd',    \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],    qr/\bOK$/m, qr/\bFOUND$/m,   qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],说明，/var/run/clamav/clamd.sock这个设定必须与我们先前在/etc/clamd.conf内输入的LocalSocket /var/run/clamav/clamd.sock设定相一致。

7.修改postfix master.cf配置

# vim /etc/postfix/master.cf# ==========================================================================# # service type  private unpriv  chroot  wakeup  maxproc command + args # #               (yes)   (yes)   (yes)   (never) (100) # # ========================================================================== # # amavisfeed unix    -       -       n       -       2     smtp             -o smtp_data_done_timeout=1200             -o smtp_send_xforward_command=yes             -o smtp_tls_note_starttls_offer=no             -o disable_dns_lookups=yes             -o max_use=20说明，请注意在maxproc栏内的数值 2 必须要与/etc/amavisd.conf内的$max_servers设定一致。有关各选项的详细解释请参阅Amavisd-new的文档（vim /usr/share/doc/amavisd-new-2.8.0/README.postfix）。然后我们定义一个专用的服务把邮件重新注入Postfix。我们为此在/etc/postfix/master.cf内加入一个在localhost(127.0.0.1)的tcp 10025端口（/etc/amavisd.conf的预设值）上监听的smtp服务：# ==========================================================================# # service type  private unpriv  chroot  wakeup  maxproc command + args# #               (yes)   (yes)   (yes)   (never) (100)# # ==========================================================================127.0.0.1:10025 inet n    -       n       -       -     smtpd            -o content_filter=            -o smtpd_delay_reject=no            -o smtpd_client_restrictions=permit_mynetworks,reject            -o smtpd_helo_restrictions=            -o smtpd_sender_restrictions=            -o smtpd_recipient_restrictions=permit_mynetworks,reject            -o smtpd_data_restrictions=reject_unauth_pipelining            -o smtpd_end_of_data_restrictions=            -o smtpd_restriction_classes=            -o mynetworks=127.0.0.0/8            -o smtpd_error_sleep_time=0            -o smtpd_soft_error_limit=1001            -o smtpd_hard_error_limit=1000            -o smtpd_client_connection_count_limit=0            -o smtpd_client_connection_rate_limit=0            -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings            -o local_header_rewrite_clients=            -o smtpd_milters=            -o local_recipient_maps=

8.修改postfix main.cf配置

# vim /etc/postfix/main.cf#filter mailcontent_filter = amavisfeed:[127.0.0.1]:10024

9.重启postfix，clamd，amavis服务

# service postfix restartShutting down postfix:                                     [  OK  ] Starting postfix:                                          [  OK  ]# service clamd startStarting Clam AntiVirus Daemon: LibClamAV Warning: ************************************************** LibClamAV Warning: ***  The virus database is older than 7 days!  *** LibClamAV Warning: ***   Please update it as soon as possible.    *** LibClamAV Warning: **************************************************                                                           [  OK  ]# service amavisd startStarting Mail Virus Scanner (amavisd):                     [  OK  ]

很赞哦！