Nhiệt tình            Chất lượng                Hiệu quả

  Mrs. Oanh 024.766.8999   0932.38.21.28   Email: inmaugtvt@gmail.com


 

Cài đặt antivirus cho mail server Postfix + ClamAV+ Amavisd

http://www.server-world.info/en/note?os=CentOS_7&p=mail&f=6

 
Configure Virus-Scanning with Postfix + Clamav.
[1]
Install Clamav.
[2] Install Amavisd and Clamav Server, and start Clamav Server first.
# install from EPEL

[root@mail ~]#
yum --enablerepo=epel -y install amavisd-new clamav-server clamav-server-systemd
[root@mail ~]#
cp /usr/share/doc/clamav-server*/clamd.sysconfig /etc/sysconfig/clamd.amavisd

[root@mail ~]#
vi /etc/sysconfig/clamd.amavisd
# line 1, 2: uncomment and change

CLAMD_CONFIGFILE=/etc/clamd.d/
amavisd.conf

CLAMD_SOCKET=/var/run/
clamd.amavisd
/clamd.sock
[root@mail ~]#
vi /etc/tmpfiles.d/clamd.amavisd.conf
# create new

d /var/run/clamd.amavisd 0755 amavis amavis -
[root@mail ~]#
vi /usr/lib/systemd/system/clamd@.service
# add follows to the end

[Install]
WantedBy=multi-user.target
[root@mail ~]#
systemctl start clamd@amavisd

[root@mail ~]#
systemctl enable clamd@amavisd

ln -s '/usr/lib/systemd/system/clamd@.service' '/etc/systemd/system/multi-user.target.wants/This email address is being protected from spambots. You need JavaScript enabled to view it.'
[3] Configure Amavisd.
[root@mail ~]#
vi /etc/amavisd/amavisd.conf
# line 20: change to the own domain name

$mydomain = '
srv.world
';
# line 152: change to the own hostname

$myhostname = '
mail.srv.world
';
# line 154: uncomment

$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
[root@mail ~]#
systemctl start amavisd

[root@mail ~]#
systemctl enable amavisd

[root@mail ~]#
systemctl start spamassassin

[root@mail ~]#
systemctl enable spamassassin
[4] Configure Postfix.
[root@mail ~]#
vi /etc/postfix/main.cf
# add follows to the end

content_filter=smtp-amavis:[127.0.0.1]:10024
[root@mail ~]#
vi /etc/postfix/master.cf
# add follows to the end

smtp-amavis unix -    -    n    -    2 smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
127.0.0.1:10025 inet n    -    n    -    - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000

[root@mail ~]#
systemctl restart postfix
[5] It' OK all.
These lines below are added in the header section of emails after this configuration and emails with known Virus will not sent to Clients.

Cài đặt antivirus cho Linux

[1]. Cài ClamAV

#Download và cài clamAV

yum install clamav clamav-update
 

# Đánh dấu comment dòng Example:

sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

 

#Cập nhật antivius

freshclam

Kết quả tương tự như sau:

ClamAV update process started at Fri Aug 29 22:03:30 2014main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)daily.cvd is up to date (version: 19314, sigs: 1094505, f-level: 63, builder: neo)

bytecode.cvd is up to date (version: 242, sigs: 46, f-level: 63, builder: dgoddard)

2. Thử nghiệm:

Ở trên đã xong cài đặt ClamAV. Để kiểm tra clamAV đã làm việc tốt chưa, thử quét 1 folder /home bằng lệnh:

clamscan --infected --remove --recursive /home

Kết quả:

----------- SCAN SUMMARY -----------
Known viruses: 3575245
Engine version: 0.98.4
Scanned directories: 2
Scanned files: 3
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)

Time: 10.369 sec (0 m 10 s)

Để kiểm tra khả năng phát hiện virus, download thử 1 virus và quét thử

curl -O http://www.eicar.org/download/eicar.com

clamscan --infected --remove --recursive .

Kết quả:

./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed.

# just detected

----------- SCAN SUMMARY -----------Known viruses: 3575245Engine version: 0.98.4Scanned directories: 3Scanned files: 10Infected files: 1Data scanned: 0.00 MBData read: 256.57 MB (ratio 0.00:1)

Time: 10.307 sec (0 m 10 s)

 
TPL_A4JOOMLA-COUNTRYSIDE-FREE_FOOTER_LINK_TEXT