Nhiệt tình            Chất lượng                Hiệu quả

  Mrs. Oanh 024.766.8999   0932.38.21.28   Email:


Cài đặt antivirus cho mail server Postfix + ClamAV+ Amavisd


Configure Virus-Scanning with Postfix + Clamav.
Install Clamav.
[2] Install Amavisd and Clamav Server, and start Clamav Server first.
# install from EPEL

[root@mail ~]#
yum --enablerepo=epel -y install amavisd-new clamav-server clamav-server-systemd
[root@mail ~]#
cp /usr/share/doc/clamav-server*/clamd.sysconfig /etc/sysconfig/clamd.amavisd

[root@mail ~]#
vi /etc/sysconfig/clamd.amavisd
# line 1, 2: uncomment and change


[root@mail ~]#
vi /etc/tmpfiles.d/clamd.amavisd.conf
# create new

d /var/run/clamd.amavisd 0755 amavis amavis -
[root@mail ~]#
vi /usr/lib/systemd/system/clamd@.service
# add follows to the end

[root@mail ~]#
systemctl start clamd@amavisd

[root@mail ~]#
systemctl enable clamd@amavisd

ln -s '/usr/lib/systemd/system/clamd@.service' '/etc/systemd/system/multi-user.target.wants/This email address is being protected from spambots. You need JavaScript enabled to view it.'
[3] Configure Amavisd.
[root@mail ~]#
vi /etc/amavisd/amavisd.conf
# line 20: change to the own domain name

$mydomain = '
# line 152: change to the own hostname

$myhostname = '
# line 154: uncomment

$notify_method = 'smtp:[]:10025';
$forward_method = 'smtp:[]:10025';
[root@mail ~]#
systemctl start amavisd

[root@mail ~]#
systemctl enable amavisd

[root@mail ~]#
systemctl start spamassassin

[root@mail ~]#
systemctl enable spamassassin
[4] Configure Postfix.
[root@mail ~]#
vi /etc/postfix/main.cf
# add follows to the end

[root@mail ~]#
vi /etc/postfix/master.cf
# add follows to the end

smtp-amavis unix -    -    n    -    2 smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes inet n    -    n    -    - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000

[root@mail ~]#
systemctl restart postfix
[5] It' OK all.
These lines below are added in the header section of emails after this configuration and emails with known Virus will not sent to Clients.

Cài đặt antivirus cho Linux

[1]. Cài ClamAV

#Download và cài clamAV

yum install clamav clamav-update

# Đánh dấu comment dòng Example:

sed -i -e "s/^Example/#Example/" /etc/freshclam.conf


#Cập nhật antivius


Kết quả tương tự như sau:

ClamAV update process started at Fri Aug 29 22:03:30 2014main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)daily.cvd is up to date (version: 19314, sigs: 1094505, f-level: 63, builder: neo)

bytecode.cvd is up to date (version: 242, sigs: 46, f-level: 63, builder: dgoddard)

2. Thử nghiệm:

Ở trên đã xong cài đặt ClamAV. Để kiểm tra clamAV đã làm việc tốt chưa, thử quét 1 folder /home bằng lệnh:

clamscan --infected --remove --recursive /home

Kết quả:

----------- SCAN SUMMARY -----------
Known viruses: 3575245
Engine version: 0.98.4
Scanned directories: 2
Scanned files: 3
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)

Time: 10.369 sec (0 m 10 s)

Để kiểm tra khả năng phát hiện virus, download thử 1 virus và quét thử

curl -O http://www.eicar.org/download/eicar.com

clamscan --infected --remove --recursive .

Kết quả:

./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed.

# just detected

----------- SCAN SUMMARY -----------Known viruses: 3575245Engine version: 0.98.4Scanned directories: 3Scanned files: 10Infected files: 1Data scanned: 0.00 MBData read: 256.57 MB (ratio 0.00:1)

Time: 10.307 sec (0 m 10 s)