|
スパムメール撃退
|
|
|
あまりにも、不要なメールが沢山送られてくるので 対応する。
|
|
|
|
|
[root]# portinstall mail/p5-Mail-SpamAssassin
[root]# portinstall security/clamav
[root]# portinstall security/amavisd-new
ClamAV というのは、Clam Anti Virus のことで、ウィルスチェック用のものです。
Amavisd-new は、A Mail Virus Scanner の略だそうで、
Postfix と SpamAssassinやClamAVなどとの受け渡しをやってくれるようです。
/etc/rc.conf に、起動スクリプトが実行できるように設定を追加。
[root]# ee /etc/rc.conf
spamd_enable="YES"
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
amavisd_enable="YES"
/usr/local/etc/clamd.conf を編集。
[root]# ee /usr/local/etc/clamd.conf
#LogTime yes
↓ (変更) (※時間をlogに記録する)
LogTime yes
#LogVerbose yes
↓ (変更) (※詳細なlogを出力する)
LogVerbose yes
-----
(※設定内容の確認)
# grep -v "^#" /usr/local/etc/clamd.conf | grep -v '^$'
LogFile /var/log/clamav/clamd.log
LogTime yes
LogVerbose yes
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/db/clamav
LocalSocket /var/run/clamav/clamd
FixStaleSocket yes
User clamav
AllowSupplementaryGroups yes
ScanMail yes
/usr/local/etc/amavisd.conf を編集。
ee /usr/local/etc/amavisd.conf
$mydomain = 'example.com'; # a convenient default for other settings
↓
$mydomain = 'pnkx.com'; # a convenient default for other settings
(※log を/var/log/maillog ではなく、別に分けたいので)
$DO_SYSLOG = 1; # log via syslogd (preferred)
↓ (変更)
$DO_SYSLOG = 0; # log via syslogd (preferred)
$syslog_facility = 'mail'; # Syslog facility as a string
↓ (変更)
# $syslog_facility = 'mail'; # Syslog facility as a string
$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,
↓ (変更)
#$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,
(追加)
$LOGFILE = "/var/log/amavis/amavisd.log";
# $myhostname = 'host.example.com'; # must be a fully-qualified domain name!
↓ (変更)
$myhostname = 'milk.pnkx.com'; # must be a fully-qualified domain name!
# ### http://www.clamav.net/
# ['ClamAV-clamd',
# &ask_daemon, ["CONTSCAN {}n", "/var/run/clamav/clamd"],
# qr/bOK$/, qr/bFOUND$/,
# qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# # NOTE: run clamd under the same user as amavisd, or run it under its own
# # uid such as clamav, add user clamav to the amavis group, and then add
# # AllowSupplementaryGroups to clamd.conf;
# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
# # this entry; when running chrooted one may prefer socket "$MYHOME/clamd".
↓ (変更)
### http://www.clamav.net/
['ClamAV-clamd',
&ask_daemon, ["CONTSCAN {}n", "/var/run/clamav/clamd"],
qr/bOK$/, qr/bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: run clamd under the same user as amavisd, or run it under its own
# uid such as clamav, add user clamav to the amavis group, and then add
# AllowSupplementaryGroups to clamd.conf;
# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
# this entry; when running chrooted one may prefer socket "$MYHOME/clamd".
上記に従い、ユーザーclamav を、amavisd のグループである vscan に追加。
[root]# pw user mod clamav -G vscan
[root]# grep "vscan" /etc/group
vscan:*:110:clamav
/usr/local/etc/postfix/main.cf の編集。
[root]# ee /usr/local/etc/postfix/main.cf
(追加:末尾などに)
content_filter = smtp-amavis:[127.0.0.1]:10024
/usr/local/etc/postfix/master.cf の編集。
[root]# ee /usr/local/etc/postfix/master.cf
(追加:末尾などに)
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=100
-o smtpd_hard_error_limit=100
spamassassin の設定を行う。
http://tlec.linux.or.jp/docs/user_prefs にて、
メンテナンスされている日本語対応の設定ファイルをダウンロードさせてもらえるようなので、
感謝しつつ、使わせてもらう。その後、Bayes関連の設定を追加する。
多分spamassassinの学習がユーザー毎ではなく、一元管理されるはず。
[root]# cd /usr/local/etc/mail/spamassassin
[root]# /usr/local/bin/wget -qN http://tlec.linux.or.jp/docs/user_prefs
[root]# cp user_prefs local.cf
[root]# echo "report_safe 0" >> local.cf
[root]# echo "bayes_path /usr/local/etc/mail/spamassassin/bayes/bayes" >> local.cf
[root]# echo "bayes_file_mode 0666" >> local.cf
[root]# echo "auto_whitelist_path /usr/local/etc/mail/spamassassin/bayes/auto-whitelist" >> local.cf
[root]# echo "auto_whitelist_mode 0666" >> local.cf
[root]# mkdir /usr/local/etc/mail/spamassassin/bayes
[root]# chmod 777 /usr/local/etc/mail/spamassassin/bayes
それぞれを起動・再起動させる。
[root]# /usr/local/etc/rc.d/clamav-clamd start
[root]# /usr/local/etc/rc.d/sa-spamd.sh start
[root]# /usr/local/etc/rc.d/amavisd start
perlモジュールのバージョン等により大苦戦
[root]# /usr/local/etc/rc.d/postfix reload
上記spamassassinの設定を、cronで更新できるようにする。
スクリプト作成。
[root]# ee /root/script/mail/spamassassin-update.sh
#!/bin/sh
sa_dir=/usr/local/etc/mail/spamassassin
bayes_dir=${sa_dir}/bayes
bayes_path=${bayes_dir}/bayes
bayes_file_mod="0666"
auto_whitelist_path="${bayes_dir}/auto-whitelist"
auto_whitelist_mode="0666"
userprefs_url="http://tlec.linux.or.jp/docs/user_prefs"
cd ${sa_dir} &&
/usr/local/bin/wget -qN ${userprefs_url} &&
cp local.cf local.cf.`date +%Y.%m%d` && (※一応コピーしてとっておく。いらなかったらコメントアウト。)
cp -f user_prefs local.cf &&
echo "report_safe 0" >> local.cf &&
echo "bayes_path ${bayes_path}" >> local.cf &&
echo "bayes_file_mode ${bayes_file_mod}" >> local.cf &&
echo "auto_whitelist_path ${auto_whitelist_path}" >> local.cf &&
echo "auto_whitelist_mode ${auto_whitelist_mode}" >> local.cf
------
[root]# chmod +x /root/script/mail/spamassassin-update.sh
[root]# ee /etc/crontab
0 2 * * * root /root/script/mail/spamassassin-update.sh
なんとなくAM2時に実行する設定にしてますが、意味はないです。
|
|
|
