Hello all,
Been reading this forum for awhile and I think I'll contribute a little ..
I know most of you probably using MailScanner, this howto provide you with an alternative solution to your spam/virus filtering.
Let's start:
1. Create user and group amavis
2. Download, compile and install DSPAM
Code:
wget http://dspam.nuclearelephant.com/sou...m-3.6.8.tar.gz
tar -zxf dspam-3.6.8.tar.gz
cd dspam-3.6.8
./configure \
--enable-debug \
--prefix=/opt/dspam \
--sysconfdir=/etc/dspam \
--with-dspam-home=/var/dspam \
--with-dspam-home-mode=2770 \
--with-dspam-home-owner=amavis \
--with-dspam-home-group=amavis \
--with-storage-driver=mysql_drv \
--enable-preferences-extension \
--with-mysql-includes=/usr/include/mysql \
--with-mysql-libraries=/usr/lib/mysql \
--enable-signature-headers \
--without-delivery-agent \
--without-quarantine-agent \
--with-dspam-owner=amavis \
--with-dspam-group=amavis
make
make install
3. Create mysql database and mysql account for dspam, then run the sql file to create all necessary tables. The sql file is located in src/tools.mysql_drv within dspam-3.6.8 directory
Code:
mysql -u <dspam_db_username> -p <dspam_db> < mysql_objects-4.1.sql
4. Edit /etc/dspam/dspam.conf
** Go to line TrustedDeliveryAgent and make sure it is set for procmail
Code:
TrustedDeliveryAgent "/usr/bin/procmail"
** Look for trusted users and add amavis
Code:
Trust root
Trust mail
Trust admin
Trust amavis
** Look for SupressWebStat and make sure its on (you don't need this unless if you want to use DSPAM's GUI which we don't need for this configuration)
Code:
SupressWebStats on
** Look for Preferences and use the following settings
Code:
Preference "signatureLocation=headers" # 'message' or 'headers'
Preference "showFactors=on"
Preference "spamAction=tag"
** Edit your MySQL information
Code:
MySQLServer /opt/zimbra/db/mysql.sock
MySQLPort 7306
MySQLUser dspam
MySQLPass ThisIsMyPassword
MySQLDb dspam
5. Now its time to download and install amavis
** First install all required perl modules using cpan, this is the list of all required modules
Code:
Archive::Tar (Archive-Tar-x.xx)
Archive::Zip (Archive-Zip-x.xx) (1.14 or later should be used!)
Compress::Zlib (Compress-Zlib-x.xx) (1.35 or later)
Convert::TNEF (Convert-TNEF-x.xx)
Convert::UUlib (Convert-UUlib-x.xxx) (1.05 or later, stick to new versions!)
MIME::Base64 (MIME-Base64-x.xx)
MIME::Parser (MIME-Tools-x.xxxx) (latest version from CPAN - currently 5.417)
Mail::Internet (MailTools-1.58 or later have workarounds for Perl 5.8.0 bugs)
Net::Server (Net-Server-x.xx) (version 0.88 finally does setuid right)
Net::SMTP (libnet-x.xx, ports/net/p5-Net) (>= libnet-1.16 for performance)
Digest::MD5 (Digest-MD5-x.xx) (2.22 or later)
IO::Stringy (IO-stringy-x.xxx)
Time::HiRes (Time-HiRes-x.xx) (use 1.49 or later, older can cause problems)
Unix::Syslog (Unix-Syslog-x.xxx)
BerkeleyDB with bdb library 3.2 or later (4.2 or later preferred)
** Download, and install amavis
Code:
wget http://www.ijs.si/software/amavisd/a...w-2.4.3.tar.gz
tar -zxvf amavis-new-2.4.3.tar.gz
cd amavis-new-2.4.3
mkdir /var/amavis
mkdir /var/amavis/tmp /var/amavis/var /var/amavis/db /var/amavis/home
chown -R amavis:amavis /var/amavis
chmod -R 750 /var/amavis
cp amavisd /usr/local/sbin/
chown root /usr/local/sbin/amavisd
chmod 755 /usr/local/sbin/amavisd
cp amavisd.conf /etc/
chown root:amavis /etc/amavisd.conf
chmod 640 /etc/amavisd.conf
mkdir /var/virusmails
chown amavis:amavis /var/virusmails
chmod 750 /var/virusmails
cp amavisd_init.sh /etc/init.d/amavisd
NOTE: Check /etc/init.d/amavisd to make sure that the path to your amavisd is correct
** Edit /etc/amavisd.conf file
change max server, amavis user and group. I use 2 for max server, but you can use bigger number if you want.
Code:
$max_servers = 2; # num of pre-forked children (2..15 is common), -m
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g
Make sure amavis home is set for /var/amavis
Code:
$MYHOME = '/var/amavis';
Look for $mydomain variable and change it
Code:
$mydomain = 'yourdomain.com';
Make sure quarantine directory is set for /var/virusmails
Code:
$QUARANTINEDIR = '/var/virusmails'
Edit email score to your liking, this is the score that I have been using
Code:
$sa_tag_level_deflt = -10.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.6; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 15; # triggers spam evasive actions
$sa_dsn_cutoff_level = 15; # spam level beyond which a DSN is not sent
$sa_quarantine_cutoff_level = 15; # spam level beyond which quarantine is off
Edit email information for notification
Code:
$virus_admin = "admin\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "admin\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "admin\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "admin\@$mydomain"; # notifications sender
Search $path and $dspam variables and change them to the following:
Code:
$path = '/opt/dspam/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$dspam = '/opt/dspam/bin/dspam';
Search $myhostname and change it
Code:
$myhostname = 'your.hostname.com'
Search for $forward_method variable and change it
UPDATE
Code:
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
Enable ClamAV, look for url http://www.clamav.com within amavisd.conf file and uncomment the following lines
Code:
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
6. Now its time to add amavis to your exim.conf file.
** Find trusted_users on your exim.conf and add amavis
Code:
trusted_users = mail:majordomo:apache:diradmin:amavis
UPDATE
** Look for "daemon_smtp_ports" and add 10025
Code:
daemon_smtp_ports = 25 : 587 : 10025
** Add amavis to exim router, look for 'begin routers' and put this after lookuphost statements
UPDATE
Code:
amavis:
driver = manualroute
condition = "${if or { {eq {$interface_port}{10025}} {eq {$received_protocol}{spam-scanned}} } {0}{1}}"
domains = +local_domains
transport = amavis
route_list = "* localhost byname"
self = send
** Add amavis to exim transport statements, put this after 'begin transport'
Code:
amavis:
driver = smtp
port = 10024
allow_localhost
UPDATE
** Uncomment spamcheck_director and spamcheck (this will enable exim to read user_prefs file)
7. Add DSPAM to your spamassassin local.cf file which located in /etc/mail/spamassassin directory
Code:
header DSPAM_SPAM X-DSPAM-Result =~ /^Spam$/
describe DSPAM_SPAM DSPAM claims it is spam
score DSPAM_SPAM 6.0
header DSPAM_HAM X-DSPAM-Result =~ /^Innocent$/
describe DSPAM_HAM DSPAM claims it is ham
score DSPAM_HAM -2.0
8. Create a file called group in /var/dspam directory and add the following line:
Code:
amavis:classification:*amavis
9. Create cron for DSPAM
Code:
# Purge daily data
0 0 * * * mysql --user=<dspam username> --pass=<dspam password> <dspam db> < /opt/dspam/bin/purge-4.1.sql
# Log rotation
0 0 * * * /opt/dspam/bin/dspam_logrotate -a 30 -d /var/dspam/data
You don't need dspam_logrotate on cron if you don't enable Logging
UPDATE
10. Edit user_prefs template to ensure their config will read DSPAM Result
Code:
cd /usr/local/directadmin/data/templates
vi user_prefs
and add these to the top
Code:
header DSPAM_SPAM X-DSPAM-Result =~ /^Spam$/
describe DSPAM_SPAM DSPAM claims it is spam
score DSPAM_SPAM 6.0
header DSPAM_HAM X-DSPAM-Result =~ /^Innocent$/
describe DSPAM_HAM DSPAM claims it is ham
score DSPAM_HAM -2.0
You may also add your own preferences that you see fit.
11. Time to start amavisd and restart exim
Code:
/etc/init.d/amavisd start
/etc/init.d/exim restart
Thumbs up HOWTO: ClamAV + DSPAM + Amavisd-new + Spamassassin [UPDATED]
ELM 发表于: 2007-10-08 23:17 来源: 榆树社区
查看全部回复
我也来说两句