??? ????, ????? ??? ???????? ?????? ??? ????????? ????? ??? ?????? ????????? ??????,
?????????? ????? ??????????? ????????? ???????:
????? ????, ????? ?????? ??????? ?????????? ?? ??????? ????????? ???????.
??? ????? ??????? ???????????:
???? ?? ?????? ??????????? ???????? ????? ?? ???????, ????? ????? ???????? ????????:
2. ????????? pop3/imap ???????
????????, ???????? ?????????? ?????, ?? ??????? ????????? ???????? ?????? ????? ???????,
??? ?? ????? ?????????? ? ????????? ?????. ?????? ????? ???????? ????, ?????
???????????? ????? ???????? ???? ????? ? ???????. ??? ????? ?????? ???????????? ???????? POP3
(Post Office Protocol version 3) ???, ????, ???????? IMAP.
????? ????? ???????????? ?????????? ?????? ???? ?????????? POP3s ? IMAPs.
????????????? ????? imap:
# urpmi imap
???? ????? ???????? ???????, ??????????? ???????????? ????? ?? ??????? ?????????????
??????????. ?????? ??? ???????? ?????? ???????? ??????????? ??? ???????.
????, ?? ????? ???? ?? ?????????? ????????: ipop3, pop3s, imap, imaps.
???????? ???? ??????? ?????????? ????? xinetd. ??? ??????? ?? ?????????? ??? ????????
????? ipop3, ??? ????? ?????? ????????????. ??????????? ???????? ????? ? ????? ????????
?? ????? ???????? ????????.
?????? ????????? ??????, ?? ???? ?????????? ??????? ?? ?? ? xinetd:
# chkconfig --list ipop3
???? ?? ???????, ???????? ????? ? xinetd:
# chkconfig ipop3 on
????????? ????? ? xinetd ????? ???:
# chkconfig ipop3 off
???????? ????????, ??? ????? on ????? ????????? ??? ??????
? ?????? ??? ????????, ? ????? off ????? ????????? ? ????????? ???? ??????.
??????? ?????????????? ????????? ??? ??????? ?????? ?? ???????.
http://www.linux.opennet.ru/docs/RUS/mdkman/#id2873592
HOWTO postfix+spamassassin+AVP(via avcheck)+cyrus under FreeBSD
??????? ???????????
?????? POSTFIX?
postfix - ?????????????? MTA, ????????????
??????? ?????? sendmail.
? ???? ????? ??????????? (???????????? ???????? ?????, ???????? ???? ????????????,
?????????? ????????? MySQL (?? ????? ??????????) ? ?.?. ? ?.?.), ?? ???
????, ? ???? ?????, ???????? ???????? ????? ??????????? ??????? ??????????
?????? ? ~/.forward. ??? ?????????? ????????? ?????, ??? ??? sendmail ??
????????? ??????? ????? ? ???????????? ??? ????????? ????? ~/.forward ?
??? ????????? ?????????? ??????? ???? ? ???????????? ???????. ??? ??????????
?????? ?????????, ???????? ?????? ?????????? ?????????? ? ???? .forward
? ???????? ??????? ???????????? ? ???????? ??? ?????
(| whoami | mail -s test You@e-mail.ua)
??? ???????????? ???????? ???? ???? ????????? ???????? ???????? ?????
? ?????????????? ????????? vulnerabilities.
postfix ?????? ??? ???????? ??? ?? ?????????, ??? ? ????? ??????, ?????
??????? ? ????? ????????????
# security reason - disable run commands from ~/.forward
allow_mail_to_commands = alias
p.s. telnet mx1.freebsd.org smtp :)
?????? AVP?
??? ?? ?????????, ??? ??????? ????? ? ??? ????????? ???????????? ??????
??? ?????? ???????????????. ????????? ????? ????? ??????????????. ??? ???????,
????? ?????? ???????????? ?????????? ????????????. ??????? - ?????????????
?????????? ??? ? ???????????, ???????? ???? ???, ?? ??????????? ? ??????
? ??????????. ?? ????????? AVP, ??? ???
? ????????????? ????? ?????? ???. :) ? ???????? ???????? ?????? ??? ??????????
kavkeeper, ??????? ???????????? ????? ????? MTA ? ????? ???????????? ???????.
? ??? ??????? ????? ?? ??????? ????????????. ??????? - ??? ?????????????
?????? ?? ??????????. ??? ????? ????????? ????????, ?? ?? ????? ?????????
postfix ? qmail. :( ?????? ????? ?? ????? ???????????? avcheck, ?????????? Michael Tokarev. ?????
????, ??? ??? ??? ????????, ?? ?? ???? ????????, ??? ????????? ??????????
??? ???????????? ?????. ?? ???? ?? ??????????? ???????.
?????? CYRUS?
??? ??? ?????? ? ???????????? ?? ????????? - ?? ??????
?? ??????????. ?? ????? ????????? ????????? ?????????????. ? ???? ?? ??
????? ???????????? LMTP, ? ??? ??? ????? ??????????? ? ??????????. ?????
????, ?????? ? ????????? ? ??? cyrussasl ????????? ????????????????? ?????????????,
?????????? ????? ?? ?????????? POP3/IMAP ?? ?????? plain text, ?? ? CRAM-MD5,
DIGEST-MD5. Outlook Express ?? ?? ????????????, ???? ?? ???????????? The
Bat!, ??????? ????? ??????????? ? ??? :). ????????, ?????????? ?????????,
??? cyrus ??? ?? ???????????? SSL ????????? POP3S ? IMAPS. ? ???, ???????
?? cyrussasl ????, ?? ????? ??????? ??? ?????????????? ?? ???? MySQL.
SPAM
???????? ?????? ??? ???? ??? ?????????????? ??? ????????, ????? ???? ???????
rbl, regexp ???? headers_check, body_check (? ???????????? postfix) ????? ??
???????? ??????? ???????????. ???????? ??????? ?????? - ?????? ????????????.
??? ???????? ????? ?????????? ???? ?????????. ???, ?????????? ????????? ???.
????????? ??? spamassassin-??, ????? ??? ?????? BAYES ???????? ??? ???? ?
?????? ?????????????, ?.?. ??? ?????????? ???? ????????? ?? ???????? ??? ????
spam, ? ??? ???? ham - ?????????? ???????????????. ???????????? ?????, ????? ???? ;)
???????????? ? ???????????? ??????????, ????????? ? ?????????.
?????? ? postfix
# cd /usr/ports/mail/postfix-current/
# make all install clean
??? ????? ???????????? ?????
[ ] PCRE Perl Compatible Regular Expressions
[x] SASL Cyrus SASLv1 (Simple Authentication and Security Layer)
[ ] DB3 Berkeley DB3 (required if SASL also built with DB3)
[ ] MySQL MySQL map lookups
[ ] PgSQL PostgreSQL map lookups
[ ] OpenLDAP OpenLDAP map lookups
[ ] Test SMTP/LMTP test server and generator
[ ] TLS SSL and TLS (currently broken)
[ ] IPv6 IPv6 support (not KAME official)
? ?????? ?????? ??? ??????????? ?????? SASL
????? ????????? ?????? ??? ???????????? ? /usr/local/share/doc/postfix/,
????? ???????????? ? /usr/local/etc/postfix/
? FreeBSD ?????????? ? ???????? ?????????? ????????? ? /etc/mail/mailer.conf
? ????? ?????? ?? ?????? ????????? ???
# more /etc/mail/mailer.conf
#
# Execute the Postfix sendmail program, named /usr/local/sbin/sendmail
#
sendmail /usr/local/sbin/sendmail
send-mail /usr/local/sbin/sendmail
mailq /usr/local/sbin/sendmail
newaliases /usr/local/sbin/sendmail
????? ????, ??? ??? sendmail, ??? ???????, ??? ?????? ?? ???????????, ??????? ? /etc/make.conf ??????
NO_SENDMAIL=true
??? ?????????? ? ????????? ???? sendmail ?????? ?? ?????????.
?????? ? /etc/rc.conf, ??? sendmail ?? ?????? ?? ??????????
sendmail_enable="NONE"
????????????? ???????? ???? ???????????? postfix /usr/local/etc/postfix/main.cf
??????????? ????????? ?????? ????????, ?? ??? ??????? - ??????? ???:
? ?????? ???????? ???????????? ????????????? ????? ????????????. ?????
mail_owner = postfix
myhostname = ???_??????_?????
mydomain = ???_??????
mydestination = ?????? ????? ??????? ??? ?????? ??????, ??? ??????? ??
????????? ????? (???????? ????? ??????????) ??? ????????? ?? ????????.
mynetworks_style = subnet (????, ????? ?? ??????? ?? ?????????? ?? ??????? ???. ?????? ????? ???????
????? ??, ? ????? ? ??????? ??? ? ????. ???? ?? ????????, ? ????? ????????????
???????? ??? ???????????? ?????????? :)
mynetworks = 192.168.1.0/24, 127.0.0.0/8
#mynetworks = $config_directory/mynetworks
????? ?????? ??????, ??? ??????? ?? ?????? ?????. ???? ?? ????, ?????????
??????.
relay_domains =
???? ?? ?? ?????? ?????????? ????? ???????? ? ??? ? ??? ??????? ?????????????
??? ??????????, ?? ??? ???? ????????
#relayhost = SMART_????_?????????? (? ???????????? sendmail)
?????????, ??? ???? aliases ????? ????????? ? ? ????? ???????
#alias_maps = dbm:/etc/aliases
alias_maps = hash:/usr/local/etc/postfix/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
#alias_database = dbm:/etc/aliases
alias_database = hash:/usr/local/etc/postfix/aliases
#alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
???, ??? ?? ???????????? ?? CYRUS, ?? ???????? ?? ???? ?????
mailbox_transport = cyrus
????????
cyrus ??????? ? ????? ???????????? /usr/local/etc/postfix/master.cf
?? ???????? ? ???? ????? ????????? cyrus-?. ??????, ??? cyrus ????? ??????????
?? ???? ?? ??????. ???? ?? ????? ???????????? lmtp, ?? ??? ????? ??????????
????????? virtual. ????? ????????? ???????? ? ????????????.
????? ?? ?????? ?????? ??? ???????? ????? ?? ??????. ???? ?? ?? ??????????
????????????? AVP - ??????????????? ??? ??????, ????????
?????? ?????? #.
# Antivirus scanner, see /usr/local/etc/postfix/master.cf for more details
content_filter = avcheck
?????? ????, ?????????? ???????????? ?????????
header_checks = regexp:/usr/local/etc/postfix/bad_headers
(?? ? ???? ???????? ???:
# don't receive mail with next file attachments
/^(Content-(Disposition: attachment;|Type:).*|(t| )+)(file)?name=.*.(vbs|pif|com|bat|scr|lnk)"?$/ REJECT We do not accepted mail with vbs|pif|com|bat|scr|lnk file extentions
/^Reply-To: .*@otvet.net/ REJECT We do not accepted mail from spammers
/^Reply-To: .*@blabla.com/ REJECT We do not accepted mail from spammers
/^Content-Type:.*X-Priority:.*X-Mailer:/ REJECT We do not accepted mail with virus
(????????? (?) Netch ??? Klez-?)
}
????? ??????? ????????? :)
smtpd_banner = $myhostname ESMTP service ready (Postfix Rulezzz!!!)
??????????? ????????
smtpd_sender_restrictions = hash:/usr/local/etc/postfix/access
transport_maps = hash:/usr/local/etc/postfix/transport
?? ????????
# security reason - disable run commands from ~/.forward
allow_mail_to_commands = alias
? ???? ????? ???. ? ??? ?? ?????????? ?????????????? ????? (access,
transport ? aliases). ????? ?? ?????????????? ???????? ?? hash-?. ???
????? postfix ?????????? ???? ??????? - postmap ? postalias ??? ?????
aliases
# postmap /usr/local/etc/postfix/access
# postmap /usr/local/etc/postfix/transport
# postalias /usr/local/etc/postfix/aliases
???? ? postfix ???.
????????? cyrus.
# cd /usr/ports/mail/cyrus-imapd/
# make configure
????? ?????????? ???????????????? ?????????, ?.?. ?? RFC 2047 ? Subject 8-?????? ??????? ?? ???????????, ?? ? ?????? ?????????
?? ??? ?????? ?? ???????? ????????. ???? ?? ?? ??????????? ??????????? RFC, ?? ???? ??? ?????????? ??????????.
???? ?? ?? ????? ?? ???????, ?? ????????? ?????? ?????? ?? ? ??? ????????? ? ?????: ?????????, ?? ??? ???-??
? ???? ????. ????,
# cd work/cyrus-imapd.??????/imap/
# grep 'X' *
?????? ???, ??? ? ????? message.c (? ??? cyrus2 ? ?
lmtpengine.c) ???? ???? if, ? ??????? ? ???????????? ?????. ??????
????????. ? ???????? ??? ?????????? ?????? ???????, ?? ???? ??????????
??? ????? ?????????? ?????? ;). ?????? ????????
if (inheader && *p >= 0x80) {
??
if ( 0 && inheader && *p >= 0x80 ) {
??? ????? ??????? ????????? ???? ??????? ?? ?????????? ;). ????????? ?????????:
# cd ../../..
# make all install clean
? ???????? ????????? ????? ????????????? ? ?????????? ? cyrussasl
??? ??????, ???????????? ? /usr/local/share/doc/cyrus/
????? ???????????? ? /usr/local/etc/ ?? ???
cyrus.conf
imapd.conf
???? ?? ?? ?????????? lmtp, ?? ???? cyrus.conf ????????????? ?? ?????????.
????????????? cyrus ?????? imapd.conf
??????, ??? ???? ???????, ??? ???????, ??? ????? ???????????????. ?????????????
?? ???????????? root ??? ?????. ????? ???????? ? ????????????.
admins: admin
?????? ????
sievedir: /var/imap/sieve
sendmail: /usr/local/sbin/sendmail
? ????? ?????????????? ?????????????
sasl_pwcheck_method: sasldb
?????????, ?? ??? ???????? ?? ???????, ??? ??? ??????????? ?? ???????? ????????????
? ????? ???? ????????????? ???????.
sasl_auto_transition: no
???? ?????????? ???? ???????? ? yes, ?? ????? (!) ????????????, ????????
?? ?????????? POP3|IMAP ????? ??????? ? ???? ? ??? ???? ????? ?????? ????????
????.
????? ???? ??? ?? ???????? ? imapd.conf ??? ????, ????? ??????? ???????? ????????? ??? ???????? ??????
# /usr/local/cyrus/bin/mkimap
????? ? ?????? ???? ????????????? ???????? ? ????? /usr/local/etc/sasldb.
????????:
-rw-r----- 1 cyrus mail sasldb
??????????? ???????????? ????????????? ????? ???????? sasldblistusers.
??? ???? ???????? ???????????? admin
# saslpasswd -c admin
? ?????? ??????.
?????? ?? ????? ????????? cyrus.
cyrus ?? ????????? ?????????? ????????? tcp wrappers. ? ????? /etc/hosts.allow ?????????? ??????? IP ?????????????,
??????? ????? ???????? ?????. ?? ???????? ??? ?????? ???? ??? ?? ??????, ???????? ? ??????????? ?????, ?? ??????
?????????, ??? ???? ??? ?? "??????????????". ????? ?????, ??????? ????, ?? ?????? ? ???? ?? ?????? ?? ?????. :(
? ?? ?????????????? ????????? ???? ???????????? pop3, imap, sieve (port tcp/2000), ? ??????? ??? ????? ? ???? firewall-??.
??? ????????? cyrus-? ? ???????? /usr/local/etc/rc.d/ ??? ?????? ?????? ???????
cyrus.sh.
???????? ??? ? ?????????? start.
# /usr/local/etc/rc.d/cyrus.sh start
??????????? ? ????????? ??????? ???????? ????? ???????
# cyradm -u admin localhost
??? ??? ??????? ? ??? ??????? ??????, ??????? ?? ??????? ??? ????????
????? ???????????? saslpasswd
??????? help ????????? ??? ?? ????????? ????????. ???????? ????????, ???
???????? ????? ????? ????? ??????? user.????.
??? ????, ??? ?? ??????? ???????? ???? ????????? ????? ???????
localhost> cm user.uafug
localhost> lm
??????? ??? ??? ???????????? ???????? ?????.
localhost> quit
?? ??????? ???????? ???? ??? ???????????? uafug. ?? ?????????? ?? ??????
?????????? ??? ??????
# saslpasswd -c uafug
??? ?? ?????, ???? ????? ???????? ????, ?????????????? ???? /etc/syslog.conf
auth.* /var/log/auth.log
local6.debug /var/log/cyrus.log
? ??? ?? ???? ?? ??????????? ???? ?????? /etc/newsyslog.conf
/var/log/auth.log 600 3 100 * Z
/var/log/cyrus.log 600 3 100 * Z
??? ?????????? ??????????? ? ????
# touch /var/log/auth.log /var/log/cyrus.log
# chmod 600 /var/log/auth.log /var/log/cyrus.log
# killall -HUP syslogd
???????? ? postfix
# cd /usr/local/etc/postfix
? ?????? ???, ??? ???????? ?????????? ????? ??? ????? ????????????? ?
????? master.cf. ??? ????? ?? ? ?????????? ????????? ???? ????? ? ?????
main.cf ???????? cyrus
cyrus unix - n n - - pipe
flags=Ru user=cyrus argv=/usr/local/cyrus/bin/deliver -e -m ${extension} ${user}
????????? ???????????? ????. ???? u ?????????, ??? ????? ????????????? ??? ???????? ?????????? ????????? ? ?????? ???????.
See man pipe for more.
???? ??? ????? postfix ????? ? ??????. ???? ? ??? ??? ???????? sendmail - ????????? ???
# cd /etc/mail
# make stop
? ???????? postfix
# /usr/local/sbin/postfix start
??? ????, ??? ?? postfix ?????????? ?????????????, ??????? ??????????
????
# ln -s /usr/local/sbin/postfix /usr/local/etc/rc.d/postfix.sh
????????? ?????. ??????? ? /etc/daily.local ?????????
#!/bin/sh
echo
echo Checking for troubles in mail:
start=`date -v-1d '+%b %d' | sed 's/0(.)$/ 1/'`
cat /var/log/maillog | grep "$start" | egrep '(reject|warning|error|fatal|panic):'
? ?????? ???.
?????? ???????? ? AVP.
??? ????? kav-WorkStationSuit-3.0.136-FreeBSD-4.x.tgz, ???? ???????? (???,
???????, ?? ?????? ????? ? ???????) ? avcheck (? ????? http://www.corpit.ru/avcheck/).
>
?? kav-WorkStationSuit-3.0.136-FreeBSD-4.x.tgz ??? ????????? ?????? ?????,
updater ??? ? ???? ?????? ?????????. ???????????? kav-postfix-3.0.136-FreeBSD-4.x.tgz
?? ?? ?????. ????? ??????? ?? ?????????? ?? ?????.
??? ?????? ?????????? ????? ? ???? SYSV*. ????? ???????? ??. /sys/i386/conf/LINT. ????????
??????????? ??????????? ???? ???? ? ????? ??????? ;).
???????? ???????, ? ??????? ? ????? ???? ??? ???? ?????????? ? ???????
????? chroot ??? ????? ???????????? ????????. ? ???? ??? /var/spool/avp/.
# mkdir /var/spool/avp/
# cd /var/spool/avp/
?? ????????? kavdaemon ?????? ???????? ?? ????, ?? ??? ? ??? ???? ;).
???? ??????? ????????????? ? ?????? ??? ?????.
# vipw
avdaemon:*:64:65::0:0:AVP Daemon:/nonexistent:/nonexistent
avclient:*:65:65::0:0:AVP Client:/nonexistent:/nonexistent
? ? /etc/group
avgroup:*:65:
?????? ?? ?????? ??????????????? avcheck ? ???? ?????? avcheck-0.8
# tar xvfz avcheck-0.8.tar.gz
# cd avcheck-0.8
# make
# cp avcheck /var/spool/avp/
# cp uchroot /var/spool/avp/
# mkdir /var/spool/avp/infected
# cp infected.ex2.ru /var/spool/avp/infected
?????????????? /var/spool/avp/infected/infected.ex2.ru
FROM=Antivirus-Daemon
VIRUS_ALERT=alert@you_host.ua # set to empty to skip administrator email
? ???????, ? ??????????????? ???? ???? ???, ??? ?? ??????????? ?? ??????????
????? ???????? (??????? ???? ???? ????????? ;)
???????? ? ???????????? ?????????? ??????, ??? ?? ??? ??????? ??????????????.
???????????? ?????????? ??????. ;)
???? ?????????
# cd /var/spool/avp
# cp /???/? ???/???/kavdaemon /var/spool/avp/
# cp /???/? ???/???/kavupdater /var/spool/avp/
# cp /???/? ???/???/AvpUnix.ini /var/spool/avp/
# cp /???/? ???/???/defUnix.prf /var/spool/avp/
# cp /???/? ???/???/?????/key /var/spool/avp/
# mkdir bases ctl dev proc tmp tst usr
# chown avdaemon:avgroup bases ctl kavdaemon tmp
# chown avclient:avgroup tst
# cd dev
# mknod console c 0 0
# mknod null c 2 2
? ????? ?? ?????? ???????? ?????????
-rw-r--r-- 1 root wheel 1199 12 ??? 2001 00030ADE.key
-rw-r--r-- 1 root wheel 116 12 ??? 2001 AvpUnix.ini
-rwxr-xr-x 1 root wheel 19282 13 ??? 10:14 avcheck*
drwxr-xr-x 2 avdaemon avgroup 1024 6 ??? 03:55 bases/ ???????? ???????? ?? ????????? ????? ????????
drwxrwx--- 2 avdaemon avgroup 512 28 ??? 15:38 ctl/
-rw-r--r-- 1 root wheel 1854 15 ??? 09:36 defUnix.prf
drwxr-xr-x 2 root wheel 512 12 ??? 2001 dev/
drwxr-xr-x 2 root wheel 512 12 ??? 2001 infected/
-rwxr-xr-x 1 avdaemon avgroup 254572 12 ??? 2001 kavdaemon*
-rwxr-xr-x 1 root wheel 95672 15 ??? 11:08 kavupdater*
drwxr-xr-x 2 root wheel 512 12 ??? 2001 proc/
drwxrwx--- 2 avdaemon avgroup 512 6 ??? 11:56 tmp/
drwxr-x--- 2 avclient avgroup 512 6 ??? 11:56 tst/
-rwxr-xr-x 1 root wheel 7205 13 ??? 10:14 uchroot*
drwxr-xr-x 4 root wheel 512 12 ??? 2001 usr/
?????? ????????, ?????? ???????????? ?????????? kavdaemon ? kavupdater
# ldd kavupdater
kavupdater:
libintl.so.1 => /usr/local/lib/libintl.so.1 (0x28078000)
libm.so.2 => /usr/lib/libm.so.2 (0x2807d000)
libc.so.4 => /usr/lib/libc.so.4 (0x28099000)
# ldd kavdaemon
kavdaemon:
libintl.so.1 => /usr/local/lib/libintl.so.1 (0x28097000)
libm.so.2 => /usr/lib/libm.so.2 (0x2809c000)
libc.so.4 => /usr/lib/libc.so.4 (0x280b8000)
????????? ??? ?????????? ? ??? ??????? usr/, ??? ?? ????????
????? ?? ???? ???????????? ???????? ????????, ??????? ? ????? ???
????????.
? ????? AvpUnix.ini ?????????? ???????? ????????? ??????
[AVP32]
DefaultProfile=defUnix.prf
[Configuration]
KeyFile=00030ADE.key
KeysPath=/
SetFile=avp.set
BasePath=/bases
? ? defUnix.prf:
# same section with parameters for objects
[Object]
Names=*/tst
[Report]
Report=No
[TempFiles]
UseMemoryFiles=No
LimitForMemFiles=6000
MemFilesMaxSize=20000
TempPath=/tmp
??????? ???? ?? ???????? softupdates ??? ????? ??????? ;) man tunefs
[Mail]
SendMail=No
????????? - ? ???????????? ? ????????????? ? ?? ?????? ??????????
??????? ???? (kavupdater ??? ?????????? ??? ?????????? wget. ??? ?????????? ????????? ?? ??????, ???? ? ??? ??? ???)
/var/spool/avp/kavupdater -y -kb -ui=ftp://ftp.avp.ru/updates -b=/var/spool/avp/bases/
??? ?????? ????? (???, ?????) ???????? ? crontab, ????? ???? ???????????
?????? ????. ?? ????????? support-? ?? killall -HUP kavdaemon ?? ???? ????????????
????.
???????? ????????? ??????. ? ???????? ???????? ???
# more /usr/local/etc/rc.d/kavdaemon.sh
#!/bin/sh
echo Starting AVP Daemon
/usr/bin/env - HOME=/ /usr/bin/nice
/var/spool/avp/uchroot -u avdaemon
/var/spool/avp /kavdaemon -Y -MP -f=/ctl /tst
???? ??? ????????? ? ????? ?????, ?????? postfix ;)
??? ?????? ??????? ? /usr/local/etc/postfix/master.cf ????????? ??????
avcheck unix - n n - 5 pipe
flags=q user=avclient argv=/var/spool/avp/avcheck
-i /var/spool/avp/infected/infected.ex2.ru -h Ok
-d /var/spool/avp/./tst -s AVP:/var/spool/avp/ctl/AvpCtl -f ${sender}
-S :1025 -- ${recipient}
(??????, ?????????? ???????????? flags ?????? ?????????? ? ???????)
? ? ??????, ? ??????????? ?? ???? ????????
1) ??? ??????????? ?????? (????? ??????????? ???, ???? ???????????? ??
????? smtp)
smtp inet n - n - - smtpd
localhost:1025 inet n - n - - smtpd -o content_filter=
???????? ????????, ??? ??? ???? ?????? ? main.cf ?????? ???? ???????
content_filter=avcheck
2) ??? relay ?????? (??????????? ?????? ??, ??? ?????? ????? smtp)
smtp inet n - n - - smtpd -o content_filter=avcheck
localhost:1025 inet n - n - - smtpd -o content_filter=
???, ??? ?????????? ????????? ? ????
# postfix reload
?? ????? ?????, ??? ????? ???????????, ???????? avcheck-?, ????? ????????????????
?? localhost ? ???????? cyrus-?.
? ??? ?? SPAM?
? ??? ??? ?? ???????, ??? ??? ? ???? ?? ????????? ?????? ????? ????, ??? ?????????, ???
??? ????????? ??? ????????. ??? ????????? ???? ????????, ??????? ???????? ;)
???? ????? ? ?????.
# cd /usr/ports/mail/p5-Mail-SpamAssassin/
# make install clean
# cd /usr/local/etc/mail/spamassassin/
# cat local.cf
trusted_networks 192.168/16 127/8 # all in 192.168.*.* and 127.*.*.*
trusted_networks 127. # all in 127.*.*.*
clear_trusted_networks
rewrite_subject 1
subject_tag ***SPAM***
required_hits 5.0
report_safe 0
always_add_report 1
use_bayes 1
bayes_auto_learn 1
# mkdir /var/spool/spamd
# chown avclient:avclient /var/spool/spamd
# vipw
? ??? ????? ?????? ???????? ??????? avclient ?? /var/spool/spamd
?????? ????? ????????? ???:
avclient:*:65:65:AVP Client:/var/spool/spamd:/nonexistent
? ??????? ??????? ?????????? ?????? ????????? ? ?????? 38
spamd_flags=${spamd_flags:-"-u avclient -Q -L -m 16 -a -c -d -r ${pidfile}"}
? ????????? ??? ????? spamd.
# /usr/local/etc/rc.d/spamd.sh start
???? ??????? ? /var/log/maillog, ??? ??? ??????????? ?????? ??? ?????? ? ??????, ????? ???? ???????????.
?? ? ?????? ????? ??????? ??? ;) ???? ?????? ? ????????? ? ????? master.cf ????? ??? ?????
avcheck unix - n n - 5 pipe
flags=q user=avclient argv=/usr/local/bin/spamc -u avclient -e /var/spool/avp/avcheck
-i /var/spool/avp/infected/infected.ex2.ru -h Ok
-d /var/spool/avp/./tst -s AVP:/var/spool/avp/ctl/AvpCtl -f ${sender} -S :1025 -- ${recipient}
?????? ? ??? ????? ??? ?? ? ??????? ;)
????????? ??? ???????? ????????
# postfix reload
?????! ;)
spamassassin "?? ???????" ????? ???????????? ????? 50-70% ?????, ?? ??? ?? ??? ???????, ?????????? ??? ????????
???????????? ???????????? ???????? ? (!) ?????????? ?????. ??????? 2 ????????, ?????? ???? ?????? ? ???????????
? ?? ?????????? ?? ??? sa-learn. ?????? bayes ?????? ??????? ???? ?????? ?????? ????? ?????????? ?
???? 200 (?? ?????????) ????? ???? ? ????? ????.
# mkdir /var/spool/spamd/ham
# mkdir /var/spool/spamd/spam
# mv ~ftp/incoming/spam/* spam
# mv ~ftp/incoming/ham/* ham
# sa-learn --ham /var/spool/spamd/ham/
# sa-learn --spam /var/spool/spamd/spam/
# rm /var/spool/spamd/spam/* /var/spool/spamd/ham/*
# /usr/local/etc/rc.d/spamd.sh restart
That's all, folks.
???????
Gleb Smirnoff ?? ??????????? ? ??????????? ???? ??????.
??????? ?????????? ??? ?????
???????? ??????.
??? ????? ?????? ?? ?????????? ???????? ?????? ?????? ???? ???????, ??? ?... ???? ??? ????? ??? ?????????? - ???? ???.
????? ????, ??? ?? ?? ?????. ???????? ? 300-400 ?????? ?????? ?? ?????????, ?? ????????. ?????!
Konstantin Nikonenko
Last changed: ???????, 5 ????? 2004 ?. 09:33:32 (EET)
http://www.kot.dp.ua/postfix_avp_cyrus.html
???????? SpamAssassin, Postfix, MySQL, WebUsePref
?????? ????????? SpamAssassin ? DrWeb - ????? ?????!!!
Mail-relay (?? Spam-????????) ????????? ????? ?? ?????????, ??????????? ?? ? ???????? ?? ????????? Mail-Server ( ????. Domino)
??????:
gennadi.ru
Mail-relay:
mail-relay.gennadi.ru 192.168.0.1
Mail-Server Domino:
domino.gennadi.ru 192.168.0.2
????... ??? ??????? ??????? ??? ?????????? ????? ?????????? ????????? ??????:
rpm -i perl-Digest-SNA1*
rpm -i perl-Digest-SMAC*
rpm -i perl-HTML-Target*
rpm -i perl-HTML-Parser*
rpm -i perl-Net-DNS*
rpm -i perl-Time-HiRes*
rpm -i spamassassin*
???? ??? SuSE - ??? ?????:
??????: |
mail-relay:~ # yast |
- ? ?.?,
???? RedHat ?? :
??????: |
mail-relay:~ # up2date spamassassin |
1.) ????????? Postfix
???? /etc/postfix/main.cf ???????? ???:
??????: |
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_maps = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains = gennadi.ru
mydomain = gennadi.ru
myorigin = $mydomain
myhostname = mail-relay.gennadi.ru
internal_mail = 192.168.0.2 #(??? Domino Mail-Server)
mynetworks = $internal_mail, 127.0.0.0/8
program_directory = /usr/lib/postfix
inet_interfaces = all
mydestination = $mydomain
defer_transports =
disable_dns_lookups = no
relayhost =
content_filter =
mailbox_command =
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_relay_reject = no
smtpd_client_restrictions =
smtp_always_send_ehlo = yes
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_mynetworks,permit_mx_backup,permit_sasl_authenticated,check_relay_domains
broken_sasl_auth_clients = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_auth_enable = yes
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/ssl/certs/server.key
smtpd_tls_cert_file = /etc/ssl/certs/server.key
smtpd_tls_CAfile = /etc/ssl/certs/server.key
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
alias_maps = hash:/etc/aliases
mailbox_size_limit = 51200000
message_size_limit = 10240000
|
2.) ? ???? /etc/postfix/transport ?????? ????????? ??????:
??????: |
gennadi.ru smtp:[192.168.0.2 ] |
? ????????????? transport.db
??????: |
mail-relay:~ # postmap /etc/postfix/transport |
3.) ? ????
/etc/postfix/master.cf ?????? ????????? ?????????:
??????: |
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd -o content_filter=filter:
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 nqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
#lmtp unix - - n - - lmtp
#localhost:10025 inet n - n - - smtpd -o content_filter=
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
vscan unix - n n - 10 pipe
user=vscan argv=/usr/sbin/amavis ${sender} ${recipient}
procmail unix - n n - - pipe
flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
filter unix - n n - - pipe
user=spamfilter argv=/usr/local/bin/spamfilter.sh -f $(sender) -- $(recipient)
|
4.) ???????? SSL Cerifikat ??? Postfix
??????: |
mail-relay: # openssl req -new -x509 -sha1 -extensions v3_ca -nodes -days 365 -out cert.pem
|
???????? ??? ????? - privkey.pem ? cert.pem. ??????:
??????: |
mail-relay: # cat privkey.pem cert.pem > /etc/ssl/certs/server.crt
mail-relay: # mv -f privkey.pem /etc/ssl/certs/server.key
|
5.) ???????? ????? spamfilter, ?? ????? ???????? ????? ??????????? ?????? spamfilter.sh .
??????: |
mail-relay:~ # useradd -g mail -s /bin/false -d /var/spool/filter spamfilter
mail-relay:~ # mkdir /var/spool/filter
mail-relay:~ # chown spamfilter:mail /var/spool/filter |
6.) ???? ??????
spamfilter.sh ???????? ? ??????????
/usr/local/bin.
??????: |
#!/bin/sh
INSPECT_DIR=/var/spool/filter
SENDMAIL="/usr/sbin/sendmail -i"
SPAMASSASSIN=/usr/bin/spamc
EX_TEMPFAIL=75
EX_UNAVAILABLE=69
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }
# Clean up when done or when aborting.
trap "rm -f in.$$; rm -f out.$$" 0 1 2 3 15
cat | $SPAMASSASSIN > out.$$ || { echo Message content rejected; exit $EX_UNAVAILABLE; }
$SENDMAIL "$@" < out.$$
exit $?
|
7.) ???????????? SpamAssissin.
? ?????????? /etc/mail/spamassassin ??????? ???? local.cf ? ???????? ???? ????????????? ??????:
??????: |
required_hits 5
rewrite_header 1
report_safe 1
use_bayes 1
auto_learn 1
use_terse_report 1
always_add_headers 1
fold_headers 1
spam_level_stars 1
spam_level_char *
rewrite_subject 1
subject_tag !!!!*****SPAM*****!!!!
ok_languages ru
ok_locales en
use_razor1 1
use_razor2 1
use_pyzor 1
use_dcc 1
skip_rbl_checks 0
body VIAGRA /viagra/i
body PENIS /penis/i
score VIAGRA 2
score PENIS 2
blacklist_from *@msn.com
blacklist_from *@hotmail.com
whitelist_from *@gennadi.ru
|
??? ??????? ???????????? ( ??? ??????? ), ??? ? ??????, ??? ?????? ?????????? ????? VIAGRA ? PENIS ??? ?? ???????????? *@msn.com ? *@hotmail.com ????? ???????? ??? spam. ?????? ?? ???????????? *@gennadi.ru ????? ???????? ?????????.
??????????????? ??? ??? ????? ???? ? ????? ????.
? Google ?????????? ???????? ?? ???????????? ????? ?????.
??????: |
mail-relay:~ # postfix reload
mail-relay:~ # /etc/init.d/postfix restart
mail-relay:~ # /etc/init.d/spamd restart |
8.) ??? ?? ??? ?????? ?? ????????? ????????? ???????? ?? spam, ???????? ?? ????? firewall'e NAT ? ?????
mail-relay.gennadi.ru ?? ???? 25 ( smtp) ? ???? 465 ( smtps ).
9.) Test
?????? ????? ??????? ?????? ?? ????????? ?????????? ?????.
? ???? ??????? ???
gennadi@gmx.net ???????? ?????? ?? ?????
gennadi@gennadi.ru.
??????: |
mail-relay:~ # tail -fn 100 /var/log/mail
Jan 25 16:37:33 mail-relay postfix/smtpd[7484]: starting TLS engine
Jan 25 16:37:33 mail-relay postfix/smtpd[7484]: connect from unknown[213.165.64.20]
Jan 25 16:37:33 mail-relay postfix/smtpd[7484]: 93F9924C9E: client=unknown[213.165.64.20]
Jan 25 16:37:33 mail-relay postfix/cleanup[7486]: 93F9924C9E: message-id=<16175.1075044591@www15.gmx.net>
Jan 25 16:37:34 mail-relay postfix/qmgr[1555]: 93F9924C9E: from=<gennadi@gmx.net>, size=897, nrcpt=1 (queue active)
Jan 25 16:37:34 mail-relay postfix/smtpd[7484]: disconnect from unknown[213.165.64.20]
Jan 25 16:37:34 mail-relay spamd[7483]: connection from localhost [127.0.0.1] at port 34496
Jan 25 16:37:34 mail-relay spamd[7491]: info: setuid to spamfilter succeeded
Jan 25 16:37:34 mail-relay spamd[7491]: processing message <16175.1075044591@www15.gmx.net> for spamfilter:501.
Jan 25 16:37:34 mail-relay spamd[7491]: clean message (0.4/2.0) for spamfilter:501 in 0.7 seconds, 872 bytes.
Jan 25 16:37:35 mail-relay postfix/pickup[7265]: 3F4D624CDB: uid=501 from=<gennadi@gmx.net>
Jan 25 16:37:35 mail-relay postfix/cleanup[7486]: 3F4D624CDB: message-id=<16175.1075044591@www15.gmx.net>
Jan 25 16:37:35 mail-relay postfix/pipe[7487]: 93F9924C9E:
to=<gennadi@gennadi.ru>, relay=filter, delay=2, status=sent
(mail-relay.gennadi.ru)
Jan 25 16:37:35 mail-relay postfix/qmgr[1555]: 3F4D624CDB: from=<gennadi@gmx.net>, size=1168, nrcpt=1 (queue active)
Jan 25 16:37:35 mail-relay postfix/smtp[7496]: 3F4D624CDB:
to=<gennadi@gennadi.ru>, relay=192.168.0.2[192.168.0.2], delay=0,
status=sent (250 Ok: queued as BBA504A75)
|
?????? ?? gennadi@gmx.net, ?????? ???????? ????? spamfilter ?????????? ?? Domino-Server ??? ????? gennadi@gennadi.ru ....
10.) MySQL ? WebUserPrefs.
???? ??????????? ??????? SpamAssassin ? MySQL'?? ? ????????? ????? ??????????.
??? ????? ????? ????? SpamAssissin 2.55 - ?? ????!.
????? MySQL
????? WebUserPrefs
11.) ???????? SpamAssassin MySQL-??
??????? userpref
??????: |
mail-relay:~ # mysql -h localhost -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 159 to server version: 3.23.55-Max-log
Type 'help;' or 'h' for help. Type 'c' to clear the buffer.
mysql> create database spamassassin;
Query OK, 1 row affected (0.19 sec)
mysql> use spamassassin;
Database changed
mysql> CREATE TABLE userpref (
-> username varchar(100) NOT NULL,
-> value varchar(100) NOT NULL,
-> prefid int(11) NOT NULL auto_increment,
-> PRIMARY KEY (prefid),
-> INDEX (username)
-> ) TYPE=MyISAM;
Query OK, 0 rows affected (0.03 sec)
mysql>GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER ON spamassassin.* TO spamassassin@localhost identified by 'spampassword';
Query OK, 0 rows affected (0.12 sec)
mysql>quit
mail-relay:~ #
|
12.) ? ?????????? /etc/mail/spamassassin ??????? ???? local.cf ? ???????? ???? ????????????? ??????:
??????: |
user_scores_dsn
DBI:mysql:spamassassin:localhost
user_scores_sql_username spamassassin
user_scores_sql_password spampassword
user_scores_sql_table userpref
|
13.) ? ???? /etc/sysconfig/spamd ??????? ????????? ????????? ( ??? ????? ????? ??? ?????? ? MySQL'?? ):
??????: |
## Path: Network/Mail/Spamassassin
## Description: Arguments for the spam d?mon
## Type: string
## Default: "-d -c -a -L"
## ServiceRestart: spamd
SPAMD_ARGS="-d -x -q " |
??????????: ? RedHat ???? ???? ?????????? /etc/sysconfig/spamassassin
14.) ?????????? ?????????? ????? WebUserPrefs ? ?????????? ??? ? Root-?????????? - ?????? Web-Server'a Apache - "/srv/www/htdocs/"
? ????? /srv/www/htdocs/webuserprefs/config.php ??????? ????????? ????????? :
??????: |
$prefs_source = "db";
$db_host = "localhost";
$db_username = "spamassassin";
$db_password = 'spampassword;
$db_database = "spamassassin";
$db_sauser = $PHP_AUTH_USER; |
15.) ?????? ??? login spamassassin'a ????? Browser:
??????: |
mail-relay: # mkdir /srv/www/passwd/
mail-relay: # mkdir /srv/www/passwd/spamassassin
mail-relay: # htpasswd -c /srv/www/passwd/spamassassin/users spamassassin
New password: spampassword
Re-type new password: spampassword
mail-relay: # echo "mail:spamassassin" > /srv/www/passwd/spamassassin/group
|
16.) Apache, SSL ? spamassassin-aliases
? ?????????? /etc/httpd ??????? ????? ???? httpd.conf ? ??????????????? ??? ??? ???? ???????:
??????: |
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/srv/www/htdocs"
ServerName mail-relay.gennadi.ru
ServerAdmin webadmin@gennadi.ru
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A test
# certificate can be generated with `make certificate' under
# built time. Keep in mind that if you've both a RSA and a DSA
# certificate you can configure both in parallel (to also allow
# the use of DSA ciphers, etc.)
SSLCertificateFile /etc/ssl/certs/server.crt
#SSLCertificateFile /etc/httpd/ssl.crt/server-dsa.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/ssl/certs/server.key
#SSLCertificateKeyFile /etc/ssl/certs/server.key
Alias /spamassassin/ /srv/www/htdocs/spamassassin
<Directory /srv/www/htdocs/spamassassin/>
Options None
SSLRequireSSL
order deny,allow
deny from all
AuthType Basic
AuthUserFile /srv/www/passwd/spamassassin/users
AuthGroupFile /srv/www/passwd/spamassassin/group
AuthName "SpamAssassin Admin"
require group mail
Satisfy Any
</Directory>
|
? ?????????? /etc/ ??????? ????? ???? php.ini ??????? ????? ??????:
??????: |
register_globals = Off
|
???????? ??:
??????: |
register_globals = On
|
? ?????????? /etc/sysconfig ??????? ????? ???? apache ??????? ????? ??????:
??????: |
HTTPD_SEC_MOD_SSL=no
|
???????? ??:
??????: |
HTTPD_SEC_MOD_SSL=yes
|
? SuSE ? UnitedLinux ?????????? ????????? ????????? ???????:
??????: |
mail-relay: # SuSEconfig
mail-relay: # rcapache restart |
? ?????? ?????????????
??????: |
mail-relay: # service httpd restart |
???
??????: |
mail-relay: # /etc/init.d/apache restart |
https://mail-relay.gennadi.ru/webuserprefs
17.) ?????????????? ??????????? ?????? SpamAssissin 2.55
???? ?? ?????? ??????? ???? ?????? ???? ??????????? ??????? SpamAssissin ?????? ???????? ????? SPAM ? NOSPAM.
? SpamAssissin ???????????? Bayesian Filter, ??????? ???????????? ???????? sa-learn. ??????? ???????????? ???????? ?? 1000 SPAM ? NOSPAM(HAM) ????? ? ???????? SpamAssissin'? :
??????: |
mail-relay: # sa-learn --spam --dir /path/to/spam/ordner
mail-relay: # sa-learn --ham --dir /path/to/nospam/ordner |
??? ?? ??????? SpamAssissin ????????????? ????????? ?????? SPAM ??
NOSPAM ? ?????? ?? ? BAYES-???? ?????? (Autolearning). ????? ???? ???
SpamAssissin ?????? ?????????? ?????? ? ??????? ?? ? BAYES-???? ??????,
??? ??????? ????????????? ????????????.
?? ??? ? ??? ....
???????!
_________________
gennadi@gennadi.dyn.ee
????????? ??? ???????????????: admin (?? ??? 01, 2004 9:54 am), ????? ??????????????? 8 ???(?)