Chapter 4. 防病毒与防垃圾邮件
本章介绍病毒与垃圾邮件的防范。
________________________________________
4.1 安装Clamav
mail# cd /usr/ports/security/clamav
mail# make install clean
注:MILTER不用选中
重启服务器
测试
mail# clamscan -r -i /usr/local/www/data
----------- SCAN SUMMARY -----------
Known viruses: 22838
Scanned directories: 1
Scanned files: 31
Infected files: 0
Data scanned: 0.00 MB
I/O buffer size: 131072 bytes
Time: 1.298 sec (0 m 1 s)
升级病毒库
mail# freshclam
________________________________________
4.2 安装amavisd-new
版本20040701。
mail# cd /usr/ports/security/amavisd-new
mail# make install clean
选中MySQL
编辑/etc/rc.conf,加入
amavisd_enable="YES"
修改/usr/local/etc/amavisd.conf
$mydomain = 'example.com';改成$mydomain = 'test.com';
#$notify_method = 'smtp:[127.0.0.1]:10025';
#$forward_method = 'smtp:[127.0.0.1]:10025';
的注释去掉
修改/usr/local/etc/postfix/master.cf,最后加入
smtp-amavis unix - - y - 2 smtp -o smtp_data_done_timeout=1200
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
重启服务器
________________________________________
4.3 安装配置Spamassassin
在最新的AMaVisd-new已经结合了Spamassassin功能,所以只要用 ports安装了 AMaVisd-new,那Spamassassin 也已经安装好了。
添加需要的用户
mail# pw useradd spam -c "Spam Bayes Learner" -d /var/empty -s /sbin/nologin
mail# pw useradd notspam -c "Not Spam Bayes Learner" -d /var/empty -s /sbin/nologin
修改/usr/local/etc/mail/spamassassin/local.cf
use_bayes 1
bayes_path /var/amavis/.spamassassin/bayes
auto_learn 1
auto_learn_threshold_nonspam -2
auto_learn_threshold_spam 15
修改/usr/local/etc/amavisd.conf,在MUST BE SET (no useful default)一段下面增加
$max_requests = 10;
$child_timeout=5*60;
@bypass_virus_checks_acl = qw( . );
@local_domains_acl = ( ".$mydomain" );
$final_spam_destiny = D_PASS;
read_hash(\%whitelist_sender, '/var/amavis/whitelist');
read_hash(\%blacklist_sender, '/var/amavis/blacklist');
read_hash(\%spam_lovers, '/var/amavis/spam_lovers');
建立所需要的文件
mail# touch /var/amavis/whitelist
mail# touch /var/amavis/blacklist
mail# touch /var/amavis/spam_lovers
mail# chown vscan /var/amavis/whitelist
mail# chown vscan /var/amavis/blacklist
mail# chown vscan /var/amavis/spam_lovers
mail# echo spam@test.com >> /var/amavis/spam_lovers
mail# echo notspam@test.com >> /var/amavis/spam_lovers
修改/usr/local/etc/postfix/main.cf,添加
content_filter = smtp-amavis:[127.0.0.1]:10024
建立自动学习体系
mail# vi /usr/local/sbin/my-sa-learn.sh
#!/bin/sh
if [ -e /var/mail/spam ]; then
/usr/local/bin/sa-learn --spam -p /var/amavis/.spamassassin/user_prefs
--mbox /var/mail/spam
注:以上两行为一行
rm /var/mail/spam > /dev/null
fi
if [ -e /var/mail/notspam ]; then
/usr/local/bin/sa-learn --ham -p /var/amavis/.spamassassin/user_prefs
--mbox /var/mail/notspam
注:以上两行为一行
rm /va/mail/notspam > /dev/null
fi
mail# chmod a+x /usr/local/sbin/my-sa-learn.sh
建立学习知识库:
mail# /usr/local/bin/sa-learn --rebuild -p /var/amavis/.spamassassin/user_prefs
加入自动运行:
mail# crontab -e
5 0 * * * /usr/local/sbin/my-sa-learn.sh
重启服务器
测试
mail# su - vscan
mail# /usr/local/sbin/amavisd debug
启动另一个终端:
mail# telnet 127.0.0.1 10024
Trying 127.0.0.1...
Connected to localhost.test.com.
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
MAIL FROM:<webmaster@test.com>
250 2.1.0 Sender webmaster@test.com OK
RCPT TO:<webmaster@test.com>
250 2.1.5 Recipient webmaster@test.com OK
DATA
354 End data with
Subject: test
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
.
250 2.7.1 Ok, discarded, id=00228-01 - VIRUS: Eicar-Test-Signature
//出现这一行表示系统已经认出这个邮件中含有 Virus
quit
________________________________________
Chapter 5. 安装webmail
webmail使用igenus,版本是2004.7.13。
下载igenus到/var/mail目录后解压
安装autorespond,版本是2.53_3。
mail# cd /usr/ports/mail/autorespond
mail# make install clean
修改/usr/local/etc/apache/httpd.conf
Group nobody、User nobody修改为: Group postfix、User postfix
DocumentRoot "/usr/local/apache/htdocs"修改为:DocumentRoot "/var/mail/webmail"
mail# cd /usr/local/www
mail# chown -R postfix:postfix phpMyAdmin
mail# cd /usr/local/etc
mail# cp php.ini-dist php.ini
修改/usr/local/etc/php.ini
register_globals = On
max_execution_time = 30 //改为60 (增加处理脚本的时间限制)
memory_limit = 8M //改为40M (这样才能发10M的附件)
post_max_size = 8M //改为10M
upload_max_filesize = 2M //改为10M
重启apache
mail# /usr/local/etc/rc.d/apache.sh restart
在mail数据库下增加的表
# phpMyAdmin SQL Dump
# version 2.5.3
# http://www.phpmyadmin.net
#
# Host: localhost
# Generation Time: Jun 04, 2004 at 11:26 AM
# Server version: 3.23.55
# PHP Version: 4.3.0
#
# Database : `vpopmail`
#
# --------------------------------------------------------
#
# Table structure for table `address`
#
CREATE TABLE `address` (
`id` int(11) unsigned NOT NULL auto_increment,
`pw_id` int(5) NOT NULL default '0',
`name` varchar(64) NOT NULL default '',
`email` varchar(128) NOT NULL default '',
UNIQUE KEY `id` (`id`),
KEY `pw_id` (`pw_id`)
) TYPE=MyISAM PACK_KEYS=1 ;
# --------------------------------------------------------
#
# Table structure for table `admin`
#
CREATE TABLE `admin` (
`id` int(10) unsigned NOT NULL auto_increment,
`site_id` int(10) unsigned NOT NULL default '0',
`domain` varchar(128) NOT NULL default '',
`quota` smallint(5) unsigned NOT NULL default '0',
`total` smallint(5) unsigned NOT NULL default '0',
`createtime` timestamp(14) NOT NULL,
`login` char(1) NOT NULL default '',
`cur_total` smallint(5) NOT NULL default '0',
`cur_quota` smallint(5) NOT NULL default '0',
`gid` varchar(11) NOT NULL default '',
`expiration_time` timestamp(14) NOT NULL,
`flag` int(10) unsigned NOT NULL default '0',
`maxmsg` int(10) unsigned NOT NULL default '0',
PRIMARY KEY (`id`),
UNIQUE KEY `domain` (`domain`)
) TYPE=MyISAM PACK_KEYS=1 ;
# --------------------------------------------------------
#
# Table structure for table `card`
#
CREATE TABLE `card` (
`id` int(5) unsigned NOT NULL auto_increment,
`pw_id` int(5) unsigned NOT NULL default '0',
`LinkMan` varchar(64) NOT NULL default '',
`CompanyName` varchar(100) NOT NULL default '',
`Address` varchar(255) NOT NULL default '',
`Position` varchar(32) NOT NULL default '',
`PhoneNumber` varchar(16) NOT NULL default '',
`Mobile` varchar(12) NOT NULL default '',
`Email` varchar(128) NOT NULL default '',
`Partaker` varchar(32) NOT NULL default '',
`Memo` varchar(255) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=MyISAM ;
# --------------------------------------------------------
#
# Table structure for table `lastauth`
#
CREATE TABLE `lastauth` (
`user` char(32) NOT NULL default '',
`domain` char(64) NOT NULL default '',
`remote_ip` char(1 NOT NULL default '',
`timestamp` bigint(20) NOT NULL default '0',
PRIMARY KEY (`user`,`domain`)
) TYPE=MyISAM;
# --------------------------------------------------------
#
# Table structure for table `logs`
#
CREATE TABLE `logs` (
`pw_id` int(5) default '0',
`ip` varchar(15) NOT NULL default '',
`action` varchar(15) NOT NULL default '',
`time` datetime default NULL,
`content` varchar(64) NOT NULL default '',
`email` varchar(128) NOT NULL default ''
) TYPE=MyISAM;
# --------------------------------------------------------
#
# Table structure for table `message`
#
CREATE TABLE `message` (
`id` int(5) unsigned NOT NULL auto_increment,
`title` varchar(255) NOT NULL default '',
`body` text NOT NULL,
`createtime` datetime NOT NULL default '0000-00-00 00:00:00',
`updatetime` datetime NOT NULL default '0000-00-00 00:00:00',
`pw_domain` varchar(64) NOT NULL default '',
UNIQUE KEY `id` (`id`)
) TYPE=MyISAM ;
# --------------------------------------------------------
#
# Table structure for table `personal`
#
//原来的monthe,day为大写,改成小写
CREATE TABLE `personal` (
`id` int(11) unsigned NOT NULL auto_increment,
`pw_id` int(5) NOT NULL default '0',
`truename` varchar(10) NOT NULL default '',
`fax` varchar(20) NOT NULL default '',
`telephone` varchar(15) NOT NULL default '',
`sex` int(1) NOT NULL default '0',
`year` int(4) NOT NULL default '0',
`month` int(2) NOT NULL default '0',
`day` int(2) NOT NULL default '0',
`education` varchar(4) NOT NULL default '',
`marital` int(1) NOT NULL default '0',
`oclearcase/" target="_blank" >ccupation` varchar(15) NOT NULL default '',
`companyname` varchar(30) NOT NULL default '',
`province` varchar(6) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=MyISAM PACK_KEYS=1 ;
# --------------------------------------------------------
#
# Table structure for table `scheduler`
#
CREATE TABLE `scheduler` (
`id` int(11) unsigned NOT NULL auto_increment,
`begin_time` int(11) unsigned default NULL,
`end_time` int(11) unsigned default NULL,
`title` varchar(255) NOT NULL default '',
`body` varchar(255) NOT NULL default '',
`pw_id` int(11) unsigned NOT NULL default '0',
PRIMARY KEY (`id`)
) TYPE=MyISAM ;
# --------------------------------------------------------
#
# Table structure for table `stow`
#
CREATE TABLE `stow` (
`id` int(5) unsigned NOT NULL auto_increment,
`pw_id` int(5) unsigned NOT NULL default '0',
`Name` varchar(128) NOT NULL default '',
`http` varchar(255) NOT NULL default 'http://',
`memo` varchar(255) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=MyISAM ;
# --------------------------------------------------------
#
# Table structure for table `vpopmail`
#
CREATE TABLE `vpopmail` (
`pw_id` int(5) unsigned NOT NULL auto_increment,
`pw_name` varchar(32) NOT NULL default '',
`pw_domain` varchar(64) NOT NULL default '',
`pw_passwd` varchar(40) NOT NULL default '',
`pw_uid` int(11) default NULL,
`pw_gid` int(11) default NULL,
`pw_gecos` varchar(4 default NULL,
`pw_dir` varchar(255) default NULL,
`pw_shell` varchar(20) default NULL,
`createtime` timestamp(14) NOT NULL,
PRIMARY KEY (`pw_id`),
KEY `pw_name` (`pw_name`,`pw_domain`)
) TYPE=MyISAM PACK_KEYS=1 ;
修改config/config_inc.php
$CFG_BASEPATH = "/var/mail/igenus";
$CFG_MYSQL_HOST = 'localhost';
$CFG_MYSQL_USER = 'postfix';
$CFG_MYSQL_PASS = 'admin123';
$CFG_MYSQL_DB = 'mail';
$CFG_NETDISK_PATH = "/var/mail/igenus/netdisk";
$CFG_TEMP = $CFG_BASEPATH."/../../temp";
改成:
$CFG_TEMP = $CFG_BASEPATH."/temp";
修改include/login_inc.php
if ( !isset($_SESSION['G_USERNAME']) || $SG_USERNAME == "" ||
!isset($_SESSION['G_DOMAIN']) || $SG_DOMAIN == "" ||
!isset($_SESSION['G_HOME']) || $SG_HOME == "" ||
!isset($_SESSION['G_TIME']) || $SG_TIME == "" ||
!isset($_SESSION['G_NICKNAME']) || $SG_NICKNAME == ""
){
header("Location: login.php");
exit();
}
改成:
if ( !isset($_SESSION['G_USERNAME']) || $SG_USERNAME == "" ||
!isset($_SESSION['G_DOMAIN']) || $SG_DOMAIN == "" ||
!isset($_SESSION['G_HOME']) || $SG_HOME == "" ||
!isset($_SESSION['G_TIME']) || $SG_TIME == ""
// !isset($_SESSION['G_NICKNAME']) || $SG_NICKNAME == ""
){
header("Location: login.php");
exit();
}
修改login.php
if ($CFG_VPOPMAIL_MYSQL_LARGE_SITE){
$Vpopmail_Domain = ereg_replace("\.","_",$Post_domain);
$query = "SELECT * FROM $Vpopmail_Domain WHERE pw_name='$Post_name'";
}else{
$query = "SELECT * FROM vpopmail WHERE pw_name='$Post_name' and
pw_domain='$Post_domain'";
}
改成:
if ($CFG_VPOPMAIL_MYSQL_LARGE_SITE){
$Vpopmail_Domain = ereg_replace("\.","_",$Post_domain);
$query = "SELECT * FROM $Vpopmail_Domain WHERE pw_name='$Post_name'";
}else{
$query = "SELECT * FROM virtual_users WHERE name='$Post_name' and
domain='$Post_domain'";
}
$data = mysql_fetch_array($result);
$home = $data['pw_dir'];
$Post_passwd2 = $data['pw_passwd'];
$pw_id = $data['pw_id'];
$pw_shell = $data['pw_shell'];
$pw_gecos = $data['pw_gecos'];
$pw_gid = $data['pw_gid'];
$pw_domain = strtolower($data['pw_domain']);
$pw_name = strtolower($data['pw_name']);
改成:
$data = mysql_fetch_array($result);
$home1 = $data['home'];
$home2 = $data['maildir'];
$home = $home1.$home2;
$Post_passwd2 = $data['PASSWORD'];
$pw_id = $data['unique_id'];
$pw_shell = $data['quota'];
$pw_gecos = $data['nickname'];
$pw_domain = strtolower($data['domain']);
$pw_name = strtolower($data['name']);
修改inclue/mailbox_inc.php
$sizefile = "$SG_HOME/Maildir/maildirsize";
全部改成:
$sizefile = "$SG_HOME/maildirsize";
if(!is_dir("$SG_HOME/Maildir/$Mailbox")){
mkdir("$SG_HOME/Maildir/$Mailbox",0700);
mkdir("$SG_HOME/Maildir/$Mailbox/new",0700);
mkdir("$SG_HOME/Maildir/$Mailbox/cur",0700);
mkdir("$SG_HOME/Maildir/$Mailbox/tmp",0700);
}
改成:
if(!is_dir("$SG_HOME/$Mailbox")){
mkdir("$SG_HOME/$Mailbox",0700);
mkdir("$SG_HOME/$Mailbox/new",0700);
mkdir("$SG_HOME/$Mailbox/cur",0700);
mkdir("$SG_HOME/$Mailbox/tmp",0700);
}
$home = $SG_HOME . "/Maildir/".$Mailbox."/new";
改成:
$home = $SG_HOME . $Mailbox."/new";
$home = $SG_HOME . "/Maildir/".$Mailbox."/cur";
改成:
$home = $SG_HOME . $Mailbox."/cur";
修改sendmail.php
$Path = "$SG_HOME/Maildir/".$CFG_MAILBOX['outbox']."/new/" . $Path;
改成:
$Path = "$SG_HOME/".$CFG_MAILBOX['outbox']."/new/" . $Path;
$Path = "$SG_HOME/Maildir/".$CFG_MAILBOX['draft']."/new/" . $Path;
改成:
$Path = "$SG_HOME/".$CFG_MAILBOX['draft']."/new/" . $Path;
修改list.php
if(!is_dir("$SG_HOME/Maildir/$mailbox")){
mkdir("$SG_HOME/Maildir/$mailbox",0700);
mkdir("$SG_HOME/Maildir/$mailbox/new",0700);
mkdir("$SG_HOME/Maildir/$mailbox/cur",0700);
mkdir("$SG_HOME/Maildir/$mailbox/tmp",0700);
}
改成:
if(!is_dir("$SG_HOME/$mailbox")){
mkdir("$SG_HOME/$mailbox",0700);
mkdir("$SG_HOME/$mailbox/new",0700);
mkdir("$SG_HOME/$mailbox/cur",0700);
mkdir("$SG_HOME/$mailbox/tmp",0700);
}
$myhome = "$SG_HOME/Maildir/$mailbox/$home";
改成:
$myhome = "$SG_HOME/$mailbox/$home";
修改folder.php
$mailfile = "$SG_HOME/Maildir/$SMailbox/$IsNew/$File";
改成:
$mailfile = "$SG_HOME/$SMailbox/$IsNew/$File";
$home = $SG_HOME . "/Maildir/".$SMailbox."/cur";
改成:
home = $SG_HOME .$SMailbox."/cur";
$mailfile = "$SG_HOME/Maildir/$SMailbox/cur/$file";
改成:
$mailfile = "$SG_HOME/$SMailbox/cur/$file";
link($mailfile, "$SG_HOME/Maildir/$DMoveTo/$IsNew/$cur_file");
改成:
link($mailfile, "$SG_HOME/$DMoveTo/$IsNew/$cur_file");
修改prev.php
$mailfile = "$SG_HOME/Maildir/$SMailbox/$IsNew/$File";
改成:
$mailfile = "$SG_HOME/$SMailbox/$IsNew/$File";
$home = $SG_HOME . "/Maildir/".$SMailbox."/cur";
改成:
$home = $SG_HOME .$SMailbox."/cur";
$mailfile = "$SG_HOME/Maildir/$SMailbox/cur/$file";
改成:
$mailfile = "$SG_HOME/$SMailbox/cur/$file";
if(file_exists("$SG_HOME/Maildir/$SMailbox/new/$File")) {
@link("$SG_HOME/Maildir/$SMailbox/new/$File",
"$SG_HOME/Maildir/$SMailbox/cur/$File:2,S");
@unlink("$SG_HOME/Maildir/$SMailbox/new/$File");
}
改成:
if(file_exists("$SG_HOME/$SMailbox/new/$File")) {
@link("$SG_HOME/$SMailbox/new/$File",
"$SG_HOME/$SMailbox/cur/$File:2,S");
@unlink("$SG_HOME/$SMailbox/new/$File");
}
$home = $SG_HOME . "/Maildir/".$SMailbox."/cur";
改成:
$home = $SG_HOME .$SMailbox."/cur";
if($isread==0)
{
@link("$SG_HOME/Maildir/$SMailbox/cur/$file",
"$SG_HOME/Maildir/$SMailbox/cur/$file"."S");
@unlink("$SG_HOME/Maildir/$SMailbox/cur/$file");
}
改成:
if($isread==0)
{
@link("$SG_HOME/$SMailbox/cur/$file",
"$SG_HOME/$SMailbox/cur/$file"."S");
@unlink("$SG_HOME/$SMailbox/cur/$file");
}
修改passwd.php
$query = "SELECT pw_name,pw_passwd FROM vpopmail WHERE pw_id='$SG_ID'";
改成:
$query = "SELECT name,PASSWORD FROM virtual_users WHERE unique_id='$SG_ID'";
if( $row->pw_passwd!=crypt($post_OldPasswd,$row->pw_passwd) ) {
改成:
if( $row->PASSWORD!=crypt($post_OldPasswd,$row->PASSWORD) ) {
$query = "UPDATE vpopmail SET pw_passwd='$NewPasswd' WHERE pw_id='$SG_ID'";
改成:
$query = "UPDATE virtual_users SET PASSWORD='$NewPasswd' WHERE unique_id='$SG_ID'";
修改read.php
if(!file_exists($mailfile))
{
$home = $SG_HOME . "/Maildir/".$SMailbox."/cur";
$handle=opendir($home);
while (($filename = readdir($handle))!==false)
{
if (substr_count($filename, $file)==1)
{
$mailfile = "$SG_HOME/Maildir/$SMailbox/cur/$filename";
}
}
closedir($handle);
}
改成:
if(!file_exists($mailfile))
{
$home = $SG_HOME .$SMailbox."/cur";
$handle=opendir($home);
while (($filename = readdir($handle))!==false)
{
if (substr_count($filename, $file)==1)
{
$mailfile = "$SG_HOME/Maildir/$SMailbox/cur/$filename";
}
}
closedir($handle);
}
$mailfile = "$SG_HOME/Maildir/$SMailbox/$isnew/$file";
改成:
$mailfile = "$SG_HOME/$SMailbox/$isnew/$file";
$mailfile = "$SG_HOME/Maildir/$SMailbox/cur/$filename";
改成:
$mailfile = "$SG_HOME/$SMailbox/cur/$filename";
修改forward.php
$mailfile = "$SG_HOME/Maildir/$SMailbox/$IsNew/$File";
if(!file_exists($mailfile)) $mailfile = "$SG_HOME/Maildir/$SMailbox/cur/$Files";
改成:
$mailfile = "$SG_HOME/$SMailbox/$IsNew/$File";
if(!file_exists($mailfile)) $mailfile = "$SG_HOME/$SMailbox/cur/$Files";
其它小方面的修改,把不能实现的功能和我自己觉得没用的功能屏蔽掉。
修改template\_menu.php把邮件过滤、转发、自动回复屏蔽掉。
屏蔽掉内部通知、日程安排、帮助。
修改template\_mailbox.php把日程安排和内部通知屏蔽掉。
, ICKNAME']?> : | <>
: | <><> |
: | <>size="20" maxlength="128"> | <>
: | <>size="10" maxlength="10"> | <>
: | <>size="20" maxlength="20"> | <>
: | <>value="20971520" size="10" maxlength="255"> | <>
value=""> | <>