qmail Qmail-Scanner SpamAssassin インストール
SpamAssassinインストール
[root@freebsd ~]# cd /usr/ports/mail/p5-Mail-SpamAssassin
[root@freebsd p5-Mail-SpamAssassin]# make BATCH=yes WITHOUT_AS_ROOT=yes install clean
・
・
・
===> Cleaning for p5-NetAddr-IP-4.02.7
===> Cleaning for p5-Archive-Tar-1.60
===> Cleaning for p5-Net-DNS-0.66
===> Cleaning for p5-Compress-Zlib-2.015
===> Cleaning for p5-IO-Zlib-1.10
===> Cleaning for p5-HTML-Parser-3.65
===> Cleaning for p5-IO-Compress-Zlib-2.015
===> Cleaning for p5-Test-Harness-3.21
===> Cleaning for p5-libwww-5.834
===> Cleaning for p5-Encode-Detect-1.01
===> Cleaning for p5-Mail-Tools-2.06
===> Cleaning for p5-IO-Socket-SSL-1.33
===> Cleaning for p5-Digest-SHA-5.48
===> Cleaning for p5-Mail-DKIM-0.38
===> Cleaning for p5-Crypt-OpenSSL-RSA-0.26
===> Cleaning for p5-Time-HiRes-1.9721,1
===> Cleaning for p5-IO-Socket-INET6-2.61
===> Cleaning for gnupg-2.0.14_1
===> Cleaning for razor-agents-2.84
===> Cleaning for p5-IO-Compress-Bzip2-2.015
===> Cleaning for p5-IO-String-1.08
===> Cleaning for p5-Net-IP-1.25_1
===> Cleaning for p5-Digest-HMAC-1.02
===> Cleaning for p5-Compress-Raw-Zlib-2.027
===> Cleaning for p5-IO-Compress-Base-2.015
===> Cleaning for p5-HTML-Tagset-3.20
===> Cleaning for p5-URI-1.54
===> Cleaning for p5-ExtUtils-CBuilder-0.2703,1
===> Cleaning for p5-Module-Build-0.3607
===> Cleaning for p5-TimeDate-1.20,1
===> Cleaning for p5-Net-SSLeay-1.36
===> Cleaning for p5-Crypt-OpenSSL-Random-0.04
===> Cleaning for p5-Crypt-OpenSSL-Bignum-0.04
===> Cleaning for p5-Socket6-0.23
===> Cleaning for libassuan-1.0.5
===> Cleaning for libksba-1.0.7
===> Cleaning for pth-2.0.7
===> Cleaning for curl-7.20.0
===> Cleaning for p5-Digest-SHA1-2.12
===> Cleaning for p5-Compress-Raw-Bzip2-2.027
===> Cleaning for p5-Math-BigInt-1.89
===> Cleaning for p5-YAML-0.71
===> Cleaning for p5-ExtUtils-ParseXS-2.22.03
===> Cleaning for p5-ExtUtils-Install-1.54
===> Cleaning for ca_root_nss-3.12.4
===> Cleaning for p5-Mail-SpamAssassin-3.3.1
SpamAssassin起動
[root@freebsd p5-Mail-SpamAssassin]# vi /etc/rc.conf
[root@freebsd p5-Mail-SpamAssassin]# /usr/local/bin/sa-update
[root@freebsd p5-Mail-SpamAssassin]# /usr/local/etc/rc.d/sa-spamd start
Starting spamd.
ヒント
# perl -e 'use Time::HiRes;'
# perl -e 'use DB_File;'
wgetインストール
[root@freebsd p5-Mail-SpamAssassin]# cd /usr/ports/ftp/wget
[root@freebsd wget]# make BATCH=yes install clean
tnefインストール
[root@freebsd wget]# cd /usr/ports/converters/tnef
[root@freebsd tnef]# make install clean
pcreインストール
[root@freebsd tnef]# cd /usr/ports/devel/pcre
[root@freebsd pcre]# make install clean
maildropインストール
[root@freebsd pcre]# cd /usr/ports/mail/maildrop
[root@freebsd maildrop]# make install clean
qmailqueue-patch
[root@freebsd qmail]# cd /usr/ports/mail/qmail
[root@freebsd qmail]# make BATCH=yes WITH_SMTP_AUTH_PATCH=yes WITH_QMAILQUEUE_PATCH=yes WITH_LOCALTIME_PATCH=yes deinstall reinstall clean
perl-suidperlインストール
[root@freebsd maildrop]# cd /usr/ports/lang/perl5.10
[root@freebsd perl5.10]# make BATCH=yes ENABLE_SUIDPERL=yes deinstall reinstall clean
unzipインストール
[root@freebsd perl5.10]# cd /usr/ports/archivers/unzip
[root@freebsd unzip]# make install clean
[root@freebsd unzip]# cd
Qmail-Scannerユーザー追加
[root@freebsd ~]# pw groupadd qscand
[root@freebsd ~]# pw useradd qscand -c "Qmail-Scanner" -g qscand -s /bin/false
qmail-scannerインストール
[root@freebsd ~]# fetch http://downloads.sourceforge.net/qmail-scanner/qmail-scanner-2.08.tgz
[root@freebsd ~]# tar zxvf qmail-scanner-2.08.tgz
[root@freebsd ~]# cd qmail-scanner-2.08
[root@freebsd qmail-scanner-2.08]# ./configure \
--admin postmaster \
--scanners clamdscan,verbose_spamassassin \
--add-dscr-hdrs yes \
--install
bash: not found
Building Qmail-Scanner 2.08...
This script will search your system for the virus scanners it knows
about, and will ensure that all external programs
qmail-scanner-queue.pl uses are explicitly pathed for performance
reasons.
Continue? ([Y]/N) ←Enterキークリック
/usr/bin/uudecode works as expected on system...
Found tnef on your system! That means we'll be able to decode stupid
M$ attachments :-)
The following binaries and scanners were found on your system:
mimeunpacker=/usr/local/bin/reformime
uudecode=/usr/bin/uudecode
tnef=/usr/local/bin/tnef
Content/Virus Scanners installed on your System
max-scan-size=100000000
[: /usr/local/bin/freshclam: unexpected operator
clamdscan=/usr/local/bin/clamdscan (which means clamscan won't be used as clamdscan is better)
[: unexpected operator
verbose_spamassassin=/usr/local/bin/spamc
Qmail-Scanner details.
log-details=syslog
log-crypto=0
fix-mime=2
ignore-eol-check=0
debug=1
notify=psender,nmlvadm
redundant-scanning=yes
sa-tempfail=1
sa-faulttolerant=1
sa-maxsize=256000
virus-admin=System Anti-Virus Administrator
local-domains='mail.freebsd.orz'
silent-viruses='klez','bugbear','hybris','yaha','braid','nimda','tanatos',
'sobig','winevar','palyh','fizzer','gibe','cailont','lovelorn','swen',
'dumaru','sober','hawawi','holar-i','mimail','poffer','bagle','worm.galil'
,'mydoom','worm.sco','tanx','novarg','\@mm'
scanners="clamdscan","verbose_spamassassin"
If that looks correct, I will now generate qmail-scanner-queue.pl
for your system...
Continue? ([Y]/N) ←Enterキークリック
Testing suid nature of /usr/bin/perl...
Looks OK...
Hit RETURN to create initial directory structure under /var/spool/qscan,
and install qmail-scanner-queue.pl under /var/qmail/bin:
perlscanner: generate new DB file from /var/spool/qscan/quarantine-events.txt
perlscanner: total of 12 entries.
Finished installation of initial directory structure for Qmail-Scanner
under /var/spool/qscan and qmail-scanner-queue.pl under /var/qmail/bin. ←Enterキークリック
Finished. Please read README(.html) and then go over the script
(/var/qmail/bin/qmail-scanner-queue.pl) to check paths/etc.
"/var/qmail/bin/qmail-scanner-queue.pl -r" should return some well-known virus
definitions to show that the internal perlscanner component is working.
That's it!
****** FINAL TEST ******
Please log into an unpriviledged account and run
/var/qmail/bin/qmail-scanner-queue.pl -g
If you see the error "Can't do setuid", or "Permission denied", then
refer to the FAQ.
(e.g. "setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g")
That's it! To report success:
% (echo 'First M. Last'; cat SYSDEF)|mail jhaar-s4vstats@crom.trimble.co.nz
Replace First M. Last with your name.
[root@freebsd qmail-scanner-2.08]# cd
qmail-scanner設定
[root@freebsd ~]# vi /var/spool/qscan/quarantine-events.txt
↓下記をコメント解除
.vbs SIZE=-1 VBS files not allowed per Company security policy
.lnk SIZE=-1 LNK files not allowed per Company security policy
.scr SIZE=-1 SCR files not allowed per Company security policy
.wsh SIZE=-1 WSH files not allowed per Company security policy
.hta SIZE=-1 HTA files not allowed per Company security policy
.pif SIZE=-1 PIF files not allowed per Company security policy
.cpl SIZE=-1 CPL files not allowed per Company security policy
↓下記を記入
.bat SIZE=-1 BAT files not allowed per Company security policy
.com SIZE=-1 COM files not allowed per Company security policy
.exe SIZE=-1 EXE files not allowed per Company security policy
SpamAssassin設定
[root@freebsd ~]# vi /usr/local/etc/mail/spamassassin/v310.pre
#loadplugin Mail::SpamAssassin::Plugin::TextCat
↓
loadplugin Mail::SpamAssassin::Plugin::TextCat ←コメント解除
↓下記を記入
#!/bin/sh
cd /usr/local/etc/mail/spamassassin
/usr/local/bin/wget -qN http://tlec.linux.or.jp/docs/user_prefs
cp user_prefs local.cf
cat << EOF >> local.cf
report_safe 0
rewrite_header Subject ***SPAM***
EOF
/usr/local/etc/rc.d/sa-spamd restart > /dev/null
tcp.smtp編集
[root@freebsd ~]# vi /etc/tcp.smtp
↓下記を記入
127.:allow,RELAYCLIENT=""
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
runスクリプト編集
[root@freebsd ~]# vi /var/qmail/service/smtpd/run
↓下記を記入
#!/bin/sh
QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
export QMAILQUEUE
exec env - PATH="/var/qmail/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin" \
/usr/local/bin/tcpserver -v -x /etc/tcp.smtp.cdb \
-R -H -l0 -u `id -u qmaild` -g `id -g qmaild` 0 smtp \
/var/qmail/bin/qmail-smtpd 2>&1
↓下記を記入
#!/bin/sh
QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
export QMAILQUEUE
exec env - PATH="/var/qmail/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin" \
/usr/local/bin/tcpserver -v -s -x /etc/tcp.smtp.cdb -n /var/qmail/cert.pem \
-R -H -l0 -u `id -u qmaild` -g `id -g qmaild` 0 smtps \
/var/qmail/bin/qmail-smtpd 2>&1
qmail再起動
[root@freebsd tnef]# svc -t /var/service/* ←再起動
[root@freebsd tnef]# svstat /var/service/* ←起動確認
Procmail設定(POPの場合)
[root@freebsd ~]# vi /usr/local/etc/procmailrc
SHELL=/bin/sh
PATH=/bin:/usr/bin:/usr/local/bin
DROPPRIVS=yes
MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR/
#LOGFILE=$MAILDIR/procmail.log
#VERBOSE=ON # 詳細ログ出力
# 件名に「未承諾広告※」を含むメールを破棄する
:0
* ^Subject:.*=\?[Ii][Ss][Oo]-2022-[Jj][Pp]\?[Bb]\?GyRCTCQ\+NUJ6OS05cCIo
/dev/null
# ヘッダーに「X-Spam-***」がない場合、spamassassinを起動
:0fw
*!^X-Spam.*
|spamassassin
Outlook Expressの設定 (POPの場合)
1.「ツール」>「メッセージ ルール」>「メール」をクリック。
2.「件名に指定した言葉が含まれる場合」にチェックを入れ
「指定した言葉が含まれる」をクリック。
3.「***SPAM***」と入力して「追加」をクリック。
4.「OK」をクリック。
5.「指定したフォルダに移動する」にチェックを入れ
「指定したフォルダ」をクリック。
6.「新規フォルダ」をクリック。
7.「SPAM」と入力して「OK」をクリック。
8.「SPAM」を選択して「OK」をクリック。
9.「OK」をクリック。
10.「OK」をクリック。
11.件名に「***SPAM***」が付くメールはSPAMフォルダに格納される。
スパムメールボックス作成 (IMAPの場合)
[root@freebsd ~]# mkdir -p /home/user_name/Maildir/.spam/new
[root@freebsd ~]# mkdir -p /home/user_name/Maildir/.spam/cur
[root@freebsd ~]# mkdir -p /home/user_name/Maildir/.spam/tmp
[root@freebsd ~]# chmod -R 700 /home/user_name/Maildir/.spam
[root@freebsd ~]# chown -R user_name:user_name /home/user_name/Maildir/.spam
追加ユーザー用スパムメールボックス作成(IMAPの場合)
[root@freebsd ~]# mkdir -p /usr/share/skel/Maildir/.spam/new
[root@freebsd ~]# mkdir -p /usr/share/skel/Maildir/.spam/cur
[root@freebsd ~]# mkdir -p /usr/share/skel/Maildir/.spam/tmp
[root@freebsd ~]# chmod -R 700 /usr/share/skel/Maildir/.spam
Procmail設定(IMAPの場合)
[root@freebsd ~]# vi /usr/local/etc/procmailrc
SHELL=/bin/sh
PATH=/bin:/usr/bin:/usr/local/bin
DROPPRIVS=yes
MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR/
SPAM=$MAILDIR/.spam/
#LOGFILE=$MAILDIR/procmail.log
#VERBOSE=ON # 詳細ログ出力
# 件名に「未承諾広告※」を含むメールを破棄する
:0
* ^Subject:.*=\?[Ii][Ss][Oo]-2022-[Jj][Pp]\?[Bb]\?GyRCTCQ\+NUJ6OS05cCIo
/dev/null
# ヘッダーに「X-Spam-***」がない場合、spamassassinを起動
:0fw
*!^X-Spam.*
|spamassassin
# ヘッダーに「X-Spam-Status: Yes」がある場合、「.spam」ディレクトリに格納
:0
*^X-Spam-Status: Yes
$SPAM
スパムメール学習 (IMAPの場合)
[root@freebsd ~]# vi /etc/periodic/daily/700.sa-learn
↓下記を記入
#!/bin/sh
# spamフォルダをスパムとして学習
/usr/local/bin/sa-learn --spam /home/*/Maildir/.spam/cur
# Maildirフォルダを通常のメールとして学習
/usr/local/bin/sa-learn --ham /home/*/Maildir/cur
# spamフォルダ削除する場合は下記をコメント解除
#/bin/rm -f /home/*/Maildir/.spam/cur/*
Outlook Expressの設定 (IMAPの場合)
1.アカウントをクリックして「IMAPフォルダ」をクリック。
2.「リセット」をクリック。
3.「spam」フォルダを選択して「表示」をクリック。
4.「OK」をクリック。
5.ヘッダーに「X-Spam-Status: Yes」がある場合は「spam」フォルダに格納される。
スパムメール送信テスト
[root@freebsd ~]# echo "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X"|mail user_name@freebsd.orz
