Re: Anti Virus and Anti Spam

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

horas simalango wrote:

I am using sendmail as MTA, and I am looking for free anti virus.
About the milter, where can I download it?

Thank you

Horasima
I don't think all of this is available via the the conventional centos mirrors but I'd bet they're on Dag's as well as a few others. find one you trust. I am pasting the following from this website http://www.be4mind.com/?q=node/190 I gave it a once over and it looks fairly complete. This write includes adding greylisting as well.
PLEASE COPY CONFIGURATION FILE OPTIONS FROM THE ATTACHED DOCUMENT (NEWLINES PROBLEMS IN HTML) OTHERWISE SOMETHING COULD GO WRONG (EXPECIALLY WITH SENDMAIL). 

Follow these steps to try stopping sPaMmErs :)

1. CONFIGURING YUM REPOSITORIES
[root@mailserver ~]# wget http://centos.karan.org/kbsingh-CentOS-Extras.repo
[root@mailserver ~]# wget http://centos.karan.org/kbsingh-CentOS-Misc.repo
[root@mailserver ~]# mv *.repo /etc/yum.repos.d/
[root@mailserver ~]# rpm --import http://centos.karan.org/RPM-GPG-KEY-karan.org.txt [root@mailserver ~]# wget http://dag.wieers.com/packages/rpmforge-release/rpmforge-release-0.3.6-1.el4.rf.i386.rpm 
[root@mailserver ~]# rpm -ivh rpmforge-release-0.3.6-1.el4.rf.i386.rpm

2. INSTALLING REQUIRED PACKAGES
#FROM kbsingh
[root@mailserver ~]# yum install milter-greylist spamassassin spamass-milter pyzor 

#FROM rpmforge
[root@omafoligno ~]# yum install clamd.i386
Installed: clamd.i386 0:0.90.3-1.el4.rf
Dependency Installed: clamav.i386 0:0.90.3-1.el4.rf clamav-db.i386 0:0.90.3-1.el4.rf 
Complete!
[root@omafoligno mail]# yum install clamav-milter.i386
Installed: clamav-milter.i386 0:0.90.3-1.el4.rf
Complete!

3. SENDMAIL CONFIGURATION
-Backup your sendmail config files and edit sendmail.mc:
[root@mailserver ~]# cd /etc/mail
[root@mailserver mail]# cp sendmail.mc sendmail.mc.orig
[root@mailserver mail]# mv sendmail.cf sendmail.cf.orig

-Add the following line just before the two MAILER lines:
[root@mailserver mail]# vi sendmail.mc

[...]
dnl #--------------------------------------------------------
dnl # ANTISPAM/VIRUS AND GREYLIST AND DNSBL
dnl #--------------------------------------------------------
FEATURE(`dnsbl',`relays.ordb.org')dnl
FEATURE(`dnsbl',`list.dsbl.org')dnl
FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl
INPUT_MAIL_FILTER(`greylist',`S=local:/var/lib/milter-greylist/run/milter-greylist.sock')
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter/spamass-milter.sock, F=,T=C:15m;S:4m;R:4m;E:10m')dnl INPUT_MAIL_FILTER(`clamav', `S=local:/var/clamav/clmilter.socket, F=T, T=S:4m;R:4m') 
dnl #--------------------------------------------------------
MAILER(smtp)dnl
MAILER(procmail)dnl

-Compile sendmail.mc:
[root@mailserver mail]# m4 sendmail.mc > sendmail.cf

4. CONFIGURE SPAMASSASIN
-There's a nice spamassasin configurator at:
http://www.yrex.com/spam/spamconfig.php

-Create your config file and put it in /etc/mail/spamassassin/local.cf
[root@mailserver mail]# cp /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.orig 
[root@mailserver mail]# vi /etc/mail/spamassassin/local.cf
---------------------------------------------------------------------------------
# SpamAssassin config file for version 3.x
# NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6
# See http://www.yrex.com/spam/spamconfig25.php for earlier versions
# Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50)

# How many hits before a message is considered spam.
required_score 3.0

# Change the subject of suspected spam
rewrite_header subject *****SPAM*****

# Encapsulate spam in an attachment (0=no, 1=yes, 2=safe)
report_safe 1

# Enable the Bayes system
use_bayes 1

# Enable Bayes auto-learning
bayes_auto_learn 1

# Enable or disable network checks
skip_rbl_checks 0
use_razor2 1
use_pyzor 1

# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales en

## General Whitelist
## Be careful using "whitelist_from" can be easly forged by spammers, use
## trusted_networks combined with whitelist_from_rcvd instead
#internal_networks 127.0.0.1 192.168.1.0/24
#trusted_networks 127.0.0.1 192.168.1.0/24 64.233.0.0/16
#whitelist_from_rcvd *@gmail.com *gmail.com,*google.com
#whitelist_from matte@xxxxxxxxxxxxxx
---------------------------------------------------------------------------------

5. CONFIGURE CLAMAV:
Make sure config files are enabled by editing them as follows:
[root@mailserver mail]# vi /etc/freshclam.conf
Comment or remove the line below.
#Example

[root@mailserver mail]# vi /etc/clamd.conf
Comment or remove the line below.
#Example
Edit freshclam config file and remove or comment last line with FRESHCLAM_DELAY directive. Optionally run freshclam from the root console to check that everything 
works.

Use the cron daemon to run freshclam.
You have to add the following line to the crontab of root or clamav user:

N * * * * /usr/local/bin/freshclam --quiet
to check for a new database every hour. N should be a number between 3 and 57 of your choice. Don't choose any multiple of 10, because there are already too many clients using those time slots. 

6. GREYLIST CONFIGURATION:
Edit /etc/mail/greylist.conf and add your WAN/LAN address to the whitelist:
addr 192.168.0.0/24 # (for example)
Check new version of the servers which brake grey-list functionality for some reasons at: 
http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt

Add GMail Servers to the whitelist:
addr 64.233.0.0/16 # GMAIL
Infact, it seems that GMail tries to resend the same email with multiple different ip addresses 
causing a large delay.
You can change the `greylist` directive (default 30m which stands for 30 minutes of delay) and `dumpfreq` directive (interval for dumping the db file, 0 means at dump at every change) for your needs. 

7. ENABLE SERVICES
[root@mailserver mail]# chkconfig clamav-milter on
[root@mailserver mail]# chkconfig clamd on
[root@mailserver mail]# chkconfig milter-greylist on
[root@mailserver mail]# chkconfig spamassassin on
[root@mailserver mail]# chkconfig spamass-milter on
[root@mailserver mail]# service clamd start
Starting clamd: [ OK ]
[root@mailserver mail]# service clamav-milter start
Starting clamav-milter: [ OK ]
[root@mailserver mail]# service milter-greylist start
Starting Milter-Greylist: [ OK ]
[root@mailserver mail]# service spamassassin start
Starting spamd: [ OK ]
[root@mailserver mail]# service spamass-milter start
Starting SpamAssassin milter (spamass-milter): [ OK ]
[root@mailserver mail]# /etc/init.d/sendmail restart
Shutting down sendmail: [ OK ]
Shutting down sm-client: [ OK ]
Starting sendmail: [ OK ]
Starting sm-client: [ OK ]
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux