Saturday, September 22, 2007

anti-virus and anti-spam

share ko lang itong mga steps na ginawa ko para sa pag iimplement ng anti-virus and anti-spam
na ginawa at ginamit ko nung nagdeploy kame sa isang client. buti nalang sendmail talaga yugn na aral ko noong MTA kaya hindi ako nahirapan sa pagdedeploy.

ETO NA SYA:

Installing RPMForge

yum install yum-priorities
vi /etc/yum/pluginconf.d/priorities.conf

main]
enabled=1

Edit the .repo files in /etc/yum.repos.d/ and set up priorities by adding the line:
priority=N
to a repository entry, where N is an integer number from 1 to 99.

rpm -Uvh http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uvh http://apt.sw.be/redhat/el5/en/x86_64/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
yum check-update
yum install spam*
yum install clam*

EMAIL ANTI-VIRUS IMPLEMENTATION
Edit /etc/clamd.conf:
LocalSocket /var/run/clamav/clamav-milter.sock
edit sendmail configuration:
INPUT_MAIL_FILTER(`clmilter', `S=local:/var/run/clamav/clamav-milter.sock, F=, T=S:4m;R:4m')dnl
define(`confINPUT_MAIL_FILTERS', `clmilter')dnl
vi /etc/group
scalix:x:101: vscan

vi /var/opt/scalix/mv/s/rules.eg/ALL-ROUTES.VIR

VIRUS-UNCLEANED=1 ACTION=REJECT NDN-INFO=!ndninfo.txt

VIRUS-UNCLEANED=0 VIRUS-FOUND=1 ACTION=ALLOW NOTIFY="A virus was
fuond in your message. It was successfully cleaned and sent to the
recipient. However we highly recommend that you install or update
your virus protection software and scan your computer for viruses."

vi /var/opt/scalix/mv/s/rules.eg/ ndninfo.txt

VIRUS-UNCLEANED=0 VIRUS-FOUND=1 ACTION=ALLOW NOTIFY="A virus was
fuond in your message. It was successfully cleaned and sent to the
recipient. However we highly recommend that you install or update
your virus protection software and scan your computer for viruses."

chown root omvscan.map
chmod 555 omvscan.map

EDIT “S82clamav-milter”

case "$1" in
start)
echo -n "Starting Clamav Milter Daemon: "
daemon clamav-milter -ol local:/var/run/clamav/clamav-milter.sock --postmaster=root@mydomain.net
RETVAL=$? --quarantine=mydomain.net
RETVAL=$?
;;

Note:
S78spamass-milter
S80sendmail
S81spamassassin
S83scalix

FOR ANTI-SPAM SOLUTION

vi ~/sys/smtpd.cfg
SMTPFILTER=TRUE
Above the line
RELAY accept 127.0.0.1

SENDMAIL.MC

INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl

sudo sh -c "m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf"

chkconfig --add spamassassin
chkconfig --add spamass-milter
chkconfig --level 345 spamassassin on
chkconfig --level 345 spamass-milter on
/etc/init.d/spamassassin start
/etc/init.d/spamass-milter start

sa-update --channel updates.spamassassin.org
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)