首页 | 邮件资讯 | 技术教程 | 解决方案 | 产品评测 | 邮件人才 | 邮件博客 | 邮件系统论坛 | 软件下载 | 邮件周刊 | 热点专题 | 工具
网络技术 | 操作系统 | 邮件系统 | 客户端 | 电子邮箱 | 反垃圾邮件 | 邮件安全 | 邮件营销 | 移动电邮 | 邮件软件下载 | 电子书下载

邮件服务器

技术前沿 | Qmail | IMail | MDaemon | Exchange | Domino | 其它 | Foxmail | James | Kerio | JavaMail | WinMail | Sendmail | Postfix | Winwebmail | Merak | CMailServer | 邮件与开发 | 金笛 |
首页 > 邮件服务器 > Qmail > vpopmail+spamassassin+clamscan > 正文

vpopmail+spamassassin+clamscan

出处:本站收集于网络 作者:Tom Walsh 时间:2006-1-6 22:42:00
There was some discussion a while back about making SA work with vpopmail.

Most solutions I saw used .qmail-username or .qmail-default which wasn't the
right method for us. Below is a quick write up on how to use SA+clamscan
from a .qmail file in the users maildir. We also pull user preferences for
SA from SQL, so the line we use to call SA might not be what you want.
Delivery and hand off for scanning is handled by maildrop.

First and foremost, make certain that the user vpopmail has a valid shell...
this is very important as vdeliermail will run anything in the .qmail as the
user vpopmail, provided the application doesn't do a setuid/setgid, which
maildrop does not do. (That alone cost me 3 hours to troubleshoot.)

For each user you want to enable SA and virus scanning put the following in
a .qmail file in the users directory:

| /var/qmail/bin/preline /usr/local/bin/maildrop
/usr/home/vpopmail/domains/.mailfilter

Make sure that this file has been chmod'ed to 600 (u+rw) and is owned by
vpopmail:vchkpw otherwise it will not be run.

The .mailfilter listed above contains (some of this script has come from
another list member, but I forgot his name, if you contact me I will give
credit where credit is due), it must also be chmod'ed to 600 with owner
vpopmail:vchkpw :

import EXT
import HOST
VHOME=`/usr/home/vpopmail/bin/vuserinfo -d [EMAIL PROTECTED]

# Check for Spam if it is smaller than 250KB
if($SIZE < 262144)
{
xfilter "/usr/local/bin/spamc -d 192.168.1.2 -t 20 -f -u [EMAIL PROTECTED]"
}
if ((/^X-Spam-Flag:.*YES/))
{
`/bin/test -d $VHOME/Maildir/.Spam`
if( $RETURNCODE == 1 )
{
`/var/qmail/bin/maildirmake $VHOME/Maildir/.Spam;
/usr/sbin/chown -R vpopmail:vchkpw $VHOME/Maildir/.Spam`
}
to "$VHOME/Maildir/.Spam/"
}

# If it isn't Spam, then we scan for Virus if it is smaller than 2MB in
size... anything larger... they are on their own
if($SIZE < 2000000)
{
xfilter "/usr/home/vpopmail/domains/clamscan.sh"
}
if ((/^X-Virus-Status:.*INFECTED/))
{
`/bin/test -d $VHOME/Maildir/.Virus`
if ( $RETUNRCODE == 1 )
{
`/var/qmail/bin/maildirmake $VHOME/Maildir/.Virus;
/usr/sbin/chown -R vpopmail:vchkpw $VHOME/Maildir/.Virus`
}
to "$VHOME/Maildir/.Virus/"
}

#If it isn't Spam or Virus, then deliver normally
to "$VHOME/Maildir/"

The specific lines of interest are the xfilter lines. We use spamc/spamd to
offload the very CPU intensive process of spam scanning to another machine
on the private network. That is what the -d directive is for which tells SA
which IP to connect to for spamd...

The clamscan.sh file is a wrapper for the clamscan binary. We need to do
this because of the incompatibility between how clamscan operates and how
maildrop expects an xfilter program to operate. maildrop expects any message
it sends out to an xfilter program to be returned to it via stdout. The
problem is that the clamscan binary only returns the results of the scan,
not the message, so we have to create a shell script to pass the altered
message back to maildrop via stdout, also we use the shell script to alter
the exit code of clamscan (0 if clean and 1 if infected) to be compatible
with what maildrop expects. maildrop expects the application to return a
exit code of 0, so we have to alter it.

You will need bash in order to use this.

#!/usr/local/bin/bash
# Created by Tom Walsh
# slim at ala.net

MSG=$(/bin/cat /dev/stdin) # Is there a better way to do this?
SCAN=$(echo "$MSG" | /usr/local/bin/clamscan - --stdout --disable-summary)
EXIT="$?"
VIRUS=$(echo "$SCAN" | awk '{print $2}')
SUBJECT=$(echo "$MSG" | /usr/local/bin/reformail -x Subject:)

if [ "$EXIT" == "1" ]; then
SUBJECT="**VIRUS** [$VIRUS] $SUBJECT"
MSG=$(echo "$MSG" | /usr/local/bin/reformail -a"X-Virus-Status:
INFECTED" -i"Subject: $(echo "$SUBJECT")")
else
MSG=$(echo "$MSG" | /usr/local/bin/reformail -a"X-Virus-Status: CLEAN")
fi

echo "$MSG"

exit 0

And just for completeness... I have included our spamd config line to let
you know how to pull settings from SQL:

/usr/local/bin/spamd -a -d -q -x -m 50 -u spamd -i 192.168.1.2 -A
192.168.1.100 -A 192.168.1.101

The -i directive tells spamd to listen on IP 192.168.1.2, by default it only
listens on 127.0.0.1
The -A directives tell spamd which IPs to accept connections from.

You also need to odify your local.cf file to include the settings for
connecting to the SQL server.... All of that is covered in the README for
SQL: http://www.spamassassin.org/dist/sql/README

I hope that helps somebody... We are going to be ramping up the load on the
SA box shortly to see how well it scales... We are considering doing load
balancing via two SA boxes and a psuedo-random IP selector script that will
feed a variable $IP to the .mailfilter script above... something like:

IP=`/path/to/ipscript.sh`

xfilter "/usr/local/bin/spamc -d $IP -t 20 -f -u [EMAIL PROTECTED]"

If anybody has any comments or suggestions I would be willing to hear
them... I am currently writing up a howto to post to the web soon, but it is
rather FBSD specific I am afraid...

As a side note with regard to spamd reading the settings from SQL... spamd
makes a lookup on the [EMAIL PROTECTED], but also makes a lookup on GLOBAL
and @GLOBAL, so you can have a global preference for anybody that doesn't
have an entry in the SQL table... A very nice feature.

HTH,

Tom Walsh
Network Administrator
http://www.ala.net/
相关文章 热门文章
  • Exim SpamAssassin回复远程缓冲区溢出漏洞
  • Exchange SpamAssassin SMTP Sink
  • My SpamAssassin MySQL How-To
  • Clamav + Amavisd-new + Spamassassin 系统设置
  • Spamassassin CustomRulesets
  • postfix + SpamAssassin with SPAM Quarantine
  • 垃圾信攻防战 - SpamAssassin
  • Postfix + Amavisd-new + SpamAssassin + ClamAV
  • Clamav + Amavisd-new + Spamassassin 系统设置说明
  • Spamassassin Explanation
  • amavisd-new 怎么关闭调用 spamassassin ?
  • SpamAssassin 规则例子
  • Linux邮件服务器软件比较
  • 域名和邮件服务器FAQ
  • Qmail自动安装包Qmail_setup-v1.5.3发布
  • freebsd+qmail+mysql+vpopmail之完全ports安装
  • qmail+vpopmail+MySQL+igenus+RedHat 7下建立邮件系统
  • QMAIL终极安装指南
  • 配置你的第一台e-mail服务器
  • qmail+webmail on Linux9 安装全过程
  • 分布式的Qmail邮件系统
  • qmail+vpopmail+mysql+qmailadmin+ezmlm+igenus构建企..
  • qmail+webmail on Linux9 安装全过程
  • Qmail Server Howto
  • 自由广告区
     
    最新软件下载
  • SharePoint Server 2010 部署文档
  • Exchange 2010 RTM升级至SP1 教程
  • Exchange 2010 OWA下RBAC实现的组功能...
  • Lync Server 2010 Standard Edition 标..
  • Lync Server 2010 Enterprise Edition...
  • Forefront Endpoint Protection 2010 ...
  • Lync Server 2010 Edge 服务器部署文档
  • 《Exchange 2003专家指南》
  • Mastering Hyper-V Deployment
  • Windows Server 2008 R2 Hyper-V
  • Microsoft Lync Server 2010 Unleashed
  • Windows Server 2008 R2 Unleashed
  • 今日邮件技术文章
  • 腾讯,在创新中演绎互联网“进化论”
  • 华科人 张小龙 (中国第二代程序员 QQ...
  • 微软推出新功能 提高Hotmail密码安全性
  • 快压技巧分享:秒传邮件超大附件
  • 不容忽视的邮件营销数据分析过程中的算..
  • 国内手机邮箱的现状与未来发展——访尚..
  • 易观数据:2011Q2中国手机邮箱市场收入..
  • 穿越时空的爱恋 QQ邮箱音视频及贺卡邮件
  • Hotmail新功能:“我的朋友可能被黑了”
  • 入侵邻居网络发骚扰邮件 美国男子被重..
  • 网易邮箱莫子睿:《非你莫属》招聘多过..
  • 中国电信推广189邮箱绿色账单
  • 最新专题
  • 鸟哥的Linux私房菜之Mail服务器
  • Exchange Server 2010技术专题
  • Windows 7 技术专题
  • Sendmail 邮件系统配置
  • 组建Exchange 2003邮件系统
  • Windows Server 2008 专题
  • ORF 反垃圾邮件系统
  • Exchange Server 2007 专题
  • ISA Server 2006 教程专题
  • Windows Vista 技术专题
  • “黑莓”(BlackBerry)专题
  • Apache James 专题
  • 分类导航
    邮件新闻资讯:
    IT业界 | 邮件服务器 | 邮件趣闻 | 移动电邮
    电子邮箱 | 反垃圾邮件|邮件客户端|网络安全
    行业数据 | 邮件人物 | 网站公告 | 行业法规
    网络技术:
    邮件原理 | 网络协议 | 网络管理 | 传输介质
    线路接入 | 路由接口 | 邮件存储 | 华为3Com
    CISCO技术 | 网络与服务器硬件
    操作系统:
    Windows 9X | Linux&Uinx | Windows NT
    Windows Vista | FreeBSD | 其它操作系统
    邮件服务器:
    程序与开发 | Exchange | Qmail | Postfix
    Sendmail | MDaemon | Domino | Foxmail
    KerioMail | JavaMail | Winwebmail |James
    Merak&VisNetic | CMailServer | WinMail
    金笛邮件系统 | 其它 |
    反垃圾邮件:
    综述| 客户端反垃圾邮件|服务器端反垃圾邮件
    邮件客户端软件:
    Outlook | Foxmail | DreamMail| KooMail
    The bat | 雷鸟 | Eudora |Becky! |Pegasus
    IncrediMail |其它
    电子邮箱: 个人邮箱 | 企业邮箱 |Gmail
    移动电子邮件:服务器 | 客户端 | 技术前沿
    邮件网络安全:
    软件漏洞 | 安全知识 | 病毒公告 |防火墙
    攻防技术 | 病毒查杀| ISA | 数字签名
    邮件营销:
    Email营销 | 网络营销 | 营销技巧 |营销案例
    邮件人才:招聘 | 职场 | 培训 | 指南 | 职场
    解决方案:
    邮件系统|反垃圾邮件 |安全 |移动电邮 |招标
    产品评测:
    邮件系统 |反垃圾邮件 |邮箱 |安全 |客户端
    广告联系 | 合作联系 | 关于我们 | 联系我们 | 繁體中文
    版权所有:邮件技术资讯网©2003-2010 www.5dmail.net, All Rights Reserved
    www.5Dmail.net Web Team   粤ICP备05009143号