Otu esi etinye Antivirus na Nchedo Spam na Postfix Mail Server na ClamAV na SpamAssassin - Part 3

N'ime edemede abụọ gara aga nke usoro Postfix a ị mụtara ka esi ahazi na jikwaa nchekwa data nkesa email site na phpMyAdmin, yana otu esi ahazi Postfix na Dovecot iji jikwa ozi na-abata na nke na-apụ apụ. Na mgbakwunye, anyị kọwara otu esi edobe onye ahịa mail, dị ka Thunderbird, maka akaụntụ mebere nke anyị mepụtara na mbụ.

1. Mepụta sava ozi Postfix na Dovecot na MariaDB – Nkebi nke 1
2. Otu esi ahazi Postfix na Dovecot na ndị ọrụ ngalaba mebere – Nkebi nke 2
3. Wụnye ma hazie onye ahịa RoundCube Webmail na ndị ọrụ mebere na Postfix – Nkebi nke 4
4. Jiri Sagator, ụzọ mgbochi nje/Antispam iji chebe sava ozi gị – Nkebi nke 5

Ebe ọ bụ na ọ nweghị ntọala ihe nkesa email nwere ike zuo oke na-enweghị ịkpachara anya megide nje na spam, anyị ga-ekpuchi isiokwu ahụ n'isiokwu dị ugbu a.

Biko buru n'uche na ọbụlagodi na sistemụ arụmọrụ * nix na-adịkarị ka enweghị nje, ohere ndị ahịa na-eji sistemụ arụmọrụ ndị ọzọ ga-ejikọkwa na sava email gị.

N'ihi ya, ị kwesịrị inye ha obi ike na i meela ihe ndị dị mkpa iji chebe ha ruo n'ókè o kwere mee site na iyi egwu dị otú ahụ.

Na-ahazi SpamAssassin maka Postfix

Na usoro nke ịnweta email, spamassassin ga-eguzo n'etiti ụwa dị n'èzí na ọrụ email na-agba ọsọ na nkesa gị n'onwe ya. Ọ bụrụ na ọ chọtara, dịka iwu nkọwa ya na nhazi ya si dị, na ozi na-abata bụ spam, ọ ga-edegharị ahịrị isiokwu iji mata ya nke ọma. Ka anyị hụ otú.

Faịlụ nhazi bụ isi bụ /etc/mail/spamassassin/local.cf, na anyị kwesịrị ijide n'aka na nhọrọ ndị a dị (tinye ha ma ọ bụrụ na ha anọghị ma ọ bụ enweghị nkwenye ma ọ bụrụ na ọ dị mkpa):

report_safe 0
required_score 8.0
rewrite_header Subject [SPAM]

1. Mgbe atọrọ akụkọ_safe ka ọ bụrụ 0 (uru akwadoro), spam na-abata na-agbanwe naanị site n'ịgbanwe nkụnye eji isi mee email dị ka rewrite_header. Ọ bụrụ na edobere ya na 1, a ga-ehichapụ ozi a.
2. Iji tọọ ike ike nke nzacha spam, chọrọ_score ga-esorịrị ọnụọgụ integer ma ọ bụ ọnụọgụ iri. Ka ọnụ ọgụgụ ahụ dị ntakịrị, ka nzacha ahụ na-adịwanye nro. A na-akwado ịtọ ntọala chọrọ_score ka ọ bụrụ uru ebe n'etiti 8.0 na 10.0 maka nnukwu sistemụ na-enye ọtụtụ akaụntụ email (~ 100s).

Ozugbo ị chekwaa mgbanwe ndị ahụ, mee ma malite ọrụ nzacha spam, wee melite iwu spam:

# systemctl enable spamassassin
# systemctl start spamassassin
# sa-update

Maka nhọrọ nhazi ndị ọzọ, ị nwere ike ịchọrọ akwụkwọ site na iji perldoc Mail:: SpamAssassin:: Conf n'ahịrị iwu.

Na-ejikọta Postfix na SpamAssassin

Iji jikọta Postfix na spamassassin nke ọma, anyị ga-achọ ịmepụta onye ọrụ na otu raara onwe ya nye iji mee spam filter daemon:

# useradd spamd -s /bin/false -d /var/log/spamassassin

Ọzọ, tinye ahịrị na-esonụ na ala nke /etc/postfix/master.cf:

spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Na gosi (n'elu) na spamassassin ga-abụ ọdịnaya_filter:

-o content_filter=spamassassin

N'ikpeazụ, malitegharịa Postfix ka itinye mgbanwe:

# systemctl restart postfix

Iji nyochaa na SpamAssassin na-arụ ọrụ nke ọma yana ịchọpụta spam na-abata, a na-enye ule a maara dị ka GTUBE (Nnwale Nleba anya maka Email nnukwu anaghị achọ).

Iji mee ule a, ziga ozi-e sitere na ngalaba na-abụghị netwọk gị (dị ka Yahoo!, Hotmail, ma ọ bụ Gmail) na akaụntụ nke bi na sava email gị. Tọọ ahịrị isiokwu na ihe ọ bụla ịchọrọ ma tinye ederede na-esote n'ime akụkụ ozi:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

Dịka ọmụmaatụ, izipu ederede dị n'elu na ozi sitere na akaụntụ Gmail m na-arụpụta nsonaazụ a:

Ma gosi ọkwa kwekọrọ na ndekọ:

# journalctl | grep spam

Dịka ị na-ahụ na foto dị n'elu, ozi email a nwetara akara spam nke 1002.3. Na mgbakwunye, ịnwere ike ịnwale spamassassin ozugbo site na ahịrị iwu:

# spamassassin -D < /usr/share/doc/spamassassin-3.4.0/sample-spam.txt

Iwu a dị n'elu ga-ewepụta ụfọdụ mpụta n'ezie nke kwesịrị ịgụnye ihe ndị a:

Ọ bụrụ na ule ndị a emeghị nke ọma, ị nwere ike ịtu aka na spamassassin integrations ndu.

Malite ClamAV na melite nkọwa nje

Iji malite, anyị ga-achọ idezi /etc/clamd.d/scan.conf. Mezue ahịrị ndị a:

LocalSocket /var/run/clamd.scan/clamd.sock

ma kwuo ma ọ bụ hichapụ ahịrị:

Example

Mgbe ahụ gbanye ma malite clamav scanner daemon:

# systemctl enable [email 
# systemctl start [email 

ma echefukwala ịtọ antivirus_can_scan_system SELinux boolean ka ọ bụrụ 1:

# setsebool -P antivirus_can_scan_system 1

N'oge a, ọ bara uru ma dị mma ịlele ọkwa ọrụ:

Dị ka ị na-ahụ na foto dị n'elu, mbinye aka nje anyị tọrọ karịa ụbọchị asaa. Ka imelite ha anyị ga-eji ngwa akpọrọ freshclam arụnyere dịka akụkụ nke ngwugwu clamav-update.

Ụzọ kachasị mfe iji melite nkọwa nje bụ site na ọrụ cron nke na-arụ ọrụ mgbe ọ bụla achọrọ (otu oge n'ụbọchị dịka ọmụmaatụ, na oge elekere 1 nke ụtụtụ dị ka egosiri na ihe atụ na-esonụ bụ nke zuru oke):

00 01 * * * root /usr/share/clamav/freshclam-sleep

Ị nwekwara ike iji aka kwalite nkọwa nje virus, mana tupu ị ga-ewepụ ma ọ bụ kwuo okwu n'ahịrị na-esonụ na /etc/freshclam.conf.

Example

Ugbu a ị ga-enwe ike ịgba ọsọ:

# freshclam

nke ga-emelite nkọwa nje dị ka achọrọ:

Na-anwale ClamAV maka Nje Virus na ozi-e

Iji chọpụta na ClamAV na-arụ ọrụ nke ọma, ka anyị budata nje nnwale (nke anyị nwere ike nweta site na http://www.eicar.org/download/eicar.com) gaa na Maildir nke [email echebe] (nke dị na /home/) vmail/linuxnewz.com/tecmint/Maildir) iji mee ka faịlụ butere enwetara dị ka mgbakwunye ozi:

# cd /home/vmail/linuxnewz.com/tecmint/Maildir
# wget http://www.eicar.org/download/eicar.com

Wee lelee ndekọ ndekọ /home/vmail/linuxnewz.com ugboro ugboro:

# clamscan --infected --remove --recursive /home/vmail/linuxnewz.com

Ugbu a, nweere onwe gị ịhazi nyocha a ka ọ gafee cronjob. Mepụta faịlụ aha ya bụ /etc/cron.daily/dailyclamscan, tinye ahịrị ndị a:

#!/bin/bash
SCAN_DIR="/home/vmail/linuxnewz.com"
LOG_FILE="/var/log/clamav/dailyclamscan.log"
touch $LOG_FILE
/usr/bin/clamscan --infected --remove --recursive $SCAN_DIR >> $LOG_FILE

ma nyefee ikike:

# chmod +x /etc/cron.daily/dailyclamscan

Cronjob nke dị n'elu ga-enyocha ndekọ ndekọ ihe nkesa ozi ugboro ugboro wee hapụ ndekọ ọrụ ya na /var/log/clamav/dailyclamscan.log (hụ na/var/log/clamav directory dị).

Ka anyị hụ ihe na-eme mgbe anyị zipụrụ faịlụ eicar.com site na [email chedoro]:

Nchịkọta

Ọ bụrụ n’ịgbaso usoro ndị akọwapụtara na nkuzi a yana n’isiokwu abụọ gara aga nke usoro isiokwu a, ị nwere ihe nkesa ozi-e Postfix na-arụ ọrụ nwere spam na mgbochi nje.

NKWUKWU: Biko mara na nchekwa nke ihe nkesa bụ nnukwu isiokwu na enweghị ike ikpuchi ya nke ọma n'usoro dị mkpirikpi dị ka nke a.

N'ihi ya, a na m agba gị ume ka ị mara ngwa ọrụ eji na usoro isiokwu a na ibe ha nwoke. Ọ bụ ezie na emeela m ike m niile iji kpuchie echiche ndị dị mkpa metụtara isiokwu a, echela na mgbe ị gachara usoro a, ị tozuru oke iji guzobe na idobe ihe nkesa email na mpaghara mmepụta.

Ezubere usoro isiokwu a ka mmalite ọ bụghị dị ka ntuziaka na-agwụ agwụ maka njikwa ihe nkesa ozi na Linux.

O yikarịrị ka ị ga-eche echiche ndị ọzọ nwere ike ime ka usoro isiokwu a dịkwuo mma. Ọ bụrụ otú ahụ, nweere onwe gị idetu anyị ndetu site na iji ụdị nkọwa n'okpuru. A na-ekelekwa ajụjụ na aro ndị ọzọ - anyị na-atụ anya ịnụ gị!