amavisd-new是一个类似Mailscanner的解信的程序,他可以调用外部的杀毒/反垃圾来对邮件进行过滤,很方便的实现病毒过滤,内容过滤。amavisd和mailscanner的不同在于,他使用SMTP协议通信,处理完后再回传给Postfix,整个过程不会对Postfix造成任何结构上的影响。Mailscanner必须监视Postfix的Hold队列,采用比较暴力的做法。
安装时选择
BDB MILTER SPAMASSASSIN FILE RAR UNRAR ARJ UNARJ LHA ARC CAB RPM ZOO UNZOO LZOP FREEZE P7ZIP
shell
系统启动时自动运行amavisd
修改/etc/rc.conf文件:
shell
增加如下一行:
amavisd_enable="YES"
修改amavisd.conf文件
shell
修改如下内容:
$max_servers = 10;
$mydomain = 'mail.extmail.org';
$MYHOME = '/var/amavis'; #
$db_home = "$MYHOME/db";
$lock_file = "$MYHOME/var/amavisd.lock";
$pid_file = "$MYHOME/var/amavisd.pid";
@local_domains_maps = qw(.);
@mynetworks = qw( 127.0.0.0/8 );
$sa_tag_level_deflt = undef;
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 5.0;
$sa_spam_subject_tag = '[SPAM] ';
$myhostname = 'mail.extmail.org';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS;
@whitelist_sender_maps = read_hash("$MYHOME/white.lst");
@blacklist_sender_maps = read_hash("$MYHOME/black.lst");
$hdrfrom_notify_admin = "Content Filter ";
配置黑白名单:
shell
修改master.cf文件:
shell
增加如下内容:
smtp-amavis unix - - n - 4 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
修改content_filter ,receive_override_options这两项,禁止地址展开/影射,否则遇到别名时会产生冗余邮件。但是打开这一项receive_override_options后会和邮件列表程序相冲突,导致邮件列表的aliases不能打开。:(所以如果使用了邮件列表,则不要设置receive_override_options这一项。
编辑main.cf文件:
shell
增加如下内容:
# Content-Filter content_filter = smtp-amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings