amavisd-new是一个类似Mailscanner的解信的程序,他可以调用外部的杀毒/反垃圾来对邮件进行过滤,很方便的实现病毒过滤,内容过滤。amavisd和mailscanner的不同在于,他使用SMTP协议通信,处理完后再回传给Postfix,整个过程不会对Postfix造成任何结构上的影响。Mailscanner必须监视Postfix的Hold队列,采用比较暴力的做法。

1、安装amavisd-new

安装时选择

BDB
MILTER
SPAMASSASSIN
FILE
RAR
UNRAR
ARJ
UNARJ
LHA
ARC
CAB
RPM
ZOO
UNZOO
LZOP
FREEZE
P7ZIP

shell

# cd /usr/ports/security/amavisd-new && make install clean

系统启动时自动运行amavisd

修改/etc/rc.conf文件:

shell

# vi /etc/rc.conf

增加如下一行:

amavisd_enable="YES"

2、配置amavisd.conf文件

修改amavisd.conf文件

shell

# vi /usr/local/etc/amavisd.conf

修改如下内容:

$max_servers = 10;
$mydomain = 'mail.extmail.org';
$MYHOME = '/var/amavis';   #
$db_home   = "$MYHOME/db";
$lock_file = "$MYHOME/var/amavisd.lock";
$pid_file  = "$MYHOME/var/amavisd.pid";
@local_domains_maps = qw(.);
@mynetworks = qw( 127.0.0.0/8 );
$sa_tag_level_deflt  = undef;
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 5.0;
$sa_spam_subject_tag = '[SPAM] ';
$myhostname = 'mail.extmail.org';
$final_virus_destiny      = D_DISCARD;
$final_banned_destiny     = D_DISCARD;
$final_spam_destiny       = D_PASS;
$final_bad_header_destiny = D_PASS;
@whitelist_sender_maps = read_hash("$MYHOME/white.list");
@blacklist_sender_maps = read_hash("$MYHOME/black.list");
$hdrfrom_notify_admin = "Content Filter ";

配置黑白名单:

shell

# touch /var/amavis/white.list
# touch /var/amavis/black.listt
# chown –R vscan:vscan /var/amavis/

3、配置postfix对amavisd-new的支持

修改master.cf文件:

shell

# vi /usr/local/etc/postfix/master.cf

增加如下内容:

smtp-amavis  unix    -    -    n    -    4    smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
        -o disable_dns_lookups=yes

127.0.0.1:10025 inet    n    -    n    -    -    smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o smtpd_error_sleep_time=0
        -o smtpd_soft_error_limit=1001
        -o smtpd_hard_error_limit=1000
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks

编辑main.cf文件:

shell

# vi /usr/local/etc/postfix/main.cf

增加如下内容:

# Content-Filter
content_filter = smtp-amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

备注:
修改content_filter和receive_override_options这两项,禁止地址展开/影射,否则遇到别名时会产生冗余邮件。
但是打开这一项receive_override_options后会和邮件列表程序相冲突,导致邮件列表的aliases不能打开。
所以如果使用了邮件列表,则不要设置receive_override_options这一项。

 
拾貳、配置amavisd-new.txt · 最后更改: 2013/04/17 07:11 由 shaobo
 
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki