NA Homework 4+5 Postfix + DNS Demo > Setup everything before Demo, or you’ll get no point if something don’t work. > Show your mail functions to TA, you could use ‘Remote Desktop’. > Be prepared, TA will ask some questions. 2 Installation Steps > postfix > cyrus-sasl2-saslauthd > imap-uw > amavisd-new > postgrey > Clamav > spamassassin 3 Postfix # cd /usr/ports/mail/postfix # make install clean 4 Postfix ===> Installing for postfix-2.4.1,1 ===> postfix-2.4.1,1 depends on file: /usr/local/lib/libcrypto.so.5 - found ===> postfix-2.4.1,1 depends on shared library: pcre.0 – found ===> postfix-2.4.1,1 depends on shared library: sasl2.2 - found Added group "postfix". Added group "maildrop". Added user "postfix". You need user "postfix" added to group "mail". Would you like me to add it [y]? y install -d -o root -g wheel -m 555 /usr/local/share/doc/postfix Installed HTML documentation in /usr/local/share/doc/postfix Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y 5 Postfix > edit /etc/rc.conf sendmail_enable="NONE“ postfix_enable="YES" > edit /etc/defaults/periodic.conf daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO" > edit /usr/local/etc/postfix/main.cf – edit it by yourself – ex: myhostname, mynetworks, alias_maps… 6 Postfix with TLS > make your certificates > edit /usr/local/etc/postfix/main.cf 7 Cyrus-sasl2-saslauthd 8 Cyrus-sasl2-saslauthd # cd /usr/ports/security/cyrus-sasl-saslauthd # make install clean > edit /etc/rc.conf saslauthd_enable="YES" 9 imap-uw # cd /usr/ports/mail/imap-uw # make install clean > edit /etc/inetd.conf pop3 stream tcp nowait root /usr/local/libexec/ipop3d ipop3d imap4 stream tcp nowait root /usr/local/libexec/imapd imapd > If using TLS pop3s stream tcp nowait root /usr/local/libexec/ipop3d ipop3d imaps stream tcp nowait root /usr/local/libexec/imapd imapd 10 Hold on and Test # /usr/local/etc/rc.d/saslauthd start # /usr/local/etc/rc.d/postfix start # /etc/rc.d/inetd reload > It’s better to test you can receive and send mail before next step. > If it’s not work, check /var/log/maillog. 11 Amavisd-new # cd /usr/ports/security/amavisd-new # make install clean 12 Amavisd-new Added group "vscan". Added user "vscan". Created "/var/amavis" directory. Created "/var/amavis/db" directory. Created "/var/amavis/tmp" directory. Created "/var/virusmails" directory. To use amavisd-new, you need to install at least one virus scanner. The following virus scanners are available in the FreeBSD ports collection: /usr/ports/security/vscan McAfee VirusScan /usr/ports/security/clamav Clam Antivirus /usr/ports/security/f-prot F-Prot Antivirus /usr/ports/security/drweb DrWeb antivirus suite 13 Amavisd-new Enable amavisd-new in /etc/rc.conf with the following line: amavisd_enable="YES" If you want to use the amavis sendmail milter interface, you need the following additional line in /etc/rc.conf amavis_milter_enable="YES" Configuration templates are available in /usr/local/etc as amavisd.conf-dist, amavisd.conf-sample and amavisd.conf-default. Documentation is available in /usr/local/share/doc/amavisd-new. 14 postgrey # cd /usr/ports/mail/postgrey # make install clean > edit /etc/rc.conf postgrey_enable="YES" postgrey_pidfile="/var/run/postgrey.pid" postgrey_flags="--delay=60 --pidfile=${postgrey_pidfile} \ --inet=10023 -d --user=postgrey --group=postgrey \ --dbdir=/var/db/postgrey" 15 Clamav # cd /usr/ports/security/clamav # make install clean 16 Clamav > edit /etc/rc.conf clamav_clamd_enable="YES" clamav_freshclam_enable="YES" > edit where you put your aliases file virusalert: root > edit /usr/local/etc/clamd.conf by yourself 17 Final Configuration 18 Final Configuration for Postfix > edit /usr/local/etc/postfix/main.cf content_filter = smtp-amavis:[127.0.0.1]:10024 > edit /usr/local/etc/postfix/master.cf smtp-amavis unix - - n - 2 lmtp -o smtp_data_done_timeout=1200s -o smtp_never_send_ehlo=yes -o notify_classes=protocol,resource,software 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o mynetworks=127.0.0.0/8 -o myhostname=localhost -o local_recipient_maps= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject 19 Final Configuration for Amavisd-new > edit /usr/local/etc/amavisd.conf $mydomain = ‘cs.nctu.edu.tw' $notify_method = 'smtp:[127.0.0.1]:10025'; $forward_method = 'smtp:[127.0.0.1]:10025'; 20 Now Startup everything # /usr/local/etc/rc.d/clamav-clamd start # /usr/local/etc/rc.d/postgrey start # /usr/local/etc/rc.d/amavisd start # /usr/local/etc/rc.d/postfix restart 21 Test for Virus # telnet localhost 25 Trying ::1... Trying 127.0.0.1... Connected to localhost.twbbs.org. Escape character is '^]'. 220 nabsd.cs.nctu.edu.tw ESMTP Postfix mail from: <[email protected]> 250 Ok rcpt to: <[email protected]> 250 Ok data 354 End data with <CR><LF>.<CR><LF> Subject: Virus Coming X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* . 250 Ok: queued as 647781152E quit 221 Bye Connection closed by foreign host. da 22 Test for Virus > Normal Mail May 11 20:09:27 nabsd amavis[29003]: (29003-01) Passed CLEAN, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: Vidtcl9St6oz, Hits: -, 1312 ms > Mail with virus May 13 16:55:50 nabsd amavis[29004]: (29004-05) Blocked INFECTED (Eicar-Test-Signature), [127.0.0.1] <?@localhost> -> <[email protected]>, quarantine: virus-VivGNwT9NIja, Message-ID: <[email protected]>, mail_id: VivGNwT9NIja, Hits: -, 1071 ms 23 Spamassassin > /usr/local/etc/amavis.conf > /usr/local/etc/mail/spamassassin/local.cf > man Mail::SpamAssassin::Conf 24 Spamassassin Content-Type: text/html; charset="big5" Content-Transfer-Encoding: 8bit Sender: =?big5?B?wnmkSKR+?= <[email protected]> Reply-To: [email protected] X-Virus-Scanned: amavisd-new at csie.nctu.edu.tw X-Spam-Status: Yes, hits=10.687 tagged_above=3 required=6.3 tests=BAYES_60, DATE_IN_PAST_96_XX, DOMAIN_RATIO, HTML_90_100, HTML_IMAGE_ONLY_20, HTML_IMAGE_RATIO_02, HTML_MESSAGE, HTML_WEB_BUGS, MIME_HTML_ONLY X-Spam-Level: ********** X-Spam-Flag: YES Status: 25.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages25 Page
-
File Size-