VirusScan on Mail Server
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
|
ログイン
]
開始行:
*Virus Scan on Mail Server [#p05ec9de]
#counter([total|today|yesterday]);
RIGHT:&lastmod;更新
----
Contents
#contents
[[VirusScan on Mail Server-Update]]
----
*clamd ソケット [#kd22aff7]
正常な状態
hotshot# cd /var/run/clamav
hotshot# ll
total 4
srw-rw-rw- 1 clamav clamav 0 Apr 22 09:18 clamd
-rw-rw-r-- 1 clamav clamav 4 Apr 22 09:18 clamd.pid
-rw-rw---- 1 clamav clamav 4 Apr 22 09:18 freshclam.pid
*TOP [#w6eff6b5]
正常時のメールサーバの top (Virus scan 関連)
PID USERNAME THR PRI NICE SIZE RES STATE C ...
667 clamav 1 96 0 57056K 1636K select 0 ...
974 clamav 1 96 0 58212K 36572K select 0 ...
975 clamav 1 20 0 57948K 34044K lockf 1 ...
676 clamav 1 4 0 75960K 0K accept 1 ...
681 clamav 1 20 0 4280K 0K pause 0 ...
*ClamAV engine is outdated. [#y42905fa]
Jan 17 08:51:31 k222 kernel: Starting clamav_clamd.
Jan 17 08:51:31 k222 kernel: LibClamAV Warning: ********...
Jan 17 08:51:31 k222 kernel: LibClamAV Warning: *** Thi...
Jan 17 08:51:31 k222 kernel: LibClamAV Warning: *** DON'...
Jan 17 08:51:31 k222 kernel: LibClamAV Warning: ********...
Jan 17 08:51:33 k222 kernel: Starting clamav_freshclam.
k222# pkg_info
k222# portupgrade clamav-0.95.1_1
んで、何かの拍子に/var/amavis/*/ と、/var/virusmails のオ...
# chown clamav:clamav /var/amavis/
等としておく。
**起動時のエラー? [#h8fcbd3a]
起動時の(flora=マシン名)コンソールログに(cf: [[コンソー...
Jan 21 04:34:46 flora amavis[877]: (00877-01) (!)ClamAV-...
/var/run/clamav/clamd: No such file or directory, retry...
Jan 21 04:34:52 flora amavis[877]: (00877-01) (!!)ClamAV...
/var/run/clamav/clamd (Can't connect to UNIX socket /va...
Jan 21 04:34:52 flora amavis[877]: (00877-01) (!!)WARN: ...
などという警告がでるので、
// # mkdir /var/run/clamv/clamv
// # chown clamav:clamav /var/run/clamv/clamd
//しておく。これで
// Jan 21 04:52:13 flora amavis[667]: Using primary inter...
// Jan 21 04:52:13 flora amavis[667]: Found secondary av ...
// Jan 21 04:52:13 flora amavis[667]: Creating db in /var...
// Jan 21 04:52:16 flora kernel: Starting clamav_freshclam.
//と、エラーは無くなったが、/var/run/clamv/clamd/ には、...
***/usr/local/etc/clamd.conf [#o415c1a4]
これを設定しておかないと/var/run/clamav/clamd が生成され...
/usr/local/etc/clamd.conf
User clamav
#User vscan
LocalSocket /var/run/clamav/clamd
#LocalSocket /var/run/clamav/clamd.sock
と設定し、
Jan 21 05:38:54 flora amavis[666]: Using primary interna...
Jan 21 05:38:54 flora amavis[666]: Found secondary av sc...
Jan 21 05:38:54 flora amavis[666]: Creating db in /var/a...
Jan 21 05:38:57 flora kernel: Starting clamav_freshclam.
となりました。
*メールサーバ上でウイルススキャン&スパムスキャンを動作さ...
使用ソフト:ClamAV, amavis-new~
MTA : [[Postfix>Postfix on FreeBSD]]~
OS : [[FreeBSD 6.2>FreeBSD 6.2Rのインストール]]~
+[[Clam AV のインストール>#fd009bcf]]
+[[amavis-new のインストール>#g4afcc19]]
+[[「amavisd-new」と「Clam AV」の実行ユーザを同じにする必...
++[[「Clam AV」を変更する場合>#b00ffd63]]
++[[「amavisd-new」の側を変更する場合は>#d616f97e]]ここか...
+[[amavis-new 設定>#x11567ad]]
++[[/usr/local/etc/amavisd.conf>#s14d1f31]]
++[[/etc/rc.conf>#be3dac07]]
+[[MTA(Postfix)との接続>#g20fecb9]]
++[[MTA(Postfix)との接続をするための設定>#a54e9955]]
+[[Junk>#l1a9111c]]
----
http://www.google.co.jp/search?hl=ja&q=amavis+postfix+cla...
http://www.google.co.jp/search?hl=ja&q=amavis+postfix+cla...
----
**Clam AV [#fd009bcf]
http://clamav-jp.sourceforge.jp/
cd /usr/ports/security/clamav
make install clean
#ref(clamav.jpg)
===> Registering installation for clamav-0.91.2
===> SECURITY REPORT:
This port has installed the following files which m...
servers and may therefore pose a remote security ri...
/usr/local/sbin/clamd
This port has installed the following startup scrip...
these network services to be started at boot time.
/usr/local/etc/rc.d/clamav-milter
/usr/local/etc/rc.d/clamav-freshclam
/usr/local/etc/rc.d/clamav-clamd
/usr/local/etc/clamd.conf
LogFileMaxSize 3M
LogVerbose yes
/etc/rc.conf
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
----
**amavisd-new [#g4afcc19]
# cd /usr/ports/security/amavisd-new
# make
#ref(amavisd-new.jpg)
# make install
********************************************************...
To use amavisd-new, you need to install at least one vir...
The following virus scanners are available in the FreeBS...
collection:
/usr/ports/security/vscan McAfee VirusScan
/usr/ports/security/clamav Clam Antivirus
/usr/ports/security/f-prot F-Prot Antivirus
/usr/ports/security/drweb DrWeb antivirus suite
Enable amavisd-new in /etc/rc.conf with the following li...
amavisd_enable="YES"
Optionally enable amavisd tmp ram disk with: (example 51...
amavisd_ram="512m"
If you have installed and want to use the amavis sendmai...
you need the following additional line in /etc/rc.conf:
amavis_milter_enable="YES"
If you have installed and want to use the p0fanalyzer in...
you need the following additional lines in /etc/rc.conf
(with modifications according to your needs):
amavis_p0fanalyzer_enable="YES"
amavis_p0fanalyzer_p0f_filter="tcp dst port 25"
You can pass another command line options to p0f daemon ...
amavis_p0f_daemon_flags and to p0f-analyzer.pl by setting
amavis_p0fanalyzer_flags.
Configuration templates are available in /usr/local/etc
as amavisd.conf-dist, amavisd.conf-sample, amavisd.conf-...
and amavisd-custom.conf-dist.
Documentation is available in /usr/local/share/doc/amavi...
********************************************************...
===> Installing rc.d startup script(s)
===> Registering installation for amavisd-new-2.5.2,1
===> SECURITY REPORT:
This port has installed the following files which m...
servers and may therefore pose a remote security ri...
/usr/local/sbin/amavis-milter
This port has installed the following startup scrip...
these network services to be started at boot time.
/usr/local/etc/rc.d/amavis-milter
/usr/local/etc/rc.d/amavisd
If there are vulnerabilities in these programs ther...
risk to the system. FreeBSD makes no guarantee abou...
ports included in the Ports Collection. Please type...
to deinstall the port if this is a concern.
For more information, and contact details about the...
status of this software, see the following webpage:
http://www.ijs.si/software/amavisd/
----
**「amavisd-new」と「Clam AV」の実行ユーザを同じにする必...
のだそうであるが、ネット上のインストール記事をみると、ど...
***「Clam AV」を変更する場合 [#b00ffd63]
http://www.crimson-snow.net/hmsvr/bsd/maild/clamav.html
FreeBSD# vi /usr/local/etc/clamd.conf <= 設定ファイルの...
User clamav
↓
User vscan <= 「amavisd-new」の実行ユーザに合わせる
# chown -R vscan:vscan /var/run/clamav <= オーナの変更
これだけけだと、起動時に
ERROR: Can't open /var/log/clamav/clamd.log in append mo...
ERROR: problem with internal logger. Please check the pe...
と言うエラーが出る。
# chown -R vscan:vscan /var/log/clamav
とするだけでは、まだ、同様のエラーを吐くので、clamd.log ...
また、freshclam.logには、
ERROR: Can't save PID to file /var/run/clamav/freshclam....
というエラーがあり、/var/run/clamavのパーミッションを落と...
srwxrwxrwx 1 vscan vscan 0 Sep 27 13:32 clamd
-rw-rw---- 1 vscan vscan 3 Sep 27 13:32 clamd.pid
-rw-rw---- 1 clamav vscan 3 Sep 27 13:32 freshclam.pid
コリャもう一度作り直した方が良いかも・・・ということで、
# cd /usr/ports/security/clamav
# make CLAMAVUSER=vscan CLAMAVGROUP=vscan
# make install
install -o root -g wheel -m 555 -s .libs/clamconf /usr/l...
Making install in database
/bin/sh ../mkinstalldirs /var/db/clamav
mkdir /var/db/clamav
chown: vscan: Invalid argument
*** Error code 1
Stop in /usr/ports/security/clamav/work/clamav-0.91.2/da...
*** Error code 1
Stop in /usr/ports/security/clamav/work/clamav-0.91.2.
*** Error code 1
Stop in /usr/ports/security/clamav.
*** Error code 1
Stop in /usr/ports/security/clamav.
ということで、あえなくエラー
元へ戻すか・・・
# cd /usr/ports/security/clamav
# rm -R work
# make rmconfig
# make
# make deinstall
===> Deinstalling for security/clamav
===> Deinstalling clamav-0.91.2
====================================================
If you want remove clamav permanently from you system
execute following commands:
# rm -rf /var/log/clamav
# rm -rf /var/run/clamav
# rm -rf /var/db/clamav
# pw userdel clamav
====================================================
# make install
として、いれなおし!
***「amavisd-new」の側を変更する場合は [#d616f97e]
http://www.leafgreen.jp/freebsd/clamav.html
何も指定しないとvscanというユーザでAMAViSが動作するのです...
なので、私はAMAViSをclamavユーザで動作させるようにしまし...
"AMAVISUSER=clamav AMAVISGROUP=clamav"をmakeで指定します。
インストール
portinstall security/amavisd-new
# cd /usr/ports/security/amavisd-new
# make AMAVISUSER=clamav AMAVISGROUP=clamav
# make install
どうやら、こちらの方がよさそうなので、
# cd /usr/ports/security/amavisd-new
# rm -R work
# make deinstall
===> Deinstalling for security/amavisd-new
===> Deinstalling amavisd-new-2.5.2,1
You should manually remove the "vscan" group.
You should manually remove the "vscan" user.
You should manually remove the "/var/amavis" directory.
You should manually remove the "/var/virusmails" directo...
あらまぁ、面倒見がわるいこと・・・
# pw groupdel vscan
# pw userdel vscan
# rm -rf /var/amavis
# rm -rf /var/virusmails
# make rmconfig
===> Removing user-configured options for amavisd-new-2....
として消去
# make AMAVISUSER=clamav AMAVISGROUP=clamav
# make install
としたが、なぜかオーナがvscanのまま・・・・で、makeのオプ...
ので、
# cd /usr/ports/security/amavisd-new
# cp Makefile Makefile-dist として待避
# vi Makefile
---------------------------------
- AMAVISUSER?= vscan #この部分を
- AMAVISGROUP?= vscan
---------------------------------
+ AMAVISUSER?= clamav #このように編集
+ AMAVISGROUP?= clamav
---------------------------------
#make
#make install
としてインストール~
インストールされた/var/amavisなどが望みのオーナかどうか確...
# pwd
/var/amavis
# ll
total 6
drwxr-x--- 2 clamav clamav 512 Sep 28 04:38 db
drwxr-x--- 2 clamav clamav 512 Sep 28 04:38 tmp
drwxr-x--- 2 clamav clamav 512 Sep 28 04:38 var
OK。
**amavis-new 設定 [#x11567ad]
hotshot# cp /usr/Backups/hotshot/usr/local/etc/amavisd.c...
***/usr/local/etc/amavisd.conf [#s14d1f31]
デフォルトの状態では、ClamAVに関する部分はコメントになっ...
### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: run clamd under the same user as amavisd; match...
# name (LocalSocket) in clamav.conf to the socket name i...
# When running chrooted one may prefer: ["CONTSCAN {}\n"...
その他の設定は、こんな感じ。
$mydomain = 'your.domain'; #ドメ...
$myhostname='host.your.domain'; #ホスト名
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025'; #チェックし...
// $forward_method = 'smtp:127.0.0.1:10025'; $notify_met...
// $insert_received_line = 0;
// $DO_SYSLOG = 0;
// $LOGFILE = "/var/log/amavis/amavis.log";
// $hdr_encoding = 'iso-2022-jp';
// $bdy_encoding = 'iso-2022-jp';
$final_virus_destiny = D_DISCARD; #最終的な...
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_DISCARD; #SPAMメール...
$final_bad_header_destiny = D_PASS;
// $warnvirussender = 0;
// $warnspamsender = 0;
//$warnbannedsender = 0;
//$spam_admin = 'spamalert@$mydomain'; #SPAM...
//$virus_admin ='virusalert@$mydomain'; #...
***/etc/rc.conf [#be3dac07]
amavisd_enable="YES"
***ClamAV-clamd: Can't connect to UNIX socket /var/run/cl...
というエラーがでていた
Dec 1 00:00:03 blackcube amavis[98844]: (98844-11) (!)C...
Dec 1 00:00:09 blackcube amavis[98844]: (98844-11) (!!)...
(Can't connect to UNIX socket /var/run/clamav/clamd: No ...
で、/var/run/clamav には、clamd ではなく、 clamd.sock ...
/usr/local/etc/amavisd.conf
### http://www.clamav.net/
['ClamAV-clamd',
## \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/cl...
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clam...
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
と変更。
----
*MTA(Postfix)との接続 [#g20fecb9]
**MTA(Postfix)との接続をするための設定 [#a54e9955]
#vi /usr/local/etc/postfix/main.cf
content_filter = smtp-amavis:[127.0.0.1]:10024
の1行を追加。
#vi /usr/local/etc/postfix/master.cf
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
※“-o”で始まる行(2行目以降)の先頭には必ずTABやスペースを...
SPAMやウィルスメールを検出したときに通知されるエイリアス...
# vi /etc/mail/aliases
virusalert: foo@your.domain
spamalert: bar@your.domain
# newaliases
----
**Junk [#l1a9111c]
mail server が動作緩慢になった。
top してみると
PID USERNAME THR PRI NICE SIZE RES STATE TIME ...
2118 vscan 1 129 0 41592K 39496K RUN 0:41 ...
2113 vscan 1 129 0 41776K 39680K RUN 0:45 ...
871 clamav 1 4 0 46392K 43844K accept 1:40 ...
と・・・・@@
ググって、
http://www.opensource.apple.com/darwinsource/Current/Spam...
5.1.3. amavisd-new
amavisd-newは、amavisdをもとにMark Martinecが書き直し、パ...
とのこと。
で、設定を変えた覚えはないけど、
/usr/local/etc/amavisd.conf 見てみたら、
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd...
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
辺りがコメントアウトになってますた。
変えた覚えないんだけどな~~~???
**Junk2 [#l058b055]
amavisnew のアップグレードした
# chown -R clamav:clamav /var/amavis/
**Junk3 /bin/rm: Argument list too long. [#d876e954]
/var/virusmails/ に、沢山のファイルがたまっているので、rm...
/bin/rm: Argument list too long.
といわれるので、
echo /var/virusmails/* | xargs rm
した。
終了行:
*Virus Scan on Mail Server [#p05ec9de]
#counter([total|today|yesterday]);
RIGHT:&lastmod;更新
----
Contents
#contents
[[VirusScan on Mail Server-Update]]
----
*clamd ソケット [#kd22aff7]
正常な状態
hotshot# cd /var/run/clamav
hotshot# ll
total 4
srw-rw-rw- 1 clamav clamav 0 Apr 22 09:18 clamd
-rw-rw-r-- 1 clamav clamav 4 Apr 22 09:18 clamd.pid
-rw-rw---- 1 clamav clamav 4 Apr 22 09:18 freshclam.pid
*TOP [#w6eff6b5]
正常時のメールサーバの top (Virus scan 関連)
PID USERNAME THR PRI NICE SIZE RES STATE C ...
667 clamav 1 96 0 57056K 1636K select 0 ...
974 clamav 1 96 0 58212K 36572K select 0 ...
975 clamav 1 20 0 57948K 34044K lockf 1 ...
676 clamav 1 4 0 75960K 0K accept 1 ...
681 clamav 1 20 0 4280K 0K pause 0 ...
*ClamAV engine is outdated. [#y42905fa]
Jan 17 08:51:31 k222 kernel: Starting clamav_clamd.
Jan 17 08:51:31 k222 kernel: LibClamAV Warning: ********...
Jan 17 08:51:31 k222 kernel: LibClamAV Warning: *** Thi...
Jan 17 08:51:31 k222 kernel: LibClamAV Warning: *** DON'...
Jan 17 08:51:31 k222 kernel: LibClamAV Warning: ********...
Jan 17 08:51:33 k222 kernel: Starting clamav_freshclam.
k222# pkg_info
k222# portupgrade clamav-0.95.1_1
んで、何かの拍子に/var/amavis/*/ と、/var/virusmails のオ...
# chown clamav:clamav /var/amavis/
等としておく。
**起動時のエラー? [#h8fcbd3a]
起動時の(flora=マシン名)コンソールログに(cf: [[コンソー...
Jan 21 04:34:46 flora amavis[877]: (00877-01) (!)ClamAV-...
/var/run/clamav/clamd: No such file or directory, retry...
Jan 21 04:34:52 flora amavis[877]: (00877-01) (!!)ClamAV...
/var/run/clamav/clamd (Can't connect to UNIX socket /va...
Jan 21 04:34:52 flora amavis[877]: (00877-01) (!!)WARN: ...
などという警告がでるので、
// # mkdir /var/run/clamv/clamv
// # chown clamav:clamav /var/run/clamv/clamd
//しておく。これで
// Jan 21 04:52:13 flora amavis[667]: Using primary inter...
// Jan 21 04:52:13 flora amavis[667]: Found secondary av ...
// Jan 21 04:52:13 flora amavis[667]: Creating db in /var...
// Jan 21 04:52:16 flora kernel: Starting clamav_freshclam.
//と、エラーは無くなったが、/var/run/clamv/clamd/ には、...
***/usr/local/etc/clamd.conf [#o415c1a4]
これを設定しておかないと/var/run/clamav/clamd が生成され...
/usr/local/etc/clamd.conf
User clamav
#User vscan
LocalSocket /var/run/clamav/clamd
#LocalSocket /var/run/clamav/clamd.sock
と設定し、
Jan 21 05:38:54 flora amavis[666]: Using primary interna...
Jan 21 05:38:54 flora amavis[666]: Found secondary av sc...
Jan 21 05:38:54 flora amavis[666]: Creating db in /var/a...
Jan 21 05:38:57 flora kernel: Starting clamav_freshclam.
となりました。
*メールサーバ上でウイルススキャン&スパムスキャンを動作さ...
使用ソフト:ClamAV, amavis-new~
MTA : [[Postfix>Postfix on FreeBSD]]~
OS : [[FreeBSD 6.2>FreeBSD 6.2Rのインストール]]~
+[[Clam AV のインストール>#fd009bcf]]
+[[amavis-new のインストール>#g4afcc19]]
+[[「amavisd-new」と「Clam AV」の実行ユーザを同じにする必...
++[[「Clam AV」を変更する場合>#b00ffd63]]
++[[「amavisd-new」の側を変更する場合は>#d616f97e]]ここか...
+[[amavis-new 設定>#x11567ad]]
++[[/usr/local/etc/amavisd.conf>#s14d1f31]]
++[[/etc/rc.conf>#be3dac07]]
+[[MTA(Postfix)との接続>#g20fecb9]]
++[[MTA(Postfix)との接続をするための設定>#a54e9955]]
+[[Junk>#l1a9111c]]
----
http://www.google.co.jp/search?hl=ja&q=amavis+postfix+cla...
http://www.google.co.jp/search?hl=ja&q=amavis+postfix+cla...
----
**Clam AV [#fd009bcf]
http://clamav-jp.sourceforge.jp/
cd /usr/ports/security/clamav
make install clean
#ref(clamav.jpg)
===> Registering installation for clamav-0.91.2
===> SECURITY REPORT:
This port has installed the following files which m...
servers and may therefore pose a remote security ri...
/usr/local/sbin/clamd
This port has installed the following startup scrip...
these network services to be started at boot time.
/usr/local/etc/rc.d/clamav-milter
/usr/local/etc/rc.d/clamav-freshclam
/usr/local/etc/rc.d/clamav-clamd
/usr/local/etc/clamd.conf
LogFileMaxSize 3M
LogVerbose yes
/etc/rc.conf
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
----
**amavisd-new [#g4afcc19]
# cd /usr/ports/security/amavisd-new
# make
#ref(amavisd-new.jpg)
# make install
********************************************************...
To use amavisd-new, you need to install at least one vir...
The following virus scanners are available in the FreeBS...
collection:
/usr/ports/security/vscan McAfee VirusScan
/usr/ports/security/clamav Clam Antivirus
/usr/ports/security/f-prot F-Prot Antivirus
/usr/ports/security/drweb DrWeb antivirus suite
Enable amavisd-new in /etc/rc.conf with the following li...
amavisd_enable="YES"
Optionally enable amavisd tmp ram disk with: (example 51...
amavisd_ram="512m"
If you have installed and want to use the amavis sendmai...
you need the following additional line in /etc/rc.conf:
amavis_milter_enable="YES"
If you have installed and want to use the p0fanalyzer in...
you need the following additional lines in /etc/rc.conf
(with modifications according to your needs):
amavis_p0fanalyzer_enable="YES"
amavis_p0fanalyzer_p0f_filter="tcp dst port 25"
You can pass another command line options to p0f daemon ...
amavis_p0f_daemon_flags and to p0f-analyzer.pl by setting
amavis_p0fanalyzer_flags.
Configuration templates are available in /usr/local/etc
as amavisd.conf-dist, amavisd.conf-sample, amavisd.conf-...
and amavisd-custom.conf-dist.
Documentation is available in /usr/local/share/doc/amavi...
********************************************************...
===> Installing rc.d startup script(s)
===> Registering installation for amavisd-new-2.5.2,1
===> SECURITY REPORT:
This port has installed the following files which m...
servers and may therefore pose a remote security ri...
/usr/local/sbin/amavis-milter
This port has installed the following startup scrip...
these network services to be started at boot time.
/usr/local/etc/rc.d/amavis-milter
/usr/local/etc/rc.d/amavisd
If there are vulnerabilities in these programs ther...
risk to the system. FreeBSD makes no guarantee abou...
ports included in the Ports Collection. Please type...
to deinstall the port if this is a concern.
For more information, and contact details about the...
status of this software, see the following webpage:
http://www.ijs.si/software/amavisd/
----
**「amavisd-new」と「Clam AV」の実行ユーザを同じにする必...
のだそうであるが、ネット上のインストール記事をみると、ど...
***「Clam AV」を変更する場合 [#b00ffd63]
http://www.crimson-snow.net/hmsvr/bsd/maild/clamav.html
FreeBSD# vi /usr/local/etc/clamd.conf <= 設定ファイルの...
User clamav
↓
User vscan <= 「amavisd-new」の実行ユーザに合わせる
# chown -R vscan:vscan /var/run/clamav <= オーナの変更
これだけけだと、起動時に
ERROR: Can't open /var/log/clamav/clamd.log in append mo...
ERROR: problem with internal logger. Please check the pe...
と言うエラーが出る。
# chown -R vscan:vscan /var/log/clamav
とするだけでは、まだ、同様のエラーを吐くので、clamd.log ...
また、freshclam.logには、
ERROR: Can't save PID to file /var/run/clamav/freshclam....
というエラーがあり、/var/run/clamavのパーミッションを落と...
srwxrwxrwx 1 vscan vscan 0 Sep 27 13:32 clamd
-rw-rw---- 1 vscan vscan 3 Sep 27 13:32 clamd.pid
-rw-rw---- 1 clamav vscan 3 Sep 27 13:32 freshclam.pid
コリャもう一度作り直した方が良いかも・・・ということで、
# cd /usr/ports/security/clamav
# make CLAMAVUSER=vscan CLAMAVGROUP=vscan
# make install
install -o root -g wheel -m 555 -s .libs/clamconf /usr/l...
Making install in database
/bin/sh ../mkinstalldirs /var/db/clamav
mkdir /var/db/clamav
chown: vscan: Invalid argument
*** Error code 1
Stop in /usr/ports/security/clamav/work/clamav-0.91.2/da...
*** Error code 1
Stop in /usr/ports/security/clamav/work/clamav-0.91.2.
*** Error code 1
Stop in /usr/ports/security/clamav.
*** Error code 1
Stop in /usr/ports/security/clamav.
ということで、あえなくエラー
元へ戻すか・・・
# cd /usr/ports/security/clamav
# rm -R work
# make rmconfig
# make
# make deinstall
===> Deinstalling for security/clamav
===> Deinstalling clamav-0.91.2
====================================================
If you want remove clamav permanently from you system
execute following commands:
# rm -rf /var/log/clamav
# rm -rf /var/run/clamav
# rm -rf /var/db/clamav
# pw userdel clamav
====================================================
# make install
として、いれなおし!
***「amavisd-new」の側を変更する場合は [#d616f97e]
http://www.leafgreen.jp/freebsd/clamav.html
何も指定しないとvscanというユーザでAMAViSが動作するのです...
なので、私はAMAViSをclamavユーザで動作させるようにしまし...
"AMAVISUSER=clamav AMAVISGROUP=clamav"をmakeで指定します。
インストール
portinstall security/amavisd-new
# cd /usr/ports/security/amavisd-new
# make AMAVISUSER=clamav AMAVISGROUP=clamav
# make install
どうやら、こちらの方がよさそうなので、
# cd /usr/ports/security/amavisd-new
# rm -R work
# make deinstall
===> Deinstalling for security/amavisd-new
===> Deinstalling amavisd-new-2.5.2,1
You should manually remove the "vscan" group.
You should manually remove the "vscan" user.
You should manually remove the "/var/amavis" directory.
You should manually remove the "/var/virusmails" directo...
あらまぁ、面倒見がわるいこと・・・
# pw groupdel vscan
# pw userdel vscan
# rm -rf /var/amavis
# rm -rf /var/virusmails
# make rmconfig
===> Removing user-configured options for amavisd-new-2....
として消去
# make AMAVISUSER=clamav AMAVISGROUP=clamav
# make install
としたが、なぜかオーナがvscanのまま・・・・で、makeのオプ...
ので、
# cd /usr/ports/security/amavisd-new
# cp Makefile Makefile-dist として待避
# vi Makefile
---------------------------------
- AMAVISUSER?= vscan #この部分を
- AMAVISGROUP?= vscan
---------------------------------
+ AMAVISUSER?= clamav #このように編集
+ AMAVISGROUP?= clamav
---------------------------------
#make
#make install
としてインストール~
インストールされた/var/amavisなどが望みのオーナかどうか確...
# pwd
/var/amavis
# ll
total 6
drwxr-x--- 2 clamav clamav 512 Sep 28 04:38 db
drwxr-x--- 2 clamav clamav 512 Sep 28 04:38 tmp
drwxr-x--- 2 clamav clamav 512 Sep 28 04:38 var
OK。
**amavis-new 設定 [#x11567ad]
hotshot# cp /usr/Backups/hotshot/usr/local/etc/amavisd.c...
***/usr/local/etc/amavisd.conf [#s14d1f31]
デフォルトの状態では、ClamAVに関する部分はコメントになっ...
### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: run clamd under the same user as amavisd; match...
# name (LocalSocket) in clamav.conf to the socket name i...
# When running chrooted one may prefer: ["CONTSCAN {}\n"...
その他の設定は、こんな感じ。
$mydomain = 'your.domain'; #ドメ...
$myhostname='host.your.domain'; #ホスト名
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025'; #チェックし...
// $forward_method = 'smtp:127.0.0.1:10025'; $notify_met...
// $insert_received_line = 0;
// $DO_SYSLOG = 0;
// $LOGFILE = "/var/log/amavis/amavis.log";
// $hdr_encoding = 'iso-2022-jp';
// $bdy_encoding = 'iso-2022-jp';
$final_virus_destiny = D_DISCARD; #最終的な...
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_DISCARD; #SPAMメール...
$final_bad_header_destiny = D_PASS;
// $warnvirussender = 0;
// $warnspamsender = 0;
//$warnbannedsender = 0;
//$spam_admin = 'spamalert@$mydomain'; #SPAM...
//$virus_admin ='virusalert@$mydomain'; #...
***/etc/rc.conf [#be3dac07]
amavisd_enable="YES"
***ClamAV-clamd: Can't connect to UNIX socket /var/run/cl...
というエラーがでていた
Dec 1 00:00:03 blackcube amavis[98844]: (98844-11) (!)C...
Dec 1 00:00:09 blackcube amavis[98844]: (98844-11) (!!)...
(Can't connect to UNIX socket /var/run/clamav/clamd: No ...
で、/var/run/clamav には、clamd ではなく、 clamd.sock ...
/usr/local/etc/amavisd.conf
### http://www.clamav.net/
['ClamAV-clamd',
## \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/cl...
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clam...
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
と変更。
----
*MTA(Postfix)との接続 [#g20fecb9]
**MTA(Postfix)との接続をするための設定 [#a54e9955]
#vi /usr/local/etc/postfix/main.cf
content_filter = smtp-amavis:[127.0.0.1]:10024
の1行を追加。
#vi /usr/local/etc/postfix/master.cf
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
※“-o”で始まる行(2行目以降)の先頭には必ずTABやスペースを...
SPAMやウィルスメールを検出したときに通知されるエイリアス...
# vi /etc/mail/aliases
virusalert: foo@your.domain
spamalert: bar@your.domain
# newaliases
----
**Junk [#l1a9111c]
mail server が動作緩慢になった。
top してみると
PID USERNAME THR PRI NICE SIZE RES STATE TIME ...
2118 vscan 1 129 0 41592K 39496K RUN 0:41 ...
2113 vscan 1 129 0 41776K 39680K RUN 0:45 ...
871 clamav 1 4 0 46392K 43844K accept 1:40 ...
と・・・・@@
ググって、
http://www.opensource.apple.com/darwinsource/Current/Spam...
5.1.3. amavisd-new
amavisd-newは、amavisdをもとにMark Martinecが書き直し、パ...
とのこと。
で、設定を変えた覚えはないけど、
/usr/local/etc/amavisd.conf 見てみたら、
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd...
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
辺りがコメントアウトになってますた。
変えた覚えないんだけどな~~~???
**Junk2 [#l058b055]
amavisnew のアップグレードした
# chown -R clamav:clamav /var/amavis/
**Junk3 /bin/rm: Argument list too long. [#d876e954]
/var/virusmails/ に、沢山のファイルがたまっているので、rm...
/bin/rm: Argument list too long.
といわれるので、
echo /var/virusmails/* | xargs rm
した。
ページ名:
![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
