- 追加された行はこの色です。
- 削除された行はこの色です。
*amavisd-new [#sf2e6332]
#counter([total|today|yesterday]);
RIGHT:&lastmod;更新
----
Contents
#contents
----
*Virus Scan ON [#b25d1be2]
/etc/rc.conf
###################20100124 再度 ON #####################################
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
amavisd_enable="YES"
####################################################################
/usr/local/etc/postfix/main.cf
#VirusFilter AMAVIS#################################################################
content_filter = smtp-amavis:[127.0.0.1]:10024
mailbox_command = /usr/sbin/amavis "$SENDER" "$RECIPIENT"
/usr/local/etc/postfix/master.cf
############ For amavis-new & clamav ###################################
#smtp-amavis unix - - n - 2 smtp
smtp-amavis unix - - n - 3 smtp
#smtp-amavis unix - - n - 10 smtp
#smtp-amavis unix - - n - 15 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
#####EOF
reboot
Jan 24 04:56:26 guard amavis[919]: (00919-02)
(!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.sock: 2, retrying (2)
/usr/local/etc/amavisd.conf
['ClamAV-clamd',
# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
guard:root {109} % amavisd reload
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Waiting for the process [879] to terminate
Sending SIGKILL to amavisd[879]
Daemon [879] terminated by SIGKILL, waiting for dust to settle...
becoming a new daemon...
*amavisd-new [#sf2e6332]
故有って再びウイルススキャンを稼働させることにしてみる。
まずは、portsを最新にして、/usr/ports/security/amavisd-new/Makefile を
AMAVISUSER?= clamav
AMAVISGROUP?= clamav
としておく。で、
guard:root {131} % portupgrade amavisd-new-2.5.3,1
するが、
===> p5-Net-DNS-SEC-0.15_1 depends on package: p5-Net-DNS>=0.64 - not found
===> Found p5-Net-DNS-0.61, but you need to upgrade to p5-Net-DNS>=0.64.
*** Error code 1
Stop in /usr/ports/dns/p5-Net-DNS-SEC.
*** Error code 1
Stop in /usr/ports/dns/p5-Net-DNS-SEC.
などと方々でエラー・・・・
いろいろモジュールが古いとのことで、エラーを手動で解除してゆき
*******************************************************************
To use amavisd-new, you need to install at least one virus scanner.
The following virus scanners are available in the FreeBSD ports
collection:
/usr/ports/security/vscan McAfee VirusScan
/usr/ports/security/clamav Clam Antivirus
/usr/ports/security/f-prot F-Prot Antivirus
/usr/ports/security/drweb DrWeb antivirus suite
Enable amavisd-new in /etc/rc.conf with the following line:
amavisd_enable="YES"
You can set the pidfile, if you do not use the default path:
amavisd_pidfile="/var/amavis/amavisd.pid"
Optionally enable amavisd tmp ram disk with: (DISCOURAGED!)
amavisd_ram="512m"
If you have installed and want to use the amavis sendmail milter interface,
you need the following additional line in /etc/rc.conf:
amavis_milter_enable="YES"
If you have installed and want to use the p0fanalyzer interface,
you need the following additional lines in /etc/rc.conf
(with modifications according to your needs):
amavis_p0fanalyzer_enable="YES"
amavis_p0fanalyzer_p0f_filter="tcp dst port 25"
You can pass another command line options to p0f daemon by setting
amavis_p0f_daemon_flags and to p0f-analyzer.pl by setting
amavis_p0fanalyzer_flags.
Configuration templates are available in /usr/local/etc
as amavisd.conf-dist, amavisd.conf-sample, amavisd.conf-default
and amavisd-custom.conf-dist.
Documentation is available in /usr/local/share/doc/amavisd-new.
*******************************************************************
===> Installing rc.d startup script(s)
===> Registering installation for amavisd-new-2.6.4_4,1
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/sbin/amavis-milter
This port has installed the following startup scripts which may cause
these network services to be started at boot time.
/usr/local/etc/rc.d/amavis-milter
/usr/local/etc/rc.d/amavisd
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://www.ijs.si/software/amavisd/
===> Cleaning for ripole-0.2.0
===> Cleaning for amavisd-new-2.6.4_4,1
---> Cleaning out obsolete shared libraries
[Updating the pkgdb <format:bdb_btree> in /var/db/pkg ... - 338 packages found (-0 +2) .. done]
guard:root {157} %
*起動時エラー [#nf73a677]
/etc/rc.conf に、
###################20100118 再度 ON #####################################
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
amavisd_enable="YES"
####################################################################
を再度書き込んで、reboot するが、エラー
Jan 18 08:59:23 guard kernel: Starting amavisd.
Jan 18 08:59:25 guard kernel: ERROR: MISSING REQUIRED BASIC MODULES:
Jan 18 08:59:25 guard kernel: Compress::Zlib
Jan 18 08:59:25 guard kernel: Net::Server
Jan 18 08:59:25 guard kernel: Net::Server::PreFork
Jan 18 08:59:25 guard kernel: BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 237.
guard:root {103} % cpan
Terminal does not support AddHistory.
cpan shell -- CPAN exploration and modules installation (v1.9301)
ReadLine support available (maybe install Bundle::CPAN or Bundle::CPANxxl?)
cpan[1]> install Compress::Zlib
: : :
Appending installation info to /usr/local/lib/perl5/5.8.9/mach/perllocal.pod
RHANDOM/Net-Server-0.97.tar.gz
/usr/bin/make install -- OK
Warning (usually harmless): 'YAML' not installed, will not store persistent state
cpan[3]> install Net::Server::PreFork
Net::Server::PreFork is up to date (undef).
cpan[4]> exit
Terminal does not support GetHistory.
Lockfile removed.
guard:root {104} %reboot
Jan 18 09:20:08 guard kernel: Starting amavisd.
Jan 18 09:20:10 guard kernel: fetch_modules: error loading optional module MIME/Decoder/BinHex.pm:
Jan 18 09:20:10 guard kernel: Can't locate Convert/BinHex.pm in @INC (@INC contains: /usr/local/lib/perl5/5.8.9/BSDPAN
/usr/local/lib/perl5/site_perl/5.8.9/mach
/usr/local/lib/perl5/site_perl/5.8.9 /usr/local/lib/perl5/5.8.9/mach /usr/local/lib/perl5/5.8.9) at
/usr/local/lib/perl5/site_perl/5.8.9/MIME/Decoder/BinHex.pm line 43.
Jan 18 09:20:10 guard kernel: BEGIN failed--compilation aborted at
/usr/local/lib/perl5/site_perl/5.8.9/MIME/Decoder/BinHex.pm line 43.
Jan 18 09:20:10 guard kernel: Compilation failed in require at
/usr/local/sbin/amavisd line 197.
Jan 18 09:20:11 guard kernel: Problem in Amavis::Unpackers code:
Can't locate Convert/UUlib.pm in @INC (@INC contains: /usr/local/lib/perl5/5.8.9/BSDPAN
/usr/local/lib/perl5/site_perl/5.8.9/mach /usr/local/lib/perl5/site_perl/5.8.9 /usr/local/lib/perl5/5.8.9/mach
/usr/local/lib/perl5/5.8.9) at (eval 107) line 33.
Jan 18 09:20:11 guard kernel: BEGIN failed--compilation aborted at (eval 107) line 33.
Jan 18 09:20:12 guard kernel: Starting clamav_clamd.
Jan 18 09:20:17 guard kernel: Starting clamav_freshclam.
cpan[2]> install Convert::BinHex
guard:root {106} % amavisd start
Problem in Amavis::Unpackers code: Can't locate Convert/UUlib.pm in @INC (@INC contains: /usr/local/lib/perl5/5.8.9/BSDPAN
/usr/local/lib/perl5/site_perl/5.8.9/mach /usr/local/lib/perl5/site_perl/5.8.9 /usr/local/lib/perl5/5.8.9/mach
/usr/local/lib/perl5/5.8.9) at (eval 107) line 33.
BEGIN failed--compilation aborted at (eval 107) line 33.
cpan[1]> install Convert::UUlib