![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
#counter([total|today|yesterday]); RIGHT:&lastmod;更新 ---- Contents #contents ---- *Virus Scan ON [#b25d1be2] /etc/rc.conf ###################20100124 再度 ON ##################################### clamav_clamd_enable="YES" clamav_freshclam_enable="YES" amavisd_enable="YES" #################################################################### /usr/local/etc/postfix/main.cf #VirusFilter AMAVIS################################################################# content_filter = smtp-amavis:[127.0.0.1]:10024 mailbox_command = /usr/sbin/amavis "$SENDER" "$RECIPIENT" /usr/local/etc/postfix/master.cf ############ For amavis-new & clamav ################################### #smtp-amavis unix - - n - 2 smtp smtp-amavis unix - - n - 3 smtp #smtp-amavis unix - - n - 10 smtp #smtp-amavis unix - - n - 15 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes #####EOF reboot Jan 24 04:56:26 guard amavis[919]: (00919-02) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.sock: 2, retrying (2) /usr/local/etc/amavisd.conf ['ClamAV-clamd', # \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"], \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], guard:root {109} % amavisd reload Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Waiting for the process [879] to terminate Sending SIGKILL to amavisd[879] Daemon [879] terminated by SIGKILL, waiting for dust to settle... becoming a new daemon... *amavisd-new [#sf2e6332] 故有って再びウイルススキャンを稼働させることにしてみる。 まずは、portsを最新にして、/usr/ports/security/amavisd-new/Makefile を AMAVISUSER?= clamav AMAVISGROUP?= clamav としておく。で、 guard:root {131} % portupgrade amavisd-new-2.5.3,1 するが、 ===> p5-Net-DNS-SEC-0.15_1 depends on package: p5-Net-DNS>=0.64 - not found ===> Found p5-Net-DNS-0.61, but you need to upgrade to p5-Net-DNS>=0.64. *** Error code 1 Stop in /usr/ports/dns/p5-Net-DNS-SEC. *** Error code 1 Stop in /usr/ports/dns/p5-Net-DNS-SEC. などと方々でエラー・・・・ いろいろモジュールが古いとのことで、エラーを手動で解除してゆき ******************************************************************* To use amavisd-new, you need to install at least one virus scanner. The following virus scanners are available in the FreeBSD ports collection: /usr/ports/security/vscan McAfee VirusScan /usr/ports/security/clamav Clam Antivirus /usr/ports/security/f-prot F-Prot Antivirus /usr/ports/security/drweb DrWeb antivirus suite Enable amavisd-new in /etc/rc.conf with the following line: amavisd_enable="YES" You can set the pidfile, if you do not use the default path: amavisd_pidfile="/var/amavis/amavisd.pid" Optionally enable amavisd tmp ram disk with: (DISCOURAGED!) amavisd_ram="512m" If you have installed and want to use the amavis sendmail milter interface, you need the following additional line in /etc/rc.conf: amavis_milter_enable="YES" If you have installed and want to use the p0fanalyzer interface, you need the following additional lines in /etc/rc.conf (with modifications according to your needs): amavis_p0fanalyzer_enable="YES" amavis_p0fanalyzer_p0f_filter="tcp dst port 25" You can pass another command line options to p0f daemon by setting amavis_p0f_daemon_flags and to p0f-analyzer.pl by setting amavis_p0fanalyzer_flags. Configuration templates are available in /usr/local/etc as amavisd.conf-dist, amavisd.conf-sample, amavisd.conf-default and amavisd-custom.conf-dist. Documentation is available in /usr/local/share/doc/amavisd-new. ******************************************************************* ===> Installing rc.d startup script(s) ===> Registering installation for amavisd-new-2.6.4_4,1 ===> SECURITY REPORT: This port has installed the following files which may act as network servers and may therefore pose a remote security risk to the system. /usr/local/sbin/amavis-milter This port has installed the following startup scripts which may cause these network services to be started at boot time. /usr/local/etc/rc.d/amavis-milter /usr/local/etc/rc.d/amavisd If there are vulnerabilities in these programs there may be a security risk to the system. FreeBSD makes no guarantee about the security of ports included in the Ports Collection. Please type 'make deinstall' to deinstall the port if this is a concern. For more information, and contact details about the security status of this software, see the following webpage: http://www.ijs.si/software/amavisd/ ===> Cleaning for ripole-0.2.0 ===> Cleaning for amavisd-new-2.6.4_4,1 ---> Cleaning out obsolete shared libraries [Updating the pkgdb <format:bdb_btree> in /var/db/pkg ... - 338 packages found (-0 +2) .. done] guard:root {157} % *起動時エラー [#nf73a677] /etc/rc.conf に、 ###################20100118 再度 ON ##################################### clamav_clamd_enable="YES" clamav_freshclam_enable="YES" amavisd_enable="YES" #################################################################### を再度書き込んで、reboot するが、エラー Jan 18 08:59:23 guard kernel: Starting amavisd. Jan 18 08:59:25 guard kernel: ERROR: MISSING REQUIRED BASIC MODULES: Jan 18 08:59:25 guard kernel: Compress::Zlib Jan 18 08:59:25 guard kernel: Net::Server Jan 18 08:59:25 guard kernel: Net::Server::PreFork Jan 18 08:59:25 guard kernel: BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 237. guard:root {103} % cpan Terminal does not support AddHistory. cpan shell -- CPAN exploration and modules installation (v1.9301) ReadLine support available (maybe install Bundle::CPAN or Bundle::CPANxxl?) cpan[1]> install Compress::Zlib : : : Appending installation info to /usr/local/lib/perl5/5.8.9/mach/perllocal.pod RHANDOM/Net-Server-0.97.tar.gz /usr/bin/make install -- OK Warning (usually harmless): 'YAML' not installed, will not store persistent state cpan[3]> install Net::Server::PreFork Net::Server::PreFork is up to date (undef). cpan[4]> exit Terminal does not support GetHistory. Lockfile removed. guard:root {104} %reboot Jan 18 09:20:08 guard kernel: Starting amavisd. Jan 18 09:20:10 guard kernel: fetch_modules: error loading optional module MIME/Decoder/BinHex.pm: Jan 18 09:20:10 guard kernel: Can't locate Convert/BinHex.pm in @INC (@INC contains: /usr/local/lib/perl5/5.8.9/BSDPAN /usr/local/lib/perl5/site_perl/5.8.9/mach /usr/local/lib/perl5/site_perl/5.8.9 /usr/local/lib/perl5/5.8.9/mach /usr/local/lib/perl5/5.8.9) at /usr/local/lib/perl5/site_perl/5.8.9/MIME/Decoder/BinHex.pm line 43. Jan 18 09:20:10 guard kernel: BEGIN failed--compilation aborted at /usr/local/lib/perl5/site_perl/5.8.9/MIME/Decoder/BinHex.pm line 43. Jan 18 09:20:10 guard kernel: Compilation failed in require at /usr/local/sbin/amavisd line 197. Jan 18 09:20:11 guard kernel: Problem in Amavis::Unpackers code: Can't locate Convert/UUlib.pm in @INC (@INC contains: /usr/local/lib/perl5/5.8.9/BSDPAN /usr/local/lib/perl5/site_perl/5.8.9/mach /usr/local/lib/perl5/site_perl/5.8.9 /usr/local/lib/perl5/5.8.9/mach /usr/local/lib/perl5/5.8.9) at (eval 107) line 33. Jan 18 09:20:11 guard kernel: BEGIN failed--compilation aborted at (eval 107) line 33. Jan 18 09:20:12 guard kernel: Starting clamav_clamd. Jan 18 09:20:17 guard kernel: Starting clamav_freshclam. cpan[2]> install Convert::BinHex guard:root {106} % amavisd start Problem in Amavis::Unpackers code: Can't locate Convert/UUlib.pm in @INC (@INC contains: /usr/local/lib/perl5/5.8.9/BSDPAN /usr/local/lib/perl5/site_perl/5.8.9/mach /usr/local/lib/perl5/site_perl/5.8.9 /usr/local/lib/perl5/5.8.9/mach /usr/local/lib/perl5/5.8.9) at (eval 107) line 33. BEGIN failed--compilation aborted at (eval 107) line 33. cpan[1]> install Convert::UUlib
