精華區beta FreeBSD 關於我們 聯絡資訊
發信人[email protected] (gogo),
看板FreeBSD
標 題Dual MTA(qmail) with virtualdomain anti virus and spam
發信站鳥窩 BBS (Sat May 10 02:46:15 2003)
轉信站Ptt!news.ntu!freebsd.ntu!News.Math.NCTU!birdnest
本文並非 GPL 非營利轉載請保留作者不需另行通知 營利單位使用請email通知本人 所有需要的 package 皆在 ports 裡面 (相依部分不列出) qmail MTA vpopmail manage virtual domains and virtual accounts on a qmail mail server courier-imap pop3 imapd ucspi-tcp UNIX Client-Server Program Interface amavisd-new amavisd-new is a performance-enhanced daemonized version of amavis-perl Mail::SpamAssassin SpamAssassin is a mail filter uvscan VirusScan 示意圖 (trans all mail to amavisd) internet--<=>--- MTA-outside------- 192.168.100.254:25 | jail 環境下做出來的 | | | |--------amavisd-------<=--| | 192.168.100.254:10024 | |-=> (delivery mail to user's mail box) MTA-inside with virtualdomain localhost:10025 /\ / \ pop3 imap install cd /usr/ports/vpopmail;make install ; cd /usr/ports/mail/qmail;make enable-qmail; cd /usr/ports/mail/courier-imap;make WITH_VPOPMAI=yes install 檢查 /etc/mail/mailer.conf 是否更改為 qmail 將會裝好 qmail vpopmail ucspi-tcp config qmail (for MTA-inside) 1 vi /var/qmail/control/rcpthosts 填你要收信的 Domain 2 vi /var/qmail/control/smtproutes 填你ISP所提供的 relay smtp 注意 所填的 domain 前加冒號 ":" 3 vi /var/qmail/control/me 填你自己的 host 4 vi /var/qmail/control/defaultdomain 填你自己的 domain 5 /var/qmail/alias/ 有三個檔案 .qmail-mailer-daemon .qmail-postmaster \ .qmail-root 每日系統會寄出 diary report 到 root 轉到你的 virtualdomain 上的 user 這三個檔內容都是 userid@@your.virtualdomain 6 cp /var/qmail/boot/proc+df /var/qmail/rc 7 vi /var/qmail/relay.smtp 內容 只放一行 127.:allow,RELAYCLIENT="" exec tcprules relay.smtp.cdb tmp < relay.smtp 8 vi /usr/local/etc/rc.d/smtp-inside.sh 內容為 /usr/local/bin/tcpserver -x /var/qmail/tcp.smtp.cdb -u 82 \ -g 81 127.0.0.1 10025 /var/qmail/bin/qmail-smtpd & config vpopmail 1 /usr/local/vpopmail/bin/vadduser [email protected] config courier-imap 不需特別的設定 將 courier-imap-imapd.sh.sample courier-imap-pop3d.sh.sample 改為 courier-imap-imapd.sh courier-imap-pop3d.sh 建立 jail 環境. 給 MTA-outside 使用 假設 jail 的根目錄為 /var/qmail-outside mkdir /var/qmail-outside cd /var/qmail-outside cp -R /var/qmail . mkdir bin cp -R /bin/sh bin mkdir etc cp -R /etc/passwd etc cp -R /etc/group etc cp -R /etc/resolv.conf etc mkdir usr mkdir usr/bin mkdir usr/libexec mkdir usr/local mkdir usr/localbin cp -R /usr/bin/env usr/bin cp -R /usr/lib/libc.* usr/lib cp -R /usr/libexec/ld-elf.so* usr/libexec cp -R /usr/local/bin/tcp* usr/local/bin cd /var/qmail-outside/var/qmail/control rm -rf virtualdomains /var/qmail-outside/var/qmail/control/smtproutes 內容為 :127.0.0.1:10024 (注意含冒號) vi /var/qmail-outside/var/qmail/relay.smtp/var/qmail-outside/var/qmail 修改為 127.:allow,RELAYCLIENT="" 192.168.100.:allow,RELAYCLIENT="" exec tcprules relay.smtp.cdb tmp < relay.smtp vi /var/qmail-outside/var/qmail/rc 修改為 ----- start rc #!/bin/sh # Using splogger to send the log through syslog. # Using procmail to deliver messages to /var/spool/mail/$USER by default. case "$1" in start) exec env - PATH="/var/qmail/bin:$PATH" \ qmail-start '|preline procmail' splogger qmail& exec /usr/local/bin/tcpserver -x /var/qmail/tcp.smtp.cdb -u 82 \ -g 81 0 25 /var/qmail/bin/qmail-smtpd & exit 0 ;; stop) exec killall qmail-send ;; *) echo "Usage: `basename $0` {start|stop}" >&2 exit 64 ;; esac ------- end rc vi /usr/local/etc/rc.d/qmail-outside.sh --start jail /var/qmail-outside your.domain 192.168.100.254 /var/qmail/rc start --end cd /usr/ports/mail/p5-Mail-SpamAssassin;make install cd /usr/ports/security/amavisd-new;make install cd /usr/ports/security/vscan;make install config amavisd vi /usr/local/etc/amavisd.conf $mydomain <== 改為你的 domain 以下兩行 unmark $forward_method = 'smtp:127.0.0.1:10025'; # where to forward checked mail $notify_method = $forward_method; # where to submit notifications 修改 $mailfrom_notify_spamadmin = "spamalert\@$mydomain"; unmark $sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disables) @av_scanners 裡面只留以下那一段, 其餘全部都 mark 掉 ### http://www.nai.com/ ['NAI McAfee AntiVirus (uvscan)', 'uvscan', '--secure -rv --summary --noboot {}', [0], [13], qr/(?x) Found (?: \ the\ (.+)\ (?:virus|trojan) |.spamassassin/ \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | :\ (.+)\ NOT\ a\ virus)/ ], exec /usr/local/sbin/update_dat <=== 更新病毒碼 config Mail::SpamAssassin cd ~vscan mkdir .spamassassin/ cd .spamassassin/ vi user_prefs 內容為 --start required_hits 5 rewrite_subject 1 use_razor1 0 use_razor2 1 ok_languages en zh ok_locales en zh score CASHCASHCASH 3.0 score CLICK_BELOW 1.5 score FORGED_MUA_OUTLOOK 3.6 score HEADER_8BITS 0.9 score INVALID_DATE 1.4 score MIME_LONG_LINE_QP 1.0 score MISSING_MIMEOLE 1.9 score NONEXISTENT_CHARSET 3.5 score NORMAL_HTTP_TO_IP 1.2 score NO_REAL_NAME 1.2 score OPT_IN 1.2 score RCVD_IN_RFCI 0.9 score SUBJ_FULL_OF_8BITS 0.9 # local header FOXMAIL X-Mailer =~ /FoxMail/ describe FOXMAIL Foxmail with X-Mailer score FOXMAIL 3.5 body H8H_COM /http:\/\/x-mail.h8h.com.tw/ describe H8H_COM Spammers from http://x-mail.h8h.com.tw score H8H_COM 3.5 body SPAM_ZH /廣告/ describe SPAM_ZH Contain AD score SPAM_ZH 0.5 --end 此檔案可以參考 Mail::SpamAssassin 的說明自行增減 完工測試 exec /usr/local/etc/rc.d/qmail.sh start exec /usr/local/etc/rc.d/smtp-inside.sh exec /usr/local/etc/rc.d/amavisd.sh start exec /usr/local/etc/rc.d/qmail-outside.sh exec /usr/local/etc/rc.d/courier-imap-imapd.sh start exec /usr/local/etc/rc.d/courier-imap-pop3d.sh start 檢查 /var/log/maillog 注意事項 本例主機ip是以 192.168.100.254 SpamAssassin 的設定 只要使用 MTA-outside 為 mail relay 都有效. user 沒有自訂 filter 與外界溝通 將 對外 ip 的 25 port 導到 192.168.100.254 的 port 25 若有未盡完善的地方請補充 -- ※ Origin: 鳥窩 (BirdNest.twbbs.org) ◆ From: 218-170-34-180.hinet-ip.hinet.net