git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@895 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/09/18 23:35:554 | 8 |
deleted file mode 100644 |
... | ... |
@@ -1,549 +0,0 @@ |
1 |
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> |
|
2 |
- |
|
3 |
-<!--Converted with LaTeX2HTML 2K.1beta (1.48) |
|
4 |
-original version by: Nikos Drakos, CBLU, University of Leeds |
|
5 |
-* revised and updated by: Marcus Hennecke, Ross Moore, Herb Swan |
|
6 |
-* with significant contributions from: |
|
7 |
- Jens Lippmann, Marek Rouchal, Martin Wilck and others --> |
|
8 |
-<HTML> |
|
9 |
-<HEAD> |
|
10 |
-<TITLE>Debian GNU/Linux Mail Server</TITLE> |
|
11 |
-<META NAME="description" CONTENT="Debian GNU/Linux Mail Server"> |
|
12 |
-<META NAME="keywords" CONTENT="Debian_Mail_server"> |
|
13 |
-<META NAME="resource-type" CONTENT="document"> |
|
14 |
-<META NAME="distribution" CONTENT="global"> |
|
15 |
- |
|
16 |
-<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> |
|
17 |
-<META NAME="Generator" CONTENT="LaTeX2HTML v2K.1beta"> |
|
18 |
- |
|
19 |
-</HEAD> |
|
20 |
- |
|
21 |
-<BODY > |
|
22 |
-<P> |
|
23 |
- |
|
24 |
-<P> |
|
25 |
- |
|
26 |
-<P> |
|
27 |
- |
|
28 |
-<P> |
|
29 |
-<H1 ALIGN="CENTER">Debian GNU/Linux Mail Server</H1> |
|
30 |
-<P ALIGN="CENTER"><STRONG>Dennis Leeuw</STRONG></P> |
|
31 |
-<P ALIGN="CENTER"><STRONG>Versie 0.2.0</STRONG></P> |
|
32 |
- |
|
33 |
-<P> |
|
34 |
- |
|
35 |
-<H1><A NAME="SECTION00100000000000000000"> |
|
36 |
-1. Mail User Agent</A> |
|
37 |
-</H1> |
|
38 |
- |
|
39 |
-<P> |
|
40 |
-The MUA is the program that a user uses to read his or her mail. Some |
|
41 |
-examples: pine, mutt or Netscape (on Windows Outlook). The MUA can |
|
42 |
-use several protocols to fetch the mail. The most used services are |
|
43 |
-POP3, IMAP, but SMTP is also possible. |
|
44 |
- |
|
45 |
-<P> |
|
46 |
- |
|
47 |
-<H1><A NAME="SECTION00110000000000000000"> |
|
48 |
-1.1 popping mail:</A> |
|
49 |
-</H1> |
|
50 |
- |
|
51 |
-<P> |
|
52 |
-All incoming mail for a user is stored in one file in /var/spool/mail/<username>. |
|
53 |
-You could read your mail with more or less, but that is not very comfortable. |
|
54 |
-The most secure way of using pop3 is by using pop3 over SSL. This |
|
55 |
-way you get a SSH like pop3 system. |
|
56 |
- |
|
57 |
-<P> |
|
58 |
- |
|
59 |
-<H3><A NAME="SECTION00110100000000000000"> |
|
60 |
-1.1.0.1 Installation</A> |
|
61 |
-</H3> |
|
62 |
- |
|
63 |
-<P> |
|
64 |
- |
|
65 |
-<DL COMPACT> |
|
66 |
-<DT> |
|
67 |
-<DD>apt-get install courier-pop-ssl |
|
68 |
-</DD> |
|
69 |
-</DL> |
|
70 |
-<P> |
|
71 |
- |
|
72 |
-<H3><A NAME="SECTION00110200000000000000"> |
|
73 |
-1.1.0.2 Configuration</A> |
|
74 |
-</H3> |
|
75 |
- |
|
76 |
-<P> |
|
77 |
-The configuration can be found in /etc/courier/. |
|
78 |
- |
|
79 |
-<P> |
|
80 |
-[META] needs more docu about interfaces to run on and protocols/ports |
|
81 |
-to use. |
|
82 |
- |
|
83 |
-<P> |
|
84 |
- |
|
85 |
-<H1><A NAME="SECTION00200000000000000000"> |
|
86 |
-2. Mail Transfer Agent</A> |
|
87 |
-</H1> |
|
88 |
- |
|
89 |
-<P> |
|
90 |
-The MTA is a program that sends mail from one server to another. This |
|
91 |
-is done through the SMTP protocol. On Debian the default MTA is Exim, |
|
92 |
-however there are several GNU/Linux servers that contain this functionality |
|
93 |
-like: sendmail, postfix and qmail. |
|
94 |
- |
|
95 |
-<P> |
|
96 |
-I like postfix so let's start with that one. |
|
97 |
- |
|
98 |
-<P> |
|
99 |
- |
|
100 |
-<H1><A NAME="SECTION00210000000000000000"> |
|
101 |
-2.1 postfix</A> |
|
102 |
-</H1> |
|
103 |
- |
|
104 |
-<P> |
|
105 |
- |
|
106 |
-<H2><A NAME="SECTION00211000000000000000"> |
|
107 |
-2.1.1 Installation</A> |
|
108 |
-</H2> |
|
109 |
- |
|
110 |
-<P> |
|
111 |
- |
|
112 |
-<DL COMPACT> |
|
113 |
-<DT> |
|
114 |
-<DD>apt-get install postfix |
|
115 |
-</DD> |
|
116 |
-</DL>Choose no configuration when asked for configuration. |
|
117 |
- |
|
118 |
-<P> |
|
119 |
- |
|
120 |
-<H2><A NAME="SECTION00212000000000000000"> |
|
121 |
-2.1.2 configuration</A> |
|
122 |
-</H2> |
|
123 |
- |
|
124 |
-<P> |
|
125 |
-The postfix configuration files can be found in /etc/postfix/. |
|
126 |
- |
|
127 |
-<P> |
|
128 |
-The most important file is main.cf. Elements in this file that need |
|
129 |
-special attention: |
|
130 |
- |
|
131 |
-<P> |
|
132 |
- |
|
133 |
-<DL COMPACT> |
|
134 |
-<DT> |
|
135 |
-<DD>myhostname = mail.domain.com |
|
136 |
- |
|
137 |
-<P> |
|
138 |
-mydestination = $myhostname, localhost.$mydomain, $mydomain |
|
139 |
- |
|
140 |
-<P> |
|
141 |
-mynetworks = 192.168.1.0/24, 127.0.0.0/8 |
|
142 |
- |
|
143 |
-<P> |
|
144 |
-relay_domains = $mydomain |
|
145 |
-<P> |
|
146 |
-home_mailbox = Maildir/ |
|
147 |
-</DD> |
|
148 |
-</DL> |
|
149 |
-<P> |
|
150 |
- |
|
151 |
-<H2><A NAME="SECTION00213000000000000000"> |
|
152 |
-2.1.3 Test</A> |
|
153 |
-</H2> |
|
154 |
- |
|
155 |
-<P> |
|
156 |
-Test the configuration with telnet: |
|
157 |
- |
|
158 |
-<P> |
|
159 |
- |
|
160 |
-<DL COMPACT> |
|
161 |
-<DT> |
|
162 |
-<DD>telnet localhost 25 # from the local machine |
|
163 |
- |
|
164 |
-<P> |
|
165 |
-telnet smtp.domein.nl 25 # from a Internet machine |
|
166 |
- |
|
167 |
-<P> |
|
168 |
-telnet 192.168.1.1 25 # from an internal machine |
|
169 |
-</DD> |
|
170 |
-</DL>Use the following procedure: |
|
171 |
- |
|
172 |
-<P> |
|
173 |
- |
|
174 |
-<DL COMPACT> |
|
175 |
-<DT> |
|
176 |
-<DD>helo domein.org |
|
177 |
- |
|
178 |
-<P> |
|
179 |
-mail from: user@domein.org |
|
180 |
- |
|
181 |
-<P> |
|
182 |
-rcpt to: user@domein.nl |
|
183 |
- |
|
184 |
-<P> |
|
185 |
-data |
|
186 |
- |
|
187 |
-<P> |
|
188 |
-. |
|
189 |
- |
|
190 |
-<P> |
|
191 |
-quit |
|
192 |
-</DD> |
|
193 |
-</DL> |
|
194 |
-<P> |
|
195 |
- |
|
196 |
-<H1><A NAME="SECTION00300000000000000000"> |
|
197 |
-3. Mail Delivery Agent</A> |
|
198 |
-</H1> |
|
199 |
- |
|
200 |
-<P> |
|
201 |
-The MDA is a program that incoming mail from the MTA accepts and it |
|
202 |
-stores in the users mailbox, Local Delivery. The program is on almost |
|
203 |
-any GNU/Linux systeem procmail. We use the functionality within postfix. |
|
204 |
- |
|
205 |
-<P> |
|
206 |
- |
|
207 |
-<H1><A NAME="SECTION00320000000000000000"> |
|
208 |
-3.2 Fetchmail</A> |
|
209 |
-</H1> |
|
210 |
- |
|
211 |
-<P> |
|
212 |
-It might be that you have some pop3 mail accounts on other servers |
|
213 |
-or providers. To get that mail on your local system you could use |
|
214 |
-fetchmail. |
|
215 |
- |
|
216 |
-<P> |
|
217 |
- |
|
218 |
-<H2><A NAME="SECTION00321000000000000000"> |
|
219 |
-3.2.1 Installation</A> |
|
220 |
-</H2> |
|
221 |
- |
|
222 |
-<P> |
|
223 |
- |
|
224 |
-<DL COMPACT> |
|
225 |
-<DT> |
|
226 |
-<DD>apt-get install fetchmail |
|
227 |
-</DD> |
|
228 |
-</DL> |
|
229 |
-<P> |
|
230 |
- |
|
231 |
-<H2><A NAME="SECTION00322000000000000000"> |
|
232 |
-3.2.2 Configuration</A> |
|
233 |
-</H2> |
|
234 |
- |
|
235 |
-<P> |
|
236 |
-A sample configuration file: |
|
237 |
- |
|
238 |
-<P> |
|
239 |
- |
|
240 |
-<DL COMPACT> |
|
241 |
-<DT> |
|
242 |
-<DD>poll pop.provider.net proto pop3 |
|
243 |
- |
|
244 |
-<P> |
|
245 |
- user "jsmith", with password secret1, is "johans" here; |
|
246 |
-</DD> |
|
247 |
-</DL> |
|
248 |
-<P> |
|
249 |
- |
|
250 |
-<H1><A NAME="SECTION00400000000000000000"> |
|
251 |
-4. Virus checking</A> |
|
252 |
-</H1> |
|
253 |
- |
|
254 |
-<P> |
|
255 |
- |
|
256 |
-<H1><A NAME="SECTION00410000000000000000"> |
|
257 |
-4.1 Clam Antivirus</A> |
|
258 |
-</H1> |
|
259 |
- |
|
260 |
-<P> |
|
261 |
- |
|
262 |
-<H2><A NAME="SECTION00411000000000000000"> |
|
263 |
-4.1.1 Installation</A> |
|
264 |
-</H2> |
|
265 |
- |
|
266 |
-<P> |
|
267 |
-Get the source from http://www.konarski.edu.pl/~zolw. |
|
268 |
-Read the documentation, which is very good, or do: |
|
269 |
- |
|
270 |
-<P> |
|
271 |
- |
|
272 |
-<DL COMPACT> |
|
273 |
-<DT> |
|
274 |
-<DD>groupadd clamav |
|
275 |
- |
|
276 |
-<P> |
|
277 |
-useradd -g clamav -s /bin/false -c ``Clam Antivirus'' clamav |
|
278 |
-</DD> |
|
279 |
-</DL>To build the software do: |
|
280 |
- |
|
281 |
-<P> |
|
282 |
- |
|
283 |
-<DL COMPACT> |
|
284 |
-<DT> |
|
285 |
-<DD>./configure -prefix=/usr/local |
|
286 |
- |
|
287 |
-<P> |
|
288 |
-make |
|
289 |
- |
|
290 |
-<P> |
|
291 |
-make install |
|
292 |
-</DD> |
|
293 |
-</DL> |
|
294 |
-<P> |
|
295 |
- |
|
296 |
-<H2><A NAME="SECTION00412000000000000000"> |
|
297 |
-4.1.2 Help Out!</h2> |
|
298 |
-<p>The biggest challenge for an open source virus scanner is the virus signature database. The Clamav writer has written een great tool called sigtool. It is able to create a signature from a virus file with the help of another anti-virus program that detects the virus.</p> |
|
299 |
- |
|
300 |
-<p>If you find a virus that is not detected by clamscan, but is detected by another virus scanner, do the following:<br> |
|
301 |
-<tt> |
|
302 |
-sigtool -s <string of virus-scanner that finds the virus, when it detects it> -f <file that contains the virus> -c <how the virus-scanner should be executed></tt> |
|
303 |
- |
|
304 |
-<P>This creates a signature file. Which should be added to the clamav database. And the next time a virus passes by it will be detected by clamscan.</p> |
|
305 |
- |
|
306 |
- |
|
307 |
- |
|
308 |
-<P> |
|
309 |
- |
|
310 |
-<H1><A NAME="SECTION00420000000000000000"> |
|
311 |
-4.2 AMAVIS</A> |
|
312 |
-</H1> |
|
313 |
- |
|
314 |
-<P> |
|
315 |
- |
|
316 |
-<H2><A NAME="SECTION00421000000000000000"> |
|
317 |
-4.2.1 Installation</A> |
|
318 |
-</H2> |
|
319 |
- |
|
320 |
-<P> |
|
321 |
- |
|
322 |
-<DL COMPACT> |
|
323 |
-<DT> |
|
324 |
-<DD>groupadd vscan |
|
325 |
- |
|
326 |
-<P> |
|
327 |
-useradd -g vscan -s /bin/false -c ``Amavis'' vscan |
|
328 |
-</DD> |
|
329 |
-</DL>Compile this from source http://www.amavis.org/. Use amavis-perl-11.tar.gz |
|
330 |
- |
|
331 |
-<P> |
|
332 |
-Before you can use AMAVIS you first need a couple of perl modules: |
|
333 |
- |
|
334 |
-<P> |
|
335 |
- |
|
336 |
-<DL COMPACT> |
|
337 |
-<DT> |
|
338 |
-<DD>apt-get install libmime-perl libunix-syslog-perl \ |
|
339 |
- |
|
340 |
-<P> |
|
341 |
-libemail-valid-perl libconvert-uulib-perl \ |
|
342 |
- |
|
343 |
-<P> |
|
344 |
-libconvert-tnef-perl libarchive-tar-perl \ |
|
345 |
- |
|
346 |
-<P> |
|
347 |
-libarchive-zip-perl libcompress-zlib-perl |
|
348 |
-</DD> |
|
349 |
-</DL>And some tools: |
|
350 |
- |
|
351 |
-<P> |
|
352 |
- |
|
353 |
-<DL COMPACT> |
|
354 |
-<DT> |
|
355 |
-<DD>apt-get install file bzip2 lha unarj unrar unzoo |
|
356 |
-</DD> |
|
357 |
-</DL> |
|
358 |
-<P> |
|
359 |
- |
|
360 |
-<H3><A NAME="SECTION00421100000000000000"> |
|
361 |
-4.2.1.1 Arc521</A> |
|
362 |
-</H3> |
|
363 |
- |
|
364 |
-<P> |
|
365 |
-Then there is arc, which is not GNU/Linux ready yet. So download the |
|
366 |
-source and do the following: |
|
367 |
- |
|
368 |
-<P> |
|
369 |
- |
|
370 |
-<DL COMPACT> |
|
371 |
-<DT> |
|
372 |
-<DD>mkdir temp |
|
373 |
- |
|
374 |
-<P> |
|
375 |
-cd temp |
|
376 |
- |
|
377 |
-<P> |
|
378 |
-tar zxvf ../arc521.tar.Z |
|
379 |
-</DD> |
|
380 |
-</DL>Edit arcdos.c and comment the struct timeval (don't do this on RH6.2 machines): |
|
381 |
- |
|
382 |
-<P> |
|
383 |
- |
|
384 |
-<DL COMPACT> |
|
385 |
-<DT> |
|
386 |
-<DD>/*struct timeval { /* man page said <sys/types.h>, but it */ |
|
387 |
- |
|
388 |
-<P> |
|
389 |
-/* long tv_sec; /* really seems to be in <sys/time.h>, */ |
|
390 |
- |
|
391 |
-<P> |
|
392 |
-/* long tv_usec; /* but why bother... */ |
|
393 |
- |
|
394 |
-<P> |
|
395 |
-/*};*/ |
|
396 |
-</DD> |
|
397 |
-</DL>Edit tmclock.c to look like this: |
|
398 |
- |
|
399 |
-<P> |
|
400 |
- |
|
401 |
-<DL COMPACT> |
|
402 |
-<DT> |
|
403 |
-<DD>#if BSD |
|
404 |
- |
|
405 |
-<P> |
|
406 |
-#include <sys/time.h> |
|
407 |
- |
|
408 |
-<P> |
|
409 |
-#include <time.h> |
|
410 |
- |
|
411 |
-<P> |
|
412 |
-int daylight; |
|
413 |
- |
|
414 |
-<P> |
|
415 |
-#else |
|
416 |
- |
|
417 |
-<P> |
|
418 |
-#include <time.h> |
|
419 |
- |
|
420 |
-<P> |
|
421 |
-#endif |
|
422 |
-</DD> |
|
423 |
-</DL>I have send these changes to the maintainer of arc, so the next release |
|
424 |
-might show better GNU/Linux support. |
|
425 |
- |
|
426 |
-<P> |
|
427 |
- |
|
428 |
-<DL COMPACT> |
|
429 |
-<DT> |
|
430 |
-<DD>make |
|
431 |
- |
|
432 |
-<P> |
|
433 |
-cp arc /usr/local/bin |
|
434 |
-<p> |
|
435 |
-cp arc.1 /usr/local/man/man1/ |
|
436 |
-</DD> |
|
437 |
-</DL> |
|
438 |
-<P> |
|
439 |
- |
|
440 |
-<H3><A NAME="SECTION00421200000000000000"> |
|
441 |
-4.2.1.2 Compile AMAVIS</A> |
|
442 |
-</H3> |
|
443 |
- |
|
444 |
-<P> |
|
445 |
-Compile AMAVIS: |
|
446 |
- |
|
447 |
-<P> |
|
448 |
- |
|
449 |
-<DL COMPACT> |
|
450 |
-<DT> |
|
451 |
-<DD>patch -p1 < ../clamav-<I><version></I>/support/amavis/clamavis.patch |
|
452 |
- |
|
453 |
-<P> |
|
454 |
-find . -exec touch 01010000 {} \; |
|
455 |
- |
|
456 |
-<P> |
|
457 |
-./configure --enable-smtp --with-smtp-port=10025 --enable-postfix |
|
458 |
- |
|
459 |
-<P> |
|
460 |
-make |
|
461 |
- |
|
462 |
-<P> |
|
463 |
-make install |
|
464 |
-</DD> |
|
465 |
-</DL> |
|
466 |
-<P> |
|
467 |
- |
|
468 |
-<H2><A NAME="SECTION00422000000000000000"> |
|
469 |
-4.2.2 AMAVIS and Postfix</A> |
|
470 |
-</H2> |
|
471 |
- |
|
472 |
-<P> |
|
473 |
-Add to /etc/postfix/main.cf: |
|
474 |
- |
|
475 |
-<P> |
|
476 |
- |
|
477 |
-<DL COMPACT> |
|
478 |
-<DT> |
|
479 |
-<DD>content_filter = vscan: |
|
480 |
-</DD> |
|
481 |
-</DL>Adjust /etc/postfix/master.cf: |
|
482 |
- |
|
483 |
-<P> |
|
484 |
- |
|
485 |
-<DL COMPACT> |
|
486 |
-<DT> |
|
487 |
-<DD>vscan unix - n n - 10 pipe user=vscan |
|
488 |
- |
|
489 |
-<DL COMPACT> |
|
490 |
-<DT> |
|
491 |
-<DD>argv=/usr/sbin/amavis ${sender} ${recipient} |
|
492 |
-</DD> |
|
493 |
-</DL>localhost:10025 inet n - n - - smtpd -o content_filter= |
|
494 |
-</DD> |
|
495 |
-</DL> |
|
496 |
-<P> |
|
497 |
- |
|
498 |
-<H2><A NAME="SECTION00423000000000000000"> |
|
499 |
-4.2.3 Test</A> |
|
500 |
-</H2> |
|
501 |
- |
|
502 |
-<P> |
|
503 |
-Send an e-mail with the Eicar string to test the anti-virus functionality. |
|
504 |
- |
|
505 |
-<P> |
|
506 |
- |
|
507 |
-<DL COMPACT> |
|
508 |
-<DT> |
|
509 |
-<DD>X5O!P%@AP[4\PZX54(P)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* |
|
510 |
- |
|
511 |
-<P> |
|
512 |
-</DD> |
|
513 |
-</DL> |
|
514 |
-<P> |
|
515 |
- |
|
516 |
-<H1><A NAME="SECTION00500000000000000000"> |
|
517 |
-About this document ...</A> |
|
518 |
-</H1> |
|
519 |
- <STRONG>Debian GNU/Linux Mail Server</STRONG><P> |
|
520 |
-This document was generated using the |
|
521 |
-<A HREF="http://www-texdev.mpce.mq.edu.au/l2h/docs/manual/"><STRONG>LaTeX</STRONG>2<tt>HTML</tt></A> translator Version 2K.1beta (1.48) |
|
522 |
-<P> |
|
523 |
-Copyright © 1993, 1994, 1995, 1996, |
|
524 |
-<A HREF="http://cbl.leeds.ac.uk/nikos/personal.html">Nikos Drakos</A>, |
|
525 |
-Computer Based Learning Unit, University of Leeds. |
|
526 |
-<BR> |
|
527 |
-Copyright © 1997, 1998, 1999, |
|
528 |
-<A HREF="http://www.maths.mq.edu.au/~ross/">Ross Moore</A>, |
|
529 |
-Mathematics Department, Macquarie University, Sydney. |
|
530 |
-<P> |
|
531 |
-The command line arguments were: <BR> |
|
532 |
- <STRONG>latex2html</STRONG> <TT>-no_subdir -split 0 -show_section_numbers /tmp/lyx_tmpdir30758nJeXv/lyx_tmpbuf3075QAkyC5/Debian_Mail_server.tex</TT> |
|
533 |
-<P> |
|
534 |
-The translation was initiated by Dennis Leeuw on 2002-05-28<HR> |
|
535 |
-<!--Navigation Panel--> |
|
536 |
-<IMG WIDTH="81" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next_inactive" |
|
537 |
- SRC="/usr/share/latex2html/icons/nx_grp_g.png"> |
|
538 |
-<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" |
|
539 |
- SRC="/usr/share/latex2html/icons/up_g.png"> |
|
540 |
-<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" |
|
541 |
- SRC="/usr/share/latex2html/icons/prev_g.png"> |
|
542 |
-<BR> |
|
543 |
-<!--End of Navigation Panel--> |
|
544 |
-<ADDRESS> |
|
545 |
-Dennis Leeuw |
|
546 |
-2002-05-28 |
|
547 |
-</ADDRESS> |
|
548 |
-</BODY> |
|
549 |
-</HTML> |
550 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,757 +0,0 @@ |
1 |
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
|
2 |
-<html> |
|
3 |
- <head> |
|
4 |
- <meta name="generator" content="HTML Tidy, see www.w3.org"> |
|
5 |
- <title>System-wide virus and spam scanning</title> |
|
6 |
- <meta name="GENERATOR" content= |
|
7 |
- "Modular DocBook HTML Stylesheet Version 1.73 "> |
|
8 |
- <link rel="STYLESHEET" type="text/css" href="docbook-jade.css"> |
|
9 |
- </head> |
|
10 |
- |
|
11 |
- <body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link="#0000FF" |
|
12 |
- vlink="#840084" alink="#0000FF"> |
|
13 |
- <div class="ARTICLE"> |
|
14 |
- <div class="TITLEPAGE"> |
|
15 |
- <h1 class="TITLE"><a name="AEN2">System-wide virus and spam |
|
16 |
- scanning</a></h1> |
|
17 |
- |
|
18 |
- <h2 class="SUBTITLE">Installing <span class= |
|
19 |
- "APPLICATION">qmail-scanner</span>, <span class="APPLICATION">Clam |
|
20 |
- Antivirus</span> and <span class="APPLICATION">SpamAssassin</span> |
|
21 |
- under <span class="SYSTEMITEM">FreeBSD</span></h2> |
|
22 |
- |
|
23 |
- <div class="AUTHORGROUP"> |
|
24 |
- <a name="AEN9"></a> |
|
25 |
- |
|
26 |
- <h3 class="AUTHOR"><a name="AEN10">Paul Hoadley</a></h3> |
|
27 |
- |
|
28 |
- <h3 class="AUTHOR"><a name="AEN13">Eric Parsonage</a></h3> |
|
29 |
- </div> |
|
30 |
- |
|
31 |
- <p class="COPYRIGHT">Copyright © 2002 by Paul Hoadley and |
|
32 |
- Eric Parsonage</p> |
|
33 |
- |
|
34 |
- <p class="PUBDATE">$Date: 2003/08/29 14:27:14 $<br> |
|
35 |
- </p> |
|
36 |
- |
|
37 |
- <div> |
|
38 |
- <div class="ABSTRACT"> |
|
39 |
- <a name="AEN21"></a> |
|
40 |
- |
|
41 |
- <p>This document describes how to effect system-wide virus and |
|
42 |
- spam scanning of incoming email. The approach is based on the |
|
43 |
- <a href="http://www.qmail.org" target="_top"><span class= |
|
44 |
- "APPLICATION">qmail</span></a> mail transport agent, and is |
|
45 |
- not applicable to sites running <a href= |
|
46 |
- "http://www.sendmail.org" target="_top"><span class= |
|
47 |
- "APPLICATION">sendmail</span></a>. This document describes how |
|
48 |
- to install <a href="http://qmail-scanner.sourceforge.net" |
|
49 |
- target="_top"><span class= |
|
50 |
- "APPLICATION">qmail-scanner</span></a>, an enhancement for |
|
51 |
- <span class="APPLICATION">qmail</span> that allows incoming |
|
52 |
- mail to be passed through third-party filters prior to normal |
|
53 |
- local delivery. The two filters described in this document are |
|
54 |
- <a href="http://clamav.elektrapro.com/" target="_top"><span |
|
55 |
- class="APPLICATION">Clam AntiVirus</span></a>, an open source |
|
56 |
- virus scanning package, and <a href= |
|
57 |
- "http://spamassassin.taint.org" target="_top"><span class= |
|
58 |
- "APPLICATION">SpamAssassin</span></a>, an open source spam |
|
59 |
- detector.</p> |
|
60 |
- </div> |
|
61 |
- </div> |
|
62 |
- <hr> |
|
63 |
- </div> |
|
64 |
- |
|
65 |
- <div class="TOC"> |
|
66 |
- <dl> |
|
67 |
- <dt><b>Table of Contents</b></dt> |
|
68 |
- |
|
69 |
- <dt>1. <a href="#AEN34">Pre-requisites</a></dt> |
|
70 |
- |
|
71 |
- <dt>2. <a href="#AEN65">Installing <span class= |
|
72 |
- "APPLICATION">Clam AntiVirus</span></a></dt> |
|
73 |
- |
|
74 |
- <dt>3. <a href="#AEN120">Installing <span class= |
|
75 |
- "APPLICATION">SpamAssassin</span></a></dt> |
|
76 |
- |
|
77 |
- <dt>4. <a href="#AEN214">Installing <span class= |
|
78 |
- "APPLICATION">qmail-scanner</span></a></dt> |
|
79 |
- |
|
80 |
- <dt>A. <a href="#PERL">Fetching and installing Perl modules from |
|
81 |
- CPAN</a></dt> |
|
82 |
- |
|
83 |
- <dt>B. <a href="#AEN292">Contacting the authors</a></dt> |
|
84 |
- </dl> |
|
85 |
- </div> |
|
86 |
- |
|
87 |
- <div class="SECT1"> |
|
88 |
- <hr> |
|
89 |
- |
|
90 |
- <h1 class="SECT1"><a name="AEN34">1. Pre-requisites</a></h1> |
|
91 |
- |
|
92 |
- <p>The following instructions are intended to be comprehensive, |
|
93 |
- but there are at least these pre-requisites:</p> |
|
94 |
- |
|
95 |
- <ul> |
|
96 |
- <li> |
|
97 |
- <p>The system should be running <span class= |
|
98 |
- "APPLICATION">qmail</span> as its mail transport agent. <span |
|
99 |
- class="emphasis"><i class="EMPHASIS">The following |
|
100 |
- instructions are targetted specifically at a <span class= |
|
101 |
- "APPLICATION">qmail</span> installation and will not work with |
|
102 |
- <span class="APPLICATION">sendmail</span></i></span>. |
|
103 |
- Instructions for installing <span class= |
|
104 |
- "APPLICATION">qmail</span> as a replacement for <span class= |
|
105 |
- "APPLICATION">sendmail</span> can be found in the document <a |
|
106 |
- href="qmail-how-to.html" target="_top">Installing <span class= |
|
107 |
- "APPLICATION">qmail</span> under FreeBSD</a>.</p> |
|
108 |
- </li> |
|
109 |
- |
|
110 |
- <li> |
|
111 |
- <p><span class="APPLICATION">qmail</span> must be compiled |
|
112 |
- with the <tt class="OPTION">WITH_QMAILQUEUE_PATCH</tt> option |
|
113 |
- by specifying <span class="emphasis"><i class="EMPHASIS">at |
|
114 |
- least</i></span>:</p> |
|
115 |
-<pre class="SCREEN"> |
|
116 |
-# make WITH_QMAILQUEUE_PATCH=yes |
|
117 |
-</pre> |
|
118 |
- |
|
119 |
- <p>at the build stage. If <span class= |
|
120 |
- "APPLICATION">qmail</span> was built using the instructions in |
|
121 |
- the <a href="qmail-how-to.html" target="_top">Installing <span |
|
122 |
- class="APPLICATION">qmail</span> under FreeBSD</a> document, |
|
123 |
- this patch will have been applied.</p> |
|
124 |
- </li> |
|
125 |
- </ul> |
|
126 |
- |
|
127 |
- <p>It is necessary to install <span class="APPLICATION">Clam |
|
128 |
- AntiVirus</span> and <span class="APPLICATION">SpamAssassin</span> |
|
129 |
- <span class="emphasis"><i class="EMPHASIS">prior</i></span> to |
|
130 |
- installing <span class="APPLICATION">qmail-scanner</span>, as the |
|
131 |
- latter tries to automatically detect available third-party |
|
132 |
- scanners at installation time. There are no dependencies between |
|
133 |
- <span class="APPLICATION">Clam AntiVirus</span> and <span class= |
|
134 |
- "APPLICATION">SpamAssassin</span> in the following approach |
|
135 |
- — installation of either can be omitted if that |
|
136 |
- functionality is not required.</p> |
|
137 |
- </div> |
|
138 |
- |
|
139 |
- <div class="SECT1"> |
|
140 |
- <hr> |
|
141 |
- |
|
142 |
- <h1 class="SECT1"><a name="AEN65">2. Installing <span class= |
|
143 |
- "APPLICATION">Clam AntiVirus</span></a></h1> |
|
144 |
- |
|
145 |
- <div class="SECT2"> |
|
146 |
- <h2 class="SECT2"><a name="AEN68">2.1. Building and installing |
|
147 |
- from source</a></h2> |
|
148 |
- |
|
149 |
- <p>There is no <span class="SYSTEMITEM">FreeBSD</span> Port for |
|
150 |
- <span class="APPLICATION">Clam AntiVirus</span>, so it needs to |
|
151 |
- be built by hand from the source. Firstly, obtain and unpack the |
|
152 |
- source:</p> |
|
153 |
-<pre class="SCREEN"> |
|
154 |
-# cd /usr/local |
|
155 |
-# mkdir clamav |
|
156 |
-# cd clamav |
|
157 |
-# fetch http://clamav.elektrapro.com/stable/clamav-0.51.tar.gz |
|
158 |
-# gunzip clamav-0.51.tar.gz |
|
159 |
-# tar -xvf clamav-0.51.tar.gz |
|
160 |
-</pre> |
|
161 |
- |
|
162 |
- <p>Create new user and group names for <span class= |
|
163 |
- "APPLICATION">Clam AntiVirus</span>:</p> |
|
164 |
-<pre class="SCREEN"> |
|
165 |
-# pw groupadd clamav |
|
166 |
-# pw useradd clamav -g clamav -d /nonexistent -c "Clam Antivirus" \ |
|
167 |
- -s /sbin/nologin |
|
168 |
-</pre> |
|
169 |
- |
|
170 |
- <p>Now configure and install <span class="APPLICATION">Clam |
|
171 |
- AntiVirus</span>:</p> |
|
172 |
-<pre class="SCREEN"> |
|
173 |
-# cd clamav-0.51 |
|
174 |
-# ./configure |
|
175 |
-# make install |
|
176 |
-</pre> |
|
177 |
- </div> |
|
178 |
- |
|
179 |
- <div class="SECT2"> |
|
180 |
- <hr> |
|
181 |
- |
|
182 |
- <h2 class="SECT2"><a name="AEN80">2.2. Testing the |
|
183 |
- installation</a></h2> |
|
184 |
- |
|
185 |
- <p>You should now read the documentation for <b class= |
|
186 |
- "COMMAND">clamscan</b> (<b class="COMMAND">man clamscan</b>, or |
|
187 |
- read the <a href="http://clamav.elektrapro.com/doc/html" target= |
|
188 |
- "_top">online documentation</a>). You can test the scanner by |
|
189 |
- running:</p> |
|
190 |
-<pre class="SCREEN"> |
|
191 |
-# clamscan --recursive --log=/tmp/clamscan.log /usr/home |
|
192 |
-</pre> |
|
193 |
- |
|
194 |
- <p>Obviously this can be run on the base directory of your |
|
195 |
- choice, and the log file location is also arbitrary. Next, use |
|
196 |
- the <b class="COMMAND">freshclam</b> command to update your |
|
197 |
- databases:</p> |
|
198 |
-<pre class="SCREEN"> |
|
199 |
-# freshclam --verbose |
|
200 |
-</pre> |
|
201 |
- </div> |
|
202 |
- |
|
203 |
- <div class="SECT2"> |
|
204 |
- <hr> |
|
205 |
- |
|
206 |
- <h2 class="SECT2"><a name="AEN90">2.3. Running <b class= |
|
207 |
- "COMMAND">freshclam</b> as a daemon</a></h2> |
|
208 |
- |
|
209 |
- <p>The <b class="COMMAND">freshclam</b> database updater can be |
|
210 |
- run as a daemon. Firstly, create a log file for <b class= |
|
211 |
- "COMMAND">freshclam</b>:</p> |
|
212 |
-<pre class="SCREEN"> |
|
213 |
-# touch /var/log/freshclam.log |
|
214 |
-# chmod 644 /var/log/freshclam.log |
|
215 |
-# chown clamav:clamav /var/log/freshclam.log |
|
216 |
-</pre> |
|
217 |
- |
|
218 |
- <p>Create following script as <tt class= |
|
219 |
- "FILENAME">/usr/local/etc/rc.d/clamav.sh</tt> to start up <b |
|
220 |
- class="COMMAND">freshclam</b> as a daemon at boot time, and |
|
221 |
- cause it to die gracefully at shutdown:</p> |
|
222 |
-<pre class="PROGRAMLISTING"> |
|
223 |
-#!/bin/sh |
|
224 |
-# |
|
225 |
-# Startup / shutdown script for Clam Antivirus |
|
226 |
- |
|
227 |
-case "$1" in |
|
228 |
- start) |
|
229 |
- /usr/local/bin/freshclam -d -c 2 -l /var/log/freshclam.log |
|
230 |
- echo -n ' freshclam' |
|
231 |
- ;; |
|
232 |
- |
|
233 |
- stop) |
|
234 |
- /usr/bin/killall freshclam > /dev/null 2>&1 \ |
|
235 |
- && echo -n ' freshclam' |
|
236 |
- ;; |
|
237 |
- |
|
238 |
- *) |
|
239 |
- echo "" |
|
240 |
- echo "Usage: `basename $0` { start | stop }" |
|
241 |
- echo "" |
|
242 |
- exit 64 |
|
243 |
- ;; |
|
244 |
-esac |
|
245 |
-</pre> |
|
246 |
- |
|
247 |
- <p>Ensure that the script is executable:</p> |
|
248 |
-<pre class="SCREEN"> |
|
249 |
-# chmod 744 /usr/local/etc/rc.d/clamav.sh |
|
250 |
-</pre> |
|
251 |
- </div> |
|
252 |
- |
|
253 |
- <div class="SECT2"> |
|
254 |
- <hr> |
|
255 |
- |
|
256 |
- <h2 class="SECT2"><a name="AEN103">2.4. Running <b class= |
|
257 |
- "COMMAND">clamscan</b> on a regular basis</a></h2> |
|
258 |
- |
|
259 |
- <p>If you have a filesystem directory tree that you think would |
|
260 |
- benefit from regular virus scanning (anything accessible from |
|
261 |
- any <span class="SYSTEMITEM">Microsoft Windows</span> machines |
|
262 |
- on your LAN would probably be candidates), you can set up a <b |
|
263 |
- class="COMMAND">cron</b> job to run <b class= |
|
264 |
- "COMMAND">clamscan</b> on a regular basis. Read the <span class= |
|
265 |
- "APPLICATION">Clam AntiVirus</span> documentation and decide |
|
266 |
- which options to <b class="COMMAND">clamscan</b> are appropriate |
|
267 |
- for your site. For example, you may not wish to specify the <tt |
|
268 |
- class="OPTION">--remove</tt> option, and you may wish to <tt |
|
269 |
- class="OPTION">--exclude</tt> any number of files or directories |
|
270 |
- from scanning. As an example, the following entry appended to |
|
271 |
- <tt class="FILENAME">/etc/crontab</tt> will scan <tt class= |
|
272 |
- "FILENAME">/usr</tt> daily at 6.00am:</p> |
|
273 |
-<pre class="PROGRAMLISTING"> |
|
274 |
-0 6 * * * root /usr/local/bin/clamscan --recursive |
|
275 |
- --infected |
|
276 |
- --exclude /usr/local/share/clamav/viruses.db |
|
277 |
- --exclude /usr/local/share/clamav/viruses.db2 |
|
278 |
- --log=/var/log/clamscan.log |
|
279 |
- /usr/home |
|
280 |
-</pre> |
|
281 |
- |
|
282 |
- <div class="NOTE"> |
|
283 |
- <table class="NOTE" width="100%" border="0"> |
|
284 |
- <tr> |
|
285 |
- <td width="25" align="CENTER" valign="TOP"><img src= |
|
286 |
- "./images/note.gif" hspace="5" alt="Note"></td> |
|
287 |
- |
|
288 |
- <td align="LEFT" valign="TOP"> |
|
289 |
- <p>The line in <tt class="FILENAME">/etc/crontab</tt> is |
|
290 |
- shown broken here to improve readability, but should |
|
291 |
- appear as a single line in the file.</p> |
|
292 |
- </td> |
|
293 |
- </tr> |
|
294 |
- </table> |
|
295 |
- </div> |
|
296 |
- </div> |
|
297 |
- </div> |
|
298 |
- |
|
299 |
- <div class="SECT1"> |
|
300 |
- <hr> |
|
301 |
- |
|
302 |
- <h1 class="SECT1"><a name="AEN120">3. Installing <span class= |
|
303 |
- "APPLICATION">SpamAssassin</span></a></h1> |
|
304 |
- |
|
305 |
- <div class="SECT2"> |
|
306 |
- <h2 class="SECT2"><a name="AEN123">3.1. Building and installing |
|
307 |
- from source</a></h2> |
|
308 |
- |
|
309 |
- <p>There is a <span class="SYSTEMITEM">FreeBSD</span> Port for |
|
310 |
- <span class="APPLICATION">SpamAssassin</span>, though it will |
|
311 |
- build an old version (2.41). Either build that port with:</p> |
|
312 |
-<pre class="SCREEN"> |
|
313 |
-# cd /usr/ports/mail/p5-Mail-SpamAssassin |
|
314 |
-# make |
|
315 |
-# make install |
|
316 |
-</pre> |
|
317 |
- |
|
318 |
- <p>or build the latest version by hand from the source as |
|
319 |
- follows. Firstly, obtain and unpack the source:</p> |
|
320 |
-<pre class="SCREEN"> |
|
321 |
-# cd /usr/local |
|
322 |
-# mkdir spamassassin |
|
323 |
-# cd spamassassin |
|
324 |
-# fetch http://spamassassin.taint.org/released/Mail-SpamAssassin-2.43.tar.gz |
|
325 |
-# gunzip Mail-SpamAssassin-2.43.tar.gz |
|
326 |
-# tar -xvf Mail-SpamAssassin-2.43.tar |
|
327 |
-# cd Mail-SpamAssassin-2.43 |
|
328 |
-</pre> |
|
329 |
- |
|
330 |
- <p>Now, build the <tt class="FILENAME">Makefile</tt> with <b |
|
331 |
- class="COMMAND">perl</b>:</p> |
|
332 |
-<pre class="SCREEN"> |
|
333 |
-# perl Makefile.PL |
|
334 |
-</pre> |
|
335 |
- |
|
336 |
- <div class="NOTE"> |
|
337 |
- <table class="NOTE" width="100%" border="0"> |
|
338 |
- <tr> |
|
339 |
- <td width="25" align="CENTER" valign="TOP"><img src= |
|
340 |
- "./images/note.gif" hspace="5" alt="Note"></td> |
|
341 |
- |
|
342 |
- <td align="LEFT" valign="TOP"> |
|
343 |
- <p>At this point, <b class="COMMAND">perl</b> will warn |
|
344 |
- you of any dependencies on Perl packages your system is |
|
345 |
- missing. Fetching and installing Perl packages is |
|
346 |
- described in an <a href="#PERL">Appendix</a> below. |
|
347 |
- Fetch and install any packages required before |
|
348 |
- proceeding.</p> |
|
349 |
- </td> |
|
350 |
- </tr> |
|
351 |
- </table> |
|
352 |
- </div> |
|
353 |
- |
|
354 |
- <p>Now build <span class="APPLICATION">SpamAssassin</span>:</p> |
|
355 |
-<pre class="SCREEN"> |
|
356 |
-# make |
|
357 |
-# make install |
|
358 |
-</pre> |
|
359 |
- </div> |
|
360 |
- |
|
361 |
- <div class="SECT2"> |
|
362 |
- <hr> |
|
363 |
- |
|
364 |
- <h2 class="SECT2"><a name="AEN142">3.2. Testing the |
|
365 |
- installation</a></h2> |
|
366 |
- |
|
367 |
- <p>You should now test <span class= |
|
368 |
- "APPLICATION">SpamAssassin</span> on the sample files provided. |
|
369 |
- Firstly, test some known spam:</p> |
|
370 |
-<pre class="SCREEN"> |
|
371 |
-# spamassassin -t < sample-spam.txt > spam.out |
|
372 |
-</pre> |
|
373 |
- |
|
374 |
- <p>View the resulting file, <tt class="FILENAME">spam.out</tt>. |
|
375 |
- <span class="APPLICATION">SpamAssassin</span> should add the |
|
376 |
- following headers to the message:</p> |
|
377 |
-<pre class="PROGRAMLISTING"> |
|
378 |
-X-Spam-Status: Yes, hits=14.7 required=5.0 |
|
379 |
- tests=ALL_CAPS_HEADER,CALL_FREE,DATE_IN_PAST_24_48, |
|
380 |
- DRASTIC_REDUCED,FROM_HAS_MIXED_NUMS,HOME_EMPLOYMENT, |
|
381 |
- INVALID_DATE,INVALID_MSGID,LINES_OF_YELLING, |
|
382 |
- MSGID_HAS_NO_AT,NO_REAL_NAME,ONCE_IN_LIFETIME,REMOVE_SUBJ, |
|
383 |
- SMTPD_IN_RCVD,SPAM_PHRASE_21_34,UNDISC_RECIPS |
|
384 |
- version=2.43 |
|
385 |
-X-Spam-Flag: YES |
|
386 |
-X-Spam-Level: ************** |
|
387 |
-X-Spam-Checker-Version: SpamAssassin 2.43 (1.115.2.20-2002-10-15-exp) |
|
388 |
-</pre> |
|
389 |
- |
|
390 |
- <p>Additionally, there will be a banner explaining in detail |
|
391 |
- what tests were failed.</p> |
|
392 |
- |
|
393 |
- <p>Next, test <span class="APPLICATION">SpamAssassin</span> with |
|
394 |
- a piece of genuine email:</p> |
|
395 |
-<pre class="SCREEN"> |
|
396 |
-# spamassassin -t < sample-nonspam.txt > nonspam.out |
|
397 |
-</pre> |
|
398 |
- |
|
399 |
- <p>This should add only the following headers to the mail, |
|
400 |
- indiciating the message is not considered spam:</p> |
|
401 |
-<pre class="PROGRAMLISTING"> |
|
402 |
-X-Spam-Status: No, hits=0.9 required=5.0 |
|
403 |
- tests=GAPPY_TEXT,LINES_OF_YELLING,PGP_SIGNATURE, |
|
404 |
- SPAM_PHRASE_02_03,TO_BE_REMOVED_REPLY |
|
405 |
- version=2.43 |
|
406 |
-X-Spam-Level: |
|
407 |
-</pre> |
|
408 |
- |
|
409 |
- <div class="NOTE"> |
|
410 |
- <table class="NOTE" width="100%" border="0"> |
|
411 |
- <tr> |
|
412 |
- <td width="25" align="CENTER" valign="TOP"><img src= |
|
413 |
- "./images/note.gif" hspace="5" alt="Note"></td> |
|
414 |
- |
|
415 |
- <td align="LEFT" valign="TOP"> |
|
416 |
- <p><span class="APPLICATION">SpamAssassin</span>'s only |
|
417 |
- action is to mark mail that it considers spam with the |
|
418 |
- <tt class="OPTION">X-Spam-</tt> headers. It does not |
|
419 |
- delete or even remove spam. Another agent is required in |
|
420 |
- the chain to move the spam once detected. Instructions |
|
421 |
- are given <a href="#PROCMAIL">below</a> for a simple |
|
422 |
- per-user <a href="www.procmail.org" target="_top"><span |
|
423 |
- class="APPLICATION">procmail</span></a> recipe for |
|
424 |
- moving spam to a separate folder.</p> |
|
425 |
- </td> |
|
426 |
- </tr> |
|
427 |
- </table> |
|
428 |
- </div> |
|
429 |
- </div> |
|
430 |
- |
|
431 |
- <div class="SECT2"> |
|
432 |
- <hr> |
|
433 |
- |
|
434 |
- <h2 class="SECT2"><a name="AEN164">3.3. Running <span class= |
|
435 |
- "APPLICATION">SpamAssassin</span> as a daemon: <b class= |
|
436 |
- "COMMAND">spamd</b></a></h2> |
|
437 |
- |
|
438 |
- <p>If <span class="APPLICATION">SpamAssassin</span> was |
|
439 |
- installed from the Ports System, a startup script for <b class= |
|
440 |
- "COMMAND">spamd</b> will have been placed in <tt class= |
|
441 |
- "FILENAME">/usr/local/etc/rc.d/spamd.sh</tt>. If <span class= |
|
442 |
- "APPLICATION">SpamAssassin</span> was installed by hand, you |
|
443 |
- should now create a startup script for <b class= |
|
444 |
- "COMMAND">spamd</b> (the daemon version of <span class= |
|
445 |
- "APPLICATION">SpamAssassin</span>), similar to the one created |
|
446 |
- above for <b class="COMMAND">freshclam</b>. Create the following |
|
447 |
- script as <tt class= |
|
448 |
- "FILENAME">/usr/local/etc/rc.d/spamd.sh</tt>:</p> |
|
449 |
-<pre class="PROGRAMLISTING"> |
|
450 |
-#!/bin/sh |
|
451 |
-# |
|
452 |
-# Startup / shutdown script for SpamAssassin daemon |
|
453 |
- |
|
454 |
-case "$1" in |
|
455 |
- start) |
|
456 |
- /usr/bin/spamd -a -d && echo -n ' spamd' |
|
457 |
- ;; |
|
458 |
- |
|
459 |
- stop) |
|
460 |
- spamdpid=`ps -ax | grep spamd | grep -v grep | grep -v sh | awk '{ print $1 }'` |
|
461 |
- if [ "$spamdpid" != "" ]; then |
|
462 |
- kill $spamdpid > /dev/null 2>&1 |
|
463 |
- echo -n " spamd" |
|
464 |
- fi |
|
465 |
- ;; |
|
466 |
- |
|
467 |
- *) |
|
468 |
- echo "Usage: `basename $0` {start|stop}" >&2 |
|
469 |
- ;; |
|
470 |
-esac |
|
471 |
- |
|
472 |
-exit 0 |
|
473 |
-</pre> |
|
474 |
- |
|
475 |
- <p>Remember to make the script executable, then use it to start |
|
476 |
- <b class="COMMAND">spamd</b> — <b class= |
|
477 |
- "COMMAND">qmail-scanner</b> will only find the <span class= |
|
478 |
- "APPLICATION">SpamAssassin</span> daemon if it is running at the |
|
479 |
- time of install:</p> |
|
480 |
-<pre class="SCREEN"> |
|
481 |
-# chmod 744 /usr/local/etc/rc.d/spamd.sh |
|
482 |
-# /usr/local/etc/rc.d/spamd.sh start |
|
483 |
-</pre> |
|
484 |
- </div> |
|
485 |
- |
|
486 |
- <div class="SECT2"> |
|
487 |
- <hr> |
|
488 |
- |
|
489 |
- <h2 class="SECT2"><a name="PROCMAIL">3.4. Using <span class= |
|
490 |
- "APPLICATION">procmail</span> to filter the spam</a></h2> |
|
491 |
- |
|
492 |
- <p>As noted above, <span class="APPLICATION">SpamAssassin</span> |
|
493 |
- only tags spam with <tt class="OPTION">X-Spam-</tt> headers. If |
|
494 |
- you don't do anything else, you'll still receive spam in your |
|
495 |
- mailbox — it will just be identified as spam by those |
|
496 |
- headers. One common solution is to use <span class= |
|
497 |
- "APPLICATION">procmail</span> as a mail delivery agent and |
|
498 |
- instruct it to place the spam in a Maildir of its own. There is |
|
499 |
- a lot of good documentation on installing and running <span |
|
500 |
- class="APPLICATION">procmail</span>, and a thorough treatment of |
|
501 |
- that complex program is beyond the scope of this document. If |
|
502 |
- you have <span class="APPLICATION">procmail</span> installed at |
|
503 |
- your site already, though, or even if you are prepared to |
|
504 |
- install it from the Ports System <span class="emphasis"><i |
|
505 |
- class="EMPHASIS">just to redirect <span class= |
|
506 |
- "APPLICATION">SpamAssassin</span>-tagged spam</i></span>, the |
|
507 |
- following is a minimal procmail recipe to redirect spam to the |
|
508 |
- Maildir <tt class="FILENAME">$HOME/Maildir/.Spam/</tt>:</p> |
|
509 |
-<pre class="PROGRAMLISTING"> |
|
510 |
-:0: |
|
511 |
-* ^X-Spam-Status: Yes |
|
512 |
-$HOME/Maildir/.Spam/ |
|
513 |
-</pre> |
|
514 |
- |
|
515 |
- <p>This recipe would be placed in each user's <tt class= |
|
516 |
- "FILENAME">.procmailrc</tt> file. In addition, placing it in the |
|
517 |
- file <tt class="FILENAME">/usr/share/skel/dot.procmailrc</tt> |
|
518 |
- will ensure that any newly created users will have a <tt class= |
|
519 |
- "FILENAME">.procmailrc</tt> file generated in their home |
|
520 |
- directory. Each user will also need to have a <tt class= |
|
521 |
- "FILENAME">.Spam</tt> Maildir created for them. For example, to |
|
522 |
- create the Maildir for <span class="SYSTEMITEM">paulh</span>, |
|
523 |
- enter:</p> |
|
524 |
-<pre class="SCREEN"> |
|
525 |
-# su paulh |
|
526 |
-# cd $HOME |
|
527 |
-# /var/qmail/bin/maildirmake Maildir/.Spam |
|
528 |
-# exit |
|
529 |
-</pre> |
|
530 |
- |
|
531 |
- <p>In order to get <span class="APPLICATION">qmail</span> to |
|
532 |
- call <span class="APPLICATION">procmail</span>, each user's <tt |
|
533 |
- class="FILENAME">.qmail</tt> file should contain the |
|
534 |
- following:</p> |
|
535 |
-<pre class="PROGRAMLISTING"> |
|
536 |
-|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 |
|
537 |
-</pre> |
|
538 |
- |
|
539 |
- <p>Again, to ensure all new users have this <tt class= |
|
540 |
- "FILENAME">.qmail</tt> created for them, replace the contents of |
|
541 |
- <tt class="FILENAME">/usr/share/skel/dot.qmail</tt> with the |
|
542 |
- line above.</p> |
|
543 |
- |
|
544 |
- <div class="NOTE"> |
|
545 |
- <table class="NOTE" width="100%" border="0"> |
|
546 |
- <tr> |
|
547 |
- <td width="25" align="CENTER" valign="TOP"><img src= |
|
548 |
- "./images/note.gif" hspace="5" alt="Note"></td> |
|
549 |
- |
|
550 |
- <td align="LEFT" valign="TOP"> |
|
551 |
- <p>Installing and running <span class= |
|
552 |
- "APPLICATION">procmail</span> is non-trivial. Read the |
|
553 |
- documentation and the numerous FAQs and How-Tos if you |
|
554 |
- plan to do this.</p> |
|
555 |
- </td> |
|
556 |
- </tr> |
|
557 |
- </table> |
|
558 |
- </div> |
|
559 |
- </div> |
|
560 |
- </div> |
|
561 |
- |
|
562 |
- <div class="SECT1"> |
|
563 |
- <hr> |
|
564 |
- |
|
565 |
- <h1 class="SECT1"><a name="AEN214">4. Installing <span class= |
|
566 |
- "APPLICATION">qmail-scanner</span></a></h1> |
|
567 |
- |
|
568 |
- <div class="SECT2"> |
|
569 |
- <h2 class="SECT2"><a name="AEN217">4.1. Installing <span class= |
|
570 |
- "APPLICATION">maildrop</span></a></h2> |
|
571 |
- |
|
572 |
- <p><span class="APPLICATION">qmail-scanner</span> depends on the |
|
573 |
- <b class="COMMAND">reformime</b> command, available as part of |
|
574 |
- the <span class="APPLICATION">maildrop</span> package. <span |
|
575 |
- class="APPLICATION">maildrop</span> is available in the <span |
|
576 |
- class="SYSTEMITEM">FreeBSD</span> Ports System, and is easily |
|
577 |
- installed:</p> |
|
578 |
-<pre class="SCREEN"> |
|
579 |
-# cd /usr/ports/mail/maildrop |
|
580 |
-# make |
|
581 |
-# make install |
|
582 |
-</pre> |
|
583 |
- </div> |
|
584 |
- |
|
585 |
- <div class="SECT2"> |
|
586 |
- <hr> |
|
587 |
- |
|
588 |
- <h2 class="SECT2"><a name="AEN227">4.2. Installing and building |
|
589 |
- from source</a></h2> |
|
590 |
- |
|
591 |
- <p>There is no <span class="SYSTEMITEM">FreeBSD</span> Port for |
|
592 |
- <span class="APPLICATION">qmail-scanner</span>, so it needs to |
|
593 |
- be built by hand from the source. Firstly, obtain and unpack the |
|
594 |
- source:</p> |
|
595 |
-<pre class="SCREEN"> |
|
596 |
-# cd /usr/local |
|
597 |
-# mkdir qmail-scanner |
|
598 |
-# fetch http://telia.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner-1.14.tgz |
|
599 |
-# gunzip qmail-scanner-1.14.tgz |
|
600 |
-# tar -xvf qmail-scanner-1.14.tar |
|
601 |
-# cd qmail-scanner-1.14 |
|
602 |
-</pre> |
|
603 |
- |
|
604 |
- <p>Now run the configure script in help mode to view the |
|
605 |
- options:</p> |
|
606 |
-<pre class="SCREEN"> |
|
607 |
-# ./configure --help |
|
608 |
-</pre> |
|
609 |
- |
|
610 |
- <p>You may wish to explicitly specify some of the options for |
|
611 |
- which the defaults are unsuitable at your site. For example, you |
|
612 |
- may wish to change <tt class="OPTION">--admin</tt> and <tt |
|
613 |
- class="OPTION">--notify</tt> at a minimum. The run the configure |
|
614 |
- script using your options and the <tt class= |
|
615 |
- "OPTION">--install</tt> option. For example:</p> |
|
616 |
-<pre class="SCREEN"> |
|
617 |
-# ./configure --admin postmaster --notify "recips,admin" --install |
|
618 |
-</pre> |
|
619 |
- |
|
620 |
- <p>You need to set the SUID bit on the <b class= |
|
621 |
- "COMMAND">suidperl</b> command:</p> |
|
622 |
-<pre class="SCREEN"> |
|
623 |
-# chmod 4511 /usr/bin/suidperl |
|
624 |
-</pre> |
|
625 |
- |
|
626 |
- <div class="NOTE"> |
|
627 |
- <table class="NOTE" width="100%" border="0"> |
|
628 |
- <tr> |
|
629 |
- <td width="25" align="CENTER" valign="TOP"><img src= |
|
630 |
- "./images/note.gif" hspace="5" alt="Note"></td> |
|
631 |
- |
|
632 |
- <td align="LEFT" valign="TOP"> |
|
633 |
- <p><span class="emphasis"><i class="EMPHASIS">This may |
|
634 |
- be a security risk.</i></span> You need to evaluate this |
|
635 |
- action based on the security policy at your site. <b |
|
636 |
- class="COMMAND">qmail-scanner</b> will not operate |
|
637 |
- without this change, however.</p> |
|
638 |
- </td> |
|
639 |
- </tr> |
|
640 |
- </table> |
|
641 |
- </div> |
|
642 |
- |
|
643 |
- <p><b class="COMMAND">qmail-smtpd</b> needs to be instructed to |
|
644 |
- use the <b class="COMMAND">qmail-scanner-queue.pl</b> script in |
|
645 |
- <tt class="FILENAME">/var/qmail/bin</tt> instead of the standard |
|
646 |
- <b class="COMMAND">qmail-queue</b> binary. If your site uses <b |
|
647 |
- class="COMMAND">tcpserver</b> to handle connections to <b class= |
|
648 |
- "COMMAND">qmail-smtpd</b> (as described in <a href= |
|
649 |
- "qmail-how-to.html" target="_top">Installing <span class= |
|
650 |
- "APPLICATION">qmail</span> under FreeBSD</a>), <tt class= |
|
651 |
- "FILENAME">/etc/tcp.smtp</tt> should be updated to set the <tt |
|
652 |
- class="ENVAR">QMAILQUEUE</tt> environment variable. The precise |
|
653 |
- contents of this file will vary between sites depending on you |
|
654 |
- LAN configuration. The <tt class="FILENAME">/etc/tcp.smtp</tt> |
|
655 |
- file constructed in <a href="qmail-how-to.html" target= |
|
656 |
- "_top">Installing <span class="APPLICATION">qmail</span> under |
|
657 |
- FreeBSD</a> would be modified as follows:</p> |
|
658 |
-<pre class="PROGRAMLISTING"> |
|
659 |
-192.168.0.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" |
|
660 |
-127.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" |
|
661 |
-:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" |
|
662 |
-</pre> |
|
663 |
- |
|
664 |
- <p>Now rebuild the ruleset for <b class= |
|
665 |
- "COMMAND">tcpserver</b>:</p> |
|
666 |
-<pre class="SCREEN"> |
|
667 |
-# /usr/local/bin/tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp |
|
668 |
-</pre> |
|
669 |
- |
|
670 |
- <p>Finally, stop and restart the <span class= |
|
671 |
- "APPLICATION">qmail</span> binaries:</p> |
|
672 |
-<pre class="SCREEN"> |
|
673 |
-# /usr/local/etc/rc.d/qmail.sh stop |
|
674 |
-# /usr/local/etc/rc.d/qmail.sh start |
|
675 |
-</pre> |
|
676 |
- </div> |
|
677 |
- |
|
678 |
- <div class="SECT2"> |
|
679 |
- <hr> |
|
680 |
- |
|
681 |
- <h2 class="SECT2"><a name="AEN268">4.3. Testing the |
|
682 |
- installation</a></h2> |
|
683 |
- |
|
684 |
- <p>The <span class="APPLICATION">qmail-scanner</span> |
|
685 |
- distribution provides a script and some test files containing |
|
686 |
- virus signatures to test the virus scanner. Run these through |
|
687 |
- <span class="APPLICATION">qmail-scanner</span> now:</p> |
|
688 |
-<pre class="SCREEN"> |
|
689 |
-# cd /usr/local/qmail-scanner/qmail-scanner-1.14 |
|
690 |
-# ./contrib/test_installation.sh -doit |
|
691 |
-</pre> |
|
692 |
- |
|
693 |
- <p>This will send three emails to the address you specified as |
|
694 |
- <tt class="OPTION">--admin</tt> during the <span class= |
|
695 |
- "APPLICATION">qmail-scanner</span> installation. The first |
|
696 |
- should arrive unmodified (though it will have an X-Spam-Status: |
|
697 |
- header if you have set up <span class= |
|
698 |
- "APPLICATION">SpamAssassin</span>), but the second and third |
|
699 |
- should be caught by either the internal (simple) virus scanner |
|
700 |
- of <span class="APPLICATION">qmail-scanner</span> or by <span |
|
701 |
- class="APPLICATION">Clam AntiVirus</span>. Email caught by <span |
|
702 |
- class="APPLICATION">qmail-scanner</span> is deposited in <tt |
|
703 |
- class="FILENAME">/var/spool/qmailscan/quarantine</tt> in Maildir |
|
704 |
- format.</p> |
|
705 |
- </div> |
|
706 |
- </div> |
|
707 |
- |
|
708 |
- <div class="APPENDIX"> |
|
709 |
- <hr> |
|
710 |
- |
|
711 |
- <h1 class="APPENDIX"><a name="PERL">A. Fetching and installing |
|
712 |
- Perl modules from CPAN</a></h1> |
|
713 |
- |
|
714 |
- <p>At several points during the installation of the Perl-based |
|
715 |
- applications, <b class="COMMAND">perl</b> may complain about |
|
716 |
- dependencies on packages not present on your system. This is |
|
717 |
- easily solved by installing the packages it requires from CPAN. |
|
718 |
- The easiest way is to use a CPAN shell:</p> |
|
719 |
-<pre class="SCREEN"> |
|
720 |
-# perl -MCPAN -e shell |
|
721 |
-</pre> |
|
722 |
- |
|
723 |
- <p>If you are running the CPAN module for the first time, there |
|
724 |
- may be some setup required — just follow the prompts. When |
|
725 |
- you get the <tt class="PROMPT">cpan></tt> prompt, install the |
|
726 |
- packages required. For example, to install <tt class= |
|
727 |
- "FILENAME">Time::HiRes</tt>, simply enter:</p> |
|
728 |
-<pre class="SCREEN"> |
|
729 |
-cpan> install Time::HiRes |
|
730 |
-</pre> |
|
731 |
- |
|
732 |
- <p>You can instruct the shell to install as many packages as you |
|
733 |
- need in this manner.</p> |
|
734 |
- </div> |
|
735 |
- |
|
736 |
- <div class="APPENDIX"> |
|
737 |
- <hr> |
|
738 |
- |
|
739 |
- <h1 class="APPENDIX"><a name="AEN292">B. Contacting the |
|
740 |
- authors</a></h1> |
|
741 |
- |
|
742 |
- <p>This document was written by <a href= |
|
743 |
- "mailto:paulh@logicsquad.net" target="_top">Paul Hoadley</a> and |
|
744 |
- <a href="mailto:eric@eparsonage.com" target="_top">Eric |
|
745 |
- Parsonage</a>. This document describes what we did to get <span |
|
746 |
- class="APPLICATION">qmail-scanner</span> co-operating with <span |
|
747 |
- class="APPLICATION">Clam AntiVirus</span> and <span class= |
|
748 |
- "APPLICATION">SpamAssassin</span> on two FreeBSD 4.7 systems. Your |
|
749 |
- mileage may vary. If you notice any errors in this document, or |
|
750 |
- your experience with the software used was vastly different, |
|
751 |
- please <a href="mailto:paulh@logicsquad.net" target="_top">let us |
|
752 |
- know</a>.</p> |
|
753 |
- </div> |
|
754 |
- </div> |
|
755 |
- </body> |
|
756 |
-</html> |
|
757 |
- |
762 | 5 |
deleted file mode 100644 |
... | ... |
@@ -1,1834 +0,0 @@ |
1 |
-<?xml version~"1.0" encoding="EUC-JP" ?> |
|
2 |
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" |
|
3 |
- "http://www.w3.org/TR/xhtml11/DTD/xhtml11.DTD"> |
|
4 |
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ja"> |
|
5 |
-<head> |
|
6 |
- <meta http-equiv="Content-Type" content="text/html; charset=euc-jp" /> |
|
7 |
- <meta http-equiv="content-style-type" content="text/css" /> |
|
8 |
- <meta name="copyright" content="" /> |
|
9 |
- |
|
10 | ||
11 |
- |
|
12 |
- <link rel="copyright" title="GNU General Public License" href="http://www.gnu.org/copyleft/gpl.html#SEC1" /> |
|
13 |
- |
|
14 |
- <style type="text/css"> |
|
15 |
- a { color: #006633; text-decoration: none; } |
|
16 |
- a:hover { color: #ffffff; background-color: #336666; } |
|
17 |
- |
|
18 |
- body { margin: 5% 10% 5% 10%; color: #333333; width: 80%; line-height: 170%; } |
|
19 |
- |
|
20 |
- div.contents { margin: 2em 0em; line-height: 100%; } |
|
21 |
- .contents dl { margin: 0em 0em; } |
|
22 |
- .contents a { color: #000000; text-decoration: none; } |
|
23 |
- .contents a:hover { color: #ffffff; background-color: #333333; } |
|
24 |
- |
|
25 |
- div.chapter { margin: 3em 0em 3em 0em; } |
|
26 |
- div.section { margin: 1em 0em 1em 3em; border: 1px solid #ffffff; } |
|
27 |
- div.section:hover { border: 1px dotted #cccccc; } |
|
28 |
- .section div,.section p,.section ul,.section li,.section dl { border: 1px solid #ffffff; } |
|
29 |
- .section p { margin: 1em 0em 1em 1em; text-indent: 1em; } |
|
30 |
- .section pre { margin: 1em 0em 1em 1em; border: 1px solid #000000; line-height: 120%; } |
|
31 |
- .section ul,.section ol { margin: 1em 0em 1em 2em; } |
|
32 |
- .section dl { margin: 1em 0em 1em 1em; } |
|
33 |
- .section dt { margin: 0em 0em 0em 0em; } |
|
34 |
- .section dd { margin: 0em 0em 1em 2em; } |
|
35 |
- .section blockquote { background-color: #ffffff; border: 1px dotted #000000; } |
|
36 |
- .section *:hover { color: #000000; } |
|
37 |
- .section div:hover { border: 1px dotted #cccccc; } |
|
38 |
- .section a:hover { color: #ffffff; } |
|
39 |
- .section p:hover,.section li:hover,.section dl:hover,.section pre:hover { background-color: #eeffee; } |
|
40 |
- .section dt:hover,.section dd:hover { background-color: #99ffcc; } |
|
41 |
- .section code { } |
|
42 |
- |
|
43 |
-# .section dl.tree { margin: 0em 0em 0em 1em; } |
|
44 |
-# dl.tree dd { margin: 0em 0em 0em 1em; } |
|
45 |
- |
|
46 |
- h2 { color: #ffffff; background-color: #333333; line-height: 150%; } |
|
47 |
- .section h3,.section h4 { color: #000000; border-bottom: 1px solid #336666; line-height: 150%; } |
|
48 |
- .section h5,.section h4 { color: #000000; border-bottom: 1px solid #336666; line-height: 100%; } |
|
49 |
- |
|
50 |
- table { margin: 1em 0em 1em 1em; } |
|
51 |
- table:hover { background-color: #eeffee; } |
|
52 |
- tr:hover { background-color: #99ffcc; } |
|
53 |
- th,td.opt { white-space:nowrap; text-align: left; } |
|
54 |
- |
|
55 |
- </style> |
|
56 |
-</head> |
|
57 |
-<body> |
|
58 |
- |
|
59 | ||
60 |
- |
|
61 | ||
62 |
-<dl> |
|
63 | ||
64 |
- <dl> |
|
65 | ||
66 | ||
67 | ||
68 |
- <dl> |
|
69 | ||
70 | ||
71 | ||
72 | ||
73 |
- </dl> |
|
74 |
- </dd> |
|
75 | ||
76 |
- <dl> |
|
77 | ||
78 | ||
79 | ||
80 | ||
81 |
- </dl> |
|
82 |
- </dd> |
|
83 |
- </dl> |
|
84 |
- </dd> |
|
85 |
- |
|
86 | ||
87 |
- <dl> |
|
88 | ||
89 | ||
90 | ||
91 | ||
92 |
- </dl> |
|
93 |
- </dd> |
|
94 |
- |
|
95 | ||
96 |
- <dl> |
|
97 | ||
98 |
- <dd><a href="#c3.2">3.2. freshclam</a> |
|
99 |
- <dl> |
|
100 | ||
101 | ||
102 | ||
103 | ||
104 | ||
105 | ||
106 |
- </dl> |
|
107 |
- </dd> |
|
108 |
- </dl> |
|
109 |
- </dd> |
|
110 |
- |
|
111 | ||
112 |
- <dl> |
|
113 |
- <dd><a href="#c4.1">4.1. clamscan</a> |
|
114 |
- <dl> |
|
115 | ||
116 | ||
117 | ||
118 |
- </dl> |
|
119 |
- </dd> |
|
120 |
- <dd><a href="#c4.2">4.2. clamd</a> |
|
121 |
- <dl> |
|
122 |
- <dd><a href="#c4.2.1">4.2.1. clamd</a></dd> |
|
123 | ||
124 | ||
125 | ||
126 |
- <dd><a href="#c4.2.5">4.2.5. clamdscan</a></dd> |
|
127 | ||
128 | ||
129 |
- </dl> |
|
130 |
- </dd> |
|
131 |
- <dd><a href="#c4.3">4.3. Dazuko+Clamuko</a> |
|
132 |
- <dl> |
|
133 |
- <dd><a href="#c4.3.1">4.3.1. Dazuko</a></dd> |
|
134 |
- <dd><a href="#c4.3.2">4.3.2. Clamuko</a></dd> |
|
135 |
- </dl> |
|
136 |
- </dd> |
|
137 |
- </dl> |
|
138 |
- </dd> |
|
139 |
- |
|
140 | ||
141 |
- <dl> |
|
142 |
- <dd><a href="#c5.1">5.1. MTA</a> |
|
143 |
- <dl> |
|
144 |
- <dd><a href="#c5.1.1">5.1.1. AMaViS/amavisd</a></dd> |
|
145 |
- <dd><a href="#c5.1.2">5.1.2. AMaViS-ng</a></dd> |
|
146 |
- <dd><a href="#c5.1.3">5.1.3. amavisd-new</a></dd> |
|
147 |
- <dd><a href="#c5.1.4">5.1.4. mailscanner</a></dd> |
|
148 |
- <dd><a href="#c5.1.6">5.1.6. OpenProtect</a></dd> |
|
149 |
- <dd><a href="#c5.1.7">5.1.7. clamav-milter</a></dd> |
|
150 |
- <dd><a href="#c5.1.8">5.1.8. mimedefang</a></dd> |
|
151 |
- <dd><a href="#c5.1.9">5.1.9. IVS Milter</a></dd> |
|
152 |
- <dd><a href="#c5.1.10">5.1.10. smtp-vilter</a></dd> |
|
153 |
- <dd><a href="#c5.1.11">5.1.11. j-chkmail</a></dd> |
|
154 |
- <dd><a href="#c5.1.12">5.1.12. nclamd,nclamav-milter</a></dd> |
|
155 |
- <dd><a href="#c5.1.13">5.1.13. qmail-scanner</a></dd> |
|
156 |
- <dd><a href="#c5.1.14">5.1.14. clamdmail</a></dd> |
|
157 |
- <dd><a href="#c5.1.15">5.1.15. qscanq</a></dd> |
|
158 |
- <dd><a href="#c5.1.16">5.1.16. Gadoyanvirus</a></dd> |
|
159 |
- <dd><a href="#c5.1.17">5.1.17. exiscan</a></dd> |
|
160 |
- <dd><a href="#c5.1.18">5.1.18. scanexi</a></dd> |
|
161 |
- <dd><a href="#c5.1.19">5.1.19. sagator</a></dd> |
|
162 |
- <dd><a href="#c5.1.20">5.1.20. cgpav</a></dd> |
|
163 |
- </dl> |
|
164 |
- </dd> |
|
165 | ||
166 |
- <dl> |
|
167 |
- <dd><a href="#c5.2.1">5.2.1. POP3 Virus Scanner Daemon</a></dd> |
|
168 |
- <dd><a href="#c5.2.2">5.2.2. Sylpheed-Claws</a></dd> |
|
169 |
- <dd><a href="#c5.2.3">5.2.3. Mutt</a></dd> |
|
170 |
- </dl> |
|
171 |
- </dd> |
|
172 | ||
173 |
- <dl> |
|
174 |
- <dd><a href="#c5.3.1">5.3.1. ClamAssassin</a></dd> |
|
175 |
- <dd><a href="#c5.3.2">5.3.2. trashscan</a></dd> |
|
176 |
- <dd><a href="#c5.3.3">5.3.3. mailman-clamav</a></dd> |
|
177 |
- <dd><a href="#c5.3.4">5.3.4. mailgraph</a></dd> |
|
178 |
- </dl> |
|
179 |
- </dd> |
|
180 | ||
181 |
- <dl> |
|
182 |
- <dd><a href="#c5.4.1">5.4.1. samba-vscan</a></dd> |
|
183 |
- <dd><a href="#c5.4.2">5.4.2. mod_clamav</a></dd> |
|
184 |
- <dd><a href="#c5.4.3">5.4.3. PureFTPd</a></dd> |
|
185 |
- <dd><a href="#c5.4.4">5.4.4. Viralator</a></dd> |
|
186 |
- </dl> |
|
187 |
- </dd> |
|
188 |
- <dd><a href="#c5.5">5.5. CD-ROM</a> |
|
189 |
- <dl> |
|
190 |
- <dd><a href="#c5.5.1">5.5.1. INSERT</a></dd> |
|
191 |
- <dd><a href="#c5.5.2">5.5.2. Local Area Security</a></dd> |
|
192 |
- </dl> |
|
193 |
- </dd> |
|
194 | ||
195 |
- <dl> |
|
196 |
- <dd><a href="#c5.6.1">5.6.1. Mail::ClamAV</a></dd> |
|
197 |
- <dd><a href="#c5.6.2">5.6.2. clamavr</a></dd> |
|
198 |
- <dd><a href="#c5.6.3">5.6.3. wbmclamav</a></dd> |
|
199 |
- <dd><a href="#c5.6.4">5.6.4. Scan Log Analyzer</a></dd> |
|
200 |
- <dd><a href="#c5.6.5">5.6.5. ClamWin Antivirus</a></dd> |
|
201 |
- </dl> |
|
202 |
- </dd> |
|
203 |
- </dl> |
|
204 |
- </dd> |
|
205 |
- |
|
206 | ||
207 |
- <dl> |
|
208 | ||
209 |
- <dl> |
|
210 | ||
211 | ||
212 | ||
213 |
- </dl> |
|
214 |
- </dd> |
|
215 |
- <dd><a href="#c6.2">6.2. sigtool</a> |
|
216 |
- <dl> |
|
217 | ||
218 | ||
219 |
- </dl> |
|
220 |
- </dd> |
|
221 | ||
222 |
- <dl> |
|
223 | ||
224 | ||
225 | ||
226 |
- </dl> |
|
227 |
- </dd> |
|
228 | ||
229 |
- <dl> |
|
230 | ||
231 | ||
232 | ||
233 | ||
234 | ||
235 |
- </dd> |
|
236 |
- </dl> |
|
237 |
- </dd> |
|
238 |
- |
|
239 | ||
240 |
- <dl> |
|
241 |
- <dd><a href="#c7.1">7.1. libclamav</a></dd> |
|
242 | ||
243 |
- </dl> |
|
244 |
- </dd> |
|
245 |
- |
|
246 | ||
247 |
- <dd><a href="#c9">9. TODO</a></dd> |
|
248 |
- |
|
249 |
-</dl></div> |
|
250 |
- |
|
251 | ||
252 |
- |
|
253 | ||
254 |
- <p> |
|
255 | ||
256 |
- </p> |
|
257 |
- </div> |
|
258 | ||
259 |
- <p> |
|
260 | ||
261 |
- </p> |
|
262 |
- <p> |
|
263 | ||
264 |
- </p> |
|
265 |
- </div> |
|
266 |
- |
|
267 | ||
268 |
- |
|
269 | ||
270 |
- <p> |
|
271 | ||
272 |
- </p> |
|
273 |
- <p> |
|
274 | ||
275 |
- </p> |
|
276 |
- <p> |
|
277 | ||
278 |
- </p> |
|
279 |
- <ul> |
|
280 |
- <li> |
|
281 | ||
282 | ||
283 |
- </li> |
|
284 |
- <li> |
|
285 | ||
286 | ||
287 |
- </li> |
|
288 |
- <li> |
|
289 | ||
290 | ||
291 | ||
292 | ||
293 | ||
294 |
- </li> |
|
295 |
- </ul> |
|
296 |
- <p> |
|
297 | ||
298 |
- </p> |
|
299 |
- <blockquote cite="http://www.mail-archive.com/clamav-users@lists.sourceforge.net/msg07466.html"> |
|
300 | ||
301 | ||
302 | ||
303 | ||
304 |
- </blockquote> |
|
305 |
- <p> |
|
306 | ||
307 |
- </p> |
|
308 |
- </div> |
|
309 | ||
310 |
- <p> |
|
311 | ||
312 |
- </p> |
|
313 |
- <p> |
|
314 | ||
315 |
- </p> |
|
316 |
- <p> |
|
317 | ||
318 |
- </p> |
|
319 |
- </div> |
|
320 | ||
321 |
- <p> |
|
322 | ||
323 |
- </p> |
|
324 |
- </div> |
|
325 | ||
326 |
- <p> |
|
327 | ||
328 |
- </p> |
|
329 |
- <p> |
|
330 | ||
331 |
- </p> |
|
332 |
- </div> |
|
333 |
- |
|
334 |
- </div> |
|
335 |
- |
|
336 | ||
337 |
- |
|
338 | ||
339 |
- <p> |
|
340 | ||
341 | ||
342 |
- </p> |
|
343 |
- </div> |
|
344 | ||
345 |
- <p> |
|
346 | ||
347 |
- </p> |
|
348 |
- </div> |
|
349 | ||
350 |
- <p> |
|
351 | ||
352 |
- </p> |
|
353 |
- </div> |
|
354 | ||
355 |
- <p> |
|
356 | ||
357 |
- </p> |
|
358 |
- </div> |
|
359 |
- </div> |
|
360 |
- |
|
361 |
-</div> |
|
362 |
- |
|
363 | ||
364 |
- |
|
365 | ||
366 |
- <p> |
|
367 | ||
368 |
- </p> |
|
369 |
- </div> |
|
370 | ||
371 |
- <p> |
|
372 | ||
373 |
- </p> |
|
374 |
- </div> |
|
375 | ||
376 |
- <p> |
|
377 | ||
378 |
- </p> |
|
379 |
- |
|
380 |
- <ul> |
|
381 | ||
382 |
- <pre><code> |
|
383 |
- # groupadd clamav |
|
384 |
- # useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav |
|
385 |
- </code></pre> |
|
386 |
- </li> |
|
387 | ||
388 |
- <pre><code> |
|
389 |
- $ echo 'clamav:*:402:Clam AntiVirus' | sudo niload group / |
|
390 |
- $ echo 'clamav:*:402:402::0:0:Clam Antivirus:/tmp:/dev/null' | \ |
|
391 |
- > sudo niload passwd / |
|
392 |
- </code></pre> |
|
393 | ||
394 |
- </li> |
|
395 |
- </ul> |
|
396 |
- </div> |
|
397 | ||
398 | ||
399 |
- |
|
400 |
- <pre><code> |
|
401 |
- $ zcat clamav-0.xx.tar.gz | tar xvf - |
|
402 |
- $ cd clamav-0.xx |
|
403 |
- $ ./configure |
|
404 |
- $ make |
|
405 |
- $ sudo make install |
|
406 |
- </code></pre> |
|
407 |
- |
|
408 | ||
409 |
- |
|
410 |
- <pre><code> |
|
411 |
- $ sudo /usr/local/bin/freshclam |
|
412 |
- </code></pre> |
|
413 |
- |
|
414 |
- </div> |
|
415 |
-</div> |
|
416 |
- |
|
417 | ||
418 |
- |
|
419 | ||
420 |
- <p> |
|
421 | ||
422 |
- </p> |
|
423 |
- <dl> |
|
424 |
- <dt>main.cvd</dt> |
|
425 | ||
426 |
- <dt>daily.cvd</dt> |
|
427 | ||
428 |
- <dt>mirrors.txt</dt> |
|
429 | ||
430 | ||
431 | ||
432 |
- </dl> |
|
433 |
- </div> |
|
434 |
- <div class="section" id="c3.2"><h3>3.2. freshclam</h3> |
|
435 | ||
436 |
- |
|
437 | ||
438 |
- <dl> |
|
439 |
- <dt># freshclam</dt> |
|
440 | ||
441 |
- <dt># freshclam -d -c 24</dt> |
|
442 | ||
443 |
- </dl> |
|
444 |
- </div> |
|
445 |
- |
|
446 | ||
447 |
- <table class="cmdoption"> |
|
448 |
- <tr> |
|
449 |
- <th>--help</th><td class="opt">-h</td> |
|
450 | ||
451 |
- </tr> |
|
452 |
- <tr> |
|
453 |
- <th>--version</th><td class="opt">-V</td> |
|
454 | ||
455 |
- </tr> |
|
456 |
- <tr> |
|
457 |
- <th>--verbose</th><td class="opt">-v</td> |
|
458 | ||
459 |
- </tr> |
|
460 |
- <tr> |
|
461 |
- <th>--debug</th><td class="opt"> </td> |
|
462 | ||
463 |
- </tr> |
|
464 |
- <tr> |
|
465 |
- <th>--quiet</th><td class="opt"> </td> |
|
466 | ||
467 |
- </tr> |
|
468 |
- <tr> |
|
469 |
- <th>--stdout</th><td class="opt"> </td> |
|
470 | ||
471 |
- </tr> |
|
472 |
- <tr> |
|
473 |
- <th>--log=FILE</th><td class="opt">-l FILE</td> |
|
474 | ||
475 |
- </tr> |
|
476 |
- <tr> |
|
477 |
- <th>--log-verbose</th><td class="opt"> </td> |
|
478 | ||
479 |
- </tr> |
|
480 |
- <tr> |
|
481 |
- <th>--config-file=FILE</th><td class="opt"> </td> |
|
482 | ||
483 |
- </tr> |
|
484 |
- <tr> |
|
485 |
- <th>--daemon</th><td class="opt">-d</td> |
|
486 | ||
487 |
- </tr> |
|
488 |
- <tr> |
|
489 |
- <th>--pid=FILE</th><td class="opt">-p FILE</td> |
|
490 | ||
491 |
- </tr> |
|
492 |
- <tr> |
|
493 |
- <th>--user=USER</th><td class="opt">-u USER</td> |
|
494 | ||
495 |
- </tr> |
|
496 |
- <tr> |
|
497 |
- <th>--datadir=DIRECTORY</th><td class="opt"> </td> |
|
498 | ||
499 |
- </tr> |
|
500 |
- <tr> |
|
501 |
- <th>--checks=#n</th><td class="opt">-c #n</td> |
|
502 | ||
503 |
- </tr> |
|
504 |
- <tr> |
|
505 |
- <th>--daemon-notify[=/path/clamav.conf]</th><td class="opt"> </td> |
|
506 | ||
507 |
- </tr> |
|
508 |
- <tr> |
|
509 |
- <th>--http-proxy=hostname[:port]</th><td class="opt"> </td> |
|
510 | ||
511 |
- </tr> |
|
512 |
- <tr> |
|
513 |
- <th>--proxy-user=user:password</th><td class="opt"> </td> |
|
514 | ||
515 |
- </tr> |
|
516 |
- <tr> |
|
517 |
- <th>--on-error-execute=COMMAND</th><td class="opt"> </td> |
|
518 | ||
519 |
- </tr> |
|
520 |
- <tr> |
|
521 |
- <th>--on-update-execute=COMMAND</th><td class="opt"> </td> |
|
522 | ||
523 |
- </tr> |
|
524 |
- </table> |
|
525 |
- </div> |
|
526 | ||
527 |
- <ol> |
|
528 |
- <li> |
|
529 | ||
530 |
- <pre><code> |
|
531 |
- # touch /var/log/clam-update.log |
|
532 |
- # chmod 644 /var/log/clam-update.log |
|
533 |
- # chown clamav /var/log/clam-update.log |
|
534 |
- </code></pre> |
|
535 |
- </li> |
|
536 |
- <li> |
|
537 | ||
538 |
- <pre><code>34 * * * * clamav /usr/local/bin/freshclam --quiet |
|
539 |
- -l /var/log/clam-update.log</code></pre> |
|
540 |
- </li> |
|
541 |
- </ol> |
|
542 |
- </div> |
|
543 | ||
544 |
- <p> |
|
545 | ||
546 |
- </p> |
|
547 |
- </div> |
|
548 | ||
549 |
- <p> |
|
550 | ||
551 |
- </p> |
|
552 |
- </div> |
|
553 |
- |
|
554 | ||
555 |
- <table> |
|
556 | ||
557 | ||
558 | ||
559 |
- </table> |
|
560 |
- </div> |
|
561 |
- |
|
562 |
- </div> |
|
563 |
- |
|
564 |
-</div> |
|
565 |
- |
|
566 | ||
567 |
- |
|
568 |
- <div class="section" id="c4.1"><h3>4.1. clamscan</h3> |
|
569 | ||
570 |
- |
|
571 | ||
572 |
- <ul> |
|
573 | ||
574 |
- <table class="cmdoption"> |
|
575 |
- <tr> |
|
576 |
- <th>--help</th><td class="opt">-h</td> |
|
577 | ||
578 |
- </tr> |
|
579 |
- <tr> |
|
580 |
- <th>--version</th><td class="opt">-V</td> |
|
581 | ||
582 |
- </tr> |
|
583 |
- <tr> |
|
584 |
- <th>--verbose</th><td class="opt">-v</td> |
|
585 | ||
586 |
- </tr> |
|
587 |
- <tr> |
|
588 |
- <th>--debug</th><td class="opt"> </td> |
|
589 | ||
590 |
- </tr> |
|
591 |
- <tr> |
|
592 |
- <th>--quiet</th><td class="opt"> </td> |
|
593 | ||
594 |
- </tr> |
|
595 |
- <tr> |
|
596 |
- <th>--stdout</th><td class="opt"> </td> |
|
597 | ||
598 |
- </tr> |
|
599 |
- <tr> |
|
600 |
- <th>--log=FILE</th><td class="opt">-l FILE</td> |
|
601 | ||
602 |
- </tr> |
|
603 |
- <tr> |
|
604 |
- <th>--log-verbose</th><td class="opt"> </td> |
|
605 | ||
606 |
- </tr> |
|
607 |
- <tr> |
|
608 |
- <th>--disable-summary</th><td class="opt"> </td> |
|
609 | ||
610 |
- </tr> |
|
611 |
- <tr> |
|
612 |
- <th>--infected</th><td class="opt">-i</td> |
|
613 | ||
614 |
- </tr> |
|
615 |
- <tr> |
|
616 |
- <th>--bell</th><td class="opt"></td> |
|
617 | ||
618 |
- </tr> |
|
619 |
- </table> |
|
620 |
- </li> |
|
621 | ||
622 |
- <table class="cmdoption"> |
|
623 |
- <tr> |
|
624 |
- <th>--tempdir=DIRECTORY</td><td class="opt"> </td> |
|
625 | ||
626 |
- </tr> |
|
627 |
- <tr> |
|
628 |
- <th>--database=FILE/DIR</td><td class="opt">-d FILE/DIR</td> |
|
629 | ||
630 |
- </tr> |
|
631 |
- <tr> |
|
632 |
- <th>--recursive</td><td class="opt">-r</td> |
|
633 | ||
634 |
- </tr> |
|
635 |
- <tr> |
|
636 |
- <th>--exclude=PATT</td><td class="opt"> </td> |
|
637 | ||
638 |
- </tr> |
|
639 |
- <tr> |
|
640 |
- <th>--include=PATT</td><td class="opt"> </td> |
|
641 | ||
642 |
- </tr> |
|
643 |
- <tr> |
|
644 |
- <th>--remove</td><td class="opt"> </td> |
|
645 | ||
646 |
- </tr> |
|
647 |
- <tr> |
|
648 |
- <th>--move=DIRECTORY</td><td class="opt"> </td> |
|
649 | ||
650 |
- </tr> |
|
651 |
- <tr> |
|
652 |
- <th>--force</td><td class="opt"> </td> |
|
653 | ||
654 |
- </tr> |
|
655 |
- </table> |
|
656 |
- </li> |
|
657 | ||
658 |
- <table class="cmdoption"> |
|
659 |
- <tr> |
|
660 |
- <th>--mbox</td><td class="opt">-m</td> |
|
661 | ||
662 |
- </tr> |
|
663 |
- <tr> |
|
664 |
- <th>--no-ole2</td><td class="opt"> </td> |
|
665 | ||
666 |
- </tr> |
|
667 |
- <tr> |
|
668 |
- <th>--no-archive</td><td class="opt"> </td> |
|
669 | ||
670 |
- </tr> |
|
671 |
- <tr> |
|
672 |
- <th>--detect-encrypted</td><td class="opt"> </td> |
|
673 |
- <td></td> |
|
674 |
- </tr> |
|
675 |
- <tr> |
|
676 |
- <th>--max-files=#n</td><td class="opt"> </td> |
|
677 | ||
678 |
- </tr> |
|
679 |
- <tr> |
|
680 |
- <th>--max-space=#n</td><td class="opt"> </td> |
|
681 | ||
682 |
- </tr> |
|
683 |
- <tr> |
|
684 |
- <th>--max-recursion=#n</td><td class="opt"> </td> |
|
685 | ||
686 |
- </tr> |
|
687 |
- <tr> |
|
688 |
- <th>--unzip=[FULLPATH]</td><td class="opt"> </td> |
|
689 | ||
690 |
- </tr> |
|
691 |
- <tr> |
|
692 |
- <th>--unrar=[FULLPATH]</td><td class="opt"> </td> |
|
693 | ||
694 |
- </tr> |
|
695 |
- <tr> |
|
696 |
- <th>--unace=[FULLPATH]</td><td class="opt"> </td> |
|
697 | ||
698 |
- </tr> |
|
699 |
- <tr> |
|
700 |
- <th>--unarj=[FULLPATH]</td><td class="opt"> </td> |
|
701 | ||
702 |
- </tr> |
|
703 |
- <tr> |
|
704 |
- <th>--unzoo=[FULLPATH]</td><td class="opt"> </td> |
|
705 | ||
706 |
- </tr> |
|
707 |
- <tr> |
|
708 |
- <th>--lha=[FULLPATH]</td><td class="opt"> </td> |
|
709 | ||
710 |
- </tr> |
|
711 |
- <tr> |
|
712 |
- <th>--jar=[FULLPATH]</td><td class="opt"> </td> |
|
713 | ||
714 |
- </tr> |
|
715 |
- <tr> |
|
716 |
- <th>--deb=[FULLPATH]</td><td class="opt"> </td> |
|
717 | ||
718 |
- </tr> |
|
719 |
- <tr> |
|
720 |
- <th>--tar=[FULLPATH]</td><td class="opt"> </td> |
|
721 | ||
722 |
- </tr> |
|
723 |
- <tr> |
|
724 |
- <th>--tgz=[FULLPATH]</td><td class="opt"> </td> |
|
725 | ||
726 |
- </tr> |
|
727 |
- </table> |
|
728 | ||
729 |
- </li> |
|
730 |
- </ul> |
|
731 |
- </div> |
|
732 |
- |
|
733 | ||
734 |
- <dl> |
|
735 |
- <dt>$ clamscan <file></dt> |
|
736 | ||
737 |
- <dt>$ cat <file> | clamscan -</dt> |
|
738 | ||
739 |
- <dt>$ clamscan</dt> |
|
740 | ||
741 |
- <dt>$ clamscan -r [<dir>]</dt> |
|
742 | ||
743 |
- <dt># clamscan -r --mbox /var/spool/mail</dt> |
|
744 | ||
745 |
- <dt>$ clamscan -d /tmp/newclamdb --max-space=50m -r /tmp</dt> |
|
746 | ||
747 |
- </dl> |
|
748 |
- </div> |
|
749 |
- |
|
750 | ||
751 | ||
752 |
- <table> |
|
753 | ||
754 | ||
755 | ||
756 |
- </table> |
|
757 |
- </div> |
|
758 |
- |
|
759 |
- </div> |
|
760 |
- |
|
761 |
- <div class="section" id="c4.2"><h3>4.2. clamd</h3> |
|
762 |
- |
|
763 |
- <div class="section" id="c4.2.1"><h4>4.2.1. clamd</h4> |
|
764 |
- <p> |
|
765 | ||
766 |
- </p> |
|
767 |
- <p> |
|
768 | ||
769 |
- </p> |
|
770 |
- <p> |
|
771 | ||
772 |
- </p> |
|
773 |
- </div> |
|
774 | ||
775 |
- <p> |
|
776 | ||
777 |
- </p> |
|
778 | ||
779 |
- <table class="config"> |
|
780 | ||
781 |
- <tr> |
|
782 |
- <th>Example</th><td> </td> |
|
783 | ||
784 |
- </tr> |
|
785 |
- <tr> |
|
786 |
- <th>Foreground</th><td> </td> |
|
787 | ||
788 |
- </tr> |
|
789 |
- <tr> |
|
790 |
- <th>Debug</th><td> </td> |
|
791 | ||
792 |
- </tr> |
|
793 |
- <tr> |
|
794 |
- <th>PidFile</th><td>PATH</td> |
|
795 | ||
796 |
- </tr> |
|
797 |
- <tr> |
|
798 |
- <th>DatabaseDirectory</th><td>PATH</td> |
|
799 | ||
800 |
- </tr> |
|
801 |
- <tr> |
|
802 |
- <th>SelfCheck</th><td>SECOND</td> |
|
803 | ||
804 |
- </tr> |
|
805 |
- <tr> |
|
806 |
- <th>User</th><td>USERNAME</td> |
|
807 | ||
808 |
- </tr> |
|
809 |
- <tr> |
|
810 |
- <th>AllowSupplementaryGroups</th><td> </td> |
|
811 | ||
812 |
- </tr> |
|
813 |
- <tr> |
|
814 |
- <th>TemporaryDirectory</th><td>PATH</td> |
|
815 | ||
816 |
- </tr> |
|
817 |
- <tr> |
|
818 |
- <th>FixStaleSocket</th><td> </td> |
|
819 | ||
820 |
- </tr> |
|
821 |
- <tr> |
|
822 |
- <th>VirusEvent</th><td>COMMAND ...</td> |
|
823 | ||
824 |
- </tr> |
|
825 |
- </table> |
|
826 | ||
827 |
- <table class="config"> |
|
828 | ||
829 |
- <tr> |
|
830 |
- <th>LocalSocket</th><td>PATH</td> |
|
831 | ||
832 |
- </tr> |
|
833 |
- <tr> |
|
834 |
- <th>TCPAddr</th><td>IP</td> |
|
835 | ||
836 |
- </tr> |
|
837 |
- <tr> |
|
838 |
- <th>TCPSocket</th><td>NUMBER</td> |
|
839 | ||
840 |
- </tr> |
|
841 |
- <tr> |
|
842 |
- <th>MaxConnectionQueueLength</th><td>NUMBER</td> |
|
843 | ||
844 |
- </tr> |
|
845 |
- <tr> |
|
846 |
- <th>MaxThreads</th><td>NUMBER</td> |
|
847 | ||
848 |
- </tr> |
|
849 |
- <tr> |
|
850 |
- <th>ReadTimeout</th><td>NUMBER</td> |
|
851 | ||
852 |
- </tr> |
|
853 |
- <tr> |
|
854 |
- <th>StreamSaveToDisk</th><td> </td> |
|
855 | ||
856 |
- </tr> |
|
857 |
- <tr> |
|
858 |
- <th>StreamMaxLength</th><td>SIZE</td> |
|
859 | ||
860 |
- </tr> |
|
861 |
- <tr> |
|
862 |
- <th>MaxDirectoryRecursion</th><td>NUMBER</td> |
|
863 | ||
864 |
- </tr> |
|
865 |
- <tr> |
|
866 |
- <th>FollowDirectorySymlinks</th><td> </td> |
|
867 | ||
868 |
- </tr> |
|
869 |
- <tr> |
|
870 |
- <th>FollowFileSymlinks</th><td> </td> |
|
871 | ||
872 |
- </tr> |
|
873 |
- </table> |
|
874 | ||
875 |
- <table class="config"> |
|
876 | ||
877 |
- <tr> |
|
878 |
- <th>LogFile</th><td>PATH</td> |
|
879 | ||
880 |
- </tr> |
|
881 |
- <tr> |
|
882 |
- <th>LogFileUnlock</th><td> </td> |
|
883 | ||
884 |
- </tr> |
|
885 |
- <tr> |
|
886 |
- <th>LogFileMaxSize</th><td>SIZE</td> |
|
887 | ||
888 |
- </tr> |
|
889 |
- <tr> |
|
890 |
- <th>LogTime</th><td> </td> |
|
891 | ||
892 |
- </tr> |
|
893 |
- <tr> |
|
894 |
- <th>LogSyslog</th><td> </td> |
|
895 | ||
896 |
- </tr> |
|
897 |
- <tr> |
|
898 |
- <th>LogVerbose</th><td> </td> |
|
899 | ||
900 |
- </tr> |
|
901 |
- </table> |
|
902 | ||
903 |
- <table class="config"> |
|
904 | ||
905 |
- <tr> |
|
906 |
- <th>ScanOLE2</th><td> </td> |
|
907 | ||
908 |
- </tr> |
|
909 |
- <tr> |
|
910 |
- <th>ScanMail</th><td> </td> |
|
911 | ||
912 |
- </tr> |
|
913 |
- <tr> |
|
914 |
- <th>ScanArchive</th><td> </td> |
|
915 | ||
916 |
- </tr> |
|
917 |
- <tr> |
|
918 |
- <th>ScanRAR</th><td> </td> |
|
919 | ||
920 |
- </tr> |
|
921 |
- <tr> |
|
922 |
- <th>ArchiveBlockEncrypted</th><td> </td> |
|
923 | ||
924 |
- </tr> |
|
925 |
- <tr> |
|
926 |
- <th>ArchiveMaxFileSize</th><td>SIZE</td> |
|
927 | ||
928 |
- </tr> |
|
929 |
- <tr> |
|
930 |
- <th>ArchiveMaxRecursion</th><td>NUMBER</td> |
|
931 | ||
932 |
- </tr> |
|
933 |
- <tr> |
|
934 |
- <th>ArchiveMaxFiles</th><td>NUMBER</td> |
|
935 | ||
936 |
- </tr> |
|
937 |
- <tr> |
|
938 |
- <th>ArchiveMaxCompressionRatio</th><td>NUMBER</td> |
|
939 | ||
940 |
- </tr> |
|
941 |
- <tr> |
|
942 |
- <th>ArchiveLimitMemoryUsage</th><td> </td> |
|
943 | ||
944 |
- </tr> |
|
945 |
- </table> |
|
946 | ||
947 |
- <table class="config"> |
|
948 | ||
949 |
- <tr> |
|
950 |
- <th>ClamukoScanOnLine</th><td> </td> |
|
951 | ||
952 |
- </tr> |
|
953 |
- <tr> |
|
954 |
- <th>ClamukoScanOnOpen</th><td> </td> |
|
955 | ||
956 |
- </tr> |
|
957 |
- <tr> |
|
958 |
- <th>ClamukoScanOnClose</th><td> </td> |
|
959 | ||
960 |
- </tr> |
|
961 |
- <tr> |
|
962 |
- <th>ClamukoScanOnExec</th><td> </td> |
|
963 | ||
964 |
- </tr> |
|
965 |
- <tr> |
|
966 |
- <th>ClamukoIncludePath</th><td>PATH</td> |
|
967 | ||
968 |
- </tr> |
|
969 |
- <tr> |
|
970 |
- <th>ClamukoExcludePath</th><td>PATH</td> |
|
971 | ||
972 |
- </tr> |
|
973 |
- <tr> |
|
974 |
- <th>ClamukoMaxFileSize</th><td>SIZE</td> |
|
975 | ||
976 |
- </tr> |
|
977 |
- <tr> |
|
978 |
- <th>ClamukoScanArchive</th><td> </td> |
|
979 | ||
980 |
- </tr> |
|
981 |
- </table> |
|
982 |
- </div> |
|
983 |
- |
|
984 | ||
985 |
- <dl> |
|
986 |
- <dt># clamd</dt> |
|
987 | ||
988 |
- <dt># clamd -c /home/clamav/clamav.conf</dt> |
|
989 | ||
990 |
- <dt># clamd --debug</dt> |
|
991 | ||
992 | ||
993 | ||
994 | ||
995 | ||
996 | ||
997 | ||
998 |
- </dl> |
|
999 |
- </div> |
|
1000 |
- |
|
1001 | ||
1002 | ||
1003 |
- <table> |
|
1004 |
- <tr> |
|
1005 |
- <th>PING</th> |
|
1006 | ||
1007 |
- </tr> |
|
1008 |
- <tr> |
|
1009 |
- <th>VERSION</th> |
|
1010 | ||
1011 |
- </tr> |
|
1012 |
- <tr> |
|
1013 |
- <th>RELOAD</th> |
|
1014 | ||
1015 |
- </tr> |
|
1016 |
- <tr> |
|
1017 |
- <th>SHUTDOWN</th> |
|
1018 | ||
1019 |
- </tr> |
|
1020 |
- <tr> |
|
1021 |
- <th>SCAN <PATH></th> |
|
1022 | ||
1023 |
- </tr> |
|
1024 |
- <tr> |
|
1025 |
- <th>RAWSCAN <PATH></th> |
|
1026 | ||
1027 |
- </tr> |
|
1028 |
- <tr> |
|
1029 |
- <th>CONTSCAN <PATH></th> |
|
1030 | ||
1031 |
- </tr> |
|
1032 |
- <tr> |
|
1033 |
- <th>STREAM</th> |
|
1034 | ||
1035 |
- </tr> |
|
1036 |
- <tr> |
|
1037 |
- <th>SESSION/END</th> |
|
1038 | ||
1039 |
- </tr> |
|
1040 |
- </table> |
|
1041 | ||
1042 | ||
1043 | ||
1044 |
- <pre><code> |
|
1045 |
-$ telnet localhost 3310 |
|
1046 |
-Trying 127.0.0.1... |
|
1047 |
-Connected to localhost. |
|
1048 |
-Escape character is '^]'. |
|
1049 |
-PING |
|
1050 |
-PONG |
|
1051 |
-Connection closed by foreign host. |
|
1052 |
- </code></pre> |
|
1053 |
- </li> |
|
1054 | ||
1055 |
- <pre><code> |
|
1056 |
-$ telnet localhost 3310 |
|
1057 |
-Trying 127.0.0.1... |
|
1058 |
-Connected to localhost. |
|
1059 |
-Escape character is '^]'. |
|
1060 |
-RELOAD |
|
1061 |
-RELOADING |
|
1062 |
-Connection closed by foreign host. |
|
1063 |
- </code></pre> |
|
1064 |
- </li> |
|
1065 | ||
1066 |
- <pre><code> |
|
1067 |
-$ telnet localhost 3310 |
|
1068 |
-Trying 127.0.0.1... |
|
1069 |
-Connected to localhost. |
|
1070 |
-Escape character is '^]'. |
|
1071 |
-SCAN /tmp/virus |
|
1072 |
-/tmp/virus/bugbear.virus: W32.BugBear.A FOUND |
|
1073 |
-Connection closed by foreign host. |
|
1074 |
- </code></pre> |
|
1075 |
- </li> |
|
1076 | ||
1077 |
- <pre><code> |
|
1078 |
-$ telnet localhost 3310 |
|
1079 |
-Trying 127.0.0.1... |
|
1080 |
-Connected to localhost. |
|
1081 |
-Escape character is '^]'. |
|
1082 |
-CONTSCAN /tmp/virus |
|
1083 |
-/tmp/virus/bugbear.virus: W32.BugBear.A FOUND |
|
1084 |
-/tmp/virus/klez.virus: Worm.Klez.H FOUND |
|
1085 |
-/tmp/virus/clamav.test: ClamAV-Test-Signature FOUND |
|
1086 |
-/tmp/virus/mydoom.virus: Worm.SCO.A FOUND |
|
1087 |
-/tmp/virus/netsky_q.virus: Worm.SomeFool.Q FOUND |
|
1088 |
-Connection closed by foreign host. |
|
1089 |
- </code></pre> |
|
1090 |
- </li></ul> |
|
1091 |
- </div> |
|
1092 |
- |
|
1093 |
- <div class="section" id="c4.2.5"><h4>4.2.5. clamdscan</h4> |
|
1094 |
- <p> |
|
1095 | ||
1096 |
- </p> |
|
1097 |
- <p> |
|
1098 | ||
1099 |
- </p> |
|
1100 |
- </div> |
|
1101 |
- |
|
1102 | ||
1103 | ||
1104 |
- <table class="cmdoption"> |
|
1105 |
- <tr> |
|
1106 |
- <th>--help</th><td class="opt">-h</td> |
|
1107 | ||
1108 |
- </tr> |
|
1109 |
- <tr> |
|
1110 |
- <th>--version</th><td class="opt">-V</td> |
|
1111 | ||
1112 |
- </tr> |
|
1113 |
- <tr> |
|
1114 |
- <th>--verbose</th><td class="opt">-v</td> |
|
1115 | ||
1116 |
- </tr> |
|
1117 |
- <tr> |
|
1118 |
- <th>--quiet</th><td class="opt"> </td> |
|
1119 | ||
1120 |
- </tr> |
|
1121 |
- <tr> |
|
1122 |
- <th>--stdout</th><td class="opt"> </td> |
|
1123 | ||
1124 |
- </tr> |
|
1125 |
- <tr> |
|
1126 |
- <th>--log=FILE</th><td class="opt">-l FILE</td> |
|
1127 | ||
1128 |
- </tr> |
|
1129 |
- <tr> |
|
1130 |
- <th>--log-verbose</th><td class="opt"> </td> |
|
1131 | ||
1132 |
- </tr> |
|
1133 |
- <tr> |
|
1134 |
- <th>--disable-summary</th><td class="opt"> </td> |
|
1135 | ||
1136 |
- </tr> |
|
1137 |
- <tr> |
|
1138 |
- <th>--config-file=FILE</th><td class="opt"> </td> |
|
1139 | ||
1140 |
- </tr> |
|
1141 |
- </table> |
|
1142 |
- </div> |
|
1143 |
- |
|
1144 | ||
1145 | ||
1146 |
- <table> |
|
1147 | ||
1148 | ||
1149 | ||
1150 |
- </table> |
|
1151 |
- </div> |
|
1152 |
- |
|
1153 |
- </div> |
|
1154 |
- |
|
1155 |
- <div class="section" id="c4.3"><h3>4.3. Dazuko+Clamuko</h3> |
|
1156 |
- |
|
1157 |
- <div class="section" id="c4.3.1"><h4>4.3.1. Dazuko</h4> |
|
1158 |
- <p> |
|
1159 | ||
1160 |
- </p> |
|
1161 |
- </div> |
|
1162 |
- <div class="section" id="c4.3.2"><h4>4.3.2. Clamuko</h4> |
|
1163 |
- <p> |
|
1164 | ||
1165 |
- </p> |
|
1166 |
- <p> |
|
1167 | ||
1168 |
- </p> |
|
1169 |
- <ul> |
|
1170 | ||
1171 |
- <pre><code> |
|
1172 |
- ClamukoIncludePath /home |
|
1173 |
- </code></pre> |
|
1174 |
- </li> |
|
1175 | ||
1176 |
- <pre><code> |
|
1177 |
- ClamukoIncludePath / |
|
1178 |
- ClamukoExcludePath /proc |
|
1179 |
- ClamukoExcludePath /tempdir/of/mail/scanner |
|
1180 |
- </code></pre> |
|
1181 |
- </li> |
|
1182 |
- </ul> |
|
1183 |
- </div> |
|
1184 |
- |
|
1185 |
- </div> |
|
1186 |
- |
|
1187 |
-</div> |
|
1188 |
- |
|
1189 | ||
1190 |
- |
|
1191 |
- <p> |
|
1192 | ||
1193 |
- </p> |
|
1194 |
- <div class="section" id="c5.1"><h3>5.1. MTA</h3> |
|
1195 |
- |
|
1196 |
- <div class="section" id="c5.1.1"><h4>5.1.1. AMaViS/amavisd</h4> |
|
1197 |
- <p> |
|
1198 | ||
1199 |
- </p> |
|
1200 |
- </div> |
|
1201 |
- |
|
1202 |
- <div class="section" id="c5.1.2"><h4>5.1.2. AMaViS-ng</h4> |
|
1203 |
- <p> |
|
1204 | ||
1205 |
- </p> |
|
1206 |
- <ol> |
|
1207 | ||
1208 |
- <pre><code> |
|
1209 |
- virus-scanner = CLAM |
|
1210 |
- </code></pre> |
|
1211 |
- </li> |
|
1212 | ||
1213 |
- <pre><code> |
|
1214 |
- [CLAM] |
|
1215 |
- clamscan = /usr/local/bin/clamscan |
|
1216 |
- </code></pre> |
|
1217 |
- </li> |
|
1218 |
- </ol> |
|
1219 |
- </div> |
|
1220 |
- |
|
1221 |
- <div class="section" id="c5.1.3"><h4>5.1.3. amavisd-new</h4> |
|
1222 |
- <p> |
|
1223 | ||
1224 |
- </p> |
|
1225 |
- </div> |
|
1226 |
- |
|
1227 |
- <div class="section" id="c5.1.4"><h4>5.1.4. MailScanner</h4> |
|
1228 |
- <p> |
|
1229 | ||
1230 |
- </p> |
|
1231 |
- </div> |
|
1232 |
- |
|
1233 |
- <div class="section" id="c5.1.6"><h4>5.1.6. OpenProtect</h4> |
|
1234 |
- </div> |
|
1235 |
- |
|
1236 |
- <div class="section" id="c5.1.7"><h4>5.1.7. clamav-milter</h4> |
|
1237 |
- <p> |
|
1238 | ||
1239 |
- </p> |
|
1240 |
- <p> |
|
1241 | ||
1242 |
- </p> |
|
1243 |
- <pre><code> |
|
1244 |
- $ ./configure --enable-milter |
|
1245 |
- </code></pre> |
|
1246 |
- <p> |
|
1247 | ||
1248 |
- </p> |
|
1249 |
- <pre><code> |
|
1250 | ||
1251 | ||
1252 |
- </code></pre> |
|
1253 |
- <p> |
|
1254 | ||
1255 |
- </p> |
|
1256 |
- <pre><code> |
|
1257 |
- LocalSocket /var/run/clamd.sock |
|
1258 |
- ScanMail |
|
1259 |
- SaveStreamToDisk |
|
1260 |
- </code></pre> |
|
1261 |
- <p> |
|
1262 | ||
1263 |
- </p> |
|
1264 |
- <pre><code> |
|
1265 |
- /usr/local/sbin/clamav-milter -blo /var/run/clmilter.sock |
|
1266 |
- </code></pre> |
|
1267 |
- <p> |
|
1268 | ||
1269 |
- </p> |
|
1270 |
- </div> |
|
1271 |
- |
|
1272 |
- <div class="section" id="c5.1.8"><h4>5.1.8. mimedefang</h4> |
|
1273 |
- <p> |
|
1274 | ||
1275 |
- </p> |
|
1276 |
- </div> |
|
1277 |
- |
|
1278 |
- <div class="section" id="c5.1.9"><h4>5.1.9. IVS Milter</h4> |
|
1279 |
- <p> |
|
1280 | ||
1281 |
- </p> |
|
1282 |
- </div> |
|
1283 |
- |
|
1284 |
- <div class="section" id="c5.1.10"><h4>5.1.10. smtp-vilter</h4> |
|
1285 |
- <p> |
|
1286 | ||
1287 |
- </p> |
|
1288 |
- </div> |
|
1289 |
- |
|
1290 |
- <div class="section" id="c5.1.11"><h4>5.1.11. j-chkmail</h4> |
|
1291 |
- </div> |
|
1292 |
- |
|
1293 |
- <div class="section" id="c5.1.12"><h4>5.1.12. nclamd,nclamav-milter</h4> |
|
1294 |
- <p> |
|
1295 | ||
1296 |
- </p> |
|
1297 |
- </div> |
|
1298 |
- |
|
1299 |
- <div class="section" id="c5.1.13"><h4>5.1.13. qmail-scanner</h4> |
|
1300 |
- <p> |
|
1301 | ||
1302 |
- </p> |
|
1303 |
- </div> |
|
1304 |
- |
|
1305 |
- <div class="section" id="c5.1.14"><h4>5.1.14. clamdmail</h4> |
|
1306 |
- <p> |
|
1307 | ||
1308 |
- </p> |
|
1309 |
- </div> |
|
1310 |
- |
|
1311 |
- <div class="section" id="c5.1.15"><h4>5.1.15. qscanq</h4> |
|
1312 |
- </div> |
|
1313 |
- |
|
1314 |
- <div class="section" id="c5.1.16"><h4>5.1.16. Gadoyanvirus</h4> |
|
1315 |
- </div> |
|
1316 |
- |
|
1317 |
- <div class="section" id="c5.1.17"><h4>5.1.17. exiscan</h4> |
|
1318 |
- <p> |
|
1319 | ||
1320 |
- </p> |
|
1321 |
- </div> |
|
1322 |
- |
|
1323 |
- <div class="section" id="c5.1.18"><h4>5.1.18. Scanexi</h4> |
|
1324 |
- <p> |
|
1325 | ||
1326 |
- </p> |
|
1327 |
- </div> |
|
1328 |
- |
|
1329 |
- <div class="section" id="c5.1.19"><h4>5.1.19. sagator</h4> |
|
1330 |
- <p> |
|
1331 | ||
1332 |
- </p> |
|
1333 |
- </div> |
|
1334 |
- |
|
1335 |
- <div class="section" id="c5.1.20"><h4>5.1.20. cgpav</h4> |
|
1336 |
- </div> |
|
1337 |
- |
|
1338 |
- </div> |
|
1339 |
- |
|
1340 | ||
1341 |
- |
|
1342 |
- <div class="section" id="c5.2.1"><h4>5.2.1. POP3 Virus Scanner Daemon</h4> |
|
1343 |
- </div> |
|
1344 |
- |
|
1345 |
- <div class="section" id="c5.2.2"><h4>5.2.2. Sylpheed-Claws</h4> |
|
1346 |
- <p> |
|
1347 | ||
1348 |
- </p> |
|
1349 |
- </div> |
|
1350 |
- |
|
1351 |
- <div class="section" id="c5.2.3"><h4>5.2.3. Mutt</h4> |
|
1352 |
- <p> |
|
1353 | ||
1354 |
- </p> |
|
1355 |
- </div> |
|
1356 |
- |
|
1357 |
- </div> |
|
1358 |
- |
|
1359 | ||
1360 |
- |
|
1361 |
- <div class="section" id="c5.3.1"><h4>5.3.1. ClamAssassin</h4> |
|
1362 |
- </div> |
|
1363 |
- |
|
1364 |
- <div class="section" id="c5.3.2"><h4>5.3.2. TrashScan</h4> |
|
1365 |
- <p> |
|
1366 | ||
1367 |
- </p> |
|
1368 |
- </div> |
|
1369 |
- |
|
1370 |
- <div class="section" id="c5.3.3"><h4>5.3.3. mailman-clamav</h4> |
|
1371 |
- </div> |
|
1372 |
- |
|
1373 |
- <div class="section" id="c5.3.4"><h4>5.3.4. mailgraph</h4> |
|
1374 |
- </div> |
|
1375 |
- |
|
1376 |
- </div> |
|
1377 |
- |
|
1378 | ||
1379 |
- |
|
1380 |
- <div class="section" id="c5.4.1"><h4>5.4.1. sambaa-vscan</h4> |
|
1381 |
- <p> |
|
1382 | ||
1383 |
- </p> |
|
1384 |
- </div> |
|
1385 |
- |
|
1386 |
- <div class="section" id="c5.4.2"><h4>5.4.2. mod_clamav</h4> |
|
1387 |
- <p> |
|
1388 | ||
1389 |
- </p> |
|
1390 |
- </div> |
|
1391 |
- |
|
1392 |
- <div class="section" id="c5.4.3"><h4>5.4.3. PureFTPd</h4> |
|
1393 |
- <p> |
|
1394 | ||
1395 |
- </p> |
|
1396 |
- </div> |
|
1397 |
- |
|
1398 |
- <div class="section" id="c5.4.4"><h4>5.4.4. Viralator</h4> |
|
1399 |
- <p> |
|
1400 | ||
1401 |
- </p> |
|
1402 |
- </div> |
|
1403 |
- |
|
1404 |
- </div> |
|
1405 |
- |
|
1406 |
- <div class="section" id="c5.5"><h3>5.5. CD-ROM</h3> |
|
1407 |
- |
|
1408 |
- <div class="section" id="c5.5.1"><h4>5.5.1. INSERT</h4> |
|
1409 |
- </div> |
|
1410 |
- |
|
1411 |
- <div class="section" id="c5.5.2"><h4>5.5.2. Local Area Security</h4> |
|
1412 |
- </div> |
|
1413 |
- |
|
1414 |
- </div> |
|
1415 |
- |
|
1416 | ||
1417 |
- |
|
1418 |
- <div class="section" id="c5.6.1"><h4>5.6.1. Mail::ClamAV</h4> |
|
1419 |
- <p> |
|
1420 | ||
1421 |
- </p> |
|
1422 |
- </div> |
|
1423 |
- |
|
1424 |
- <div class="section" id="c5.6.2"><h4>5.6.2. clamavr</h4> |
|
1425 |
- </div> |
|
1426 |
- |
|
1427 |
- <div class="section" id="c5.6.3"><h4>5.6.3. wbmclamav</h4> |
|
1428 |
- </div> |
|
1429 |
- |
|
1430 |
- <div class="section" id="c5.6.4"><h4>5.6.4. Scan Log Analyzer</h4> |
|
1431 |
- </div> |
|
1432 |
- |
|
1433 |
- <div class="section" id="c5.6.5"><h4>5.6.5. ClamWin Antivirus</h4> |
|
1434 |
- <p> |
|
1435 | ||
1436 |
- </p> |
|
1437 |
- </div> |
|
1438 |
- |
|
1439 |
- </div> |
|
1440 |
- |
|
1441 |
-</div> |
|
1442 |
- |
|
1443 | ||
1444 |
- |
|
1445 | ||
1446 |
- |
|
1447 | ||
1448 |
- <p> |
|
1449 | ||
1450 |
- </p> |
|
1451 |
- <p> |
|
1452 | ||
1453 |
- </p> |
|
1454 |
- <p> |
|
1455 | ||
1456 |
- </p> |
|
1457 | ||
1458 |
- <ol> |
|
1459 | ||
1460 | ||
1461 | ||
1462 | ||
1463 | ||
1464 | ||
1465 | ||
1466 | ||
1467 |
- </ol> |
|
1468 | ||
1469 |
- <pre><samp>ClamAV-VDB:15 Apr 2004 01-38 +0200:263:844:1:ed0bf80996eef5326e7830cb7 |
|
1470 |
-f394f13:FSW1coiymNODboGDmmeg5gNm6psCuAOCTsm4gXEqMP8k9H7H/QPfZvvvMPQTup |
|
1471 |
-0sf2LtrRImxkgYvR6ksiS/Zal8QdhiPS6LuHBBbjuzHYW+PLIwuG5Hzd0tj2p4mhiwv2Eb |
|
1472 |
-Q2agcPH6n5xekRLOIDb3qggf+6F9YwDw8JX6nj:ccordes |
|
1473 |
- </samp></pre> |
|
1474 |
- </div> |
|
1475 |
- |
|
1476 | ||
1477 |
- <p> |
|
1478 | ||
1479 |
- </p> |
|
1480 |
- <p> |
|
1481 | ||
1482 |
- </p> |
|
1483 | ||
1484 |
- <pre><code>ClamAV-Test-Signature=2443456c6961636d615472455354755363696b67736e2446 |
|
1485 |
-5245452d544553542d5349474e4154555245244545454545240a |
|
1486 |
- </code></pre> |
|
1487 | ||
1488 |
- <pre><code>0000000 24 43 45 6c 69 61 63 6d 61 54 72 45 53 54 75 53 |
|
1489 |
-0000020 63 69 6b 67 73 6e 24 46 52 45 45 2d 54 45 53 54 |
|
1490 |
-0000040 2d 53 49 47 4e 41 54 55 52 45 24 45 45 45 45 45 |
|
1491 |
-0000060 24 0a |
|
1492 |
-0000062 |
|
1493 |
- </code></pre> |
|
1494 |
- <p> |
|
1495 |
- |
|
1496 |
- </p> |
|
1497 |
- </div> |
|
1498 |
- |
|
1499 | ||
1500 |
- <pre><code> VirusDB |
|
1501 | ||
1502 | ||
1503 |
- | | + 'ClamAV-VDB' |
|
1504 | ||
1505 | ||
1506 | ||
1507 | ||
1508 | ||
1509 | ||
1510 | ||
1511 |
- | | |
|
1512 | ||
1513 |
- | + COPYING |
|
1514 |
- | + viruses.db |
|
1515 |
- | + VirusName=HexStrings |
|
1516 |
- | |
|
1517 | ||
1518 | ||
1519 |
- | | + 'ClamAV-VDB' |
|
1520 | ||
1521 | ||
1522 | ||
1523 | ||
1524 | ||
1525 | ||
1526 | ||
1527 |
- | | |
|
1528 | ||
1529 |
- | + COPYING |
|
1530 |
- | + viruses.db2 |
|
1531 |
- | + VirusName=HexStrings |
|
1532 |
- | |
|
1533 | ||
1534 |
- + VirusName=HexStrings |
|
1535 |
- </code></pre> |
|
1536 |
- </div> |
|
1537 |
- |
|
1538 |
- </div> |
|
1539 |
- |
|
1540 |
- <div class="section" id="c6.2"><h3>6.2. sigtool</h3> |
|
1541 |
- |
|
1542 | ||
1543 |
- |
|
1544 | ||
1545 |
- |
|
1546 | ||
1547 |
- <table class="cmdoption"> |
|
1548 |
- <tr> |
|
1549 |
- <th>--help</th><td class="opt">-h</td> |
|
1550 | ||
1551 |
- </tr> |
|
1552 |
- <tr> |
|
1553 |
- <th>--version</th><td class="opt">-V</td> |
|
1554 | ||
1555 |
- </tr> |
|
1556 |
- <tr> |
|
1557 |
- <th>--quiet</th><td class="opt"> </td> |
|
1558 | ||
1559 |
- </tr> |
|
1560 |
- <tr> |
|
1561 |
- <th>--debug</th><td class="opt"> </td> |
|
1562 | ||
1563 |
- </tr> |
|
1564 |
- <tr> |
|
1565 |
- <th>--stdout</th><td class="opt"> </td> |
|
1566 | ||
1567 |
- </tr> |
|
1568 |
- </table> |
|
1569 |
- |
|
1570 | ||
1571 |
- <table class="cmdoption"> |
|
1572 |
- <tr> |
|
1573 |
- <th>--hex-dump</th><td class="opt"> </td> |
|
1574 | ||
1575 |
- </tr> |
|
1576 |
- <tr> |
|
1577 |
- <th>--command=COMMAND</th><td class="opt">-c COMMAND</td> |
|
1578 | ||
1579 |
- </tr> |
|
1580 |
- <tr> |
|
1581 |
- <th>--string=STRING</th><td class="opt">-s STRING</td> |
|
1582 | ||
1583 |
- </tr> |
|
1584 |
- <tr> |
|
1585 |
- <th>--file=FILE</th><td class="opt">-f FILE</td> |
|
1586 | ||
1587 |
- </tr> |
|
1588 |
- </table> |
|
1589 |
- |
|
1590 |
- <h5>VirusDB</h5> |
|
1591 |
- <table class="cmdoption"> |
|
1592 |
- <tr> |
|
1593 |
- <th>--info=FILE</th><td class="opt">-i FILE</td> |
|
1594 | ||
1595 |
- </tr> |
|
1596 |
- <tr> |
|
1597 |
- <th>--unpack=FILE</th><td class="opt">-u FILE</td> |
|
1598 | ||
1599 |
- </tr> |
|
1600 |
- <tr> |
|
1601 |
- <th>--unpack-current=NAME</th><td class="opt"> </td> |
|
1602 | ||
1603 |
- </tr> |
|
1604 |
- <tr> |
|
1605 |
- <th>--list-sigs[=FILE]</th><td class="opt">-l [FILE]</td> |
|
1606 | ||
1607 |
- </tr> |
|
1608 |
- <tr> |
|
1609 |
- <th>--build=NAME</th><td class="opt">-b NAME</td> |
|
1610 | ||
1611 |
- </tr> |
|
1612 |
- <tr> |
|
1613 |
- <th>--server=ADDR</th><td class="opt"> </td> |
|
1614 | ||
1615 |
- </tr> |
|
1616 |
- </table> |
|
1617 |
- |
|
1618 |
- </div> |
|
1619 |
- |
|
1620 | ||
1621 |
- <dl> |
|
1622 |
- <dt>$ sigtool -i /usr/local/share/clamav/main.cvd</dt> |
|
1623 | ||
1624 |
- <dt>$ sigtool -u /usr/local/share/clamav/main.cvd</dt> |
|
1625 | ||
1626 |
- <dt>$ sigtool -l</dt> |
|
1627 | ||
1628 |
- </dl> |
|
1629 |
- </div> |
|
1630 |
- |
|
1631 |
- </div> |
|
1632 |
- |
|
1633 | ||
1634 |
- |
|
1635 | ||
1636 |
- <p> |
|
1637 | ||
1638 |
- </p> |
|
1639 |
- <p> |
|
1640 | ||
1641 |
- </p> |
|
1642 |
- <ul> |
|
1643 | ||
1644 | ||
1645 | ||
1646 | ||
1647 |
- </ul> |
|
1648 |
- <p> |
|
1649 | ||
1650 |
- </p> |
|
1651 |
- <p> |
|
1652 | ||
1653 |
- </p> |
|
1654 |
- <pre><code> |
|
1655 |
- $ sigtool -c "anotherscan" -f virus.exe -s "infected" |
|
1656 |
- </code></pre> |
|
1657 |
- <p> |
|
1658 | ||
1659 |
- </p> |
|
1660 |
- </div> |
|
1661 |
- |
|
1662 | ||
1663 |
- <p> |
|
1664 | ||
1665 |
- </p> |
|
1666 |
- <ul> |
|
1667 | ||
1668 | ||
1669 | ||
1670 | ||
1671 | ||
1672 |
- </ul> |
|
1673 |
- </div> |
|
1674 |
- |
|
1675 | ||
1676 |
- <p> |
|
1677 | ||
1678 |
- </p> |
|
1679 |
- </div> |
|
1680 |
- |
|
1681 |
- </div> |
|
1682 |
- |
|
1683 | ||
1684 |
- |
|
1685 | ||
1686 |
- <p> |
|
1687 | ||
1688 |
- </p> |
|
1689 |
- </div> |
|
1690 |
- |
|
1691 | ||
1692 |
- <p> |
|
1693 | ||
1694 |
- </p> |
|
1695 |
- </div> |
|
1696 |
- |
|
1697 | ||
1698 |
- <p> |
|
1699 | ||
1700 |
- </p> |
|
1701 |
- <pre><code>00008d0: 191d 8cad 3dc1 135a 3182 5c6c 4233 9063 ....=..Z1.\lB3.c |
|
1702 |
-00008e0: beb7 2dad c336 9a54 417a 3d56 135e 1f62 ..-..6.TAz=V.^.b |
|
1703 |
-00008f0: 11da a9fb e100 eac3 c948 ade7 2089 75f9 .........H.. .u. |
|
1704 |
-0000900: 0d5a 8e31 2fd8 40be bc08 8ef3 a109 a526 .Z.1/.@........& |
|
1705 |
-0000910: 3949 1a80 d7d6 6c60 2662 0286 a03a 6fa0 9I....l`&b...:o. |
|
1706 |
-0000920: 3132 f9cb b767 9675 9020 ddd3 5d5e 9785 12...g.u. ..]^.. |
|
1707 |
-0000930: 6a29 e69e f3f0 5159 c664 0688 678c 9250 j)....QY.d..g..P |
|
1708 |
-0000940: aef5 62a0 05bf 0a70 1616 7e12 658d a4a7 ..b....p..~.e... |
|
1709 |
-0000950: 57be 4e03 6db0 4635 4b7d 6b8b 7452 bd4d W.N.m.F5K}k.tR.M |
|
1710 |
-0000960: df86 09a7 b92d a8a6 0814 d12f 3caa d02b .....-...../<..+ |
|
1711 |
-0000970: 3a7e 2b3d d1b6 a088 1c22 0d61 611b 7913 :~+=.....".aa.y. |
|
1712 |
-0000980: 674d 3612 3e05 f921 00c3 c011 de0c 4564 gM6.>..!......Ed |
|
1713 |
-0000990: 638e 39a6 325c 7849 4ea6 7a76 9a02 691a c.9.2\xIN.zv..i. |
|
1714 |
-00009a0: a62a 4c9a 4469 bca6 9096 9ae0 69fc e06c .*L.Di......i..l |
|
1715 |
-00009b0: e671 1616 3c5a c3b0 0557 80cb ebe9 f6e1 .q..<Z...W...... |
|
1716 |
-00009c0: cb06 e3ef e413 1b6c 2d11 0b11 0332 331d .......l-....23. |
|
1717 |
-00009d0: c12d 1309 0a30 9225 0061 3336 2438 333d .-...0.%.a36$83= |
|
1718 |
-00009e0: 0803 3c2b 3823 2737 7b06 4f02 222f 2078 ..<+8#'7{.O."/ x |
|
1719 |
- </code></pre> |
|
1720 |
- <p> |
|
1721 | ||
1722 |
- </p> |
|
1723 |
- <pre><code>6c6026620286a03a6fa03132f9cbb76796759020ddd35d5e97856a29e69ef3f05159c6 |
|
1724 |
-640688678c9250aef562a005bf0a7016167e12658da4a757be4e036db046354b7d6b8b |
|
1725 |
-7452bd4ddf8609a7b92da8a60814d12f3caad02b3a7e2b3dd1b6a0881c220d61611b79 |
|
1726 |
-13674d36123e05 |
|
1727 |
- </code></pre> |
|
1728 |
- <p> |
|
1729 | ||
1730 |
- </p> |
|
1731 |
- <pre><code> |
|
1732 |
-Worm.Netsky.Q@mm=6c6026620286a03a6fa03132f9cbb76796759020ddd35d5e97856 |
|
1733 |
-a29e69ef3f05159c6640688678c9250aef562a005bf0a7016167e12658da4a757be4e0 |
|
1734 |
-36db046354b7d6b8b7452bd4ddf8609a7b92da8a60814d12f3caad02b3a7e2b3dd1b6a |
|
1735 |
-0881c220d61611b7913674d36123e05 |
|
1736 |
- </code></pre> |
|
1737 |
- </div> |
|
1738 |
- |
|
1739 | ||
1740 |
- <p> |
|
1741 | ||
1742 |
- </p> |
|
1743 |
- <pre><code>$ clamscan -d /tmp/db/local.db netsky_q.virus |
|
1744 |
-netsky_q.virus: Worm.Netsky.Q@mm FOUND |
|
1745 |
- |
|
1746 |
-Known viruses: 1 |
|
1747 |
-Scanned directories: 0 |
|
1748 |
-Scanned files: 1 |
|
1749 |
-Infected files: 1 |
|
1750 |
-Data scanned: 0.02 MB |
|
1751 |
-I/O buffer size: 131072 bytes |
|
1752 |
-Time: 0.001 sec (0 m 0 s) |
|
1753 |
- </code></pre> |
|
1754 |
- <p> |
|
1755 | ||
1756 |
- </p> |
|
1757 |
- </div> |
|
1758 |
- |
|
1759 | ||
1760 |
- <p> |
|
1761 | ||
1762 |
- </p> |
|
1763 |
- <pre><code># cat /tmp/db/local.db >> /usr/local/share/clamav/local.db |
|
1764 |
-# kill -USR2 `cat /var/run/clamd.pid` |
|
1765 |
- </code></pre> |
|
1766 |
- <p> |
|
1767 | ||
1768 |
- </p> |
|
1769 |
- </div> |
|
1770 |
- |
|
1771 |
- </div> |
|
1772 |
- |
|
1773 | ||
1774 |
- |
|
1775 |
- <div class="section" id="c7.1"><h3>7.1. libclamav</h3> |
|
1776 | ||
1777 |
- </div> |
|
1778 | ||
1779 |
- <p> |
|
1780 | ||
1781 |
- </p> |
|
1782 |
- </div> |
|
1783 |
- |
|
1784 |
- </div> |
|
1785 |
- |
|
1786 |
-</div> |
|
1787 |
- |
|
1788 | ||
1789 |
- |
|
1790 |
-<ul> |
|
1791 | ||
1792 |
- <li> |
|
1793 | ||
1794 | ||
1795 |
- </li> |
|
1796 |
- <li> |
|
1797 | ||
1798 |
- </li> |
|
1799 |
- <li> |
|
1800 | ||
1801 |
- <a href="http://homepage.mac.com/proc/clamav.html">http://homepage.mac.com/proc/clamav.html</a> |
|
1802 |
- </li> |
|
1803 |
- |
|
1804 |
-</ul> |
|
1805 |
- |
|
1806 |
-</div> |
|
1807 |
- |
|
1808 |
-<div class="chapter" id="c9"><h2>9. TODO</h2> |
|
1809 |
- |
|
1810 |
-<ul> |
|
1811 | ||
1812 | ||
1813 | ||
1814 | ||
1815 | ||
1816 |
-</ul> |
|
1817 |
- |
|
1818 |
-</div> |
|
1819 |
- |
|
1820 |
-<hr /> |
|
1821 |
- |
|
1822 |
-<ul> |
|
1823 | ||
1824 | ||
1825 | ||
1826 |
-<li>Email: <a href="mailto:proc@mac.com">proc@mac.com</a></li> |
|
1827 |
- |
|
1828 | ||
1829 |
-</ul> |
|
1830 |
- |
|
1831 |
-</body> |
|
1832 |
-</html> |
|
1833 |
- |
1834 | 1 |
deleted file mode 100755 |
... | ... |
@@ -1,26 +0,0 @@ |
1 |
-#!/bin/sh |
|
2 |
-. /etc/rc.common |
|
3 |
-StartService () |
|
4 |
-{ |
|
5 |
- if [ "${CLAMAV:=-NO-}" = "-YES-" ]; then |
|
6 |
- ConsoleMessage "Starting clamd-freshclam" |
|
7 |
- freshclam -d -c 4 -p /var/clamav/freshclam.pid -l /var/log/clam-update.log |
|
8 |
- clamd |
|
9 |
- fi |
|
10 |
-} |
|
11 |
-StopService () |
|
12 |
-{ |
|
13 |
- ConsoleMessage "Stoping clamd-freshclam" |
|
14 |
- killall -u clamav |
|
15 |
-} |
|
16 |
-RestartService () |
|
17 |
-{ |
|
18 |
- if [ "${CLAMAV:=-NO-}" = "-YES-" ]; then |
|
19 |
- ConsoleMessage "Restarting clamd-freshclam" |
|
20 |
- StopService |
|
21 |
- StartService |
|
22 |
- else |
|
23 |
- StopService |
|
24 |
- fi |
|
25 |
-} |
|
26 |
-RunService "$1" |
27 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,14 +0,0 @@ |
1 |
-<?xml version="1.0" encoding="UTF-8"?> |
|
2 |
-<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd"> |
|
3 |
-<plist version="0.9"> |
|
4 |
-<dict> |
|
5 |
- <key>CLAMAV</key> |
|
6 |
- <string>CLAMAV</string> |
|
7 |
- <key>Starting clam-freshclam</key> |
|
8 |
- <string>Starting clam-freshclam</string> |
|
9 |
- <key>Stopping clam-freshclam</key> |
|
10 |
- <string>Stopping clam-freshclam</string> |
|
11 |
- <key>Restarting clam-freshclam</key> |
|
12 |
- <string>Restarting clam-freshclam</string> |
|
13 |
-</dict> |
|
14 |
-</plist> |
15 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,14 +0,0 @@ |
1 |
-<?xml version="1.0" encoding="utf-8"?> |
|
2 |
-<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd"> |
|
3 |
-<plist version="0.9"> |
|
4 |
-<dict> |
|
5 |
- <key>CLAMAV</key> |
|
6 |
- <string>CLAMAV</string> |
|
7 |
- <key>Starting clam-freshclam</key> |
|
8 |
- <string>Démarrage de la clam-freshclam</string> |
|
9 |
- <key>Stopping clam-freshclam</key> |
|
10 |
- <string>Arrêt de la clam-freshclam</string> |
|
11 |
- <key>Restarting clam-freshclam</key> |
|
12 |
- <string>Redémarrage de la clam-freshclam</string> |
|
13 |
-</dict> |
|
14 |
-</plist> |
15 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,12 +0,0 @@ |
1 |
-{ |
|
2 |
- Description = "CLAMAV"; |
|
3 |
- Provides = ("CLAMAV"); |
|
4 |
- Requires = ("Resolver"); |
|
5 |
- OrderPreference = "NONE"; |
|
6 |
- Messages = |
|
7 |
- { |
|
8 |
- start = "Starting clam-freshclam"; |
|
9 |
- stop = "Stopping clam-freshclam"; |
|
10 |
- restart = "Restarting clam-freshclam"; |
|
11 |
- }; |
|
12 |
-} |
15 | 3 |
deleted file mode 100644 |
... | ... |
@@ -1,239 +0,0 @@ |
1 | ||
2 |
- |
|
3 | ||
4 |
- |
|
5 | ||
6 | ||
7 | ||
8 |
-servidores de Email e com o Apache para proteger servidores WEB. |
|
9 |
- |
|
10 |
- |
|
11 |
-Ambiente de teste |
|
12 |
- |
|
13 | ||
14 |
-usadas como teste foram: |
|
15 |
- |
|
16 |
- Redhat Linux 7.3 - kernel 2.4.18 |
|
17 |
- Conectiva Linux 8.0 - kernel 2.4.18 |
|
18 |
- |
|
19 | ||
20 |
- |
|
21 |
- |
|
22 | ||
23 |
- |
|
24 |
-ClamAV - http://clamav.elektrapro.com/stable/clamav-0.53.tar.gz |
|
25 |
-AMAVIS - http://umn.dl.sourceforge.net/sourceforge/amavis/amavis-ng_0.1.4.1.orig.tar.gz |
|
26 |
-MailScanner - http://www.sng.ecs.soton.ac.uk/mailscanner/downloads.shtml |
|
27 |
- |
|
28 |
-Inicio |
|
29 |
- |
|
30 | ||
31 |
-clamav-053.tar.gz |
|
32 |
- |
|
33 |
-$cd tmp |
|
34 |
-$tar xzfv $HOME/mydownloads/clamav-053.tar.gz |
|
35 |
- |
|
36 | ||
37 |
- |
|
38 | ||
39 | ||
40 |
-do kernel estejam devidamente instalados em seu computador. Para o RH 7.3 o pacote se chama |
|
41 | ||
42 |
-e se encontra no CD 2. |
|
43 |
- |
|
44 | ||
45 | ||
46 |
- |
|
47 |
-$pwd |
|
48 |
-/home/marcolino/tmp/clamav-053 |
|
49 |
-$su - |
|
50 |
-#cd /home/marcolino/tmp/clamav-053 |
|
51 |
-#cd support/dazuko |
|
52 |
-#make dazuko |
|
53 |
-#cp dazuko.o /usr/local/lib |
|
54 |
- |
|
55 | ||
56 |
-tempo acertando o kernel para incluir ele diretamente junto com o fonte. Para fazer isso consulte o site |
|
57 | ||
58 |
- |
|
59 |
-Agora vamos instalar o DAZUKO. Continuamos como root. |
|
60 |
- |
|
61 |
-#mknod -m 600 /dev/dazuko c 254 0 |
|
62 |
-#insmod /usr/local/sbin/dazuko.o |
|
63 |
- |
|
64 | ||
65 | ||
66 |
- |
|
67 |
- |
|
68 |
-Configurando o ClamAV |
|
69 |
- |
|
70 | ||
71 |
- |
|
72 |
-#cd /home/marcolino/tmp/clamav-053 |
|
73 |
-#groupadd clamav |
|
74 |
-#adduser -g clamav -s/bin/false -c"ClamAV" clamav |
|
75 |
-#./configure --prefix=/usr --sysconfdir=/etc |
|
76 |
-#make |
|
77 |
-#make install |
|
78 |
- |
|
79 | ||
80 | ||
81 |
-respeito :-( . |
|
82 |
- |
|
83 |
-Acertando o /etc/clamav.conf |
|
84 |
- |
|
85 | ||
86 |
- |
|
87 |
-Encontrar a linha "Example" e comentar. |
|
88 |
-Encontrar a linha "LogFile", descomentar e alterar para /var/log/clamd.log |
|
89 |
-Encontrar a linha "LogFile Max Size" e descomentar |
|
90 |
-Encontrar a linha "LogVerbose" e descomentar |
|
91 |
-Encontrar a linha "LogTime" e descomentar |
|
92 |
-Encontrar a linha "PidFile", descomentar e alterar para /var/run/clamav/clamav.pid |
|
93 |
-Encontrar a linha "DataDirectory" e descomentar |
|
94 |
-Encontrar a linha "LocalSocket" e comentar |
|
95 |
-Encontrar a linha "TCPSocket" e descomentar |
|
96 |
-Encontrar a linha "ClamukoScanOnLine" e descomentar |
|
97 |
-Encontrar a linha "ClamukoIncludePath" e alterar para /home |
|
98 |
- |
|
99 | ||
100 | ||
101 | ||
102 |
-realmente interessa. |
|
103 |
- |
|
104 | ||
105 |
- |
|
106 |
-#mkdir /var/run/clamav |
|
107 |
-#chown clamav:clamav /var/run/clamav |
|
108 |
- |
|
109 | ||
110 | ||
111 |
- |
|
112 |
-#! /bin/sh |
|
113 |
-# |
|
114 |
-# clamd Start/Stop the clamav daemon. |
|
115 |
-# |
|
116 |
-# processname: clamd |
|
117 |
-# config: /etc/clamav.conf |
|
118 |
-# pidfile: /var/run/clamav/clamd.pid |
|
119 |
- |
|
120 |
-# Source function library. |
|
121 |
-. /etc/rc.d/init.d/functions |
|
122 |
- |
|
123 |
-# See how we were called. |
|
124 |
-case "$1" in |
|
125 |
- start) |
|
126 |
- gprintf "Starting %s: " "clamd" |
|
127 |
- insmod /usr/local/lib/dazuko.o |
|
128 |
- daemon clamd |
|
129 |
- echo |
|
130 |
- touch /var/lock/subsys/clamd |
|
131 |
- ;; |
|
132 |
- stop) |
|
133 |
- gprintf "Stopping %s: " "clamd" |
|
134 |
- echo "QUIT\r" | telnet 127.0.0.1 3310 |
|
135 |
- sleep 5 |
|
136 |
- kill `cat /var/run/clamav/clamd.pid` |
|
137 |
- sleep 2 |
|
138 |
- rmmod dazuko |
|
139 |
- echo |
|
140 |
- rm -f /var/lock/subsys/clamd |
|
141 |
- ;; |
|
142 |
- status) |
|
143 |
- echo "PING\r" | telnet 127.0.0.1 3310 |
|
144 |
- ;; |
|
145 |
- reload) |
|
146 |
- echo "RELOAD\r" | telnet 127.0.0.1 3310 |
|
147 |
- ;; |
|
148 |
- *) |
|
149 |
- gprintf "Usage: %s {start|stop|status|reload}\n" "clamd" |
|
150 |
- exit 1 |
|
151 |
-esac |
|
152 |
- |
|
153 |
-exit 0 |
|
154 |
- |
|
155 |
- |
|
156 |
- |
|
157 | ||
158 |
- |
|
159 | ||
160 |
- qualquer. |
|
161 |
- |
|
162 |
- |
|
163 |
-Uma dica interessante ainda pode ser dada. Inclua isto em seu crontab |
|
164 |
- |
|
165 |
-freshclam |
|
166 |
- |
|
167 |
-Isto atualiza a base de dados do ClamAV. |
|
168 |
-Bom, agora vamos por para funcionar com um Servidor de EMAIL !! |
|
169 |
- |
|
170 |
-Amavis ou MailScanner ? |
|
171 |
- |
|
172 | ||
173 | ||
174 | ||
175 | ||
176 | ||
177 | ||
178 | ||
179 | ||
180 | ||
181 |
- |
|
182 |
-Amavis. |
|
183 |
- |
|
184 | ||
185 |
-editar este arquivo em seu editor favorito e descomentar a linha |
|
186 |
- |
|
187 |
-virus-scanner = CLAM |
|
188 |
- |
|
189 | ||
190 |
- |
|
191 |
-clamscam = /usr/bin/clamscan |
|
192 |
- |
|
193 | ||
194 | ||
195 |
-Abra em seu editor preferido o arquivo /usr/lib/perl5.6.1/site_perl/5.6.1/AMAVIS/AV/CLAM.pm |
|
196 | ||
197 |
- |
|
198 |
-Para rodar legal recomendo que voce baixe e instale as sequintes bibliotecas e pacotes : |
|
199 |
- |
|
200 |
-Config-INIFiles.tar.gz - CPAN ( www.cpan.org ) |
|
201 |
-File-MMagic.tar.gz - CPAN ( www.cpan.org ) |
|
202 |
-IO-stringy-2.108.tar.gz - CPAN ( www.cpan.org ) |
|
203 |
-Archive-TAR-0.22.tar.gz - CPAN ( www.cpan.org ) |
|
204 |
-Archive-ZIP-1.05.tar.gz - CPAN ( www.cpan.org ) |
|
205 |
-lha-1.14i-4.i386.rpm - RPMFind.net ( www.rpmfind.net ) |
|
206 |
-arc-5.21e-5.i386.rpm - RPMFind.net ( www.rpmfind.net ) |
|
207 |
-unzoo-4.4-1.i386.rpm - RPMFind.net ( www.rpmfind.net ) |
|
208 |
-unrar-3.0.1.i386.rpm - RPMFind.net ( www.rpmfind.net ) |
|
209 |
- |
|
210 | ||
211 | ||
212 |
- |
|
213 | ||
214 |
-conseguir scannear. |
|
215 |
- |
|
216 |
- |
|
217 |
-MailScanner. |
|
218 |
- |
|
219 | ||
220 | ||
221 |
- |
|
222 | ||
223 |
- |
|
224 |
-Localize a linha "Virus Scanners = " e coloque clamav |
|
225 |
-Localize a linha "Minimum Code Status = " e coloque unsupported |
|
226 |
- |
|
227 |
-Pronto !!!!!!!!!! |
|
228 |
- |
|
229 |
- |
|
230 |
- |
|
231 |
-Agradecimento e dados para contato. |
|
232 |
- |
|
233 | ||
234 |
- |
|
235 | ||
236 |
-gente boa na lista linuxabc@yahoogrupos.com.br . |
|
237 |
- |
|
238 |
-Bom gente valeu. |
|
239 |
- |
240 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,577 +0,0 @@ |
1 |
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> |
|
2 |
-<HTML> |
|
3 |
-<HEAD> |
|
4 |
- <META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=iso-8859-1"> |
|
5 |
- <TITLE></TITLE> |
|
6 |
- <META NAME="GENERATOR" CONTENT="StarOffice/5.2 (Linux)"> |
|
7 |
- <META NAME="AUTHOR" CONTENT=" "> |
|
8 |
- <META NAME="CREATED" CONTENT="20020611;12100300"> |
|
9 |
- <META NAME="CHANGEDBY" CONTENT=" "> |
|
10 |
- <META NAME="CHANGED" CONTENT="20020830;11482600"> |
|
11 |
- <STYLE> |
|
12 |
- <!-- |
|
13 |
- @page { size: 21cm 27cm; margin: 2cm } |
|
14 |
- --> |
|
15 |
- </STYLE> |
|
16 |
-</HEAD> |
|
17 |
-<BODY> |
|
18 |
-<P ALIGN=CENTER STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif"><B>Sendmail |
|
19 |
-+ Amavis + ClamAv - Como</B></FONT></P> |
|
20 |
-<P ALIGN=CENTER STYLE="margin-bottom: 0cm"><BR> |
|
21 |
-</P> |
|
22 |
-<P ALIGN=CENTER STYLE="margin-bottom: 0cm"><BR> |
|
23 |
-</P> |
|
24 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">1.- |
|
25 |
-Sendmail ya funcionando.</FONT></P> |
|
26 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
27 |
-</P> |
|
28 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">2.- |
|
29 |
-Obtener ClamAv de:</FONT></P> |
|
30 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
31 |
-</P> |
|
32 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><A HREF="http://clamav.elektrapro.com/"><FONT FACE="Bookman L, serif">http://clamav.elektrapro.com/</FONT></A></P> |
|
33 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
34 |
-</P> |
|
35 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><A HREF="http://www.konarski.edu.pl/~zolw/"><FONT FACE="Bookman L, serif">http://www.konarski.edu.pl/~zolw/</FONT></A></P> |
|
36 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
37 |
-</P> |
|
38 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
39 |
-de</FONT></P> |
|
40 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><A HREF="http://freshmeat.net/"><FONT FACE="Bookman L, serif">http://freshmeat.net</FONT></A></P> |
|
41 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
42 |
-</P> |
|
43 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">3.- |
|
44 |
-Obtener Amavis perl 11>> de:</FONT></P> |
|
45 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
46 |
-</P> |
|
47 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><A HREF="http://www.amavis.org/"><FONT FACE="Bookman L, serif">www.amavis.org</FONT></A></P> |
|
48 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
49 |
-</P> |
|
50 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
51 |
-</P> |
|
52 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
53 |
-</P> |
|
54 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">4.- |
|
55 |
-Verificar si tenemos el siguiente software y en su caso instalarlo:</FONT></P> |
|
56 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
57 |
-perl (obviously)</FONT></P> |
|
58 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
59 |
-virus scanner software (obviously)</FONT></P> |
|
60 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
61 |
-file</FONT></P> |
|
62 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">A |
|
63 |
-file command which understands the -b option is required, e.g. the</FONT></P> |
|
64 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">one |
|
65 |
-from ftp://ftp.astron.com/pub/file/</FONT></P> |
|
66 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
67 |
-arc</FONT></P> |
|
68 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
69 |
-bunzip2 (part of the bzip2 package)</FONT></P> |
|
70 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
71 |
-lha (version 1.14g or later!)</FONT></P> |
|
72 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
73 |
-unarj</FONT></P> |
|
74 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
75 |
-uncompress (standard on Unix and Unix-like systems)</FONT></P> |
|
76 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
77 |
-unrar</FONT></P> |
|
78 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
79 |
-unzoo</FONT></P> |
|
80 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
81 |
-</P> |
|
82 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Para |
|
83 |
-verificar:</FONT></P> |
|
84 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">-rpm |
|
85 |
--q paquete o -dpkg -s paquete o debconf, yast, linuxconf, etc.</FONT></P> |
|
86 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
87 |
-</P> |
|
88 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
89 |
-</P> |
|
90 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Para |
|
91 |
-instalar:</FONT></P> |
|
92 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">-rpm |
|
93 |
--i paquete o -dpkg -i paquete o debconf, yast, linuxconf, etc.</FONT></P> |
|
94 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
95 |
-</P> |
|
96 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Para |
|
97 |
-encontrarlos (si no los tiene tu distro) ver referencias en:</FONT></P> |
|
98 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
99 |
-</P> |
|
100 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><A HREF="http://www.amavis.org/"><FONT FACE="Bookman L, serif">www.amavis.org</FONT></A></P> |
|
101 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
102 |
-</P> |
|
103 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
104 |
-usar</FONT></P> |
|
105 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><A HREF="http://www.google.com/linux"><FONT FACE="Bookman L, serif">www.google.com/linux |
|
106 |
-<SPAN STYLE="text-decoration: none">;-)</SPAN></FONT></A></P> |
|
107 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
108 |
-</P> |
|
109 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">*No |
|
110 |
-es necesario pero si deseable instalar todos los compresores.</FONT></P> |
|
111 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
112 |
-</P> |
|
113 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">4.- |
|
114 |
-Modulos de Perl para amavis-perl :-P.</FONT></P> |
|
115 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
116 |
-</P> |
|
117 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">IO-stringy</FONT></P> |
|
118 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Syslog</FONT></P> |
|
119 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">MailTools |
|
120 |
-</FONT> |
|
121 |
-</P> |
|
122 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">MIME-Base64</FONT></P> |
|
123 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">MIME-tools |
|
124 |
-version 5.313 or better (!!)</FONT></P> |
|
125 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Convert-UUlib</FONT></P> |
|
126 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Convert-TNEF |
|
127 |
-0.06 or better (!!)</FONT></P> |
|
128 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Compress-Zlib</FONT></P> |
|
129 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Archive-Tar</FONT></P> |
|
130 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Archive-Zip</FONT></P> |
|
131 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">libnet</FONT></P> |
|
132 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
133 |
-</P> |
|
134 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
135 |
-</P> |
|
136 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Se |
|
137 |
-pueden obtener todos de <A HREF="http://www.cpan.org/">www.cpan.org</A></FONT></P> |
|
138 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
139 |
-</P> |
|
140 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Si |
|
141 |
-se tiene instalado el modulo CPAN la cosa es tan facil como:</FONT></P> |
|
142 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
143 |
-</P> |
|
144 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">perl |
|
145 |
--MCPAN -e shell</FONT></P> |
|
146 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
147 |
-</P> |
|
148 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">E |
|
149 |
-irle indicando uno a uno:</FONT></P> |
|
150 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
151 |
-</P> |
|
152 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
153 |
-Unix::Syslog</FONT></P> |
|
154 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
155 |
-Convert::UUlib</FONT></P> |
|
156 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
157 |
-Convert::TNEF</FONT></P> |
|
158 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
159 |
-Compress::Zlib</FONT></P> |
|
160 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
161 |
-Archive::Tar</FONT></P> |
|
162 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
163 |
-Archive::Zip</FONT></P> |
|
164 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
165 |
-G/GB/GBARR/MailTools-1.15.tar.gz</FONT></P> |
|
166 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
167 |
-MIME::Tools</FONT></P> |
|
168 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">install |
|
169 |
-Bundle::libnet</FONT></P> |
|
170 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
171 |
-</P> |
|
172 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Ok |
|
173 |
-Con esto tenemos lo necesario para comenzar.</FONT></P> |
|
174 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
175 |
-</P> |
|
176 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
177 |
-</P> |
|
178 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">5.- |
|
179 |
-Instalar el Scanner de virus (el programa encargado de buscar y |
|
180 |
-encontrar virus en archivos).</FONT></P> |
|
181 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Usaremos |
|
182 |
-el ClamAv por sus caracteristicas (GPL, C)</FONT></P> |
|
183 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Las |
|
184 |
-siguientes instrucciones fueron tomadas y tradcidas del manual |
|
185 |
-incluido con el ClamAv.</FONT></P> |
|
186 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
187 |
-</P> |
|
188 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Suponemos |
|
189 |
-que tienes acceso root.</FONT></P> |
|
190 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
191 |
-</P> |
|
192 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">“Si |
|
193 |
-estas instalando por primera vez, tienes que agregar a tu sistema un |
|
194 |
-nuevo grupo y un nuevo usuario(clamav):</FONT></P> |
|
195 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
196 |
-</P> |
|
197 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif"># |
|
198 |
-groupadd clamav </FONT> |
|
199 |
-</P> |
|
200 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif"># |
|
201 |
-useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav</FONT></P> |
|
202 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
203 |
-</P> |
|
204 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Por |
|
205 |
-favor no le pongas contraseña a esta cuenta. Debe ser un |
|
206 |
-usuario normal sin privilegios. No lo agreges a ningun grupo |
|
207 |
-especial.</FONT></P> |
|
208 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
209 |
-</P> |
|
210 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Despues |
|
211 |
-de esto extrae los archivos, configura y compila:</FONT></P> |
|
212 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
213 |
-</P> |
|
214 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">$ |
|
215 |
-tar zxpvf clamav-x.yz.tar.gz </FONT> |
|
216 |
-</P> |
|
217 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
218 |
-</P> |
|
219 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">$ |
|
220 |
-cd clamav-x.yz $ ./configure; make </FONT> |
|
221 |
-</P> |
|
222 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
223 |
-</P> |
|
224 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">$ |
|
225 |
-su -c "make install" </FONT> |
|
226 |
-</P> |
|
227 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
228 |
-</P> |
|
229 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">¡Eso |
|
230 |
-es todo !</FONT></P> |
|
231 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
232 |
-</P> |
|
233 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Prueba:</FONT></P> |
|
234 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Ok. |
|
235 |
-Hagamos algunas pruebas. </FONT> |
|
236 |
-</P> |
|
237 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Intenta |
|
238 |
-scanear recursivamente el directorio de las fuentes de clamAv:</FONT></P> |
|
239 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">$ |
|
240 |
-clamscan -r -l scan.txt clam-x.yz </FONT> |
|
241 |
-</P> |
|
242 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
243 |
-</P> |
|
244 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Deberiamos |
|
245 |
-encontrar un virus en el archivo clam.x.yz/eicar.com.</FONT></P> |
|
246 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Puedes |
|
247 |
-checarlo en el archivo creado: scan.txt</FONT></P> |
|
248 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
249 |
-</P> |
|
250 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif"><B>Soporte |
|
251 |
-para AmaViS-perl:</B></FONT></P> |
|
252 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
253 |
-</P> |
|
254 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">Lo |
|
255 |
-primero que necesitas es amavis-perl-11.tar.gz, lo puedes obtener de |
|
256 |
-http://amavis.org, luego:</FONT></P> |
|
257 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
258 |
-</P> |
|
259 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">$ |
|
260 |
-tar zxpvf amavis-perl-11.tar.gz </FONT> |
|
261 |
-</P> |
|
262 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">$ |
|
263 |
-cp clam-x.yz/support/amavis/clamavis.patch amavis-perl-11 </FONT> |
|
264 |
-</P> |
|
265 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">$ |
|
266 |
-cd amavis-perl-11 </FONT> |
|
267 |
-</P> |
|
268 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">$ |
|
269 |
-patch -p1 < clamavis.patch </FONT> |
|
270 |
-</P> |
|
271 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">$ |
|
272 |
-find . -exec touch 01010000 {} \; </FONT> |
|
273 |
-</P> |
|
274 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
275 |
-</P> |
|
276 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">Ahora |
|
277 |
-por favor efectua una instalación normal de Amavis.</FONT></P> |
|
278 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><I>Consejo</I>: |
|
279 |
-Amavis usara clamscan con las opciones tipicas, lo cual esta bien |
|
280 |
-para la mayoria de los sistemas. Si quieres agregar otras opciones |
|
281 |
-(ej. descompresion, limites) por favor edita el archivo |
|
282 |
-/usr/sbin/amavis despues de la instalación).”</FONT></P> |
|
283 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
284 |
-</P> |
|
285 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">Por |
|
286 |
-favor lee el manual del clam.</FONT></P> |
|
287 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
288 |
-</P> |
|
289 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">El |
|
290 |
-autor de clamAv y del manual del cual traduje lo anterior es:</FONT></P> |
|
291 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><SPAN STYLE="font-weight: medium"><FONT FACE="Bookman L, serif">Tomasz |
|
292 |
-Kojm <<A HREF="mailto:zolw@konarski.edu.pl">zolw@konarski.edu.pl</A>></FONT></SPAN></P> |
|
293 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
294 |
-</P> |
|
295 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif"><B>6.- |
|
296 |
-Instalación de Amavis-perl-11:</B></FONT></P> |
|
297 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Suponemos |
|
298 |
-que sendmail ya esta instalado y que existe /etc/sendmail.cf</FONT></P> |
|
299 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">(o |
|
300 |
-/etc/mail/sendmail.cf)</FONT></P> |
|
301 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
302 |
-</P> |
|
303 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Yo |
|
304 |
-opte por la configuraciónmanual, pero existe también la |
|
305 |
-via de m4.</FONT></P> |
|
306 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
307 |
-</P> |
|
308 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Los |
|
309 |
-pasos , son los siguientes:</FONT></P> |
|
310 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
311 |
-</P> |
|
312 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">1) |
|
313 |
-Copia el archivo /etc/sendmail.cf a /etc/sendmail.orig.cf</FONT></P> |
|
314 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
315 |
-</P> |
|
316 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">2) |
|
317 |
-Cambiar a mano sendmail.cf:</FONT></P> |
|
318 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
319 |
-</P> |
|
320 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">a) |
|
321 |
-Abre /etc/sendmail.cf en tu editor favorito</FONT></P> |
|
322 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
323 |
-</P> |
|
324 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">b) |
|
325 |
-Cambia el directorio de la cola (queue) a:</FONT></P> |
|
326 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">QueueDirectory=/var/spool/mqamavis</FONT></P> |
|
327 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
328 |
-</P> |
|
329 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">c) |
|
330 |
-Cambia el archivo de estado (status) a:</FONT></P> |
|
331 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">StatusFile=/var/log/amavis.st</FONT></P> |
|
332 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
333 |
-</P> |
|
334 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">d) |
|
335 |
-Cambia el conjunto de reglas 0 (rule set 0) a:</FONT></P> |
|
336 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
337 |
-</P> |
|
338 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">R$* |
|
339 |
-$: $>Parse0 $1 initial parsing</FONT></P> |
|
340 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">R<@> |
|
341 |
-$#local $: <@> special case error msgs</FONT></P> |
|
342 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">R$* |
|
343 |
-$: $>98 $1 handle local hacks</FONT></P> |
|
344 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">R$* |
|
345 |
-$#amavis $:$1</FONT></P> |
|
346 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">#R$* |
|
347 |
-$: $>Parse1 $1 final parsing</FONT></P> |
|
348 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
349 |
-</P> |
|
350 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Ten |
|
351 |
-cuidado con los tabuladores. Aquí esta el codigo de nuevo, en |
|
352 |
-lugar de [tab] prseiona la tecla tab :-)</FONT></P> |
|
353 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
354 |
-</P> |
|
355 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
356 |
-</P> |
|
357 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">R$*[tab][tab]$: |
|
358 |
-$>Parse0 $1[tab][tab]initial parsing</FONT></P> |
|
359 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">R<@>[tab][tab]$#local |
|
360 |
-$: <@>[tab][tab]special case error msgs</FONT></P> |
|
361 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">R$*[tab][tab]$: |
|
362 |
-$>98 $1[tab][tab]handle local hacks</FONT></P> |
|
363 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">R$*[tab][tab]$#amavis |
|
364 |
-$:$1</FONT></P> |
|
365 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">#R$*[tab][tab]$: |
|
366 |
-$>Parse1 $1[tab][tab]final parsing</FONT></P> |
|
367 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
368 |
-</P> |
|
369 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Agrega |
|
370 |
-la nueva definicion de mailer:</FONT></P> |
|
371 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
372 |
-</P> |
|
373 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Mamavis, |
|
374 |
-P=/usr/sbin/amavis, F=mlsACDFMS5:/|@qhP, S=0, R=0</FONT></P> |
|
375 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">T=DNS/RFC822/X-Unix,</FONT></P> |
|
376 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">A=amavis |
|
377 |
-$f $u</FONT></P> |
|
378 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
379 |
-</P> |
|
380 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">3)Ejecuta:</FONT></P> |
|
381 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
382 |
-</P> |
|
383 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
384 |
-</P> |
|
385 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
386 |
-</P> |
|
387 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">./configure |
|
388 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">make |
|
389 |
-</FONT> |
|
390 |
-</P> |
|
391 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">make |
|
392 |
-check</FONT></P> |
|
393 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">make |
|
394 |
-install </FONT> |
|
395 |
-</P> |
|
396 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
397 |
-</P> |
|
398 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">*Nota: |
|
399 |
-Puedes agregar mas opciones al ./configure. Lee el INSTALL de amavis. |
|
400 |
-</FONT> |
|
401 |
-</P> |
|
402 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
403 |
-</P> |
|
404 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">4) |
|
405 |
-Crea el directorio /var/spool/mqamavis con los mismos permisos que </FONT> |
|
406 |
-</P> |
|
407 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">/var/spool/mqueue |
|
408 |
-pero el propietario y el grupo deben se amavis.</FONT></P> |
|
409 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">*Nota: |
|
410 |
-Yo los deje con root : root y funciona.</FONT></P> |
|
411 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
412 |
-</P> |
|
413 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">5) |
|
414 |
-Reinicia sendmail:</FONT></P> |
|
415 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">killall |
|
416 |
--HUP sendmail</FONT></P> |
|
417 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
418 |
-</P> |
|
419 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">o |
|
420 |
-si usas SuSE Linux:</FONT></P> |
|
421 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">rcsendmail |
|
422 |
-restart</FONT></P> |
|
423 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
424 |
-</P> |
|
425 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Listo, |
|
426 |
-sendmail ya tiene soporte de amavis y clamscan para detectar correos |
|
427 |
-infectados.</FONT></P> |
|
428 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
429 |
-</P> |
|
430 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Solo |
|
431 |
-resta que hagas pruebas enviando y recibiendo correos con archivos |
|
432 |
-adjuntos infectados.</FONT></P> |
|
433 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
434 |
-</P> |
|
435 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Como |
|
436 |
-prueba puedes usar el archivo /home/clamav-0.14/test/eicar.com que NO |
|
437 |
-es un virus, y sirve para probar tu sistema antivirus. </FONT> |
|
438 |
-</P> |
|
439 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
440 |
-</P> |
|
441 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Si |
|
442 |
-todo funciona el postmaster y el usuario que envio el archivo con |
|
443 |
-virus reciben un correo notificandoles VIRUS IN YOUR MAIL (VIRUS EN |
|
444 |
-TU CORREO).</FONT></P> |
|
445 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Con |
|
446 |
-lo cual la alarma esta funcionando.</FONT></P> |
|
447 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
448 |
-</P> |
|
449 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><B><FONT SIZE=3><FONT FACE="Bookman L, serif">Precuacion |
|
450 |
-con la cola de correo</FONT></FONT></B>:</P> |
|
451 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">Al |
|
452 |
-parecer amavis tiene problemas de correo que se queda atorado en la |
|
453 |
-cola cuando el envio no se puede realizar la primera vez, y ya no lo |
|
454 |
-vuelve a intentar enviar.</FONT></P> |
|
455 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">Para |
|
456 |
-corregir esto podemos hacer lo siguiente:</FONT></P> |
|
457 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
458 |
-</P> |
|
459 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>/usr/sbin/sendmail |
|
460 |
--C /etc/sendmail.orig.cf -q </FONT></FONT> |
|
461 |
-</P> |
|
462 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
463 |
-</P> |
|
464 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>via |
|
465 |
-cron </FONT></FONT> |
|
466 |
-</P> |
|
467 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
468 |
-</P> |
|
469 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>Otra |
|
470 |
-solucion es:</FONT></FONT></P> |
|
471 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
472 |
-</P> |
|
473 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>/usr/sbin/sendmail |
|
474 |
--q5m -C /etc/mail/sendmail.orig.cf</FONT></FONT></P> |
|
475 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
476 |
-</P> |
|
477 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>En |
|
478 |
-este caso la cola de correo se vacia cada 5 minutos. Una buena idea |
|
479 |
-es agregar esta segunda opcion al archivo de inicio de sendmail en |
|
480 |
-/etc/init.d/sendmail</FONT></FONT></P> |
|
481 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
482 |
-</P> |
|
483 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>Por |
|
484 |
-ejemplo:</FONT></FONT></P> |
|
485 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
486 |
-</P> |
|
487 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3># |
|
488 |
-For amavis processing of stuck mails in original</FONT></FONT></P> |
|
489 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3># |
|
490 |
-queue [greynoso - 070502]</FONT></FONT></P> |
|
491 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>SENDMAIL_AMAVIS="-q30m |
|
492 |
--C /etc/sendmail.orig.cf"</FONT></FONT></P> |
|
493 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
494 |
-</P> |
|
495 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>. |
|
496 |
-/etc/rc.status</FONT></FONT></P> |
|
497 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>rc_reset</FONT></FONT></P> |
|
498 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>case |
|
499 |
-"$1" in</FONT></FONT></P> |
|
500 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>start)</FONT></FONT></P> |
|
501 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>echo |
|
502 |
--n "Initializing SMTP port. (sendmail)"</FONT></FONT></P> |
|
503 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>startproc |
|
504 |
-/usr/sbin/sendmail $SENDMAIL_ARGS</FONT></FONT></P> |
|
505 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>rc_status |
|
506 |
--v</FONT></FONT></P> |
|
507 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
508 |
-</P> |
|
509 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>#</FONT></FONT></P> |
|
510 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3># |
|
511 |
-For amavis processing of stuck mails in original</FONT></FONT></P> |
|
512 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3># |
|
513 |
-queue [greynoso - 070502]</FONT></FONT></P> |
|
514 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><FONT SIZE=3>/usr/sbin/sendmail |
|
515 |
-$SENDMAIL_AMAVIS</FONT></FONT></P> |
|
516 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm">....</P> |
|
517 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Etc.</FONT></P> |
|
518 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
519 |
-</P> |
|
520 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif">Con |
|
521 |
-esto ya no debe haber problemas de correo atorado :-)</FONT></P> |
|
522 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
523 |
-</P> |
|
524 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif"><B>Auto-Actualizacion |
|
525 |
-con FreshClam:</B></FONT></P> |
|
526 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">En |
|
527 |
-tu cron agrega:</FONT></P> |
|
528 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><BR> |
|
529 |
-</P> |
|
530 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">#Actualizacion |
|
531 |
-dB Clam[Erick Lopez 2k2/07/16]</FONT></P> |
|
532 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">#45 1 * * * /usr/local/bin/freshclam| |
|
533 |
-/usr/bin/mail -s 'Actualizacion antivirus' virusalert</FONT></P> |
|
534 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
535 |
-</P> |
|
536 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">Con |
|
537 |
-lo cual corre el freshclam a la 1:45 am y te envia un mail con el |
|
538 |
-status de la base de datos de virus.</FONT></P> |
|
539 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
540 |
-</P> |
|
541 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><FONT FACE="Bookman L, serif"><B>Auto-Actualizacion |
|
542 |
-con oav-update:</B></FONT></P> |
|
543 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">Actualmente |
|
544 |
-existe otra opcion para actualizar la base de datos de virus (la cual |
|
545 |
-recordemos es la de Open Antivirus ), esta opcion es mas flexible que |
|
546 |
-el freshclam, aunque al parecer (no la he probado aun) requiere mas |
|
547 |
-configuacion.</FONT></P> |
|
548 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif">Dicha |
|
549 |
-opcion es el oav-update que puedes conseguir en:</FONT></P> |
|
550 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><BR> |
|
551 |
-</P> |
|
552 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm; font-weight: medium"><FONT FACE="Bookman L, serif"><A HREF="http://packages.debian.org/testing/utils/oav-update.html">http://packages.debian.org/testing/utils/oav-update.html</A></FONT></P> |
|
553 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
554 |
-</P> |
|
555 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
556 |
-</P> |
|
557 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
558 |
-</P> |
|
559 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
560 |
-</P> |
|
561 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm">Erick Ivaán López |
|
562 |
-Carreón</P> |
|
563 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><A HREF="http://www.fsl.org.mx/">www.fsl.org.mx</A></P> |
|
564 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
565 |
-</P> |
|
566 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm">Creditos:</P> |
|
567 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
568 |
-</P> |
|
569 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm">Gerardo Reynoso Cobos |
|
570 |
-<<A HREF="mailto:greynoso@technitrade.com">greynoso@technitrade.com</A>> |
|
571 |
-Solucion al problema de correo pegado a la cola de amavis.</P> |
|
572 |
-<P ALIGN=JUSTIFY STYLE="margin-bottom: 0cm"><BR> |
|
573 |
-</P> |
|
574 |
-</BODY> |
|
575 |
-</HTML> |
576 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,478 +0,0 @@ |
1 |
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
|
2 |
-<html> |
|
3 |
-<head> |
|
4 |
-<title>Antivirus para Sendmail con clam</title> |
|
5 |
-</head> |
|
6 |
-<body> |
|
7 |
-<h1 align="center">Antivirus para servidor de correo Sendmail con ClamAv</h1> |
|
8 |
-<hr align="center" size="5" width="95%"> |
|
9 |
-<br> |
|
10 | ||
11 |
-de virus para Sendmail, utilizando para esto el mejor antivirus del software libre "clamAv." |
|
12 |
-</p> |
|
13 |
-<a name="contenido"> |
|
14 | ||
15 |
-<ol> |
|
16 |
- <a href="#clamav"> |
|
17 | ||
18 |
- <br> |
|
19 |
- <a href="#milter"> |
|
20 |
- <li>- Instalacion del programa de enlace entre el antivirus y el servidor de correo sendmail</a></li> |
|
21 |
- <br> |
|
22 |
- <a href="#sendmail"> |
|
23 | ||
24 |
- <br> |
|
25 |
- <a href="#pruebas"> |
|
26 |
- <li>- Pruebas del sistema</a></li> |
|
27 |
- <br> |
|
28 |
-</ol> |
|
29 |
- |
|
30 |
- |
|
31 |
- |
|
32 | ||
33 |
-<hr align="center" size="3" width="85%"> |
|
34 | ||
35 |
-<br> |
|
36 |
-<p>Vamos a instalarlo desde las fuentes, por lo tanto debemos descargar dichas fuentes |
|
37 | ||
38 |
-de <a href="http://download.sourceforge.net/clamav/">stable versions</a>(versiones estables). |
|
39 |
-</p> |
|
40 |
- |
|
41 | ||
42 | ||
43 |
- |
|
44 | ||
45 | ||
46 | ||
47 |
-descargar y descomprimir.</p> |
|
48 |
- |
|
49 |
- |
|
50 |
-<br><br><br> |
|
51 |
- |
|
52 | ||
53 |
- |
|
54 | ||
55 |
-<br> |
|
56 |
-<ul> |
|
57 |
-<li>groupadd clamav</li> |
|
58 |
-<li>useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav</li> |
|
59 |
-</ul> |
|
60 |
-<br> |
|
61 | ||
62 |
-<ul> |
|
63 |
-<li>Descomprimir las fuentes: <em>tar zxpvf clamav-x.yz.tar.gz</em></li><br> |
|
64 | ||
65 |
-<em>./configure --sysconfdir=/etc</em></li> |
|
66 |
-<li><em>make</em></li> |
|
67 |
-<li><em>su -c 'make install'</em></li> |
|
68 |
-</ul> |
|
69 |
-Listo!! con eso tenemos instalado el clam.</p> |
|
70 |
- |
|
71 |
-<h4>Prueba:</h4> |
|
72 |
- |
|
73 |
-<p>Para probarlo ejecutemos una busqueda de virus a traves del directorio de las fuentes: |
|
74 |
-<br><br> |
|
75 |
-<em>clamscan -r -l scan.txt /usr/src/clamav-0.60/</em> |
|
76 |
-<br><br> |
|
77 | ||
78 |
-<em>--------------------------------------<br> |
|
79 |
-Scan started: Thu Oct 2 18:42:28 2003<br> |
|
80 |
-<br> |
|
81 |
-/usr/src/clamav-0.60//test/test1: ClamAV-Test-Signature FOUND<br> |
|
82 |
-/usr/src/clamav-0.60//test/test1.bz2: ClamAV-Test-Signature FOUND<br> |
|
83 |
-/usr/src/clamav-0.60//test/test2.zip: ClamAV-Test-Signature FOUND<br> |
|
84 |
-/usr/src/clamav-0.60//test/test3.rar: ClamAV-Test-Signature FOUND<br> |
|
85 |
-/usr/src/clamav-0.60//test/test2.badext: ClamAV-Test-Signature FOUND<br> |
|
86 |
-<br> |
|
87 |
-Known viruses: 7846<br> |
|
88 |
-Scanned directories: 38<br> |
|
89 |
-Scanned files: 377<br> |
|
90 |
-Infected files: 5<br> |
|
91 |
-Data scanned: 6.19 Mb<br> |
|
92 |
-I/O buffer size: 131072 bytes<br> |
|
93 |
-Time: 9.945 sec (0 m 9 s)<br> |
|
94 |
-<br><br> |
|
95 |
-</em> |
|
96 |
-<br> |
|
97 |
-</p> |
|
98 |
- |
|
99 |
-<p> |
|
100 |
-Si vamos a usar clam em modo demonio devemos editar /etc/clamav.conf, mas informacion:<br> |
|
101 |
-<em>man 5 clamav.conf</em><br> |
|
102 |
-<br> |
|
103 |
-Mecesitaremos que corra como demonio si vamos a usar clamav-milter.<br> |
|
104 |
-</p> |
|
105 |
- |
|
106 |
-<a href="#contenido">Volver</a> |
|
107 |
- |
|
108 |
- |
|
109 |
- |
|
110 | ||
111 |
-<hr align="center" size="3" width="85%"> |
|
112 |
- |
|
113 |
-<h3><a name="milter">2.- Instalacion del programa de enlace entre |
|
114 |
-el antivirus y el servidor de correo sendmail</h3> |
|
115 |
-<br> |
|
116 |
-<p>Ahora que clam esta funcionando correctamente, procedemos a instalar el software |
|
117 | ||
118 |
-Tenemos varias opciones:<br> |
|
119 |
-<br> |
|
120 |
-<ul> |
|
121 |
-<a href="#clamav-milter"> |
|
122 | ||
123 | ||
124 |
-<br> |
|
125 |
-<a href="#nextg"> |
|
126 | ||
127 |
-amavis-perl/amavisd, desarrollado por Hilko Bengen</li> |
|
128 |
-<br> |
|
129 |
-<a href="#amavisnew"> |
|
130 | ||
131 |
-<br> |
|
132 |
-</ul> |
|
133 |
-</p> |
|
134 |
- |
|
135 |
- |
|
136 |
-<strong>Nota sobre milter y sendmail:</strong><br> |
|
137 |
-<br> |
|
138 |
-<p> |
|
139 | ||
140 |
-<br> Estos archivos de desarrollo |
|
141 |
-vienen con sendmail, pero sendmail debe estar compilado con soporte para milter.<br> |
|
142 | ||
143 |
-<br> |
|
144 |
-En caso de que sendmail lo construyamos nosotros mismos debemos crear un archivo <em>site.config.m4</em> |
|
145 |
- que contenga :<br><br> |
|
146 |
- <em>APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')</em> |
|
147 |
- <br><br> |
|
148 |
-Y dicho archivo debe ir en: <em> ~/sendmail-x.xx.x/devtools/Site</em> |
|
149 |
-<br><br> |
|
150 |
-Los archivos de desarrollo tambien pueden existir como paquetes en rpm o dev, para |
|
151 |
-encontrar paquetes rpm podemos dar un vistazo en: <br> |
|
152 |
-<a href="http://rpmfind.net">http://rpmfind.net</a> buscando sendmail-devel.<br> |
|
153 |
-<br> |
|
154 |
-Si usamos Debian tan facil como:<br> |
|
155 |
-<em>apt-cache search libmilter</em><br> |
|
156 |
-<br> |
|
157 |
-Y sabremos que instalar. |
|
158 |
- <p> |
|
159 |
- <!--SUBSECCIONES DE MILTER------------------------------------------- --> |
|
160 |
- |
|
161 |
-<a name="clamav-milter"> |
|
162 |
-<p> |
|
163 |
-<strong>Clamav-milter:</strong><br><br> |
|
164 | ||
165 |
- para usarlo necesitamos reconfigurar ClamAv con:<br> |
|
166 |
-<br> |
|
167 |
-<em>./configure --enable-milter</em><br> |
|
168 |
-<br> |
|
169 |
- |
|
170 |
-Ok, vamos al directorio de las fuentes de ClamAv. |
|
171 |
- |
|
172 |
-<br> |
|
173 |
-<em>cd ~/lamav-x.yz/</em><br> |
|
174 |
-<br> |
|
175 |
-Y ejecutamos:<br> |
|
176 |
-<br> |
|
177 |
-<em>./configure --enable-milter --sysconfdir=/etc </em><br> |
|
178 |
-<br> |
|
179 |
-<em>make</em><br> |
|
180 |
-<br> |
|
181 |
-<em>make install</em><br> |
|
182 |
-<br> |
|
183 | ||
184 | ||
185 | ||
186 |
-<br> |
|
187 |
-<br> |
|
188 |
-Ya esta listo el milter, ahora vayamos a configurar <a href="#sendmail-clamav-milter">sendmail para clamav-milter.</a><br> |
|
189 |
-<br> |
|
190 |
- |
|
191 |
-<!-- ----------------------------------------------------------------- --> |
|
192 |
- |
|
193 |
-<a name="nextg"> |
|
194 |
-<p><strong>AMaViS - "Next Generation":</strong><br><br> |
|
195 |
-Lo podemos descargar desde :<br> |
|
196 |
-<br> |
|
197 |
-<a href="http://sourceforge.net/projects/amavis">http://sourceforge.net/projects/amavis</a><br> |
|
198 |
-<br> |
|
199 |
-Los descomprimimos: <em>tar zxpvf amavis-ng_0.1.6.4.orig.tar.gz</em><br> |
|
200 |
-<br> |
|
201 | ||
202 |
-<br> |
|
203 |
-<em>make amavis-ng.info</em><br> |
|
204 |
-<br> |
|
205 |
-<br> |
|
206 |
-O si tenemos instalado texi2html:<br> |
|
207 |
-<br> |
|
208 |
-<em>texi2html amavis-ng.texi</em><br> |
|
209 |
-<br> |
|
210 | ||
211 |
-<br> |
|
212 |
-<br><br> |
|
213 |
- |
|
214 |
-<br><strong>Requisitos para amavis-ng:</strong><br> |
|
215 |
-<br> |
|
216 |
-Modulos Perl:<br> |
|
217 |
- |
|
218 |
-<ul> |
|
219 |
-<li>File::MMagic</li> |
|
220 |
-<li>Config::IniFiles</li> |
|
221 |
-<li>MIME::Tools</li> |
|
222 |
-</ul> |
|
223 |
-Si se tiene instalado el modulo CPAN la cosa es tan facil como:<br> |
|
224 |
-<br> |
|
225 |
-<em>perl -MCPAN -e shell</em><br> |
|
226 |
-<br> |
|
227 |
-E irle indicando uno a uno:<br> |
|
228 |
-<br> |
|
229 |
-<em>install File::MMagic</em><br> |
|
230 |
-<br> |
|
231 |
-etc...<br> |
|
232 |
-<br> |
|
233 |
-</p> |
|
234 |
- |
|
235 |
-<p> |
|
236 |
-<strong>Recomendados pero no indispensables:</strong><br> |
|
237 |
-<br> |
|
238 |
-Modulos perl:<br> |
|
239 |
-<br> |
|
240 |
-<ul> |
|
241 |
-<li>Convert::TNEF</li> |
|
242 |
-<li>Compress::Zlib</li> |
|
243 |
-<li>Archive::Tar</li> |
|
244 |
-<li>Archive::Zip</li> |
|
245 |
-</ul> |
|
246 |
-<br> |
|
247 |
-<br> |
|
248 | ||
249 |
-<br> |
|
250 |
-<ul> |
|
251 |
-<li>unrar</li> |
|
252 |
-<li>Zoo</li> |
|
253 |
-<li>Unzoo</li> |
|
254 |
-<li>nomarch</li> |
|
255 |
-<li>lha</li> |
|
256 |
-<li>unarj</li> |
|
257 |
-<li>zcat</li> |
|
258 |
-<li>bunzip2</li> |
|
259 |
-</ul> |
|
260 |
-<br> |
|
261 |
-Para verificar si los tenemos ya instalados:<br> |
|
262 |
-<br> |
|
263 |
-<em>-rpm -q paquete o -dpkg -s paquete, yast, linuxconf, etc.</em><br> |
|
264 |
-<br> |
|
265 |
-<br> |
|
266 |
-Para instalar:<br> |
|
267 |
-<br> |
|
268 |
-<em>-rpm -i paquete o -dpkg -i paquete, yast, linuxconf, etc.</em><br> |
|
269 |
-<br> |
|
270 |
-</p> |
|
271 |
- |
|
272 |
-<strong>Instalando amavis-ng:</strong><br> |
|
273 |
-<br> |
|
274 |
-<em>perl Makefile.PL</em><br> |
|
275 |
-<br> |
|
276 |
-<em>make</em><br> |
|
277 |
-<br> |
|
278 |
-<em>su -c"make install"</em><br> |
|
279 |
-<br> |
|
280 |
-<br> |
|
281 |
-<strong>Instalando amavis-milter:</strong><br> |
|
282 |
-<br> |
|
283 | ||
284 |
-programa milter, que permitira "conectar" sendmail y amavis.<br> |
|
285 | ||
286 |
-<br> |
|
287 |
-<em>make -C amavis-milter</em><br> |
|
288 |
-<br> |
|
289 |
-<em>$ su -c "make -C amavis-milter install"</em><br> |
|
290 |
-<br> |
|
291 |
-<br> |
|
292 |
-<strong>configurando amavis-ng:</strong><br> |
|
293 |
-<br> |
|
294 |
-- Copiar el archivo de configuracion de ejemplo a <em>/etc/amavis-ng/</em>, editarlo y |
|
295 |
-modificar de la siguiente manera:<br> |
|
296 |
-<ul> |
|
297 |
-<li>mail-transfer-agent = Milter</li> |
|
298 |
-<li>virus-scanner = CLAM (o CLAMD)</li> |
|
299 |
-<li>notifiers=Sender, Recipients, Admin</li> |
|
300 |
-</ul> |
|
301 |
-<br> |
|
302 |
-Y las secciones: <br> |
|
303 |
-<em>[Milter]<br> |
|
304 |
-<br> |
|
305 |
-amavis socket = /var/run/amavis-ng/socket.amavis<br> |
|
306 |
-<br> |
|
307 |
-milter socket = /var/run/amavis-ng/socket.milter<br> |
|
308 |
-<br> |
|
309 |
-amavis-milter = /usr/sbin/amavis-milter<br> |
|
310 |
-<br> |
|
311 |
-amavis-milter pidfile = /var/run/amavis-ng/amavis-milter.pid</em><br> |
|
312 |
-<br><br> |
|
313 |
-Y <br> |
|
314 |
-<em>[CLAM]<br> |
|
315 |
-<br> |
|
316 |
-clamscan = /usr/bin/clamscan</em><br> |
|
317 |
-<br><br> |
|
318 |
-o:<br> |
|
319 |
-<em>[CLAMD]<br> |
|
320 |
-socket = localhost:3310</em> |
|
321 |
-<br><br> |
|
322 |
-<BR> |
|
323 |
-Ya esta listo el milter, ahora vayamos a configurar <a href="#sendmail-nextg">sendmail para amavis-ng.</a><br> |
|
324 |
-<br> |
|
325 |
- |
|
326 |
-<!-- --------------------------------------------------------------------------- --> |
|
327 |
-<a name="amavisnew"> |
|
328 |
-<p> |
|
329 |
-<p><strong>AMaViS - New:</strong><br><br> |
|
330 | ||
331 |
- |
|
332 |
-</p> |
|
333 |
- |
|
334 |
- |
|
335 |
-<a href="#contenido">Volver</a> |
|
336 |
- |
|
337 |
- |
|
338 |
- |
|
339 |
-<hr align="center" size="3" width="85%"> |
|
340 | ||
341 |
-<a name="sendmail"> |
|
342 | ||
343 |
- |
|
344 |
-<a name="sendmail-clamav-milter"> |
|
345 |
-<strong>Sendmail y clamav-milter:</strong></a> |
|
346 |
-<br> |
|
347 |
-<br> |
|
348 |
-Las siguientes instrucciones fueron tomasdas del archivo INSTALL de las fuentes:<br> |
|
349 |
-<br> |
|
350 |
-Agregar a /etc/mail/sendmail.mc:<br> |
|
351 |
-<br> |
|
352 |
-<em>INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav.sock, F=, T=S:4m;R:4m')dnl<br> |
|
353 |
- define(`confINPUT_MAIL_FILTERS', `clamav')<br></em> |
|
354 |
-<br> |
|
355 |
-<br> |
|
356 |
-No olvidemos regenerar sendmail.cf<br> |
|
357 |
-<br> |
|
358 |
-<br> |
|
359 |
-Verificar que existan en clamav.conf las siguientes entradas:<br> |
|
360 |
-<br> |
|
361 |
-<em>LocalSocket /var/run/clamd.sock<br> |
|
362 |
-SaveStreamToDisk<br></em> |
|
363 |
-<br> |
|
364 |
-<br> |
|
365 |
-Finalmente iniciar clamav-milter:<br> |
|
366 |
-<br> |
|
367 |
-<em>/usr/local/sbin/clamav-milter -blo /var/run/clamav.sock</em><br> |
|
368 |
-<br> |
|
369 |
-Y reiniciar sendmail<br> |
|
370 |
-<br> |
|
371 |
-****En el mismo directorio de las fuentes del clamav-milter viene un script <em>clamd.sh</em> |
|
372 |
-Que podemos poner en /etc/init.d/ para iniciar el clamd.****<br> |
|
373 |
-</p> |
|
374 |
-<br><br><br> |
|
375 |
-Asi que si todo ha ido bien, ya hemos concluido y es hora de hacer alguna prueba. |
|
376 |
-<br><br><br> |
|
377 |
- |
|
378 |
-<a name="sendmail-nextg"> |
|
379 |
-<strong>Sendmail y AMaViS - "Next Generation": </strong> |
|
380 |
-<br> |
|
381 |
-<br> |
|
382 |
-Agregar lo siguiente al archvivo `sendmail.mc':<br> |
|
383 |
-<br> |
|
384 |
-<em> |
|
385 |
-define(`MILTER', 1)<br> |
|
386 |
-INPUT_MAIL_FILTER(`milter-amavis', \<br> |
|
387 |
- `S=local:/var/run/amavis-ng/socket.milter, F=T, T=S:10m;R:10m;E:10m')</em><br> |
|
388 |
-<br><br> |
|
389 |
-Rehacer el sendmail.cf y reiniciar sendmail.<br> |
|
390 | ||
391 |
-<em> |
|
392 |
-<br> |
|
393 |
-Xmilter-amavis: local socket name /var/run/amavis-ng/socket.milter missing</em><br> |
|
394 |
-<br> |
|
395 | ||
396 |
-<br><br><br> |
|
397 |
- |
|
398 |
- |
|
399 |
- <!-- -------------------------------------------------------------- --> |
|
400 |
-<a name="sendmail-amavisnew"> |
|
401 |
-<strong>sendmail y amavisd-new:</strong> |
|
402 |
-<br> |
|
403 | ||
404 |
-<br> |
|
405 |
- |
|
406 |
- |
|
407 |
- |
|
408 |
-<a href="#contenido">Volver</a> |
|
409 |
- |
|
410 |
- |
|
411 |
-<!-- SECCION PRUEBAS----------------------------------------------------------- --> |
|
412 |
-<hr align="center" size="3" width="85%"> |
|
413 |
- |
|
414 |
-<a name="pruebas"> |
|
415 |
-<h3>Pruebas del sistema</h3> |
|
416 |
-<p>Para probar el sistema solo hay que enviar algunos de los archivos con firmas de |
|
417 |
-viruas que vienen en las fuentes del clam, para checar si el sistema esta detectando los virus en los correos.</p> |
|
418 |
- |
|
419 |
-<a href="#contenido">Volver</a> |
|
420 |
- |
|
421 |
- |
|
422 |
- |
|
423 |
- |
|
424 |
- |
|
425 |
-<hr align="center" size="3" width="85%"> |
|
426 |
- |
|
427 |
- |
|
428 |
- |
|
429 | ||
430 |
-<p> |
|
431 | ||
432 | ||
433 |
-</p> |
|
434 |
-<h4>Remover antiguo clam</h4> |
|
435 |
- |
|
436 | ||
437 |
-y simplemente hacer:<br><br> |
|
438 |
-<em>make uninstall</em> |
|
439 |
-<br><br> |
|
440 | ||
441 |
-</p> |
|
442 |
- |
|
443 |
- |
|
444 |
-<h4>Remover amavis perl-11</h4> |
|
445 |
- |
|
446 | ||
447 |
-y simplemente hacer:<br><br> |
|
448 |
-<em>make uninstall</em> |
|
449 |
-<br><br> |
|
450 |
-Con lo anterior tendriamos desinstalado amavis perl-11. |
|
451 |
-<br> |
|
452 |
- |
|
453 |
-</p> |
|
454 |
- |
|
455 |
-<h4>Deshacer cambios para amavis-perl en Sendmail</h4> |
|
456 |
-<p>Como recordaran aquellos que usaron amavis perl, se requeria hacer algunos cambios |
|
457 | ||
458 |
-<br><br> |
|
459 |
-<ul> |
|
460 | ||
461 |
-<em> cp sendmail.cf sendmail.cf.amavisperl</em> </li> |
|
462 |
-<br> |
|
463 |
-<li>Devolver la version original de sendmail.cf :<br> |
|
464 |
-<em>cp sendmail.orig.cf sendmail.cf</em></li> |
|
465 |
-<br> |
|
466 |
-<li>Reiniciar sendmail</li> |
|
467 |
-<br> |
|
468 | ||
469 |
-a la normalidad :)</li> |
|
470 |
-</ul> |
|
471 |
-</p> |
|
472 |
-<a href="#contenido">Volver</a> |
|
473 |
- |
|
474 |
-<hr align="center" size="3" width="85%"> |
|
475 |
- |
|
476 |
-</body> |
|
477 |
-</html> |
478 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,630 +0,0 @@ |
1 | ||
2 | ||
3 |
-Email: edukanka at yahoo dot com |
|
4 |
- |
|
5 | ||
6 |
- |
|
7 | ||
8 |
- 1.2 E-posta listeleri |
|
9 | ||
10 |
- |
|
11 |
-2. Kurulum |
|
12 |
- |
|
13 | ||
14 |
- 2.2 Desteklenen platformlar |
|
15 | ||
16 |
- 2.4 Binary paketleri |
|
17 |
- 2.5 Kurulum |
|
18 | ||
19 |
- 2.7 Test |
|
20 | ||
21 | ||
22 |
- |
|
23 |
-3. Kullanma |
|
24 |
- |
|
25 |
- 3.1 Clam daemon |
|
26 |
- 3.2 Clamuko |
|
27 | ||
28 | ||
29 |
- |
|
30 | ||
31 |
- |
|
32 |
- 4.1 clamav-milter |
|
33 |
- 4.2 mod clamav |
|
34 |
- 4.3 TrashScan |
|
35 | ||
36 |
- 4.5 amavisd-new(yeni) |
|
37 |
- 4.6 Qmail-Scanner |
|
38 |
- 4.7 Sagator |
|
39 |
- 4.8 ClamdMail |
|
40 |
- 4.9 BlackHole |
|
41 |
- 4.10 MailScanner |
|
42 |
- 4.11 MIMEDefang |
|
43 |
- 4.12 Exiscan |
|
44 |
- |
|
45 |
-5. LibClamAV |
|
46 |
- |
|
47 |
- 5.1 API |
|
48 | ||
49 |
- |
|
50 | ||
51 |
- |
|
52 | ||
53 |
- |
|
54 | ||
55 |
- 7.2 Scan engine |
|
56 |
- |
|
57 |
- |
|
58 |
- |
|
59 |
- |
|
60 |
- |
|
61 |
- |
|
62 |
- |
|
63 |
- |
|
64 |
- |
|
65 |
- |
|
66 |
- |
|
67 |
- |
|
68 |
- |
|
69 |
- |
|
70 |
- |
|
71 |
- |
|
72 |
- |
|
73 |
- |
|
74 |
- |
|
75 |
- |
|
76 |
- |
|
77 |
- |
|
78 |
- |
|
79 |
- |
|
80 |
- |
|
81 | ||
82 |
- |
|
83 | ||
84 |
- |
|
85 | ||
86 |
- |
|
87 | ||
88 | ||
89 | ||
90 | ||
91 | ||
92 | ||
93 | ||
94 | ||
95 | ||
96 |
-* RAR(2.0),zip,Gzip,Bzip2 desteler |
|
97 |
- |
|
98 |
-1.2 E-posta listeleri |
|
99 |
- |
|
100 |
-3 e-posta listesi mevcut. |
|
101 |
- |
|
102 | ||
103 | ||
104 | ||
105 | ||
106 |
- |
|
107 | ||
108 |
- |
|
109 |
-http://archive.elektrapro.com/clamav.elektrapro.com/users/ |
|
110 |
-http://archive.elektrapro.com/clamav.elektrapro.com/devel/ |
|
111 |
- |
|
112 | ||
113 |
- |
|
114 | ||
115 |
- |
|
116 |
-2. KURULUM |
|
117 |
- |
|
118 | ||
119 |
- |
|
120 | ||
121 |
- |
|
122 |
-2.2 Desteklenen platformlar |
|
123 |
- |
|
124 | ||
125 |
- |
|
126 |
-* GNU/Linux 2.2/2.4 (Hepsinde, Intel/SPARC/Alpha/zSeries/S/390) |
|
127 |
-* Solaris 2.6/7/8/9 (Intel/SPARC) |
|
128 |
-* _ FreeBSD 4.5/6/7 5.0 (Intel/Alpha) |
|
129 |
-* _ OpenBSD 3.0/1/2 (Intel) |
|
130 |
-* _ AIX 4.1/4.2/4.3/5.1 (RISC 6000) |
|
131 |
-* HPUX 11.0 |
|
132 |
-* _ SCO UNIX |
|
133 |
-* _ Mac OS X |
|
134 |
-* _ BeOS |
|
135 |
-* _ Cobalt MIPS boxes (RAQ1, RAQ2, QUBE2) |
|
136 |
-* _ Windows/Cygwin |
|
137 |
- |
|
138 | ||
139 |
- |
|
140 | ||
141 |
- |
|
142 | ||
143 |
- |
|
144 |
-2.4 Binary paketleri |
|
145 |
- |
|
146 | ||
147 |
- |
|
148 |
- |
|
149 |
- |
|
150 |
-2.5 Kurulum |
|
151 |
- |
|
152 | ||
153 | ||
154 |
- |
|
155 |
-# groupadd clamav |
|
156 |
-# useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav |
|
157 |
- |
|
158 | ||
159 |
-to the configure scripti kulanarak atlayabilirsiniz. |
|
160 |
- |
|
161 |
-$ ./configure --disable-clamav |
|
162 |
- |
|
163 | ||
164 |
- |
|
165 |
-$ zcat clamav-x.yz.tar.gz | tar xvf -$ |
|
166 |
-cd clamav-x.yz |
|
167 |
- |
|
168 | ||
169 |
- |
|
170 |
-$ ./configure --sysconfdir=/etc |
|
171 |
- |
|
172 | ||
173 |
- |
|
174 |
-$ make |
|
175 |
-$ su -c "make install" |
|
176 |
- |
|
177 | ||
178 | ||
179 |
- |
|
180 | ||
181 |
- |
|
182 | ||
183 |
- |
|
184 |
-$ clamd |
|
185 |
-ERROR: Please edit the example config file |
|
186 |
-/etc/clamav.conf. |
|
187 |
- |
|
188 | ||
189 | ||
190 | ||
191 |
- |
|
192 |
-$ tar zxpvf dazuko-a.b.c.tar.gz |
|
193 |
-$ cd dazuko-a.b.c |
|
194 |
-$ make dazuko |
|
195 |
-or |
|
196 |
-$ make dazuko-smp (for smp kernels) |
|
197 |
-$ su |
|
198 |
-# insmod dazuko.o |
|
199 | ||
200 | ||
201 |
- |
|
202 | ||
203 |
- |
|
204 |
-modprobe dazuko |
|
205 |
- |
|
206 | ||
207 |
- |
|
208 |
-$ cat /proc/devices | grep dazuko |
|
209 |
-254 dazuko |
|
210 |
-$ su -c "mknod -m 600 /dev/dazuko c 254 0" |
|
211 |
- |
|
212 | ||
213 |
- |
|
214 |
-2.7 Test |
|
215 |
- |
|
216 | ||
217 |
- |
|
218 |
-$ clamscan -r -l scan.txt clamav-x.yz |
|
219 |
- |
|
220 | ||
221 |
- |
|
222 |
-$ clamdscan -l scan.txt clamav-x.yz |
|
223 |
- |
|
224 |
- |
|
225 |
- |
|
226 |
- |
|
227 |
- |
|
228 | ||
229 |
- |
|
230 | ||
231 | ||
232 | ||
233 | ||
234 |
- |
|
235 |
-# touch /var/log/clam-update.log |
|
236 |
-# chmod 600 /var/log/clam-update.log |
|
237 |
-# chown clamav /var/log/clam-update.log |
|
238 |
- |
|
239 | ||
240 |
- |
|
241 |
-# freshclam -d -c 2 -l /var/log/clam-update.log |
|
242 |
- |
|
243 | ||
244 |
- |
|
245 |
-0 8 * * * /usr/local/bin/freshclam --quiet -l /var/log/clam - update.log |
|
246 |
- |
|
247 | ||
248 |
- |
|
249 |
-export http_proxy="my.proxy.server:8080" |
|
250 |
- |
|
251 | ||
252 |
- |
|
253 | ||
254 |
- |
|
255 | ||
256 | ||
257 | ||
258 | ||
259 |
- |
|
260 | ||
261 |
- |
|
262 |
-3. Kullanma |
|
263 |
- |
|
264 |
-3.1 Clam daemon |
|
265 |
- |
|
266 | ||
267 |
-* Unix (yerel) soketler |
|
268 |
-* TCP soketleri |
|
269 | ||
270 |
- |
|
271 | ||
272 |
-* VERSION Versiyon ile ilgili bilgileri verir. |
|
273 | ||
274 | ||
275 | ||
276 | ||
277 | ||
278 | ||
279 |
- |
|
280 | ||
281 |
- |
|
282 |
-3.2 Clamuko |
|
283 |
- |
|
284 | ||
285 |
- |
|
286 | ||
287 | ||
288 |
- |
|
289 | ||
290 |
- |
|
291 |
-ClamukoIncludePath /home |
|
292 |
- |
|
293 | ||
294 |
- |
|
295 |
-ClamukoIncludePath / |
|
296 |
-ClamukoExcludePath /proc |
|
297 |
-ClamukoExcludePath /tempdir/of/mail/scanner |
|
298 | ||
299 |
- |
|
300 | ||
301 |
- |
|
302 | ||
303 |
- |
|
304 |
-* Zip |
|
305 |
-* Gzip |
|
306 | ||
307 |
- |
|
308 | ||
309 | ||
310 |
- |
|
311 |
-$ clamscan --unrar rarfail.rar |
|
312 |
-/home/zolw/Clam/test/rarfail.rar: RAR module failure. |
|
313 |
-UNRAR 3.00 freeware Copyright (c) 1993-2002 Eugene Roshal |
|
314 |
-Extracting from /home/zolw/Clam/test/rarfail.rar |
|
315 |
-Extracting test1 OK |
|
316 |
-All OK |
|
317 |
-/tmp/44694f5b2665d2f4/test1: ClamAV-Test-Signature FOUND |
|
318 |
-/home/zolw/Clam/test/rarfail.rar: Infected Archive FOUND |
|
319 |
- |
|
320 | ||
321 |
- |
|
322 | ||
323 | ||
324 | ||
325 | ||
326 | ||
327 | ||
328 | ||
329 | ||
330 | ||
331 | ||
332 |
- |
|
333 | ||
334 |
- |
|
335 | ||
336 |
- |
|
337 | ||
338 |
-Trying 127.0.0.1... |
|
339 |
-Connected to localhost. |
|
340 | ||
341 |
-SCAN /home/zolw/infected |
|
342 |
-/home/zolw/infected/sobre.com: W32/Magistr.B FOUND |
|
343 |
-Connection closed by foreign host. |
|
344 |
- |
|
345 | ||
346 |
- |
|
347 |
-SCAN /home/zolw/Clam/test/test2.zip |
|
348 |
-/home/zolw/Clam/test/test2.zip: ClamAV-Test-Signature FOUND |
|
349 |
- |
|
350 | ||
351 |
- |
|
352 |
-SCAN /no/such/file |
|
353 | ||
354 |
- |
|
355 | ||
356 | ||
357 |
- |
|
358 |
-/TEST/test: OK |
|
359 |
-/TEST/Makefile: OK |
|
360 |
-/TEST/getopt.c: OK |
|
361 |
-/TEST/virfile: Phantom #1 FOUND |
|
362 |
- |
|
363 | ||
364 |
- |
|
365 | ||
366 |
- |
|
367 | ||
368 | ||
369 | ||
370 |
- |
|
371 |
-4.1 clamav-milter |
|
372 |
- |
|
373 | ||
374 |
-Destekleyen: clamd |
|
375 |
- |
|
376 | ||
377 | ||
378 | ||
379 |
- |
|
380 |
-$ ./configure --enable-milter |
|
381 |
- 16 |
|
382 | ||
383 | ||
384 |
-Ekleyin. |
|
385 |
- |
|
386 | ||
387 | ||
388 | ||
389 |
- |
|
390 | ||
391 |
- |
|
392 |
-LocalSocket /var/run/clamd.sock |
|
393 |
-ScanMail |
|
394 |
-SaveStreamToDisk |
|
395 |
- |
|
396 | ||
397 |
- |
|
398 |
-/usr/local/sbin/clamav-milter -blo /var/run/clmilter.sock |
|
399 |
- |
|
400 | ||
401 |
- |
|
402 |
-4.2 mod clamav |
|
403 |
- |
|
404 | ||
405 |
-Destekleyen: libclamav, clamd |
|
406 |
- |
|
407 | ||
408 | ||
409 |
- |
|
410 |
-4.3 TrashScan |
|
411 |
- |
|
412 | ||
413 |
-Destekleyen: clamscan |
|
414 |
- |
|
415 | ||
416 |
-17 |
|
417 | ||
418 |
- |
|
419 | ||
420 |
-Destekleyen: clamscan |
|
421 | ||
422 |
- |
|
423 | ||
424 | ||
425 |
- |
|
426 |
-virus-scanner = CLAM |
|
427 |
- |
|
428 | ||
429 |
- |
|
430 |
-[CLAM] |
|
431 |
-clamscan = /usr/local/bin/clamscan |
|
432 |
- |
|
433 |
-4.5 amavisd-new(yeni) |
|
434 |
- |
|
435 | ||
436 |
-Destekleyen: clamd, clamscan |
|
437 | ||
438 |
- |
|
439 | ||
440 | ||
441 |
- |
|
442 |
-4.6 Qmail-Scanner |
|
443 |
- |
|
444 | ||
445 |
-Destekleyen: clamscan |
|
446 |
- |
|
447 | ||
448 |
- |
|
449 |
-4.7 Sagator |
|
450 |
- |
|
451 | ||
452 |
-Destekleyen: clamscan, clamd, libclamav |
|
453 |
- 18 |
|
454 | ||
455 | ||
456 |
- |
|
457 |
-4.8 ClamdMail |
|
458 |
- |
|
459 | ||
460 |
-Destekleyen: clamd |
|
461 | ||
462 |
- |
|
463 |
-4.9 BlackHole |
|
464 |
- |
|
465 | ||
466 |
-Destekleyen: clamscan, clamd |
|
467 |
- |
|
468 | ||
469 |
- |
|
470 |
-4.10 MailScanner |
|
471 |
- |
|
472 | ||
473 |
-Destekleyen: clamscan |
|
474 |
- |
|
475 | ||
476 | ||
477 |
- |
|
478 |
-4.11 MIMEDefang |
|
479 | ||
480 |
-Destekleyen: clamscan, clamd |
|
481 |
- |
|
482 | ||
483 |
- |
|
484 |
-4.12 Exiscan |
|
485 |
- |
|
486 | ||
487 |
-Destekleyen: clamscan, clamd |
|
488 | ||
489 |
-5. LibClamAV |
|
490 |
- |
|
491 | ||
492 |
- |
|
493 |
-5.1 API |
|
494 | ||
495 |
- |
|
496 |
-#include <clamav.h> |
|
497 |
- |
|
498 | ||
499 |
- |
|
500 |
-int cl_loaddb(const char *filename, struct cl_node **root, |
|
501 |
-int *virnum); |
|
502 |
-int cl_loaddbdir(const char *dirname, struct cl_node **root, |
|
503 |
-int *virnum); |
|
504 |
-char *cl_retdbdir(void); |
|
505 |
- |
|
506 | ||
507 | ||
508 |
- |
|
509 |
-struct cl_node *root = NULL; |
|
510 |
-int ret; |
|
511 |
-ret = cl_loaddbdir(cl_retdbdir(), &root, NULL); |
|
512 |
-20 |
|
513 | ||
514 |
- |
|
515 |
-char *cl_perror(int clerror); |
|
516 |
- |
|
517 | ||
518 |
- |
|
519 |
-if(ret) { |
|
520 |
-printf("cl_loaddbdir() error: %s\n", cl_perror(ret)); |
|
521 |
-exit(1); |
|
522 |
-} |
|
523 |
- |
|
524 | ||
525 |
- |
|
526 |
-void cl_buildtrie(struct cl_node *root); |
|
527 |
- |
|
528 |
- |
|
529 |
- |
|
530 |
- |
|
531 | ||
532 |
- |
|
533 |
-cl_buildtrie(root); |
|
534 |
- |
|
535 | ||
536 |
- |
|
537 |
-int cl_scanbuff(const char *buffer, unsigned int length, |
|
538 |
-char **virname, const struct cl_node *root); |
|
539 |
-int cl_scandesc(int desc, char **virname, unsigned long int |
|
540 |
-*scanned, const struct cl_node *root, const struct cl_limits |
|
541 |
-*limits, int options); |
|
542 |
-int cl_scanfile(const char *filename, char **virname, |
|
543 |
-unsigned long int *scanned, const struct cl_node *root, |
|
544 |
-const struct cl_limits *limits, int options); |
|
545 |
- |
|
546 | ||
547 |
- |
|
548 |
-struct cl_limits { |
|
549 |
-int maxreclevel; |
|
550 |
-int maxfiles; |
|
551 |
-long int maxfilesize; |
|
552 |
-}; |
|
553 |
-21 |
|
554 | ||
555 |
- |
|
556 |
-struct cl_limits limits; |
|
557 |
-char *virname; |
|
558 |
-/* maximal number of files in archive */; |
|
559 |
-limits.maxfiles = 100 |
|
560 |
-/* maximal archived file size == 10 Mb */ |
|
561 |
-limits.maxfilesize = 10 * 1048576; |
|
562 |
-/* maximal recursion level */ |
|
563 |
-limits.maxreclevel = 8; |
|
564 |
-if((ret = cl_scanfile("/home/zolw/test", &virname, NULL, root, |
|
565 |
-&limits, CL_ARCHIVE)) == CL_VIRUS) { |
|
566 |
-printf("Detected %s virus.\n", virname); |
|
567 |
-} else { |
|
568 |
-printf("No virus detected.\n"); |
|
569 |
-if(ret != CL_CLEAN) |
|
570 |
-printf("Error: %s\n", cl_perror(ret)); |
|
571 |
-} |
|
572 |
- |
|
573 | ||
574 |
- |
|
575 |
-void cl_freetrie(struct cl_node *root); |
|
576 |
- |
|
577 | ||
578 |
- |
|
579 |
-gcc -Wall ex1.c -o ex1 -lclamav |
|
580 |
- |
|
581 | ||
582 |
- 22 |
|
583 | ||
584 |
- |
|
585 | ||
586 |
- |
|
587 | ||
588 |
- |
|
589 |
-$ echo $? |
|
590 |
- |
|
591 | ||
592 |
- |
|
593 | ||
594 | ||
595 | ||
596 | ||
597 | ||
598 | ||
599 | ||
600 | ||
601 | ||
602 | ||
603 | ||
604 | ||
605 | ||
606 |
- |
|
607 | ||
608 |
- 23 |
|
609 | ||
610 | ||
611 | ||
612 | ||
613 | ||
614 |
- |
|
615 | ||
616 |
- |
|
617 | ||
618 |
- |
|
619 | ||
620 |
- |
|
621 |
-7.2 Scan engine |
|
622 |
- |
|
623 | ||
624 |
- |
|
625 |
-struct node { |
|
626 |
-int islast; |
|
627 |
-struct patt *list; |
|
628 |
-int maxpatlen; |
|
629 |
-struct node *next[NUM_CHILDS], *trans[NUM_CHILDS], *fail;}; |
|
630 |
- |