postfix之clamav详解

呼叫器：caller 通过此调用反垃圾和病毒机制
    MIMEDefang、Mailscanner、Amavisd-new

反垃圾：
    关闭OpenRelay


    RBL（Realtime Black List）实时黑名单


    内容过滤器：

        Spamassassin perl开发，垃圾邮件分拣器。根据特征码分析。

病毒：
    clamav 开源杀毒软件 病毒邮件服务器网管

clamav：

    编译安装：
        0.安装依赖包：
            #yum install zlib-devel

        1.添加用户和组：
            添加ClamAV运行所需的组和用户：
            #groupadd clamav
            #useradd -g clamav -s /sbin/nologin -M clamav

            添加配合amavisd-new使用的用户amavis
            #groupadd amavis
            #useradd -g amavis -s /sbin/nologin -M amavis

        2.编译安装：     
            #tar zxvf clamav-xxx.tar.gz
            #cd clamav-xxx
            #./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/clamav/share --sysconfdir=/etc/clamav
            #make
            #make check
            #make install

        3.编辑配置文件：
            /etc/clamav/clamd.conf
                #Example
                LogFile /var/log/clamav/clamd.log
                PidFile /var/run/clamav/clamd.pid
                LocalSocket /var/run/clamav/clamd.socket
                DatabaseDirectory /usr/local/clamav/share
                User amavis
                LogSyslog yes
                LogFacility LOG_MAIL
                LogVerbose yes
                StreamMaxLength 20M   

                说明：上面最后一个参数后面的数值应该与邮件服务器允许的最大附件值相一致


            /etc/clamav/freshclam.conf 进程配置文件
                #Example
                DatabaseDirectory /usr/local/clamav/share
                UpdateLogFile /var/log/clamav/freshclam.log
                PidFile /var/run/clamav/freshclam.pid
                DatabaseMirror db.XY.clamav.net  (这里也可以把XY改成您的国家代码来实现，比如，我们用cn来代替)
                LogSyslog yes
                LogFacility LOG_MAIL
                LogVerbose yes

     
         4.创建相关目录：
            # mkdir -v /var/log/clamav
            # chown -R amavis.amavis /var/log/clamav
            # mkdir -v /var/run/clamav
            # chmod 700 /var/run/clamav
            # chown -R amavis.amavis /var/run/clamav

            建立freshlog的日志文件
            #touch  /var/log/clamav/freshclam.log
            #chown  clamav.clamav  /var/log/clamav/freshclam.log

         5.配置库更新：
            配置crontab，让Clam AntiVirus每小时检测一次新的病毒库：
             # crontab -e
                37 * * * * /usr/local/clamav/bin/freshclam

         6.配置库文件搜索路径：
             # echo “/usr/local/clamav/lib” >> /etc/ls.so.conf
             # ldconfig -v

         7.配置clamav开机自动启动
             # cp contrib/init/RedHat/clamd  /etc/rc.d/init.d/clamd
             # cp contrib/init/RedHat/clamav-milter  /etc/rc.d/init.d/clamav-milter
             # chkconfig --add clamd
             # chkconfig --add clamav-milter
             # chkconfig --level 2345 clamd on
             # chkconfig --level 2345 clamav-milter on

        8.编辑/etc/rc.d/init.d/clamd，将服务进程的路径指向刚才的安装目录
             #vim /etc/rc.d/init.d/clamd
                progdir="/usr/local/clamav/sbin"