RHEL4上安装基于postfix的全功能邮件服务器(全部使用目前最新源码包构建) (2)

十三、安装maildrop-2.0.4

maildrop是一个使用C++编写的用来代替本地MDA的带有过滤功能邮件投递代理，是courier邮件系统组件之一。它从标准输入接受信息并投递到用户邮箱；maildrop既可以将邮件投递到mailboxes格式邮箱，亦可以将其投递到maildirs格式邮箱。同时，maildrop可以从文件中读取入站邮件过滤指示，并由此决定是将邮件送入用户邮箱或者转发到其它地址等。和procmail不同的是，maildrop使用结构化的过滤语言，因此，邮件系统管理员可以开发自己的过滤规则并应用其中。

我们在此将使用maildrop来代替postfix自带的MDA，并以此为基础扩展后文的邮件杀毒和反垃圾邮件功能的调用；在此可能会修改前文中的许多设置，请确保您的设置也做了相应的修改。

1、安装

将courier-authlib的头文件及库文件链接至/usr目录(编译maildrop时会到此目录下找此些相关的文件):
# ln -sv /usr/local/courier-authlib/bin/courierauthconfig   /usr/bin
# ln -sv /usr/local/courier-authlib/include/*   /usr/include

maildrop需要pcre的支持，因此，接下来将首先安装pcre
# tar jxvf pcre-7.3.tar.bz2
# cd pcre-7.3
# ./configure
# make
# make check
# make install

# groupadd -g 1001 vmail
# useradd -g vmail -u 1001 -M -s /sbin/nologin vmail
# tar jxvf maildrop-2.0.4.tar.bz2
# cd maildrop-2.0.4
# ./configure
    --enable-sendmail=/usr/sbin/sendmail
    --enable-trusted-users='root vmail'
    --enable-syslog=1 --enable-maildirquota
    --enable-maildrop-uid=1001
    --enable-maildrop-gid=1001
    --with-trashquota --with-dirsync
# make
# make install

检查安装结果，请确保有"Courier Authentication Library extension enabled."一句出现：
# maildrop -v
maildrop 2.0.4 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.


2、新建其配置文件/etc/maildroprc文件，首先指定maildrop的日志记录位置：
# vi /etc/maildroprc
添加：
logfile "/var/log/maildrop.log"

# touch /var/log/maildrop.log
# chown vmail.vmail /var/log/maildrop.log

3、配置Postfix

编辑master.cf
# vi /etc/postfix/master.cf
启用如下两行
maildrop  unix  -       n       n       -       -       pipe
   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}

注意：定义transport的时候，即如上两行中的第二行，其参数行 必须以空格开头，否则会出错。

编辑main.cf
# vi /etc/postfix/main.cf
virtual_transport = virtual
修改为：
virtual_transport = maildrop

将下面两项指定的UID和GID作相应的修改:
virtual_uid_maps = static:2525
virtual_gid_maps = static:2525
修改为:
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001


4、编辑/etc/authmysqlrc

# vi /etc/authmysqrc
MYSQL_UID_FIELD  '2525'
MYSQL_GID_FIELD  '2525'
更改为：
MYSQL_UID_FIELD  '1001'
MYSQL_GID_FIELD  '1001'

注意：没有此处的修改，maildrop可能会报告 “signal 0x06”的错误报告。

5、编辑/etc/httpd/httpd.conf，修改运行用户:

如果启用了suexec的功能，则将虚拟主机中指定的
SuexecUserGroup postfix postfix
修改为：
SuexecUserGroup vmail vmail

如果没有使用上面的功能，则修改User和Group指令后的用户为vmail
将前文中的如下项
User postfix
Group postfix
修改为：
User vmail
Group vmail

6、将用户邮件所在的目录/var/mailbox和extman的临时目录/tmp/extman的属主和属组指定为vmail
#chown -R vmail.vmail /var/mailbox
#chown -R vmail.vmail /tmp/extman


接下来重新启动postfix和apache，进行发信测试后，如果日志中的记录类同以下项，则安装成功

Sep 16 12:04:43 Ixor postfix/pipe[14266]: 46B491A5CB: to=< [email protected]>, relay=maildrop, delay=2306, delays=2306/0.04/0/0.07, dsn=2.0.0, status=sent (delivered via maildrop service)

 

接下来安装反病毒和反垃圾邮件的相关组件clamav、amavisd和SpamAssassin

ClamAV是一个unix系统平台上的开源反病毒工具，它是特地为在邮件网关上进行邮件扫描而设计的。整套软件提供了许多的实用工具，包括一个可伸缩和可升级的多线程守护进程、一个命令行扫描工具和病毒库自动升级工具。

SpamAssassin 是目前最好的、最流行的开源反垃圾邮件软件之一。它是一个邮件过滤器，使用了多种反垃圾邮件技术，如：文本分析、贝叶斯过滤、DNS黑名单和分布式协同过滤数据库等。

amavisd-new是一个连接MTA和内容检测工具（诸如病毒扫描工具和SpamAssassin)的高性能接口程序，使用perl语言写成。它一般通过SMTP、ESMTP或者LMTP和MTA进行通讯，当然也可以借助于其它外部程序进行。同postfix（MTA）协同工作时表现尤佳。当它呼叫SpamAssassin进行内容过滤时，对于一封邮件只需要呼叫一次，而不管这封邮件将发往多少个收件人；同时，它亦会尽力保证实现每一位收件人的偏好设置，如接收/拒绝，检测/不检测，垃圾邮件级别等；它还会在邮件头部分插入spam相关信息。

十四、安装clamav-0.91.2

最新的clamav-0.91.2需要zlib-1.2.2以上的版本的支持，而RHEL4上的版本为zlib-1.2.1，因此您需要先升级zlib

1、安装zlib-1.2.3

#tar zvxf zlib-1.2.3.tar.gz
#cd zlib-1.2.3
#./configure --prefix=/usr --shared
#make
#make test

2、安装clamav-0.91.2

添加ClamAV运行所需的组和用户：
#groupadd clamav
#useradd -g clamav -s /sbin/nologin -M clamav

添加配合amavisd-new使用的用户amavis
#groupadd amavis
#useradd -g amavis -s /sbin/nologin -M amavis

#tar zxvf clamav-0.91.2.tar.gz
#cd clamav-0.91.2
#./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/clamav/share --sysconfdir=/etc/clamav
#make
#make check
#make install

3、配置Clam AntiVirus：

编辑主配置文件：
#vi /etc/clamav/clamd.conf

注释掉第八行的Example,如下：
# Example

找到如下行
#LogFile /tmp/clamd.log
#PidFile /var/run/clamd.pid
LocalSocket /tmp/clamd.socket
#DatabaseDirectory /var/lib/clamav
#User clamav
修改为：
LogFile /var/log/clamav/clamd.log
PidFile /var/run/clamav/clamd.pid
LocalSocket /var/run/clamav/clamd.socket
DatabaseDirectory /usr/local/clamav/share
User amavis

启用以下选项
LogSyslog yes
LogFacility LOG_MAIL
LogVerbose yes
StreamMaxLength 20M  (后面的数值应该与邮件服务器允许的最大附件值相一致)


编辑更新进程的配置文件
#vi /etc/clamav/freshclam.conf

注释掉Example，如下:
# Example

找到如下行
#DatabaseDirectory /var/lib/clamav
#UpdateLogFile /var/log/freshclam.log
PidFile /var/run/freshclam.pid
分别修改为：
DatabaseDirectory /usr/local/clamav/share
UpdateLogFile /var/log/clamav/freshclam.log
PidFile /var/run/clamav/freshclam.pid

启用以下选项：
DatabaseMirror db.XY.clamav.net  (这里也可以把XY改成您的国家代码来实现，比如，我们用cn来代替)
LogSyslog yes
LogFacility LOG_MAIL
LogVerbose yes

4、建立日志所在的目录、进程与socket所在的目录，并让它属于clamav用户：

# mkdir -v /var/log/clamav
# chown -R amavis.amavis /var/log/clamav
# mkdir -v /var/run/clamav
# chmod 700 /var/run/clamav
# chown -R amavis.amavis /var/run/clamav

建立freshlog的日志文件
#touch  /var/log/clamav/freshclam.log
#chown  clamav.clamav  /var/log/clamav/freshclam.log

5、配置crontab，让Clam AntiVirus每小时检测一次新的病毒库：

# crontab -e
添加：
37 * * * * /usr/local/clamav/bin/freshclam

6、配置库文件搜索路径：

# echo “/usr/local/clamav/lib” >> /etc/ls.so.conf
# ldconfig -v

7、配置clamav开机自动启动

# cp contrib/init/RedHat/clamd  /etc/rc.d/init.d/clamd
# cp contrib/init/RedHat/clamav-milter  /etc/rc.d/init.d/clamav-milter
# chkconfig --add clamd
# chkconfig --add clamav-milter
# chkconfig --level 2345 clamd on
# chkconfig --level 2345 clamav-milter on

编辑/etc/rc.d/init.d/clamd，将服务进程的路径指向刚才的安装目录
#vi /etc/rc.d/init.d/clamd
找到如下行
progdir="/usr/local/sbin"
修改为：
progdir="/usr/local/clamav/sbin"

启动clamd
#service clamd start

十五、安装Spamassassin-3.2.3    (2007.9.19新增)

1、依赖关系的解决，安装Spamassassin需要很多perl模块的支持，以下是所需模块列表及安装方法；

必须的软件包：
Digest::SHA1
HTML::Parser
Net::DNS
LWP (aka libwww-perl)
HTTP::Date
IO::Zlib
Archive::Tar

可选的软件包，其中有些后面的amavisd也有可能会用到:
MIME::Base64
DB_File
Net::SMTP
Mail::SPF
IP::Country::Fast
Net::Ident
IO::Socket::INET6
IO::Socket::SSL
Compress::Zlib
Time::HiRes
Mail::DKIM
Mail::DomainKeys
DBI *and* DBD driver/modules
Encode::Detect
Apache::Test
Razor2

推荐使用CPAN自动安装（你的主机要能连上Internet），它能够自动下载安装，并能解决安装过程中的依赖关系。您可以使用类同的以下的命令来进行安装:
#perl -MCPAN -e shell
cpan> install Digest::SHA1
………………

如果您的主机无法直接连接到Internet，您也可以到 [url]http://search.cpan.org[/url]上搜索下载所需要的软件包，而后使用类同的下列命令安装：

#tar zxvf 软件包.tar.gz
#cd 软件包
#perl Makefile.PL
#make
#make test
#make install
说明：某些软件包安装的过程中可能需要已经列出的其它软件包的支持（可以先尝试安装Spamassassin,然后按提示补充所需软件包），请安照提示自行调整安装顺序。另外，其中有个软件包安装过程中可能要求声明环境变量LC_ALL，此时，可输入如下命令，并重新进行软件包的编译安装即可。
#export LC_ALL=C

2、安装Spamassassin-3.2.3

#tar jxvf Mail-SpamAssassin-3.2.3.tar.bz2
#cd Mail-SpamAssassin-3.2.3
#perl Makefile.PL
#make
#make check
#make istall

3、编辑主配置文件/etc/mail/spamassassin/local.cf

required_hits 10.0
rewrite_subject 1
required_score 5.0
rewrite_header Subject *****SPAM*****
report_safe     1
use_bayes       1
bayes_auto_learn        1
skip_rbl_checks         1
use_razor2      0
use_pyzor       0
ok_locales      all


4、测试spamassassin

#spamassassin -t < sample-nonspam.txt > nonspam.out
#spamassassin -t < sample-spam.txt > spam.out

查看测试结果：

#less nonspam.out
#less spam.out

5、检查配置文件

#spamassassin -d --lint

6、启动进程，并将其加入到自动启动队列

#/usr/bin/spamd -d
#echo "/usr/bin/spamd -d" >> /etc/rc.local

十六、安装amavisd-new-2.5.2

1、依赖关系的解决

以下为官方声明所必须的软件包列表，你可以采用类同安装Spamassassin一节中的perl模块的安装方法进行安装

Archive::Zip   (Archive-Zip-x.xx) (1.14 or later should be used!)
Compress::Zlib (Compress-Zlib-x.xx) (1.35 or later)
Convert::TNEF  (Convert-TNEF-x.xx)
Convert::UUlib (Convert-UUlib-x.xxx) (1.08 or later, stick to new versions!)
MIME::Base64   (MIME-Base64-x.xx)
MIME::Parser   (MIME-Tools-x.xxxx) (latest version from CPAN - currently 5.420)
Mail::Internet (MailTools-1.58 or later have workarounds for Perl 5.8.0 bugs)
Net::Server    (Net-Server-x.xx) (version 0.88 finally does setuid right)
Digest::MD5    (Digest-MD5-x.xx) (2.22 or later)
IO::Stringy    (IO-stringy-x.xxx)
Time::HiRes    (Time-HiRes-x.xx) (use 1.49 or later, older can cause problems)
Unix::Syslog   (Unix-Syslog-x.xxx)
BerkeleyDB     with bdb library 3.2 or later (4.2 or later preferred)

2、安装amavisd-new-2.5.2

创建运行时目录，并赋予amavis用户（前文中所建）
# mkdir -pv /var/amavis/{tmp,var,db,home}
# chown -R amavis:amavis /var/amavis
#chmod -R 750 /var/amavis

#tar zxvf amavisd-new-2.5.2.tar.gz
#cd amavisd-new-2.5.2

拷贝服务端至$PATH中指定的目录，推荐拷贝至/usr/local/sbin：
#cp amavisd /usr/local/sbin/
#chown root /usr/local/sbin/amavisd
#chmod 755  /usr/local/sbin/amavisd

拷贝主配置文件至/etc，并修改相应的权限：
#cp amavisd.conf /etc
# chown root:amavis /etc/amavisd.conf
# chmod 640 /etc/amavisd.conf

创建amavisd运行中所需要的隔离区域：
# mkdir -v /var/virusmails
# chown amavis:amavis /var/virusmails/
# chmod 750 /var/virusmails/

3、编辑主配置文件
#vi /etc/amavisd.conf

确保您的如下选项的值如下文所示：
$daemon_user  = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'benet.org'; (此处可更改为您集体的域)

$virus_admin               = "postmaster\@$mydomain";  
$mailfrom_notify_admin     = "postmaster\@$mydomain";  
$mailfrom_notify_recip     = "postmaster\@$mydomain";  
$mailfrom_notify_spamadmin = "postmaster\@$mydomain";
$mailfrom_to_quarantine = '';

virus_admin_maps => ["postmaster\@$mydomain"]    (指定报告病毒和垃圾邮件时发送系统邮件的用户身份)
spam_admin_maps  => ["postmaster\@$mydomain"]

启用ClamAV,(大概在第355行)去掉如下行前的注释符:
#['ClamAV-clamd',
#     \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
#    qr/\bOK$/, qr/\bFOUND$/,
#      qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
#     ['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/],

并将如上行中的/var/run/clamav/clamd修改为:/var/run/clamav/clamd.socket

4、测试启动

#/usr/local/sbin/amavisd

您也可以按如下命令调试启动
#/usr/local/sbin/amavisd debug


5、修改postfix的配置，让它能调用amavisd，以实现病毒及垃圾邮件的过滤

#vi /etc/postfix/master.cf
在文末添加如下内容：

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
#
amavisfeed unix    -       -       n       -       2     smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20
#
127.0.0.1:10025 inet n    -       n       -       -     smtpd
    -o content_filter=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o smtpd_restriction_classes=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
    -o local_header_rewrite_clients=

说明：注意每行“-o”前的空格；


#vi /etc/postifx/main.cf
在文末添加如下行：
content_filter=amavisfeed:[127.0.0.1]:10024

4、让postfix重新加载主配置文件，并查看启动情况

# postfix reload && tail -f /var/log/maillog

5、查看amavisd是否在监听10024端口，并测试服务启动情况：

# telnet localhost 10024
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
EHLO localhost
250-[127.0.0.1]
250-VRFY
250-PIPELINING
250-SIZE
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 XFORWARD NAME ADDR PROTO HELO
Quit  
221 2.0.0 [127.0.0.1] amavisd-new closing transmission channel
Connection closed by foreign host.

6、postfix重新加载配置文件后将授权并激活"127.0.0.1:10025"端口，一个正常的服务连接应该类同下面所示：

# telnet localhost 10025
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 Welcome to our mail.benet.org ESMTP,Warning: Version not Available
EHLO localhost
250-mail.benet.org
250-PIPELINING
250-SIZE 14336000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
QUIT
221 2.0.0 Bye
Connection closed by foreign host.

7、通过amavisd测试发信

]# telnet localhost 10024
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
HELO localhost
250 [127.0.0.1]
MAIL FROM:<>
250 2.1.0 Sender <> OK
RCPT TO:<postmaster>
250 2.1.5 Recipient <postmaster> OK
DATA
354 End data with <CR><LF>.<CR><LF>
From:Anti-Virus tester
To: MailServer Admin
Subject:amavisd test!
amavisd test!!
.
250 2.0.0 Ok: queued as 263FC1A609
quit
221 2.0.0 [127.0.0.1] amavisd-new closing transmission channel
Connection closed by foreign host.

接下来使用root用户测试收信
# mail
Mail version 8.1 6/6/93.  Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N  1 Anti-Virus tester     Wed Sep 19 01:19  23/798   "amavisd test!"
& 1
Message 1:
From MAILER-DAEMON  Wed Sep 19 01:19:16 2007
X-Original-To: postmaster
Delivered-To: [email protected]
X-Quarantine-ID: <3gmvpc8RxPtn>
X-Virus-Scanned: amavisd-new at benet.org
X-Amavis-Alert: BAD HEADER, MIME error: error: unexpected end of header
From:Anti-Virus tester
To: MailServer Admin
Subject:amavisd test!
Date: Wed, 19 Sep 2007 01:19:15 +0800 (CST)

amavisd test!!
&

十七、测试使用反病毒及反垃圾模块

1、病毒邮件发送测试

登录extmail，发送带有病毒附件的邮件(病毒样本可以去Internet上随意搜寻一个)，查看发送情况:

# tail  -3  /var/log/clamav/clamd.log

Reading databases from /usr/local/clamav/share
Database correctly reloaded (148100 signatures)
/var/amavis/tmp/amavis-20070918T225935-28502/parts/p002: Trojan.Downloader.Delf-747 FOUN

#tail -15 /var/log/maillog

Sep 18 23:36:40 mail postfix/pickup[28925]: 8C1681A609: uid=1001 from=< [email protected]>
Sep 18 23:36:40 mail postfix/cleanup[29002]: 8C1681A609: message-id=< [email protected]>
Sep 18 23:36:40 mail postfix/qmgr[28924]: 8C1681A609: from=< [email protected]>, size=83658, nrcpt=1 (queue active)
Sep 18 23:36:43 mail clamd[28473]: /var/amavis/tmp/amavis-20070918T225935-28502/parts/p002: Trojan.Downloader.Delf-747 FOUND
Sep 18 23:36:44 mail postfix/smtpd[29011]: connect from mail[127.0.0.1]
Sep 18 23:36:44 mail postfix/smtpd[29011]: CDF9B1A602: client=mail[127.0.0.1]
Sep 18 23:36:44 mail postfix/cleanup[29002]: CDF9B1A602: message-id=< [email protected]>
Sep 18 23:36:44 mail postfix/smtpd[29011]: disconnect from mail[127.0.0.1]
Sep 18 23:36:44 mail postfix/qmgr[28924]: CDF9B1A602: from=< [email protected]>, size=2230, nrcpt=1 (queue active)
Sep 18 23:36:44 mail amavis[28502]: (28502-05) Blocked INFECTED (Trojan.Downloader.Delf-747), < [email protected]> -> < [email protected]>, quarantine: virus-7mnx1DHavOWC, Message-ID: < [email protected]>, mail_id: 7mnx1DHavOWC, Hits: -, size: 83658, 4203 ms
Sep 18 23:36:45 mail postfix/smtp[29006]: 8C1681A609: to=< [email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.7, delays=0.42/0.05/0.12/4.1, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=28502-05 - VIRUS: Trojan.Downloader.Delf-747)
Sep 18 23:36:45 mail postfix/qmgr[28924]: 8C1681A609: removed
Sep 18 23:36:45 mail postfix/local[29014]: CDF9B1A602: to=< [email protected]>, orig_to=< [email protected]>, relay=local, delay=0.28, delays=0.12/0.09/0/0.07, dsn=2.0.0, status=sent (delivered to mailbox)
Sep 18 23:36:45 mail postfix/qmgr[28924]: CDF9B1A602: removed

2、垃圾邮件测试

登录extmail，新建一封邮件，拷贝以下内容作为邮件正文，并查看发送情况:

This is the GTUBE, the
        Generic
        Test for
        Unsolicited
        Bulk
        Email

If your spam filter supports it, the GTUBE provides a test by which you
can verify that the filter is installed correctly and is detecting incoming
spam. You can send yourself a test mail containing the following string of
characters (in upper case and with no white spaces and line breaks):

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

查看发送结果：
#tail -15 /var/log/maillog

Sep 19 00:04:07 mail spamd[29060]: logger: removing stderr method
Sep 19 00:04:11 mail spamd[29062]: rules: meta test FM_DDDD_TIMES_2 has dependency 'FH_HOST_EQ_D_D_D_D' with a zero score
Sep 19 00:04:11 mail spamd[29062]: rules: meta test FM_SEX_HOSTDDDD has dependency 'FH_HOST_EQ_D_D_D_D' with a zero score
Sep 19 00:04:11 mail spamd[29062]: rules: meta test HS_PHARMA_1 has dependency 'HS_SUBJ_ONLINE_PHARMACEUTICAL' with a zero score
Sep 19 00:04:11 mail spamd[29062]: spamd: server started on port 783/tcp (running version 3.2.3)
Sep 19 00:04:12 mail spamd[29062]: spamd: server pid: 29062
Sep 19 00:04:12 mail spamd[29062]: spamd: server successfully spawned child process, pid 29064
Sep 19 00:04:12 mail spamd[29062]: spamd: server successfully spawned child process, pid 29065
Sep 19 00:04:12 mail spamd[29062]: prefork: child states: II
Sep 19 00:06:44 mail postfix/pickup[28925]: E37651A60E: uid=1001 from=< [email protected]>
Sep 19 00:06:44 mail postfix/cleanup[29073]: E37651A60E: message-id=< [email protected]>
Sep 19 00:06:45 mail postfix/qmgr[28924]: E37651A60E: from=< [email protected]>, size=1041, nrcpt=1 (queue active)
Sep 19 00:07:01 mail amavis[28502]: (28502-06) Blocked SPAM, < [email protected]> -> < [email protected]>, quarantine: spam-7ui+Zpn7-M00.gz, Message-ID: < [email protected]>, mail_id: 7ui+Zpn7-M00, Hits: 1004.576, size: 1040, 12805 ms
Sep 19 00:07:01 mail postfix/smtp[29079]: E37651A60E: to=< [email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=18, delays=1.8/1.5/4.9/9.9, dsn=2.5.0, status=sent (250 2.5.0 Ok, id=28502-06, DISCARD(bounce.suppressed))
Sep 19 00:07:01 mail postfix/qmgr[28924]: E37651A60E: removed