linux下搭建带有方病毒和反垃圾邮件的sendmail邮件系统

linux下搭建带有方病毒和反垃圾邮件的sendmail邮件系统

一,安装sendmail并修改配置文件
1.修改sendmail的配置文件sendmail.mc
找到DAEMON_OPTIONS(`Port=smtp,Addr=192.168.1.156, Name=MTA')dnl修改成:
dnl #DAEMON_OPTIONS(`Port=smtp,Addr=192.168.1.156, Name=MTA')dnl
找到FEATURE(`accept_unresolvable_domains')dnl修改成:
dnl #FEATURE(`accept_unresolvable_domains')dnl
2.生成新的sendmail.cf
m4 /etc/mail/sendmail.mc>/etc/mail/sendmail.cf

二,安装spamassassin

三,安装MailScanner并修改配置文件
修改mailscanner的配置文件注意一下选项做了正确配置
vi /etcMailScanner/MailScanner.conf
%org-name% = lrq.com
%org-long-name% = lrq.com
%web-site% = www.lrq.com
%etc-dir% = /etc/MailScanner
MTA = sendmail
Virus Scanning = yes
Virus Scanners = mcafee
Deliver Cleaned Messages = yes
Virus Subject Text = {Virus?}
Spam Subject Text = {Spam?}
Spam Checks = yes
Use SpamAssassin = yes
Required SpamAssassin Score = 6
High SpamAssassin Score = 10
Spam Actions = deliver header "X-Spam-Status: Yes"

四,客户端收发邮件,在服务器上查看邮件日志
tail -f /var/log/maillog

日志的解释
Jan  1 22:33:21 fc8 sendmail[3840]: m01EXLxq003840: from=<[email protected]>, size=419, class=0, nrcpts=1, msgid=<003301c84de0$28eccdc0$7601a8c0@benetlrq>, proto=SMTP, daemon=MTA, relay=[192.168.1.118]
解释:sendmail收到一份邮件编号是:m01EXLxq003840,这封邮件的发信人是[email protected],邮件大小419个字节,客户机的主机名是:benetlrq(其实是benet-lrq中间的-被忽略掉了),发件人是使用smtp协议从192.168.1.118上发送的邮件

Jan  1 22:33:24 fc8 MailScanner[2983]: New Batch: Scanning 1 messages, 797 bytes

解释:mailscanner开始垃圾邮件扫描

Jan  1 22:33:33 fc8 MailScanner[2983]: Virus and Content Scanning: Starting

解释:mailsacnner开始病毒扫描

Jan  1 22:33:38 fc8 MailScanner[2983]: Uninfected: Delivered 1 messages

解释:邮件没有病毒,成功传递

Jan  1 22:33:39 fc8 sendmail[3848]: m01EXLxq003840: to=<[email protected]>, ctladdr=<[email protected]> (500/500), delay=00:00:18, xdelay=00:00:00, mailer=local, pri=120419, dsn=2.0.0, stat=Sent

解释:sendmail把经过扫描的邮件进行了投递

Jan  1 22:33:58 fc8 dovecot: pop3-login: Login: user=<lrq>, method=PLAIN,ip=192.168.1.118, lip=192.168.1.156

解释:192.168.1.118的客户端通过pop3协议登录系统收取邮件

Jan  1 22:33:58 fc8 dovecot: POP3(lrq): Disconnected: Logged out top=0/0, retr=1/1049,del=1/1, size=1032

解释:客户端收取邮件完毕断开了连接

客户端效果如图:

病毒也被识别了出来