Il Perfetto SpamSnake - Ubuntu Jeos 10.10 Maverick Meerkat - Pagina 2

apt-get install postfix postfix-mysql postfix-doc procmail

postfix stop

vi master.cf

pickup    fifo  n       -       -       60      1       pickup
         -o content_filter=
         -o receive_override_options=no_header_body_checks

vi /usr/src/postfix.sh

#!/bin/sh
postconf -e "alias_maps = hash:/etc/aliases"
newaliases
postconf -e "myorigin = domain.tld"
postconf -e "myhostname = server1.domain.tld"
postconf -e "mynetworks = 127.0.0.0/8, 192.168.0.0/24"
postconf -e "message_size_limit = 10485760"
postconf -e "local_transport = error:No local mail delivery"
postconf -e "mydestination = "
postconf -e "local_recipient_maps = "
postconf -e "relay_domains = mysql:/etc/postfix/mysql-relay_domains.cf"
postconf -e "relay_recipient_maps = mysql:/etc/postfix/mysql-relay_recipients.cf"
postconf -e "transport_maps = mysql:/etc/postfix/mysql-transports.cf"
postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
postconf -e "disable_vrfy_command = yes"
postconf -e "strict_rfc821_envelopes = no"
postconf -e "smtpd_banner = $myhostname ESMTP SpamSnake"
postconf -e "smtpd_delay_reject = yes"
postconf -e "smtpd_recipient_limit = 100"
postconf -e "smtpd_helo_required = yes"
postconf -e "smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, permit"
postconf -e "smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, permit"
postconf -e "smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, permit"
postconf -e "smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_unauth_destination, whitelist_policy, grey_policy, rbl_policy, spf_policy, permit"
postconf -e "smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining"
postconf -e "smtpd_restriction_classes = spf_policy, rbl_policy, grey_policy, whitelist_policy"
postconf -e "spf_policy = check_policy_service unix:private/policy"
postconf -e "rbl_policy = reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net"
postconf -e "grey_policy = check_policy_service unix:private/greyfix"
postconf -e "whitelist_policy = check_client_access mysql:/etc/postfix/mysql-global_whitelist.cf, check_sender_access mysql:/etc/postfix/mysql-global_whitelist.cf"
postconf -e "header_checks = regexp:/etc/postfix/header_checks"
touch /etc/postfix/virtual
echo "root [email protected]" >> /etc/postfix/virtual && echo "abuse [email protected]" >> /etc/postfix/virtual && echo "postmaster [email protected]" >> /etc/postfix/virtual
postmap /etc/postfix/virtual
touch /etc/postfix/header_checks
echo "/^Received:/ HOLD" >> /etc/postfix/header_checks
postmap /etc/postfix/header_checks
cat > /etc/postfix/mysql-global_whitelist.cf < /etc/postfix/mysql-relay_domains.cf < /etc/postfix/mysql-relay_recipients.cf < /etc/postfix/mysql-transports.cf <

chmod +x /usr/src/postfix.sh

./usr/src/postfix.sh

vi /etc/postfix/main.cf

verify_recipient = reject_unknown_recipient_domain, reject_unverified_recipient  
look_ahead = check_recipient_access hash:/etc/postfix/access  
unverified_recipient_reject_code = 550  
address_verify_map = btree:/var/lib/postfix/verify

verify_recipient, look_ahead

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, look_ahead, whitelist_policy, grey_policy, rbl_policy, spf_policy, permit

touch /etc/postfix/access

domainA.com verify_recipient  
domainB.com verify_recipient

postmap /etc/postfix/access

less /etc/postfix/main.cf

postfix start

telnet 127.0.0.1 25

220 [yourFQDNhere] ESMTP Postfix (Ubuntu)

cd /usr/src  
wget http://http.us.debian.org/debian/pool/main/libt/libtool/libltdl3_1.5.26-4+lenny1_$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb  
dpkg -i libltdl*  
apt-get install razor pyzor clamav-daemon libclamav6 apparmor

usermod -a -G www-data clamav

vi /etc/apparmor.d/usr.sbin.clamd

/usr/sbin/clamd {
   #clamav
   /var/spool/MailScanner/ rw,
   /var/spool/MailScanner/incoming/ rw,
   }

/etc/init.d/apparmor reload

cd /tmp  
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-common_1.3.130-0ubuntu1~ppa1~karmic1_$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb && dpkg -i dcc-common_1.3.130-0ubuntu1~ppa1~karmic1_$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb  
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-client_1.3.130-0ubuntu1~ppa1~karmic1_$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb && dpkg -i dcc-client_1.3.130-0ubuntu1~ppa1~karmic1_$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb

cdcc info

#!/usr/bin/python -Wignore::DeprecationWarning

mkdir /var/lib/MailScanner  
pyzor --homedir=/var/lib/MailScanner discover  
pyzor ping

cd && rm /etc/razor/razor-agent.conf  
mkdir /var/lib/MailScanner/.razor  
razor-admin -home=/var/lib/MailScanner/.razor -create  
razor-admin -home=/var/lib/MailScanner/.razor -discover  
razor-admin -home=/var/lib/MailScanner/.razor -register

vi /var/lib/MailScanner/.razor/razor-agent.conf

debuglevel      = 0
razorhome         = /var/lib/MailScanner/.razor/

apt-get install libconvert-tnef-perl libdbd-sqlite3-perl libfilesys-df-perl libmailtools-perl libmime-tools-perl libmime-perl libnet-cidr-perl libsys-syslog-perl libio-stringy-perl libfile-temp-perl libole-storage-lite-perl libarchive-zip-perl libsys-hostname-long-perl libnet-cidr-lite-perl libhtml-parser-perl libdb-file-lock-perl libnet-dns-perl libncurses5-dev libdigest-hmac-perl libdigest-sha1-perl libnet-ip-perl liburi-perl libfile-spec-perl spamassassin libnet-ident-perl libmail-spf-query-perl libmail-dkim-perl dnsutils libio-socket-ssl-perl gdebi-core

cd /usr/src && wget http://www.mailscanner.info/files/4/tar/MailScanner-install-4.81.4-1.tar.gz  
tar xvfz MailScanner-install-4.81.4-1.tar.gz && cd MailScanner-install-4.81.4  
./install.sh

37      5 * * *  /opt/MailScanner/bin/update_phishing_sites &> /dev/null  
07      * * * *  /opt/MailScanner/bin/update_bad_phishing_sites &> /dev/null  
58     23 * * * /opt/MailScanner/bin/clean.quarantine &> /dev/null  
42      * * * *  /opt/MailScanner/bin/update_virus_scanners &> /dev/null  
3,23,43 * * * *  /opt/MailScanner/bin/check_mailscanner &> /dev/null  

mv /etc/spamassassin/local.cf /etc/spamassassin/local.cf.disabled

cp /opt/MailScanner/etc/spam.assassin.prefs.conf /opt/MailScanner/etc/spam.assassin.prefs.conf.back

mysql -u root -p  
mysql> create database sa_bayes;  
mysql> GRANT ALL ON sa_bayes.* TO sa_user@localhost IDENTIFIED BY 'sa_password';  
mysql> flush privileges;

mysql -u sa_user -p sa_bayes < /usr/share/doc/spamassassin/sql/bayes_mysql.sql

loadplugin  Mail::SpamAssassin::Plugin::DCC

mkdir /var/www/.spamassassin

vi /opt/MailScanner/etc/spam.assassin.prefs.conf

#pyzor
use_pyzor 1
pyzor_options --homedir /var/lib/MailScanner/
   
#razor
use_razor2 1
razor_config /var/lib/MailScanner/.razor/razor-agent.conf

dcc_path /usr/bin/dccproc

bayes_ignore_header X-YOURDOMAIN-COM-MailScanner
bayes_ignore_header X-YOURDOMAIN-COM-MailScanner-SpamCheck
bayes_ignore_header X-YOURDOMAIN-COM-MailScanner-SpamScore
bayes_ignore_header X-YOURDOMAIN-COM-MailScanner-Information
#use_auto_whitelist 0

bayes_store_module Mail::SpamAssassin::BayesStore::SQL
bayes_sql_dsn DBI:mysql:sa_bayes:localhost
bayes_sql_username sa_user
bayes_sql_password sa_password
bayes_sql_override_username root

vi v310.pre

#loadplugin  Mail::SpamAssassin::Plugin::DomainKeys

30 01 * * * /usr/bin/sa-learn --force-expire --sync -p /opt/MailScanner/etc/spam.assassin.prefs.conf 

perl -MCPAN -e shell  
install IP::Country::Fast  
install Encode::Detect  
install Crypt::OpenSSL::RSA

chown -R postfix:www-data /var/spool/postfix/hold  
chmod -R ug+rwx /var/spool/postfix/hold

spamassassin -x -D -p /opt/MailScanner/etc/spam.assassin.prefs.conf --lint

debug: bayes: Database connection established
debug: bayes: found bayes db version 3
debug: bayes: Using userid: 2

mkdir /var/spool/MailScanner/spamassassin

cp /opt/MailScanner/etc/MailScanner.conf /opt/MailScanner/etc/MailScanner.conf.dist  
vi /opt/MailScanner/etc/MailScanner.conf

vi /usr/src/mailscanner.sh

chmod +x mailscanner.sh

./usr/src/mailscanner.sh

sed -i "/^%org-name% =/ c\%org-name% =orgname" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^%org-long-name% =/ c\%org-long-name% = longorgname" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^%web-site% =/ c\%web-site% = www.domain.tld" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Run As User =/ c\Run As User = postfix" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Run As Group =/ c\Run As Group =  www-data" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Incoming Work Group =/ c\Incoming Work Group = clamav" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Incoming Work Permissions =/ c\Incoming Work Permissions = 0640" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Incoming Queue Dir =/ c\Incoming Queue Dir = /var/spool/postfix/hold" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Outgoing Queue Dir =/ c\Outgoing Queue Dir = /var/spool/postfix/incoming" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^MTA =/ c\MTA = postfix" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Quarantine User =/ c\Quarantine User = root" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Quarantine Group =/ c\Quarantine Group = www-data" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Quarantine Permissions =/ c\Quarantine Permissions = 0660" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Quarantine Whole Message =/ c\Quarantine Whole Message = yes" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Virus Scanners =/ c\Virus Scanners = clamd" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Monitors for ClamAV Updates =/ c\Monitors for ClamAV Updates = /var/lib/clamav/*.cld /var/lib/clamav/*.cvd" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Clamd Socket =/ c\Clamd Socket = /var/run/clamav/clamd.ctl" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Clamd Lock File =/ c\Clamd Lock File = /var/run/clamav/clamd.pid" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Spam Subject Text =/ c\Spam Subject Text = *SPAM*" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Spam Actions =/ c\Spam Actions = deliver store" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^High Scoring Spam Actions =/ c\High Scoring Spam Actions = store delete" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^Non Spam Actions =/ c\Non Spam Actions = deliver store" /opt/MailScanner/etc/MailScanner.conf
sed -i "/^SpamAssassin User State Dir =/ c\SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin" /opt/MailScanner/etc/MailScanner.conf 

vi /etc/init.d/mailscanner

chmod +x /etc/init.d/mailscanner

#! /bin/sh
   ### BEGIN INIT INFO
   # Provides:          MailScanner daemon
   # Required-Start:    $local_fs $remote_fs
   # Required-Stop:     $local_fs $remote_fs
   # Default-Start:     2 3 4 5
   # Default-Stop:      0 1 6
   # Short-Description: Controls mailscanner instances
   # Description:       MailScanner is a queue-based spam/virus filter
   ### END INIT INFO
   # Author: Simon Walter <[email protected]>
   # PATH should only include /usr/* if it runs after the mountnfs.sh script
   PATH=/usr/sbin:/usr/bin:/bin:/sbin:/opt/MailScanner/bin
   DESC="mail spam/virus scanner"
   NAME=MailScanner
   PNAME=mailscanner
   DAEMON=/opt/MailScanner/bin/$NAME
   STARTAS=MailScanner
   SCRIPTNAME=/etc/init.d/$PNAME
   CONFFILE=/opt/MailScanner/etc/MailScanner.conf
   # Exit if the package is not installed
   [ -x "$DAEMON" ] || exit 0
   run_nice=0
   stopped_lockfile=/var/lock/subsys/MailScanner.off
   # Read configuration variable file if it is present
   [ -r /etc/default/$PNAME ] && . /etc/default/$PNAME
   # Load the VERBOSE setting and other rcS variables
   . /lib/init/vars.sh
   # Define LSB log_* functions.
   # Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
   . /lib/lsb/init-functions
   # sanity check for permissions
   fail()
   {
   echo >&2 "$0: $1"
   exit 1
   }
   check_dir()
   {
   if [ ! -d $1 ]; then
   mkdir -p "$1" || \
   fail "directory $1: does not exist and cannot be created"
   fi
   actual="$(stat -c %U $1)"
   if [ "$actual" != "$2" ]; then
   chown -R "$2" "$1" || \
   fail "directory $1: wrong owner (expected $2 but is $actual)"
   fi
   actual="$(stat -c %G $1)"
   if [ "$actual" != "$3" ]; then
   chgrp -R "$3" "$1" || \
   fail "directory $1: wrong group (expected $3 but is $actual)"
   fi
   }
   user=$(echo $(awk -F= '/^Run As User/ {print $2; exit}' $CONFFILE))
   group=$(echo $(awk -F= '/^Run As Group/ {print $2; exit}' $CONFFILE))
   check_dir /var/spool/MailScanner       ${user:-postfix} ${group:-www-data}
   check_dir /var/lib/MailScanner         ${user:-postfix} ${group:-www-data}
   check_dir /var/run/MailScanner         ${user:-postfix} ${group:-www-data}
   check_dir /var/lock/subsys   ${user:-root}   ${group:-root} #Required to Create Folder
   check_dir /var/lock/subsys/MailScanner ${user:-postfix} ${group:-www-data}
   #
   # Function that starts the daemon/service
   #
   do_start()
   {
   # Return
   #   0 if daemon has been started
   #   1 if daemon was already running
   #   2 if daemon could not be started
   start-stop-daemon --start --quiet --startas $STARTAS --name $NAME --test > /dev/null \
   || return 1
   start-stop-daemon --start --quiet --nicelevel $run_nice --chuid postfix:www-data --exec $DAEMON --name $NAME -- $DAEMON_ARGS \
   || return 2
   # Add code here, if necessary, that waits for the process to be ready
   # to handle requests from services started subsequently which depend
   # on this one.  As a last resort, sleep for some time.
   # Set lockfile to inform cronjobs about the running daemon
   RETVAL="$?"
   if [ $RETVAL -eq 0 ]; then
   touch /var/lock/subsys/mailscanner
   rm -f $stopped_lockfile
   fi
   if [ $RETVAL -eq 0 ]; then
   echo "MailScanner Started"
   fi
   }
   #
   # Function that stops the daemon/service
   #
   do_stop()
   {
   # Return
   #   0 if daemon has been stopped
   #   1 if daemon was already stopped
   #   2 if daemon could not be stopped
   #   other if a failure occurred
   start-stop-daemon --stop --retry=TERM/30 --name $NAME
   RETVAL="$?"
   [ "$RETVAL" = 2 ] && return 2
   # Remove lockfile for cronjobs
   if [ $RETVAL -eq 0 ]; then
   rm -f /var/lock/subsys/mailscanner
   touch $stopped_lockfile
   fi
   if [ $RETVAL -eq 0 ]; then
   echo "MailScanner Stopped"
   fi
   }
   #
   # Function that sends a SIGHUP to the daemon/service
   #
   do_reload() {
   start-stop-daemon --stop --signal 1 --quiet --name $NAME
   return 0
   }
   case "$1" in
   start)
   [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
   do_start
   case "$?" in
   0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; 
   2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
   esac
   ;;
   stop)
   [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
   do_stop
   case "$?" in
   0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; 
   2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
   esac
   ;;
   restart|force-reload)
   #
   # If the "reload" option is implemented then remove the
   # 'force-reload' alias
   #
   log_daemon_msg "Restarting $DESC" "$NAME"
   do_stop
   case "$?" in
   0|1)
   do_start
   case "$?" in
   0) log_end_msg 0 ;;
   1) log_end_msg 1 ;; # Old process is still running
   *) log_end_msg 1 ;; # Failed to start
   esac
   ;;
   *)
   # Failed to stop
   log_end_msg 1
   ;;
   esac
   ;;
   *)
   echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
   exit 3
   ;;
   esac
 exit 0

chmod 755 /etc/init.d/mailscanner  
update-rc.d mailscanner defaults  
ln -s /opt/MailScanner/bin/Quick.Peek /usr/sbin/Quick.Peek

/etc/init.d/mailscanner start  
/etc/init.d/postfix start

tail -f /var/log/mail.log

Jun 13 12:18:23 hoshi MailScanner[26388]: MailScanner E-Mail Virus Scanner version 4.81.4 starting...