Install antivirus and antispam with Clam AntiVirus.

Install antivirus and antispam with Clam AntiVirus.

1. Install antivirus. It's Clam AntiVirus.

[root@mail ~]# yum --enablerepo=dag -y install clamav // install from DAG

Loading "installonlyn" plugin
Loading "fastestmirror" plugin
Setting up Install Process
Setting up repositories
dag 100% |=========================| 1.1 kB 00:00

base 100% |=========================| 1.1 kB 00:00

updates 100% |=========================|951 B 00:00


addons 100% |=========================|951 B 00:00


extras 100% |=========================| 1.1 kB 00:00

Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
primary.xml.gz 100% |=========================| 952 kB 00:00

dag: ######################################### 3118/3118

Added 3118 new packages, deleted 0 old in 12.60 seconds
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav to pack into transaction set.
clamav-0.90.2-1.el5.rf.i3 100% |====================| 9.4 kB 00:00

---> Package Package clamav.i386 0:0.90.2-1.el5.rf set to be updated
--> Processing Dependency: clamav-db = 0.90.2-1.el5.rf for package: clamav
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav-db to pack into transaction set.
clamav-db-0.90.2-1.el5.rf 100% |====================| 3.7 kB 00:00

---> Package clamav-db.i386 0:0.90.2-1.el5.rf set to be updated
--> Running transaction check

Dependencies Resolved

================================================== =========
Package Arch
Version
Repository
Size

================================================== =========
Installing:
clamav i386
0.90.2-1.el5.rf
dag
1.0 M

Installing for dependencies:
clamav-db i386
0.90.2-1.el5.rf
dag
9.1 M


Transaction Summary
================================================== =========
Install 2 Package(s)

Update 0 Package(s)

Remove 0 Package(s)


Total download size: 10 M
Downloading Packages:
(1/2): clamav-0.90.2-1.el 100% |====================| 1.0 MB 00:00

(2/2): clamav-db-0.90.2-1 100% |====================| 9.1 MB 00:00

Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: clamav-db#################################### [1/2]

Installing: clamav#################################### [2/2]

Installed: clamav.i386 0:0.90.2-1.el5.rf
Dependency clamav-db.i386 0:0.90.2-1.el5.rf
Complete!

Trích dẫn:

[root@mail ~]# vi /etc/freshclam.conf #NotifyClamd /etc/clamd.conf // line 96: make it comment [root@mail ~]# freshclam // update policy file ClamAV update process started at Mon Apr 23 00:52:58 2007 main.cvd is up to date (version: 43, sigs: 104500, f-level: 14, builder: sven) Downloading daily-3147.cdiff [100%] Downloading daily-3147.cdiff [100%] daily.cvd updated (version: 3147, sigs: 6671, f-level: 15, builder: sven) Database updated (111171 signatures) from db.jp.clamav.net (IP: 61.205.61.201) [root@mail ~]# clamscan --infected --remove --recursive /home ----------- SCAN SUMMARY ----------- Known viruses: 111194 Engine version: 0.90.2 Scanned directories: 23 Scanned files: 33 Infected files: 0 Data scanned: 0.16 MB Time: 2.721 sec (0 m 2 s) [root@mail ~]# wget http://www.eicar.org/download/eicar.com // trial virus Resolving www.eicar.org... 88.198.38.136 Connecting to www.eicar.org|88.198.38.136|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 68 [application/x-msdos-program] Saving to: `eicar.com' 100%[=======================================>] 68 --.-K/s in 0s 19:26:23 (5.90 MB/s) - `eicar.com' saved [68/68] [root@mail ~]# clamscan --infected --remove --recursive . ./eicar.com: Eicar-Test-Signature FOUND ./eicar.com: Removed// delete trial virus ----------- SCAN SUMMARY ----------- Known viruses: 111194 Engine version: 0.90.2 Scanned directories: 5 Scanned files: 12 Infected files: 1// just detected Data scanned: 0.02 MB Time: 2.599 sec (0 m 2 s)

2. Configure SMTP Server in order to scan email to protect from virus or spam.

Trích dẫn:

[root@mail ~]# yum --enablerepo=dag -y install clamd amavisd-new ---------- many packages are installed ---------- [root@mail ~]# vi /etc/clamd.conf LocalSocket /var/run/clamav/clamd.sock // line 72: change #TCPSocket 3310 // line 80: make it comment AllowSupplementaryGroups yes // line 149: change [root@mail ~]# vi /etc/amavisd.conf $mydomain = 'server-linux.info'; // line 20: specify domain name #$virus_admin = "virusalert\@$mydomain"; // line 80: not notify if virus detected $myhostname = 'mail.server-linux.info'; // line 113: make valid and specify FQDN $notify_method = 'smtp:[127.0.0.1]:10025'; // line 115,116: make valid $forward_method = 'smtp:[127.0.0.1]:10025'; $final_virus_destiny= D_DISCARD; // line 118: make these 4 lines valid $final_banned_destiny= D_BOUNCE; $final_spam_destiny= D_BOUNCE; $final_bad_header_destiny = D_PASS; ['ClamAV-clamd', // line 321: make these 4 lines valid \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock "], // add qr/\bOK$/, qr/\bFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], [root@mail ~]# vi /etc/postfix/main.cf content_filter=smtp-amavis:[127.0.0.1]:10024 // add at the bottom [root@mail ~]# vi /etc/postfix/master.cf // add these lines at the bottom smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,rej ect -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 [root@mail ~]# /etc/rc.d/init.d/clamd start Stopping Clam AntiVirus Daemon: [ OK ] Starting Clam AntiVirus Daemon: Running as user clamav (UID 100, GID 101) [ OK ] [root@mail ~]# /etc/rc.d/init.d/amavisd start Starting Mail Virus Scanner (amavisd): [ OK ] [root@mail ~]# /etc/rc.d/init.d/spamassassin start Starting spamd: [ OK ] [root@mail ~]# /etc/rc.d/init.d/postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ] [root@mail ~]# chkconfig amavisd on [root@mail ~]# chkconfig spamassassin on [root@mail ~]# chkconfig clamd on

Following lines are added in header section of email after this configuration.