-->

2011-05-07

clamav-milterの設定

clamavのインストール。
$ sudo USE="milter" emerge --oneshot -avt app-antivirus/clamav

/etc/conf.d/clamdの設定。
$ rcsdiff -r1.2 conf.d/clamd,v /etc/conf.d/clamd
===================================================================
RCS file: conf.d/clamd,v
retrieving revision 1.2
diff -r1.2 /etc/conf.d/clamd
11c11
< START_MILTER=no
---
> START_MILTER=yes

/etc/clamav-milter.confの設定。
$ rcsdiff -r1.1 clamav-milter.conf,v /etc/clamav-milter.conf
===================================================================
RCS file: clamav-milter.conf,v
retrieving revision 1.1
diff -r1.1 /etc/clamav-milter.conf
29c29
< #MilterSocketMode 660
---
> MilterSocketMode 660
166c166
< #OnInfected Quarantine
---
> OnInfected Reject
178c178
< #RejectMsg
---
> RejectMsg The clamav-milter virus checker found "%v".
188c188
< #AddHeader Replace
---
> AddHeader Replace
266c266
< #LogInfected Basic
---
> LogInfected Full

/etc/groupの設定。
$ rcsdiff -r1.1 group,v /etc/group
===================================================================
RCS file: group,v
retrieving revision 1.1
diff -r1.1 /etc/group
73c73
< clamav:x:105:
---
> clamav:x:105:postfix

/etc/postfix/main.cfの設定。
$ rcsdiff -r1.6 postfix/main.cf,v /etc/postfix/main.cf
===================================================================
RCS file: postfix/main.cf,v
retrieving revision 1.6
diff -r1.6 /etc/postfix/main.cf
654a655,658
>
> smtpd_milters         = unix:/var/run/clamav/clamav-milter.sock
> non_smtpd_milters     = unix:/var/run/clamav/clamav-milter.sock
> milter_default_action = accept

/etc/clamd.confの設定。
$ rcsdiff -r1.1 clamd.conf,v /etc/clamd.conf
===================================================================
RCS file: clamd.conf,v
retrieving revision 1.1
diff -r1.1 /etc/clamd.conf
88c88
< #LocalSocketMode 660
---
> LocalSocketMode 660

ソフトウェアの再起動。
sudo /etc/init.d/postfix restart
sudo /etc/init.d/clamd restart

ログの閲覧。それぞれ個別の画面で起動する。
sudo tail -f /var/log/mail.log
sudo tail -f /var/log/clamav/clamav-milter.log
sudo tail -f /var/log/clamav/clamd.log

メール送信テスト。
mail username@example.com

届いたメールのメールヘッダで動作確認。
X-Virus-Scanned: clamav-milter 0.97 at amdgentoo
X-Virus-Status: Clean

eicar.comという名前のテストウィルスを添付してメール送信。
エラーメールが送信元に届く。
$ grep -A1 clamav-milter ~/.maildir/new/1304735675.V903If29a4M131908.amdgentoo
: The clamav-milter virus checker found
    "Eicar-Test-Signature".
--
Diagnostic-Code: X-Postfix; The clamav-milter virus checker found
    "Eicar-Test-Signature".
--
X-Virus-Scanned: clamav-milter 0.97 at amdgentoo
X-Virus-Status: Infected (Eicar-Test-Signature)

設定ファイルのマニュアル。
man clamav-milter.conf
man clamd.conf

参考URL。
http://www.postfix-jp.info/trans-2.3/jhtml/MILTER_README.html#plumbing
http://last-resort.seesaa.net/article/105900490.html
http://kamiyn.wordpress.com/2009/08/13/postfix-clamav-0-95-2-milter/
http://xoops.fens.net/modules/wiki/?Linux%2FMemo%2Fclamav
http://on-o.com/page/diary/20110320.html
http://eazyfox.homelinux.org/security/Security24.html
http://www.eicar.org/anti_virus_test_file.htm
http://www.postfix.org/postconf.5.html
投稿者
ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)