QMAIL-SCANNER + CLAMAV + MAILDROP for QMAIL 代碼: 1.0所需軟件: maildrop-1.5.2.20030423.tar.gz perl-Time-HiRes-1.38-3.i386.rpm perl-DB_File-1.804-88.4.i386.rpm clamav-0.65.tar.gz qmail-scanner-1.20.tgz 2.0安裝maildrop: # tar zxvf maildrop-1.5.2.20030423.tar.gz # cd maildrop-1.5.2.20030423 # ./configure # make # make install-strip # make install-man 3.0安裝 perl插件 # rpm -ivh perl-Time-HiRes-1.38-3.i386.rpm # rpm -ivh perl-DB_File-1.804-88.4.i386.rpm 4.0安裝clamav-0.65.tar.gz # groupadd clamav # useradd -g clamav –d /usr/local/share/clamav -s /bin/false clamav # tar zxvf clamav-0.65.tar.gz # cd clamav-0.65 # ./configure # make check # make install # vi /usr/local/etc/clamav.conf ===============================clamav.conf============================ # Comment or remove the line below. #Example LogFile /var/log/clamd.log LogFileMaxSize 1M LogTime LogVerbose PidFile /var/run/clamd.pid DataDirectory /usr/local/share/clamav LocalSocket /tmp/clamd StreamMaxLength 10M MaxThreads 10 MaxDirectoryRecursion 15 User clamav ScanMail ScanArchive ScanRAR ArchiveMaxFileSize 10M ArchiveMaxRecursion 5 ArchiveMaxFiles 1000 ClamukoScanOnOpen ClamukoScanOnClose ClamukoScanOnExec ClamukoIncludePath /home/vpopmail ClamukoMaxFileSize 6M ClamukoScanArchive ===============================clamav.conf============================ # toUCh /var/log/clamd.log # chown clamav:clamav /var/log/clamd.log 4.1建立clamav的啟動腳本: # vi /etc/init.d/clamd ==================================clamd=============================== #! /bin/bash # # crond Start/Stop the clam antivirus daemon. # # chkconfig: 2345 90 60 # description: clamdis a standard UNIX program that scans for Viruses. # processname: clamd # config: /usr/local/etc/clamav.conf # pidfile: /var/run/clamd.pid # Source function library. . /etc/init.d/functions RETVAL=0 # See how we were called. prog="clamd" progdir="/usr/local/sbin" # Source configuration if [ -f /etc/sysconfig/$prog ] ; then . /etc/sysconfig/$prog fi start() { echo -n $"Starting $prog: " daemon $progdir/$prog RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/run/clamd.pid return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc $prog RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/run/clamd.pid /tmp/clamd return $RETVAL } rhstatus() { status clamd } restart() { stop start } reload() { echo -n $"Reloading clam daemon configuration: " killproc clamd -HUP retval=$? echo return $RETVAL } case "$1" in start) start ;; stop) stop ;; restart) restart ;; reload) reload ;; status) rhstatus ;; condrestart) [ -f /var/lock/subsys/clamd ] && restart : ;; *) echo $"Usage: $0 {startstopstatusreloadrestartcondrestart}" exit 1 esac exit 0 ==================================clamd=============================== # chmod 755 /etc/init.d/clamd # chkconfig –add clamd # chkconfig clamd on 4.2更新病毒庫 # /usr/local/bin/freshclam 4.3定時更新病毒庫 # crontab –e 00 9 * * * /usr/local/bin/freshclam --quiet 5.0安裝qmail-scanner-1.20.tgz # groupadd qscand # useradd -g qscand -s /bin/false qscand # tar zxvf qmail-scanner-1.20.tgz # cd qmail-scanner-1.20 # ./configure --qmail-queue-binary /var/qmail/bin/qmail-queue --admin postmaster --domain Nero.3322.org --notify sender,admin --local-domains nero.3322.org --lang en_GB --debug yes --unzip yes --scanners clamscan --install # chown qscand:qscand /var/qmail/bin/qmail-scanner-queue.pl # chmod 4755 /var/qmail/bin/qmail-scanner-queue.pl 然後用一個普通用戶執行/var/qmail/bin/qmail-scanner-queue.pl -z 如果有Can't do setuid出現,回到安裝文件目錄,有個contrib目錄, # cd contrib # make # make install 附加作如下步驟: # chown qscand:qscand /var/qmail/bin/qmail-scanner-queue # chmod 4755 /var/qmail/bin/qmail-scanner-queue # chmod 0755 /var/qmail/bin/qmail-scanner-queue.pl 然後用一個普通用戶登陸,執行 # /var/qmail/bin/qmail-scanner-queue -z # /var/qmail/bin/qmail-scanner-queue -g 5.1修改環境變量 在你的qmail啟動腳本加入 QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl eXPort QMAILQUEUE 如果作了附加步驟用下面的 QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue export QMAILQUEUE 修改qmail-scanner-queue.pl中的 my $clamscan_options="-r --disable-summary --max-recursion=10 --max-space=1000000"; 為: my $clamscan_options="-r --mbox --disable-summary --max-recursion=10 --max-space=1000000"; 5.2重起qmail 測試 這裡有測試程序 # /qmail-scanner-1.20/contrib/test_installation.sh -doit 5.3主要的排錯監測日志: /var/log/maillog /var/log/clamd.log /var/spool/qmailscan/quarantine.log /var/spool/qmailscan/qmail-queue.log