Download presentation
Presentation is loading. Please wait.
Published byBonnie Lee Modified over 8 years ago
1
NA Homework 4+5 Postfix + DNS
2
2 Demo >Setup everything before Demo, or you ’ ll get no point if something don ’ t work. >Show your mail functions to TA, you could use ‘ Remote Desktop ’. >Be prepared, TA will ask some questions.
3
3 Installation Steps >postfix >cyrus-sasl2-saslauthd >imap-uw >amavisd-new >postgrey >Clamav >spamassassin
4
4 Postfix # cd /usr/ports/mail/postfix # make install clean
5
5 Postfix ===> Installing for postfix-2.4.1,1 ===> postfix-2.4.1,1 depends on file: /usr/local/lib/libcrypto.so.5 - found ===> postfix-2.4.1,1 depends on shared library: pcre.0 – found ===> postfix-2.4.1,1 depends on shared library: sasl2.2 - found Added group "postfix". Added group "maildrop". Added user "postfix". You need user "postfix" added to group "mail". Would you like me to add it [y]? y install -d -o root -g wheel -m 555 /usr/local/share/doc/postfix Installed HTML documentation in /usr/local/share/doc/postfix Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
6
6 Postfix >edit /etc/rc.conf sendmail_enable="NONE“ postfix_enable="YES" daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO" > edit /etc/defaults/periodic.conf >edit /usr/local/etc/postfix/main.cf – edit it by yourself – ex: myhostname, mynetworks, alias_maps …
7
7 Postfix with TLS >make your certificates >edit /usr/local/etc/postfix/main.cf
8
8 Cyrus-sasl2-saslauthd
9
9 # cd /usr/ports/security/cyrus-sasl-saslauthd # make install clean > edit /etc/rc.conf saslauthd_enable="YES"
10
10 imap-uw # cd /usr/ports/mail/imap-uw # make install clean > edit /etc/inetd.conf pop3 stream tcp nowait root /usr/local/libexec/ipop3d ipop3d imap4 stream tcp nowait root /usr/local/libexec/imapd imapd > If using TLS pop3s stream tcp nowait root /usr/local/libexec/ipop3d ipop3d imaps stream tcp nowait root /usr/local/libexec/imapd imapd
11
11 Hold on and Test >It ’ s better to test you can receive and send mail before next step. >If it ’ s not work, check /var/log/maillog. # /usr/local/etc/rc.d/saslauthd start # /usr/local/etc/rc.d/postfix start # /etc/rc.d/inetd reload
12
12 Amavisd-new # cd /usr/ports/security/amavisd-new # make install clean
13
13 Amavisd-new Added group "vscan". Added user "vscan". Created "/var/amavis" directory. Created "/var/amavis/db" directory. Created "/var/amavis/tmp" directory. Created "/var/virusmails" directory. To use amavisd-new, you need to install at least one virus scanner. The following virus scanners are available in the FreeBSD ports collection: /usr/ports/security/vscan McAfee VirusScan /usr/ports/security/clamav Clam Antivirus /usr/ports/security/f-prot F-Prot Antivirus /usr/ports/security/drweb DrWeb antivirus suite
14
14 Amavisd-new Enable amavisd-new in /etc/rc.conf with the following line: amavisd_enable="YES" If you want to use the amavis sendmail milter interface, you need the following additional line in /etc/rc.conf amavis_milter_enable="YES" Configuration templates are available in /usr/local/etc as amavisd.conf-dist, amavisd.conf-sample and amavisd.conf-default. Documentation is available in /usr/local/share/doc/amavisd-new.
15
15 postgrey # cd /usr/ports/mail/postgrey # make install clean > edit /etc/rc.conf postgrey_enable="YES" postgrey_pidfile="/var/run/postgrey.pid" postgrey_flags="--delay=60 --pidfile=${postgrey_pidfile} \ --inet=10023 -d --user=postgrey --group=postgrey \ --dbdir=/var/db/postgrey"
16
16 Clamav # cd /usr/ports/security/clamav # make install clean
17
17 Clamav > edit /etc/rc.conf clamav_clamd_enable="YES" clamav_freshclam_enable="YES" > edit where you put your aliases file virusalert: root > edit /usr/local/etc/clamd.conf by yourself
18
18 Final Configuration
19
19 Final Configuration for Postfix > edit /usr/local/etc/postfix/main.cf content_filter = smtp-amavis:[127.0.0.1]:10024 > edit /usr/local/etc/postfix/master.cf smtp-amavis unix - - n - 2 lmtp -o smtp_data_done_timeout=1200s -o smtp_never_send_ehlo=yes -o notify_classes=protocol,resource,software 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o mynetworks=127.0.0.0/8 -o myhostname=localhost -o local_recipient_maps= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject
20
20 Final Configuration for Amavisd-new > edit /usr/local/etc/amavisd.conf $mydomain = ‘cs.nctu.edu.tw' $notify_method = 'smtp:[127.0.0.1]:10025'; $forward_method = 'smtp:[127.0.0.1]:10025';
21
21 Now Startup everything # /usr/local/etc/rc.d/clamav-clamd start # /usr/local/etc/rc.d/postgrey start # /usr/local/etc/rc.d/amavisd start # /usr/local/etc/rc.d/postfix restart
22
22 Test for Virus # telnet localhost 25 Trying ::1... Trying 127.0.0.1... Connected to localhost.twbbs.org. Escape character is '^]'. 220 nabsd.cs.nctu.edu.tw ESMTP Postfix mail from: 250 Ok rcpt to: 250 Ok data 354 End data with. Subject: Virus Coming X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*. 250 Ok: queued as 647781152E quit 221 Bye Connection closed by foreign host. da
23
23 > Normal Mail > Mail with virus May 13 16:55:50 nabsd amavis[29004]: (29004-05) Blocked INFECTED (Eicar-Test-Signature), [127.0.0.1] ->, quarantine: virus-VivGNwT9NIja, Message-ID:, mail_id: VivGNwT9NIja, Hits: -, 1071 ms May 11 20:09:27 nabsd amavis[29003]: (29003-01) Passed CLEAN, ->, Message-ID:, mail_id: Vidtcl9St6oz, Hits: -, 1312 ms Test for Virus
24
24 Spamassassin > /usr/local/etc/amavis.conf > /usr/local/etc/mail/spamassassin/local.cf > man Mail::SpamAssassin::Conf
25
25 Spamassassin Content-Type: text/html; charset="big5" Content-Transfer-Encoding: 8bit Sender: =?big5?B?wnmkSKR+?= Reply-To: VGpEz@btyft.com X-Virus-Scanned: amavisd-new at csie.nctu.edu.tw X-Spam-Status: Yes, hits=10.687 tagged_above=3 required=6.3 tests=BAYES_60, DATE_IN_PAST_96_XX, DOMAIN_RATIO, HTML_90_100, HTML_IMAGE_ONLY_20, HTML_IMAGE_RATIO_02, HTML_MESSAGE, HTML_WEB_BUGS, MIME_HTML_ONLY X-Spam-Level: ********** X-Spam-Flag: YES Status:
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.