 |
 |
 |
|
|
●postfix + clamav + clamsmtpでウィルス対策(Vine4.1)●
[インストール環境]
※今回もすべてapt-get、RPMを構築してインストールすることを前提に説明していきます。
[1] clamavのインストール
[2] clamd.confの編集
--------------------------------------------------------- #Example LogFile /var/log/clamd LocalSocket /var/run/clamav/clamd FixStaleSocket yes User clamv ---------------------------------------------------------
[3] freshclam.confの編集
--------------------------------------------------------- #Example ---------------------------------------------------------
[4] clamavディレクトリ作成
[5] ログファイルの作成
[6] ログファイルをlogrotateに追加
---------------------------------------------------------
/var/log/clamd {
create 666 root root
}
---------------------------------------------------------
[7] clamdデーモンの異常終了を監視/復旧させるスクリプトを作成
---------------------------------------------------------
#!/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
COUNT=`ls /var/run/clamav/clamd | wc -l`
if [ $COUNT -eq 0 ]; then
/etc/rc.d/init.d/clamd start
fi
---------------------------------------------------------
> chmod 755 /usr/local/bin/clamdcheck.sh
[8] cronにウィルス定義ファイルの自動更新、監視/復旧スクリプトを追加
--------------------------------------------------------- 0 * * * * /usr/bin/freshclam --daemon-notify --quiet -l /var/log/clamd 10 * * * /usr/local/bin/clamdcheck.sh ---------------------------------------------------------
[9] 起動スクリプトの作成
---------------------------------------------------------
#!/bin/bash
# chkconfig: 345 80 20
# description: Clamd DAEMON
. /etc/init.d/functions
prog="/usr/sbin/clamd"
prog_base="$(basename ${prog})"
prog_config_file="/etc/clamd.conf"
RETVAL=0
# See how we were called.
case "$1" in
start)
action $"Starting ${prog_base}:" ${prog} -c ${prog_config_file}
RETVAL=$?
echo
;;
stop)
echo $"Shutting down ${prog_base}"
killproc ${prog_base}
RETVAL=$?
echo
;;
status)
status $"${prog_base}"
RETVAL=$?
echo
;;
restart)
$0 stop
$0 start
RETVAL=$?
;;
reload)
pid=`pidofproc ${prog_base}`
kill -USR2 ${pid}
RETVAL=$?
;;
*)
echo "Usage: $0 {start|stop|status|restart|reload}"
exit 1
esac
exit $RETVAL
---------------------------------------------------------
> chmod 755 /etc/rc.d/init.d/clamd
[10] ランレベルに追加
[11] clamavを起動
[12] clamsmtpのSRPMを入手 > wget http://www.inet.lt/clamsmtp/clamsmtp-1.8-1.src.rpm
[13] clamsmtpのSRPMをインストール
[14] clamsmtpのRPMをビルド
[15] clamsmtpのRPMをインストール
[16] clamsmtp.confの編集
--------------------------------------------------------- OutAddress: 127.0.0.1:10026 Listen: 127.0.0.1:10025 ClamAddress: /var/run/clamav/clamd User: clamav VirusAction: /usr/local/bin/virusalert.sh ---------------------------------------------------------
[17] ウィルス検出時にメール通知するスクリプトを作成
--------------------------------------------------------- #!/bin/sh FROM='Clam Antivirus <clamav@example.com>' TO=$RECIPIENTS MAILER='/usr/sbin/sendmail -it' SUBJECT=`/bin/echo "ウィルスが検出されました" | /usr/bin/nkf -jMB` $MAILER <<EOM From: $FROM To: $TO Subject: =?ISO-2022-JP?B?$SUBJECT?= A virus was found. [Virus] $VIRUS [From] $SENDER [To] $RECIPIENTS EOM exit 0 ---------------------------------------------------------> chmod 755 /usr/local/bin/virusalert.sh
[18] main.cfに下記を追加
--------------------------------------------------------- content_filter = scan:127.0.0.1:10025 receive_override_options = no_address_mappings ---------------------------------------------------------
[19] master.cfに下記を追加
---------------------------------------------------------
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
127.0.0.1:10026 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
---------------------------------------------------------
[20] postfixを再起動
|
|
|
 |
|
 |