Instalasi Postfix Untuk Mail Gateway di Debian 4.0 r3 (Webmin, MailScanner, SpamAssassin, Clamav, Pyzor and razor2, DCC,   Mailwatch)

1. Tambahkan Source list pada /etc/apt/source.list

deb http://volatile.debian.org/debian-volatile etch/volatile main contrib non-freedeb http://komo.vlsm.org/debian etch main non-free contribdeb http://komo.vlsm.org/debian etch-proposed-updates main non-free contribdeb http://debian.indika.net.id/debian etch main non-free contribdeb http://debian.indika.net.id/debian etch-proposed-updates main non-free contrib

Update source list dengan “apt-get update”

2. Secara default, debian akan menginstall aplikasi-aplikasi portmap, inetd, exim4, rpc.statd. Aplikasi ini membuka port2 yang sebenarnya tidak akan kita gunakan di sini. Jadi kita perlu memnonaktifkannya terlebih dahulu.

Kita bisa install sysv-rc-conf, kemudian menjalankannya dan memilih aplikasi2 yang akan kita aktifkan atau sebaliknya.

apt-get install sysv-rc-confsysv-rc-conf

Setelah selesai, reboot server anda.

# netstat -pln > untuk melihat port yang openActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp6 0 0 :::22 :::* LISTEN 1814/sshdudp 0 0 0.0.0.0:68 0.0.0.0:* 1888/dhclient3Active UNIX domain sockets (only servers)Proto RefCnt Flags Type State I-Node PID/Program name Pathunix 2 [ ACC ] STREAM LISTENING 4487 1795/acpid /var/run/acpid.socket

3. Install paket2 yang akan kita butuhkan nantinya.

apt-get install binutils cpp fetchmail flex gcc libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.3-dev libpcre3 libpopt-dev lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++ build-essential dpkg-dev db4.3-util vim bzip2 perl-doc libwww-perl libdbi-perl libconvert-binhex-perl libmail-spf-query-perl rblcheck libnet-ident-perl tnef pax libberkeleydb-perl unzoo arj lzop nomarch arc zoo libdb-file-lock-perl

4. Install unarj

cd /usr/srcwget ftp://ftp.gva.es/mirror/debian2/pool/main/a/arj/unarj_3.10.21-2_all.debdpkg -i unarj_3.10.21-2_all.deb

5. Install beberapa module perl yang dibutukan.

perl -MCPAN -e shell > pada saat awal akan ditanyakan mirror yang akan kita gunakan pilih sesuai regional masing2.

install Module::Buildinstall Mail::SPF (Needed for SPF Checking)

install NetAddr::IP (Needed for SPF Checking)install MLDBM::Sync this should also install MLDBM (Needed for MailWatch)

apt-get install libdbd-mysql-perl libapache-dbi-perl (Needed for MailWatch)

6. Install Webmin

apt-get install libauthen-pam-perl libio-pty-perl libmd5-perl libnet-ssleay-perl

Download webmin versi terbarucd /usr/srcwget http://internode.dl.sourceforge.net/sourceforge/webadmin/webmin_1.470_all.debdpkg -i webmin_1.470_all.deb

Kita bisa login hi https://localhost:10000 dengan user root dan password root server.

7. Install MySQL Server

apt-get install mysql-server mysql-client libmysqlclient15-dev

Seting password root : mysqladmin -u root password yourpasswordhere

8. Install Apache2 with php5 and ruby

apt-get install apache2 apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert

apt-get install libapache2-mod-php5 libapache2-mod-ruby php5 php5-common php5-curl php5-dev php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-mysql php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-sqlite php5-tidy php5-xmlrpc php5-xsl

Continue installing libc-client without Maildir support? <– Yes Kemudian kita edit file /etc/apache2/mods-available/dir.conf dan ubah menjadi :

DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl index.xhtml

Lalu kita enable module ssl, rewrite, suexec dan include

a2enmod ssla2enmod rewritea2enmod suexeca2enmod include

/etc/init.d/apache2 force-reload

9. Sinkronisasi dengan jam system dengan NTP

apt-get install ntp ntpdate

10. Setup Postfix

apt-get install postfix postfix-pcre postfix-mysql postfix-ldap cabextract lha unrar razor pyzor spamassassin

General type of mail configuration: <– Internet Site System mail name: = 2.02); however:Version of libmailtools-perl on system is 1.74-1.mailscanner depends on libole-storage-lite-perl (>= 0.17); however:Package libole-storage-lite-perl is not installed.dpkg: error processing mailscanner (–install):

dependency problems – leaving unconfiguredErrors were encountered while processing:mailscanner

Ini disebabkan karena versi beberapa paket yang kita install tidak sesuai dengan versi mailscannernya. Kita download dulu versi terbaru dari paket2 yang belum sesuai yaitu (libmailtools-perl dan libole-storage-lite-perl)

wget http://ftp.jp.debian.org/debian/pool/main/libm/libmailtools-perl/libmailtools-perl_2.04-1_all.debdpkg -i libmailtools-perl_2.04-1_all.deb

wget http://debian.mirror.inra.fr/debian/pool/main/libo/libole-storage-lite-perl/libole-storage-lite-perl_0.18-1_all.debdpkg -i libole-storage-lite-perl_0.18-1_all.deb

Baru kemudian, kita coba install lagi :

dpkg -i mailscanner_4.74.16-1_all.deb

Pyzor——

chmod -R a+rX /usr/share/doc/pyzor /usr/bin/pyzor /usr/bin/pyzordchmod -R a+rxX /usr/share/python-support/pyzorpyzor –homedir /var/lib/MailScanner discoverpyzor ping

Razor—–

rm /etc/razor/razor-agent.confmkdir /var/lib/MailScanner/.razorrazor-admin -home=/var/lib/MailScanner/.razor -createrazor-admin -home=/var/lib/MailScanner/.razor -discoverrazor-admin -home=/var/lib/MailScanner/.razor -registerchown -R postfix:www-data /var/lib/MailScannerchmod -R ug+rwx /var/lib/MailScanner

Edit file /var/lib/MailSCanner/.razor/razor.confTambahkan/edit baris menjadi :

debuglevel = 0razorhome = /var/lib/MailScanner/.razor/

DCC—-

cd /usr/src/wget http://packages.bosslinux.in/boss/pool/tarang/main/d/dcc/dcc-common_1.2.74-4_i386.debwget http://packages.bosslinux.in/boss/pool/tarang/main/d/dcc/dcc-server_1.2.74-4_i386.debdpkg -i dcc-common_1.2.74-4_i386.debdpkg -i dcc-server_1.2.74-4_i386.debwget http://www.rhyolite.com/dcc/source/dcc.tar.Ztar zxvf dcc.tar.Zcd dcc-1.3.103./configure

make && make install

13. Edit konfigurasi MailScanner dan clamav

postfix stopapt-get install clamav clamav-daemon

kemudian update database AV :

freshclammkdir /var/spool/MailScanner/spamassassincp /etc/MailScanner/MailScanner.conf /etc/MailScanner/MailScanner.conf.back

Edit MailScanner.conf, Ubah parameter di bawah ini:

%org-name% = ORGNAME%org-long-name% = ORGFULLNAME%web-site% = ORGWEBSITERun As User = postfixRun As Group = www-dataIncoming Queue Dir = /var/spool/postfix/holdOutgoing Queue Dir = /var/spool/postfix/incomingMTA = postfixVirus Scanners = clamavSpam Subject Text = ***SPAM***Send Notices = noSpam List = spamcop.net SBL+XBLRequired SpamAssassin Score = 6High SpamAssassin Score = 10Spam Actions = deliverHigh Scoring Spam Actions = deleteRebuild Bayes Every = 0Wait During Bayes Rebuild = noSpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

a. header_checks & body_checksAgar email yang masuk bisa difilter oleh Mailscanner, kita perlu membuat rule “hold” di postfix untuk email yang masuk.

postconf -e “header_checks = regexp:/etc/postfix/header_checks”vi /etc/postfix/header_checks/^Received:/ HOLD

b. Edit permission untuk mailscanner

Edit /etc/rc2.d/S20mailscanner jadi seperti:check_dir /var/spool/MailScanner ${user:-postfix} ${group:-www-data}#check_dir /var/lib/MailScanner ${user:-mail} ${group:-mail}#check_dir /var/run/MailScanner ${user:-mail} ${group:-mail}check_dir /var/lock/subsys/MailScanner ${user:-postfix} ${group:-www-data}

Pastikan parameter run_mailscanner di set 1 di /etc/default/mailscanner

run_mailscanner=1

c. Menambahkan Mailscanner Webmin Plugin

Login ke Webmin, https://localhost:10000, lalu install module mailscanner dari http://internap.dl.sourceforge.net/sourceforge/msfrontend/webmin-module-1.1-4.wbm. Lalu agar bisa plugin ini bisa berjalan, masuk ke module mailscanner-nya dan cek parameter2 ini:

Full path to MailScanner program /etc/init.d/mailscannerFull path and filename of MailScanner config file /etc/MailScanner/MailScanner.confFull path to the MailScanner bin directory /usr/sbinFull path and filename for the MailScanner pid file /var/run/MailScanner/MailScanner.pidCommand to start MailScanner /etc/init.d/mailscanner startCommand to stop MailScanner /etc/init.d/mailscanner stop

e. Jalankan kembali aplikasi mailnya.

/etc/init.d/mailscanner start/etc/init.d/postfix start

cek error dari log :

tail -f /var/log/mail.logAkan ada error “smtp dbclean[2324]: hostname “optimus22.ietf.org”: Unknown error in line 135 of /var/lib/dcc/whitecommon”.

Solving → Edit file /var/lib/dcc/whitecommon, hapus line ke 135

15. Instalasi MailWatch

Pastikan dulu MailScanner sudah berjalan sebelum melanjutkan instalasi MailWatch

Kita harus menginstall MySQL, Apache dan PHP. Selain itu, pastikan libdbd-mysql-perl sudah terinstall untuk sinkronisasi Mailscanner dengan database MySQL.

Cek parameter ini di file php.ini (/etc/php5/cli/php.ini dan /etc/php5/apache2/php.ini) :

short_open_tag = Onsafe_mode = Offregister_globals = Offmagic_quotes_gpc = Onmagic_quotes_runtime = Offsession.auto_start = 0

Hapus tanda ; atau # pada line :

extension=mysql.soextension=gd.so

Semua command harus dijalankan sebagai root.

cd /usr/src/wget http://downloads.sourceforge.net/mailwatch/mailwatch-1.0.4.tar.gztar xzvf mailwatch-1.0.4.tar.gzcd mailwatch-1.0.4

Membuat Database

mysql -p GRANT ALL ON mailscanner.* TO mailwatch@localhost IDENTIFIED BY ‘password’;

Ingat Passwordnya! Kita harus menambahkan tanda ‘ pada password.

Edit dan copy MailWatch.pm

Edit Mailwatch.pm dan ubah $db_user dan &db_pass value berdasarkan setting user mysql diatas.

mv Mailwatch.pm /etc/Mailscanner/CustomFunctions/Membuat Mailwatch Web User

Setting Username dan password untuk nanti login ke web mailwatch

mysql mailscanner -u mailwatch -pEnter password: ******mysql> INSERT INTO users VALUES (‘username’,md5(‘password’),’mailscanner’,'A’,’0′,’0′,’0′,’0′,’0′);

Install dan konfigure Mailwatchmv mailscanner/ /var/www/cd /var/www/mailscanner

Buat direktory temp:

mkdir tempchgrp www-data tempchmod g+w temp

chown root:www-data imageschmod ug+rwx imageschown root:www-data images/cachechmod ug+rwx images/cache

cp conf.php.example conf.phpvim conf.php, ubah settingannya jadi seperti ini:

define(DB_USER, ‘mailwatch’);define(DB_PASS, ‘password’);define(MAILWATCH_HOME, ‘/var/www/mailscanner’);define(MS_LIB_DIR, ‘/usr/share/MailScanner/’);define(QUARANTINE_USE_FLAG, true);

Setup MailScanner

Edit file /etc/MailScanner/MailScanner.conf

Quarantine User = rootQuarantine Group = www-dataQuarantine Permissions = 0660Quarantine Whole Message = yesAlways Looked Up Last = &MailWatchLoggingQuarantine Whole Message As Queue Files = noDetailed Spam Report = yesInclude Scores In SpamAssassin Report = yes

Integrasi SQL Balcklist/Whitelist

cd /usr/src/mailwatch-1.0.4vim SQLBlackWhiteList.pmmy($db_user) = ‘mailwatch’;my($db_pass) = ‘password’;

cp SQLBlackWhiteList.pm /etc/MailScanner/CustomFunctions/vim /etc/MailScanner/MailScanner.conf

Is Definitely Not Spam = &SQLWhitelistIs Definitely Spam = &SQLBlacklist

Membolehkan MailWatch untuk bekerja dengan Postfix Inbound/Outbound

cd /usr/srcwget http://www.gbnetwork.co.uk/mailscanner/files/postfixmail.tar.gztar xvfz postfixmail.tar.gzcd postfixmailcp postfix* /var/www/mailscannerpatch /var/www/mailscanner/functions.php functions.php.diff

SpamAssassin

mv /etc/spamassassin/local.cf /etc/spamassassin/local.cf.disabledcp /etc/MailScanner/spam.assassin.prefs.conf /etc/MailScanner/spam.assassin.prefs.conf.back

Tambahkan path ke pyzor dan razor :

vi /etc/MailScanner/spam.assassin.prefs.conf

Tambahkan baris dibawah ini ke spam.assassin.prefs.conf

pyzor_options –homedir /var/lib/MailScanner/razor_config /var/lib/MailScanner/.razor/razor-agent.conf

edit juga baris ini:

#bayes_auto_expire 0

Pindah Bayesian Database dan set permission-nya

vi /etc/MailScanner/spam.assassin.prefs.confbayes_path /etc/MailScanner/bayes/bayesbayes_file_mode 0660bayes_ignore_header X-YOURDOMAIN-COM-MailScannerbayes_ignore_header X-YOURDOMAIN-COM-MailScanner-SpamCheckbayes_ignore_header X-YOURDOMAIN-COM-MailScanner-SpamScorebayes_ignore_header X-YOURDOMAIN-COM-MailScanner-Information

“YOURDOMAIN-COM” bisa anda ubah sesuai dengan “%org-name%” di MailScanner.conf. Biarkan tanda “X-” nya

Buat directory baru untuk menyimpan bayes :

mkdir /etc/MailScanner/bayeschown -R root:www-data /etc/MailScanner/bayeschmod -R ug+rw /etc/MailScanner/bayeschmod g+s /etc/MailScanner/bayes

vim /etc/MailScanner/spam.assassin.prefs.conf

bayes_auto_expire 0

# paths to utilities

ifplugin Mail::SpamAssassin::Plugin::Pyzorpyzor_path /usr/bin/pyzorendififplugin Mail::SpamAssassin::Plugin::DCCdcc_path /usr/local/bin/dccprocendif

vi /etc/spamassassin/v310.pre , Uncomment / Hapus tanda # pada baris berikut :

loadplugin Mail::SpamAssassin::Plugin::DCCloadplugin Mail::SpamAssassin::Plugin::Razor2

Sekarang kita edit permission di file-file konfigurasinya :chown -R postfix:www-data /var/spool/MailScannerchown -R postfix:www-data /var/lib/MailScannerchown -R postfix:www-data /var/run/MailScannerchown -R postfix:www-data /var/lock/subsys/MailScannerchown -R postfix:www-data /var/spool/postfix/holdchmod -R ug+rwx /var/spool/postfix/hold

chmod -R u+rwx,g+rx /var/spool/MailScanner/quarantine

/etc/init.d/mailscanner restart

test setup mailscanner kita :

spamassassin -x -D -p /etc/MailScanner/spam.assassin.prefs.conf –lint

Perhatikan apakah DCC, Pyzor dan Razor sudah berjalan atau belum.Agar Mailwatch bisa berjalan dengan baik, edit db_clean

vim /usr/src/mailwatch-1.0.4/tools/db_clean.php#!/usr/bin/php -qn

Jadi

#!/usr/bin/php -q

cp /usr/src/mailwatch-1.0.4/tools/quarantine_maint.php /usr/bin/quarantine_maint.phpcp /usr/src/mailwatch-1.0.4/tools/db_clean.php /usr/bin/db_clean.phpchmod +x /usr/bin/quarantine_maint.phpchmod +x /usr/bin/db_clean.php

crontab -e

Tambahkan baris berikut:

15 10 * * 2 /usr/bin/quarantine_maint.php –clean &> /dev/null58 23 * * * /usr/bin/db_clean.php &> /dev/nullreboot

tail -f /var/log/mail.logApr 3 20:01:14 smtp dccd[2325]: 1.2.74 listening to port 6277 with /var/lib/dcc and 115 MByte windowApr 3 20:04:31 smtp MailScanner[2382]: MailScanner E-Mail Virus Scanner version 4.74.16 starting…Apr 3 20:04:31 smtp MailScanner[2382]: Read 848 hostnames from the phishing whitelistApr 3 20:04:31 smtp MailScanner[2382]: Read 4278 hostnames from the phishing blacklistApr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function SQLBlacklistApr 3 20:04:31 smtp MailScanner[2382]: Starting up SQL BlacklistApr 3 20:04:31 smtp MailScanner[2382]: Read 0 blacklist entriesApr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function MailWatchLoggingApr 3 20:04:31 smtp MailScanner[2382]: Started SQL Logging childApr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function SQLWhitelistApr 3 20:04:31 smtp MailScanner[2382]: Starting up SQL WhitelistApr 3 20:04:31 smtp MailScanner[2382]: Read 0 whitelist entries

Apr 3 20:04:32 smtp postfix/master[2440]: daemon started — version 2.3.8, configuration /etc/postfixApr 3 20:04:33 smtp MailScanner[2382]: Using SpamAssassin results cacheApr 3 20:04:33 smtp MailScanner[2382]: Connected to SpamAssassin cache databaseApr 3 20:04:33 smtp MailScanner[2382]: Enabling SpamAssassin auto-whitelist functionality…Apr 3 20:04:43 smtp MailScanner[2382]: Using locktype = flock

Login ke Mailscanner

Browsing ke http:///mailscanner. Tentunya sesuaikan hostname itu dengan server anda. Misalnya saya browsing ke http://smtp.msr.web.id/mailscanner atau bisa juga ke IP addressnya saja.

Sinkronisasi GeIP server

Ubah /var/www/mailscanner/geoip_update.php:vi /var/www/mailscanner/geoip_update.phpdbquery(“LOAD DATA INFILE

Jadi…

dbquery(“LOAD DATA LOCAL INFILEPastikan allow_url_fopen = On di seting php.iniKlik ‘Tools/Links’ menu dan pilih ‘Update GeoIP database’ lalu klik ‘Run Now’.

Lakukan pengetesan send/receive email, harusnya sudah berjalan. Cek mail.log untuk melihat error yang mungkin terjadi. Tapi, sampai sini Instalasi saya berjalan lancar.

Vim /var/www/mailscanner/clamav_status.php

Jadi…

16. Install dan Konfigure SPF

Sebagai informasi silahkan baca http://en.wikipedia.org/wiki/Sender_Policy_Framework

Okeh Kita mulai installnya ye…

Install dulu module perl Mail::SPF dan the NetAddr::IP

cd /usr/srcwget http://www.openspf.org/blobs/postfix-policyd-spf-perl-2.007.tar.gztar xvfz postfix-policyd-spf-perl-2.005.tar.gzcd postfix-policyd-spf-perl-2.005cp postfix-policyd-spf-perl /usr/lib/postfix/policyd-spf-perl

vi /etc/postfix/master.cf (Tambahkan line ini dibaris paling akhir)

policy unix – n n – - spawn

user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl

vim /etc/postfix/main.cf (Tambahkan pada bagian akhir dari smtpd_recipient_restrictions)

smtpd_recipient_restrictions = …..,reject_unauth_destination, check_policy_service unix:private/policy

(PENTING!check_policy_service harus diletakan setelah reject_unauth_destination.

/etc/init.d/postfix reload

17. Install dan Konfigure FuzzyOcr

FuzzyOcr memiliki cara analisa span yang berbeda dengan system ham(normal email) dan spam. Fuzzyocr bisa mendeteksi banyak tipe spam gambar dan bisa melindungi server dan user dari spammers.

apt-get install netpbm gifsicle libungif-bin gocr ocrad libstring-approx-perl libmldbm-sync-perl

imagemagick tesseract-ocr

cd /usr/src/wget http://users.own-hero.net/~decoder/fuzzyocr/fuzzyocr-3.5.1-devel.tar.gz

tar xvfz fuzzyocr-3.5.1-devel.tar.gzcd FuzzyOcr-3.5.1/mv FuzzyOcr* /etc/mail/spamassassin/wget http://www.gbnetwork.co.uk/mailscanner/FuzzyOcr.words -O /etc/mail/spamassassin/FuzzyOcr.words

Buat database untuk menyimpan data fuzzyocr

mysql -p < /etc/mail/spamassassin/FuzzyOcr.mysql Ubah passwordnya mysqladmin -u fuzzyocr -p fuzzyocr newpassword vi /etc/mail/spamassassin/FuzzyOcr.pm Ubah 'use POSIX;' menjadi 'POSIX qw(SIGTERM);' Edit konfigurasi Fuzzyocr vi /etc/mail/spamassassin/FuzzyOcr.cf focr_global_wordlist /etc/mail/spamassassin/FuzzyOcr.words Lalu ganti line ini: # Include additional scanner/preprocessor commands here: # focr_bin_helper pnmnorm, pnminvert, pamthreshold, ppmtopgm, pamtopnm focr_bin_helper tesseract Dengan : # Include additional scanner/preprocessor commands here: # focr_bin_helper pnmnorm, pnminvert, convert, ppmtopgm, tesseract Edit/enable line-line berikut ini: # Search path for locating helper applications focr_path_bin /usr/local/netpbm/bin:/usr/local/bin:/usr/bin focr_preprocessor_file /etc/mail/spamassassin/FuzzyOcr.preps focr_scanset_file /etc/mail/spamassassin/FuzzyOcr.scansets focr_digest_db /etc/mail/spamassassin/FuzzyOcr.hashdb focr_db_hash /etc/mail/spamassassin/FuzzyOcr.db focr_db_safe /etc/mail/spamassassin/FuzzyOcr.safe.db focr_minimal_scanset 1 focr_autosort_scanset 1 focr_enable_image_hashing 3 focr_logfile /var/log/FuzzyOcr.log #Mysql Connection# focr_mysql_db FuzzyOcr focr_mysql_hash Hash focr_mysql_safe Safe focr_mysql_user fuzzyocr focr_mysql_pass password focr_mysql_host localhost focr_mysql_port 3306 focr_mysql_socket /var/run/mysqld/mysqld.sock Test FuzzyOcr cd /usr/src/FuzzyOcr-3.5.1/samples spamassassin –debug FuzzyOcr /dev/null

Anda akan melihat baris kira-kira seperti ini:

[14808] info: FuzzyOcr: Found Score for Exact Image Hash[14808] info: FuzzyOcr: Matched [1] time(s). Prev match: 16 sec. ago[14808] info: FuzzyOcr: Message is SPAM. Words found:[14808] info: FuzzyOcr: “price” in 1 lines[14808] info: FuzzyOcr: “company” in 1 lines[14808] info: FuzzyOcr: “alert” in 1 lines[14808] info: FuzzyOcr: “news” in 1 lines[14808] info: FuzzyOcr: (6 word occurrences found)[14808] dbg: FuzzyOcr: Remove DIR: /tmp/.spamassassin14808JZSvHBtmp[14808] dbg: FuzzyOcr: Processed in 0.104555 sec.

1. Sanesecurity Signatures

Banyak SPAM yang di attach sebagai file .pdf, .xls, bahkan di archive sebagai .zip dan .rar. Clamav bisa menangkap dengan mudah ketika signature file dibuat untuk scan attachment file.

apt-get install curl

mkdir /usr/src/sanesecuritycd /usr/src/sanesecurity

wget http://www.inetmsg.com/pub/unofficial-sigs.shmv unofficial-sigs.sh /usr/bin/ss_bill.shchmod +x /usr/bin/ss_bill.sh

Edit ss_bill.sh dan ubah variabel2 berikut sesuai instalasi kita:

clam_dbs=”/var/lib/clamav” > direcktori dimana clamav signature akan disimpan

clamd_pid=”/var/run/clamav/clamd.pid” > arahkan ke file clamd.pidreload_dbs=”yes”reload_opt=”kill -USR2 `cat $clamd_pid`”work_dir=”/var/tmp/clamd” > menentukan dimana sanesecurity ini akan bekerja

user_configuration_complete=”yes”

Sekarang kita update script untuk mengecek download nya berhasil.

ss_bill.sh

hasilnya akan seperti ini:

Running script manually, do you want to pause execution (y/n)?: nRunning unofficial ClamAV database updates…

======================================================================SaneSecurity Database & Signature File Updates======================================================================

SaneSecurity mirror site used: ns.km33603.keymachine.de 87.118.124.191

Number of files: 19Number of files transferred: 12Total file size: 5090959 bytesTotal transferred file size: 5084880 bytesLiteral data: 210600 bytesMatched data: 4874280 bytesFile list size: 408File list generation time: 0.001 secondsFile list transfer time: 0.000 secondsTotal bytes sent: 26987Total bytes received: 29977

sent 26987 bytes received 29977 bytes 16275.43 bytes/sectotal size is 5090959 speedup is 89.37

Testing updated database file: phish.ndbgpg: Signature made Fri 13 Feb 2009 07:09:16 AM EST using DSA key ID 31EA4D9Egpg: Good signature from “Sanesecurity (Sanesecurity Signatures) “Clamscan reports phish.ndb database integrity tested good

Testing updated database file: scam.ndbgpg: Signature made Fri 13 Feb 2009 07:09:17 AM EST using DSA key ID 31EA4D9Egpg: Good signature from “Sanesecurity (Sanesecurity Signatures) “

[…....]

crontab -e

Tambahkan baris ini:

00 04 * * * /usr/bin/ss_bill.sh &> /dev/null

19. Install AlterMIME

apt-get install altermime

useradd -r -c “Postfix Filters” -d /var/spool/filter filtermkdir /var/spool/filterchown filter:filter /var/spool/filterchmod 750 /var/spool/filter

cp /usr/share/doc/altermime/examples/postfix_filter.sh /etc/postfix/disclaimerchgrp filter /etc/postfix/disclaimerchmod 750 /etc/postfix/disclaimer

vi /etc/postfix/disclaimer_addressesuser1@example.comuser2@example.orguser3@example.net

vi /etc/postfix/disclaimer

#!/bin/sh# Localize these.INSPECT_DIR=/var/spool/filterSENDMAIL=/usr/sbin/sendmail####### Changed From Original Script #######DISCLAIMER_ADDRESSES=/etc/postfix/disclaimer_addresses####### Changed From Original Script END ######## Exit codes from EX_TEMPFAIL=75EX_UNAVAILABLE=69# Clean up when done or when aborting.trap “rm -f in.$$” 0 1 2 3 15# Start processing.cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit$EX_TEMPFAIL; }cat >in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; }####### Changed From Original Script ######## obtain From addressfrom_address=`grep -m 1 “From:” in.$$ | cut -d “” -f 1`if [ `grep -wi ^${from_address}$ ${DISCLAIMER_ADDRESSES}` ]; then/usr/bin/altermime –input=in.$$ \–disclaimer=/etc/postfix/disclaimer.txt \–disclaimer-html=/etc/postfix/disclaimer.txt \–xheader=”X-Copyrighted-Material: Please visit http://www.company.com/privacy.htm” || \{ echo Message content rejected; exit $EX_UNAVAILABLE; }fi####### Changed From Original Script END #######$SENDMAIL “$@” exit $?

cp /usr/share/doc/altermime/examples/disclaimer.txt /etc/postfix/disclaimer.txt

vi /etc/postfix/master.cf

## Postfix master process configuration file. For details on the format# of the file, see the master(5) manual page (command: “man 5 master”).

## =========================================================================# service type private unpriv chroot wakeup maxproc command + args# (yes) (yes) (yes) (never) (100)# ==========================================================================smtp inet n – – – – smtpd-o content_filter=dfilt:

di akhir nya kita tambahkan juga :

[...]dfilt unix – n n – – pipe

flags=Rq user=filter argv=/etc/postfix/disclaimer -f ${sender} — ${recipient}

/etc/init.d/postfix restart

Selesai! Sekarang disclaimer/penolakan akan ditambahkan pada email yang dikirm dari alamat yang dicantumkan di /etc/postfix/discalaimer_addressess.