Instalasi Postfix Untuk Mail Gateway Di Debian 4
Click here to load reader
-
Upload
fadly-jack -
Category
Documents
-
view
124 -
download
5
Transcript of Instalasi Postfix Untuk Mail Gateway Di Debian 4
![Page 1: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/1.jpg)
Instalasi Postfix Untuk Mail Gateway di Debian 4.0 r3 (Webmin, MailScanner, SpamAssassin, Clamav, Pyzor and razor2, DCC, Mailwatch)
1. Tambahkan Source list pada /etc/apt/source.list
deb http://volatile.debian.org/debian-volatile etch/volatile main contrib non-freedeb http://komo.vlsm.org/debian etch main non-free contribdeb http://komo.vlsm.org/debian etch-proposed-updates main non-free contribdeb http://debian.indika.net.id/debian etch main non-free contribdeb http://debian.indika.net.id/debian etch-proposed-updates main non-free contrib
Update source list dengan “apt-get update”
2. Secara default, debian akan menginstall aplikasi-aplikasi portmap, inetd, exim4, rpc.statd. Aplikasi ini membuka port2 yang sebenarnya tidak akan kita gunakan di sini. Jadi kita perlu memnonaktifkannya terlebih dahulu.
Kita bisa install sysv-rc-conf, kemudian menjalankannya dan memilih aplikasi2 yang akan kita aktifkan atau sebaliknya.
apt-get install sysv-rc-confsysv-rc-conf
Setelah selesai, reboot server anda.
# netstat -pln > untuk melihat port yang openActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp6 0 0 :::22 :::* LISTEN 1814/sshdudp 0 0 0.0.0.0:68 0.0.0.0:* 1888/dhclient3Active UNIX domain sockets (only servers)Proto RefCnt Flags Type State I-Node PID/Program name Pathunix 2 [ ACC ] STREAM LISTENING 4487 1795/acpid /var/run/acpid.socket
3. Install paket2 yang akan kita butuhkan nantinya.
apt-get install binutils cpp fetchmail flex gcc libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.3-dev libpcre3 libpopt-dev lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++ build-essential dpkg-dev db4.3-util vim bzip2 perl-doc libwww-perl libdbi-perl libconvert-binhex-perl libmail-spf-query-perl rblcheck libnet-ident-perl tnef pax libberkeleydb-perl unzoo arj lzop nomarch arc zoo libdb-file-lock-perl
4. Install unarj
cd /usr/srcwget ftp://ftp.gva.es/mirror/debian2/pool/main/a/arj/unarj_3.10.21-2_all.debdpkg -i unarj_3.10.21-2_all.deb
5. Install beberapa module perl yang dibutukan.
perl -MCPAN -e shell > pada saat awal akan ditanyakan mirror yang akan kita gunakan pilih sesuai regional masing2.
install Module::Buildinstall Mail::SPF (Needed for SPF Checking)
![Page 2: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/2.jpg)
install NetAddr::IP (Needed for SPF Checking)install MLDBM::Sync this should also install MLDBM (Needed for MailWatch)
apt-get install libdbd-mysql-perl libapache-dbi-perl (Needed for MailWatch)
6. Install Webmin
apt-get install libauthen-pam-perl libio-pty-perl libmd5-perl libnet-ssleay-perl
Download webmin versi terbarucd /usr/srcwget http://internode.dl.sourceforge.net/sourceforge/webadmin/webmin_1.470_all.debdpkg -i webmin_1.470_all.deb
Kita bisa login hi https://localhost:10000 dengan user root dan password root server.
7. Install MySQL Server
apt-get install mysql-server mysql-client libmysqlclient15-dev
Seting password root : mysqladmin -u root password yourpasswordhere
8. Install Apache2 with php5 and ruby
apt-get install apache2 apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert
apt-get install libapache2-mod-php5 libapache2-mod-ruby php5 php5-common php5-curl php5-dev php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-mysql php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-sqlite php5-tidy php5-xmlrpc php5-xsl
Continue installing libc-client without Maildir support? <– Yes Kemudian kita edit file /etc/apache2/mods-available/dir.conf dan ubah menjadi :
DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl index.xhtml
Lalu kita enable module ssl, rewrite, suexec dan include
a2enmod ssla2enmod rewritea2enmod suexeca2enmod include
/etc/init.d/apache2 force-reload
9. Sinkronisasi dengan jam system dengan NTP
apt-get install ntp ntpdate
10. Setup Postfix
apt-get install postfix postfix-pcre postfix-mysql postfix-ldap cabextract lha unrar razor pyzor spamassassin
General type of mail configuration: <– Internet Site System mail name: = 2.02); however:Version of libmailtools-perl on system is 1.74-1.mailscanner depends on libole-storage-lite-perl (>= 0.17); however:Package libole-storage-lite-perl is not installed.dpkg: error processing mailscanner (–install):
![Page 3: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/3.jpg)
dependency problems – leaving unconfiguredErrors were encountered while processing:mailscanner
Ini disebabkan karena versi beberapa paket yang kita install tidak sesuai dengan versi mailscannernya. Kita download dulu versi terbaru dari paket2 yang belum sesuai yaitu (libmailtools-perl dan libole-storage-lite-perl)
wget http://ftp.jp.debian.org/debian/pool/main/libm/libmailtools-perl/libmailtools-perl_2.04-1_all.debdpkg -i libmailtools-perl_2.04-1_all.deb
wget http://debian.mirror.inra.fr/debian/pool/main/libo/libole-storage-lite-perl/libole-storage-lite-perl_0.18-1_all.debdpkg -i libole-storage-lite-perl_0.18-1_all.deb
Baru kemudian, kita coba install lagi :
dpkg -i mailscanner_4.74.16-1_all.deb
Pyzor——
chmod -R a+rX /usr/share/doc/pyzor /usr/bin/pyzor /usr/bin/pyzordchmod -R a+rxX /usr/share/python-support/pyzorpyzor –homedir /var/lib/MailScanner discoverpyzor ping
Razor—–
rm /etc/razor/razor-agent.confmkdir /var/lib/MailScanner/.razorrazor-admin -home=/var/lib/MailScanner/.razor -createrazor-admin -home=/var/lib/MailScanner/.razor -discoverrazor-admin -home=/var/lib/MailScanner/.razor -registerchown -R postfix:www-data /var/lib/MailScannerchmod -R ug+rwx /var/lib/MailScanner
Edit file /var/lib/MailSCanner/.razor/razor.confTambahkan/edit baris menjadi :
debuglevel = 0razorhome = /var/lib/MailScanner/.razor/
DCC—-
cd /usr/src/wget http://packages.bosslinux.in/boss/pool/tarang/main/d/dcc/dcc-common_1.2.74-4_i386.debwget http://packages.bosslinux.in/boss/pool/tarang/main/d/dcc/dcc-server_1.2.74-4_i386.debdpkg -i dcc-common_1.2.74-4_i386.debdpkg -i dcc-server_1.2.74-4_i386.debwget http://www.rhyolite.com/dcc/source/dcc.tar.Ztar zxvf dcc.tar.Zcd dcc-1.3.103./configure
make && make install
![Page 4: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/4.jpg)
13. Edit konfigurasi MailScanner dan clamav
postfix stopapt-get install clamav clamav-daemon
kemudian update database AV :
freshclammkdir /var/spool/MailScanner/spamassassincp /etc/MailScanner/MailScanner.conf /etc/MailScanner/MailScanner.conf.back
Edit MailScanner.conf, Ubah parameter di bawah ini:
%org-name% = ORGNAME%org-long-name% = ORGFULLNAME%web-site% = ORGWEBSITERun As User = postfixRun As Group = www-dataIncoming Queue Dir = /var/spool/postfix/holdOutgoing Queue Dir = /var/spool/postfix/incomingMTA = postfixVirus Scanners = clamavSpam Subject Text = ***SPAM***Send Notices = noSpam List = spamcop.net SBL+XBLRequired SpamAssassin Score = 6High SpamAssassin Score = 10Spam Actions = deliverHigh Scoring Spam Actions = deleteRebuild Bayes Every = 0Wait During Bayes Rebuild = noSpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
a. header_checks & body_checksAgar email yang masuk bisa difilter oleh Mailscanner, kita perlu membuat rule “hold” di postfix untuk email yang masuk.
postconf -e “header_checks = regexp:/etc/postfix/header_checks”vi /etc/postfix/header_checks/^Received:/ HOLD
b. Edit permission untuk mailscanner
Edit /etc/rc2.d/S20mailscanner jadi seperti:check_dir /var/spool/MailScanner ${user:-postfix} ${group:-www-data}#check_dir /var/lib/MailScanner ${user:-mail} ${group:-mail}#check_dir /var/run/MailScanner ${user:-mail} ${group:-mail}check_dir /var/lock/subsys/MailScanner ${user:-postfix} ${group:-www-data}
Pastikan parameter run_mailscanner di set 1 di /etc/default/mailscanner
run_mailscanner=1
c. Menambahkan Mailscanner Webmin Plugin
Login ke Webmin, https://localhost:10000, lalu install module mailscanner dari http://internap.dl.sourceforge.net/sourceforge/msfrontend/webmin-module-1.1-4.wbm. Lalu agar bisa plugin ini bisa berjalan, masuk ke module mailscanner-nya dan cek parameter2 ini:
![Page 5: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/5.jpg)
Full path to MailScanner program /etc/init.d/mailscannerFull path and filename of MailScanner config file /etc/MailScanner/MailScanner.confFull path to the MailScanner bin directory /usr/sbinFull path and filename for the MailScanner pid file /var/run/MailScanner/MailScanner.pidCommand to start MailScanner /etc/init.d/mailscanner startCommand to stop MailScanner /etc/init.d/mailscanner stop
e. Jalankan kembali aplikasi mailnya.
/etc/init.d/mailscanner start/etc/init.d/postfix start
cek error dari log :
tail -f /var/log/mail.logAkan ada error “smtp dbclean[2324]: hostname “optimus22.ietf.org”: Unknown error in line 135 of /var/lib/dcc/whitecommon”.
Solving → Edit file /var/lib/dcc/whitecommon, hapus line ke 135
15. Instalasi MailWatch
Pastikan dulu MailScanner sudah berjalan sebelum melanjutkan instalasi MailWatch
Kita harus menginstall MySQL, Apache dan PHP. Selain itu, pastikan libdbd-mysql-perl sudah terinstall untuk sinkronisasi Mailscanner dengan database MySQL.
Cek parameter ini di file php.ini (/etc/php5/cli/php.ini dan /etc/php5/apache2/php.ini) :
short_open_tag = Onsafe_mode = Offregister_globals = Offmagic_quotes_gpc = Onmagic_quotes_runtime = Offsession.auto_start = 0
Hapus tanda ; atau # pada line :
extension=mysql.soextension=gd.so
Semua command harus dijalankan sebagai root.
cd /usr/src/wget http://downloads.sourceforge.net/mailwatch/mailwatch-1.0.4.tar.gztar xzvf mailwatch-1.0.4.tar.gzcd mailwatch-1.0.4
Membuat Database
mysql -p GRANT ALL ON mailscanner.* TO mailwatch@localhost IDENTIFIED BY ‘password’;
Ingat Passwordnya! Kita harus menambahkan tanda ‘ pada password.
Edit dan copy MailWatch.pm
Edit Mailwatch.pm dan ubah $db_user dan &db_pass value berdasarkan setting user mysql diatas.
![Page 6: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/6.jpg)
mv Mailwatch.pm /etc/Mailscanner/CustomFunctions/Membuat Mailwatch Web User
Setting Username dan password untuk nanti login ke web mailwatch
mysql mailscanner -u mailwatch -pEnter password: ******mysql> INSERT INTO users VALUES (‘username’,md5(‘password’),’mailscanner’,'A’,’0′,’0′,’0′,’0′,’0′);
Install dan konfigure Mailwatchmv mailscanner/ /var/www/cd /var/www/mailscanner
Buat direktory temp:
mkdir tempchgrp www-data tempchmod g+w temp
chown root:www-data imageschmod ug+rwx imageschown root:www-data images/cachechmod ug+rwx images/cache
cp conf.php.example conf.phpvim conf.php, ubah settingannya jadi seperti ini:
define(DB_USER, ‘mailwatch’);define(DB_PASS, ‘password’);define(MAILWATCH_HOME, ‘/var/www/mailscanner’);define(MS_LIB_DIR, ‘/usr/share/MailScanner/’);define(QUARANTINE_USE_FLAG, true);
Setup MailScanner
Edit file /etc/MailScanner/MailScanner.conf
Quarantine User = rootQuarantine Group = www-dataQuarantine Permissions = 0660Quarantine Whole Message = yesAlways Looked Up Last = &MailWatchLoggingQuarantine Whole Message As Queue Files = noDetailed Spam Report = yesInclude Scores In SpamAssassin Report = yes
Integrasi SQL Balcklist/Whitelist
cd /usr/src/mailwatch-1.0.4vim SQLBlackWhiteList.pmmy($db_user) = ‘mailwatch’;my($db_pass) = ‘password’;
cp SQLBlackWhiteList.pm /etc/MailScanner/CustomFunctions/vim /etc/MailScanner/MailScanner.conf
Is Definitely Not Spam = &SQLWhitelistIs Definitely Spam = &SQLBlacklist
![Page 7: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/7.jpg)
Membolehkan MailWatch untuk bekerja dengan Postfix Inbound/Outbound
cd /usr/srcwget http://www.gbnetwork.co.uk/mailscanner/files/postfixmail.tar.gztar xvfz postfixmail.tar.gzcd postfixmailcp postfix* /var/www/mailscannerpatch /var/www/mailscanner/functions.php functions.php.diff
SpamAssassin
mv /etc/spamassassin/local.cf /etc/spamassassin/local.cf.disabledcp /etc/MailScanner/spam.assassin.prefs.conf /etc/MailScanner/spam.assassin.prefs.conf.back
Tambahkan path ke pyzor dan razor :
vi /etc/MailScanner/spam.assassin.prefs.conf
Tambahkan baris dibawah ini ke spam.assassin.prefs.conf
pyzor_options –homedir /var/lib/MailScanner/razor_config /var/lib/MailScanner/.razor/razor-agent.conf
edit juga baris ini:
#bayes_auto_expire 0
Pindah Bayesian Database dan set permission-nya
vi /etc/MailScanner/spam.assassin.prefs.confbayes_path /etc/MailScanner/bayes/bayesbayes_file_mode 0660bayes_ignore_header X-YOURDOMAIN-COM-MailScannerbayes_ignore_header X-YOURDOMAIN-COM-MailScanner-SpamCheckbayes_ignore_header X-YOURDOMAIN-COM-MailScanner-SpamScorebayes_ignore_header X-YOURDOMAIN-COM-MailScanner-Information
“YOURDOMAIN-COM” bisa anda ubah sesuai dengan “%org-name%” di MailScanner.conf. Biarkan tanda “X-” nya
Buat directory baru untuk menyimpan bayes :
mkdir /etc/MailScanner/bayeschown -R root:www-data /etc/MailScanner/bayeschmod -R ug+rw /etc/MailScanner/bayeschmod g+s /etc/MailScanner/bayes
vim /etc/MailScanner/spam.assassin.prefs.conf
bayes_auto_expire 0
# paths to utilities
ifplugin Mail::SpamAssassin::Plugin::Pyzorpyzor_path /usr/bin/pyzorendififplugin Mail::SpamAssassin::Plugin::DCCdcc_path /usr/local/bin/dccprocendif
![Page 8: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/8.jpg)
vi /etc/spamassassin/v310.pre , Uncomment / Hapus tanda # pada baris berikut :
loadplugin Mail::SpamAssassin::Plugin::DCCloadplugin Mail::SpamAssassin::Plugin::Razor2
Sekarang kita edit permission di file-file konfigurasinya :chown -R postfix:www-data /var/spool/MailScannerchown -R postfix:www-data /var/lib/MailScannerchown -R postfix:www-data /var/run/MailScannerchown -R postfix:www-data /var/lock/subsys/MailScannerchown -R postfix:www-data /var/spool/postfix/holdchmod -R ug+rwx /var/spool/postfix/hold
chmod -R u+rwx,g+rx /var/spool/MailScanner/quarantine
/etc/init.d/mailscanner restart
test setup mailscanner kita :
spamassassin -x -D -p /etc/MailScanner/spam.assassin.prefs.conf –lint
Perhatikan apakah DCC, Pyzor dan Razor sudah berjalan atau belum.Agar Mailwatch bisa berjalan dengan baik, edit db_clean
vim /usr/src/mailwatch-1.0.4/tools/db_clean.php#!/usr/bin/php -qn
Jadi
#!/usr/bin/php -q
cp /usr/src/mailwatch-1.0.4/tools/quarantine_maint.php /usr/bin/quarantine_maint.phpcp /usr/src/mailwatch-1.0.4/tools/db_clean.php /usr/bin/db_clean.phpchmod +x /usr/bin/quarantine_maint.phpchmod +x /usr/bin/db_clean.php
crontab -e
Tambahkan baris berikut:
15 10 * * 2 /usr/bin/quarantine_maint.php –clean &> /dev/null58 23 * * * /usr/bin/db_clean.php &> /dev/nullreboot
tail -f /var/log/mail.logApr 3 20:01:14 smtp dccd[2325]: 1.2.74 listening to port 6277 with /var/lib/dcc and 115 MByte windowApr 3 20:04:31 smtp MailScanner[2382]: MailScanner E-Mail Virus Scanner version 4.74.16 starting…Apr 3 20:04:31 smtp MailScanner[2382]: Read 848 hostnames from the phishing whitelistApr 3 20:04:31 smtp MailScanner[2382]: Read 4278 hostnames from the phishing blacklistApr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function SQLBlacklistApr 3 20:04:31 smtp MailScanner[2382]: Starting up SQL BlacklistApr 3 20:04:31 smtp MailScanner[2382]: Read 0 blacklist entriesApr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function MailWatchLoggingApr 3 20:04:31 smtp MailScanner[2382]: Started SQL Logging childApr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function SQLWhitelistApr 3 20:04:31 smtp MailScanner[2382]: Starting up SQL WhitelistApr 3 20:04:31 smtp MailScanner[2382]: Read 0 whitelist entries
![Page 9: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/9.jpg)
Apr 3 20:04:32 smtp postfix/master[2440]: daemon started — version 2.3.8, configuration /etc/postfixApr 3 20:04:33 smtp MailScanner[2382]: Using SpamAssassin results cacheApr 3 20:04:33 smtp MailScanner[2382]: Connected to SpamAssassin cache databaseApr 3 20:04:33 smtp MailScanner[2382]: Enabling SpamAssassin auto-whitelist functionality…Apr 3 20:04:43 smtp MailScanner[2382]: Using locktype = flock
Login ke Mailscanner
Browsing ke http:///mailscanner. Tentunya sesuaikan hostname itu dengan server anda. Misalnya saya browsing ke http://smtp.msr.web.id/mailscanner atau bisa juga ke IP addressnya saja.
Sinkronisasi GeIP server
Ubah /var/www/mailscanner/geoip_update.php:vi /var/www/mailscanner/geoip_update.phpdbquery(“LOAD DATA INFILE
Jadi…
dbquery(“LOAD DATA LOCAL INFILEPastikan allow_url_fopen = On di seting php.iniKlik ‘Tools/Links’ menu dan pilih ‘Update GeoIP database’ lalu klik ‘Run Now’.
Lakukan pengetesan send/receive email, harusnya sudah berjalan. Cek mail.log untuk melihat error yang mungkin terjadi. Tapi, sampai sini Instalasi saya berjalan lancar.
Vim /var/www/mailscanner/clamav_status.php
Jadi…
16. Install dan Konfigure SPF
Sebagai informasi silahkan baca http://en.wikipedia.org/wiki/Sender_Policy_Framework
Okeh Kita mulai installnya ye…
Install dulu module perl Mail::SPF dan the NetAddr::IP
cd /usr/srcwget http://www.openspf.org/blobs/postfix-policyd-spf-perl-2.007.tar.gztar xvfz postfix-policyd-spf-perl-2.005.tar.gzcd postfix-policyd-spf-perl-2.005cp postfix-policyd-spf-perl /usr/lib/postfix/policyd-spf-perl
vi /etc/postfix/master.cf (Tambahkan line ini dibaris paling akhir)
policy unix – n n – - spawn
user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl
vim /etc/postfix/main.cf (Tambahkan pada bagian akhir dari smtpd_recipient_restrictions)
smtpd_recipient_restrictions = …..,reject_unauth_destination, check_policy_service unix:private/policy
(PENTING!check_policy_service harus diletakan setelah reject_unauth_destination.
/etc/init.d/postfix reload
17. Install dan Konfigure FuzzyOcr
![Page 10: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/10.jpg)
FuzzyOcr memiliki cara analisa span yang berbeda dengan system ham(normal email) dan spam. Fuzzyocr bisa mendeteksi banyak tipe spam gambar dan bisa melindungi server dan user dari spammers.
apt-get install netpbm gifsicle libungif-bin gocr ocrad libstring-approx-perl libmldbm-sync-perl
imagemagick tesseract-ocr
cd /usr/src/wget http://users.own-hero.net/~decoder/fuzzyocr/fuzzyocr-3.5.1-devel.tar.gz
tar xvfz fuzzyocr-3.5.1-devel.tar.gzcd FuzzyOcr-3.5.1/mv FuzzyOcr* /etc/mail/spamassassin/wget http://www.gbnetwork.co.uk/mailscanner/FuzzyOcr.words -O /etc/mail/spamassassin/FuzzyOcr.words
Buat database untuk menyimpan data fuzzyocr
mysql -p < /etc/mail/spamassassin/FuzzyOcr.mysql Ubah passwordnya mysqladmin -u fuzzyocr -p fuzzyocr newpassword vi /etc/mail/spamassassin/FuzzyOcr.pm Ubah 'use POSIX;' menjadi 'POSIX qw(SIGTERM);' Edit konfigurasi Fuzzyocr vi /etc/mail/spamassassin/FuzzyOcr.cf focr_global_wordlist /etc/mail/spamassassin/FuzzyOcr.words Lalu ganti line ini: # Include additional scanner/preprocessor commands here: # focr_bin_helper pnmnorm, pnminvert, pamthreshold, ppmtopgm, pamtopnm focr_bin_helper tesseract Dengan : # Include additional scanner/preprocessor commands here: # focr_bin_helper pnmnorm, pnminvert, convert, ppmtopgm, tesseract Edit/enable line-line berikut ini: # Search path for locating helper applications focr_path_bin /usr/local/netpbm/bin:/usr/local/bin:/usr/bin focr_preprocessor_file /etc/mail/spamassassin/FuzzyOcr.preps focr_scanset_file /etc/mail/spamassassin/FuzzyOcr.scansets focr_digest_db /etc/mail/spamassassin/FuzzyOcr.hashdb focr_db_hash /etc/mail/spamassassin/FuzzyOcr.db focr_db_safe /etc/mail/spamassassin/FuzzyOcr.safe.db focr_minimal_scanset 1 focr_autosort_scanset 1 focr_enable_image_hashing 3 focr_logfile /var/log/FuzzyOcr.log #Mysql Connection# focr_mysql_db FuzzyOcr focr_mysql_hash Hash focr_mysql_safe Safe focr_mysql_user fuzzyocr focr_mysql_pass password focr_mysql_host localhost focr_mysql_port 3306 focr_mysql_socket /var/run/mysqld/mysqld.sock Test FuzzyOcr cd /usr/src/FuzzyOcr-3.5.1/samples spamassassin –debug FuzzyOcr /dev/null
Anda akan melihat baris kira-kira seperti ini:
[14808] info: FuzzyOcr: Found Score for Exact Image Hash[14808] info: FuzzyOcr: Matched [1] time(s). Prev match: 16 sec. ago[14808] info: FuzzyOcr: Message is SPAM. Words found:[14808] info: FuzzyOcr: “price” in 1 lines[14808] info: FuzzyOcr: “company” in 1 lines[14808] info: FuzzyOcr: “alert” in 1 lines[14808] info: FuzzyOcr: “news” in 1 lines[14808] info: FuzzyOcr: (6 word occurrences found)[14808] dbg: FuzzyOcr: Remove DIR: /tmp/.spamassassin14808JZSvHBtmp[14808] dbg: FuzzyOcr: Processed in 0.104555 sec.
1. Sanesecurity Signatures
Banyak SPAM yang di attach sebagai file .pdf, .xls, bahkan di archive sebagai .zip dan .rar. Clamav bisa menangkap dengan mudah ketika signature file dibuat untuk scan attachment file.
apt-get install curl
mkdir /usr/src/sanesecuritycd /usr/src/sanesecurity
![Page 11: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/11.jpg)
wget http://www.inetmsg.com/pub/unofficial-sigs.shmv unofficial-sigs.sh /usr/bin/ss_bill.shchmod +x /usr/bin/ss_bill.sh
Edit ss_bill.sh dan ubah variabel2 berikut sesuai instalasi kita:
clam_dbs=”/var/lib/clamav” > direcktori dimana clamav signature akan disimpan
clamd_pid=”/var/run/clamav/clamd.pid” > arahkan ke file clamd.pidreload_dbs=”yes”reload_opt=”kill -USR2 `cat $clamd_pid`”work_dir=”/var/tmp/clamd” > menentukan dimana sanesecurity ini akan bekerja
user_configuration_complete=”yes”
Sekarang kita update script untuk mengecek download nya berhasil.
ss_bill.sh
hasilnya akan seperti ini:
Running script manually, do you want to pause execution (y/n)?: nRunning unofficial ClamAV database updates…
======================================================================SaneSecurity Database & Signature File Updates======================================================================
SaneSecurity mirror site used: ns.km33603.keymachine.de 87.118.124.191
Number of files: 19Number of files transferred: 12Total file size: 5090959 bytesTotal transferred file size: 5084880 bytesLiteral data: 210600 bytesMatched data: 4874280 bytesFile list size: 408File list generation time: 0.001 secondsFile list transfer time: 0.000 secondsTotal bytes sent: 26987Total bytes received: 29977
sent 26987 bytes received 29977 bytes 16275.43 bytes/sectotal size is 5090959 speedup is 89.37
Testing updated database file: phish.ndbgpg: Signature made Fri 13 Feb 2009 07:09:16 AM EST using DSA key ID 31EA4D9Egpg: Good signature from “Sanesecurity (Sanesecurity Signatures) “Clamscan reports phish.ndb database integrity tested good
Testing updated database file: scam.ndbgpg: Signature made Fri 13 Feb 2009 07:09:17 AM EST using DSA key ID 31EA4D9Egpg: Good signature from “Sanesecurity (Sanesecurity Signatures) “
[…....]
crontab -e
Tambahkan baris ini:
![Page 12: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/12.jpg)
00 04 * * * /usr/bin/ss_bill.sh &> /dev/null
19. Install AlterMIME
apt-get install altermime
useradd -r -c “Postfix Filters” -d /var/spool/filter filtermkdir /var/spool/filterchown filter:filter /var/spool/filterchmod 750 /var/spool/filter
cp /usr/share/doc/altermime/examples/postfix_filter.sh /etc/postfix/disclaimerchgrp filter /etc/postfix/disclaimerchmod 750 /etc/postfix/disclaimer
vi /etc/postfix/[email protected]@[email protected]
vi /etc/postfix/disclaimer
#!/bin/sh# Localize these.INSPECT_DIR=/var/spool/filterSENDMAIL=/usr/sbin/sendmail####### Changed From Original Script #######DISCLAIMER_ADDRESSES=/etc/postfix/disclaimer_addresses####### Changed From Original Script END ######## Exit codes from EX_TEMPFAIL=75EX_UNAVAILABLE=69# Clean up when done or when aborting.trap “rm -f in.$$” 0 1 2 3 15# Start processing.cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit$EX_TEMPFAIL; }cat >in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; }####### Changed From Original Script ######## obtain From addressfrom_address=`grep -m 1 “From:” in.$$ | cut -d “” -f 1`if [ `grep -wi ^${from_address}$ ${DISCLAIMER_ADDRESSES}` ]; then/usr/bin/altermime –input=in.$$ \–disclaimer=/etc/postfix/disclaimer.txt \–disclaimer-html=/etc/postfix/disclaimer.txt \–xheader=”X-Copyrighted-Material: Please visit http://www.company.com/privacy.htm” || \{ echo Message content rejected; exit $EX_UNAVAILABLE; }fi####### Changed From Original Script END #######$SENDMAIL “$@” exit $?
cp /usr/share/doc/altermime/examples/disclaimer.txt /etc/postfix/disclaimer.txt
vi /etc/postfix/master.cf
## Postfix master process configuration file. For details on the format# of the file, see the master(5) manual page (command: “man 5 master”).
![Page 13: Instalasi Postfix Untuk Mail Gateway Di Debian 4](https://reader037.fdocuments.net/reader037/viewer/2022100506/551db0b54a795993108b47e3/html5/thumbnails/13.jpg)
## =========================================================================# service type private unpriv chroot wakeup maxproc command + args# (yes) (yes) (yes) (never) (100)# ==========================================================================smtp inet n – – – – smtpd-o content_filter=dfilt:
di akhir nya kita tambahkan juga :
[...]dfilt unix – n n – – pipe
flags=Rq user=filter argv=/etc/postfix/disclaimer -f ${sender} — ${recipient}
/etc/init.d/postfix restart
Selesai! Sekarang disclaimer/penolakan akan ditambahkan pada email yang dikirm dari alamat yang dicantumkan di /etc/postfix/discalaimer_addressess.