Postfix: erinevus redaktsioonide vahel

Allikas: Kuutõrvaja
Mine navigeerimisribaleMine otsikasti
← Vanem muudatus
Jj (arutelu | kaastöö)
Administraatorid
12 650 muudatust
Resümee puudub
Jj (arutelu | kaastöö)
Administraatorid
12 650 muudatust
Resümee puudub
 
(ei näidata 4 kasutaja 125 vahepealset redaktsiooni)
1. rida: 1. rida:
'''serveritarkvara paigaldus'''
===Sissejuhatus===


amavisd-new
Postfix on postiedastusagent (ingl. k. mail transport agent, MTA). Postiedastusagendi ülesanne on sooritada kontrolle, võtta epost vastu võrgust või lokaalselt ja anda edasi


clamav
* postijaotusagendile (ingl. k. mail delivery agent, MDA) kirjade kasutajate postkastidesse jaotamiseks või kopeerida ise failisüsteemi
* järgmisele postiedastusagendile
* viiruste ja spämmi analüüsi süsteemile


kogu süsteem toimib nii ,et postfix annab kirja edasi amavisd'le
Postiedastusagent on epostisüsteemi keskne komponent, mis ühendab kokku kõik eposti liikumisega toimuvad tegevused
mis kontrollib seda kasutades amavisd'd ja smapsassassinit


                    internet (teised MTA'd)
 
                            | ^
                            v |
                            _____
  spämmi ja        <---->  |    | <---- lokaalne meilisaatja (nn /usr/sbin/sendmail STDIO)
  viiruste analüüs        | MTA | <---- MTA klient, nt Icedove või Thunderbird
                          |_____| ----> postijaotusagent nt Cyrus või lihtsamal juhul kopeeritakse
                                        kiri faili /var/mail/kasutajanimilinefail


'''seadistus postfix'''
Kuutõrvajas on käsitletud seoses Postfixi kasutamisega selliseid teemasid


main.cf
* [[:Mailman kasutamine FreeBSD'ga]]
 
* [[:Cyrus kasutamine Gentooga]]
content_filter = amavis:[127.0.0.1]:10024
* [[:Postfix'i kasutamine Debianiga]]
* [[:Postfix'i arhitektuuri kirjeldus ja kasutamise keerulisemad võimalused]]
smtpd_sender_restrictions =
* [[:Kahetasemelise Postfix'i süsteemi kasutamine Debianiga]]
        reject_unknown_sender_domain,
* [[:Cyruse kasutamine Postfixi ja Debianiga]]
        permit_mynetworks,
* [[:Mailmani kasutamine Postfixi ja Debianiga]]
        reject_rbl_client bl.spamcop.net,
* [[:Sympa kasutamine Postfixi ja Debianiga]]
        reject_rbl_client relays.ordb.org,
* [[:Amavis kasutamine Debian Lenniga]]
        reject_rbl_client sbl-xbl.spamhaus.org
* [[:Postfix'i SMTP AUTH üle TLS vastu Postgresql baasi Debianiga]]
 
* [[:Opportunistic encryption kasutamine Postfixiga]]
master.cf
* [[:Squirrelmail kasutamine Debian Lennyga]]
 
* [[Postfix + courier + mysql]] FreeBSD postfix mailisüsteem koos mysql'is olevate kasutajate ning veebihaldusliidesega paigaldusõpetus
localhost:10025 inet  n  -      n      -      -      smtpd
* [[:SPF kasutamine Postfixiga]]
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o myhostname=localhost.eenet.ee
    -o smtpd_helo_restrictions=
    -o smtpd_client_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
#
amavis    unix  -      -      n      -      4      smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
 
 
'''konfig amavisd'''
 
use strict;
 
 
$max_servers = 4;            # number of pre-forked children (2..15 is common)
$daemon_user  = 'vscan';    # (no default;  customary: vscan or amavis)
$daemon_group = 'vscan';    # (no default;  customary: vscan or amavis)
 
$mydomain = 'eenet.ee';  # a convenient default for other settings
 
$MYHOME  = '/var/amavis';  # a convenient default for other settings
$TEMPBASE = "$MYHOME/tmp";  # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE;    # environment variable TMPDIR
$QUARANTINEDIR = '/var/virusmails';
@local_domains_maps = ( [".$mydomain"] );
 
$log_level = 2;              # verbosity 0..5
$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$DO_SYSLOG = 1;              # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';
 
$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1
 
$inet_socket_port = 10024;  # listen on this local TCP port(s) (see $protocol)
# $unix_socketname = "$MYHOME/amavisd.sock";  # when using sendmail milter
 
$sa_tag_level_deflt  = undef;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 7.0; # triggers spam evasive actions
$sa_dsn_cutoff_level = 9;    # spam level beyond which a DSN is not sent
$sa_quarantine_cutoff_level = 20;  # spam level beyond which quarantine is off
 
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?
$sa_auto_whitelist = 1;      # turn on AWL in SA 2.63 or older (irrelevant
                            # for SA 3.0, cf option is 'use_auto_whitelist')
 
 
$virus_admin              = undef;  # notifications recip.
 
$mailfrom_notify_admin    = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_recip    = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
 
@addr_extension_virus_maps      = ('virus');
@addr_extension_spam_maps      = ('spam');
@addr_extension_banned_maps    = ('banned');
@addr_extension_bad_header_maps = ('badh');
# $recipient_delimiter = '+';  # undef disables address extensions altogether
# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+
 
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
# $dspam = 'dspam';
 
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)
 
$sa_spam_subject_tag = '***SPAM*** ';
$defang_virus  = 1;  # MIME-wrap passed infected mail
$defang_banned = 1;  # MIME-wrap passed mail containing banned name
 
 
$final_virus_destiny      = D_DISCARD;
$final_banned_destiny    = D_DISCARD;
#$final_spam_destiny      = D_PASS;
$final_spam_destiny      = D_DISCARD;
$final_bad_header_destiny = D_PASS;
 
 
 
 
  [qr/^/ => 1],  # true for everything else
));
 
@keep_decoded_original_maps = (new_RE(
  qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
 
 
 
$banned_filename_re = new_RE(
 
  # block certain double extensions anywhere in the base name
  qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
 
 
  qr'^application/x-msdownload$'i,                  # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,
 
 
  [ qr'^\.(rpm|cpio|tar)$'      => 0 ],  # allow any in Unix-type archives
 
  qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
 
 
  qr'^\.(exe-ms)$',                      # banned file(1) types
);
 
 
 
@score_sender_maps = ({ # a by-recipient hash lookup table,
                        # results from all matching recipient tables are summed
 
# ## per-recipient personal tables  (NOTE: positive: black, negative: white)
 
  ## site-wide opinions about senders (the '.' matches any recipient)
  '.' => [  # the _first_ matching sender determines the score boost
 
  new_RE(  # regexp-type lookup table, just happens to be all soft-blacklist
    [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i        => 5.0],
    [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
    [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
    [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i  => 5.0],
    [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  => 5.0],
    [qr'^(your_friend|greatoffers)@'i                                => 5.0],
    [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    => 5.0],
  ),
 
#  read_hash("/var/amavis/sender_scores_sitewide"),
 
  { # a hash-type lookup table (associative array)
    'pac@c-s.fr'                            => -3.0,
    'nobody@cert.org'                        => -3.0,
    'cert-advisory@us-cert.gov'              => -3.0,
    'owner-alert@iss.net'                    => -3.0,
    'slashdot@slashdot.org'                  => -3.0,
    'bugtraq@securityfocus.com'              => -3.0,
    'ntbugtraq@listserv.ntbugtraq.com'      => -3.0,
    'security-alerts@linuxsecurity.com'      => -3.0,
    'mailman-announce-admin@python.org'      => -3.0,
    'amavis-user-admin@lists.sourceforge.net'=> -3.0,
    'notification-return@lists.sophos.com'  => -3.0,
    'owner-postfix-users@postfix.org'        => -3.0,
    'owner-postfix-announce@postfix.org'    => -3.0,
    'owner-sendmail-announce@lists.sendmail.org'  => -3.0,
    'sendmail-announce-request@lists.sendmail.org' => -3.0,
    'donotreply@sendmail.org'                => -3.0,
    'ca+envelope@sendmail.org'              => -3.0,
    'noreply@freshmeat.net'                  => -3.0,
    'owner-technews@postel.acm.org'          => -3.0,
    'ietf-123-owner@loki.ietf.org'          => -3.0,
    'cvs-commits-list-admin@gnome.org'      => -3.0,
    'rt-users-admin@lists.fsck.com'          => -3.0,
    'clp-request@comp.nus.edu.sg'            => -3.0,
    'surveys-errors@lists.nua.ie'            => -3.0,
    'emailnews@genomeweb.com'                => -5.0,
    'yahoo-dev-null@yahoo-inc.com'          => -3.0,
    'returns.groups.yahoo.com'              => -3.0,
    'clusternews@linuxnetworx.com'          => -3.0,
    lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,
    lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
 
    # soft-blacklisting (positive score)
    'sender@example.net'                    =>  3.0,
    '.example.net'                          =>  1.0,
 
  },
  ],  # end of site-wide tables
});
 
 
@decoders = (
  ['mail', \&do_mime_decode],
  ['asc',  \&do_ascii],
  ['uue',  \&do_ascii],
  ['hqx',  \&do_ascii],
  ['ync',  \&do_ascii],
  ['F',    \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ],
  ['Z',    \&do_uncompress, ['uncompress','gzip -d','zcat'] ],
  ['gz',  \&do_gunzip],
  ['gz',  \&do_uncompress,  'gzip -d'],
  ['bz2',  \&do_uncompress,  'bzip2 -d'],
  ['lzo',  \&do_uncompress,  'lzop -d'],
  ['rpm',  \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ],
  ['cpio', \&do_pax_cpio,  ['pax','gcpio','cpio'] ],
  ['tar',  \&do_pax_cpio,  ['pax','gcpio','cpio'] ],
  ['tar',  \&do_tar],
  ['deb',  \&do_ar,          'ar'],
  ['zip',  \&do_unzip],
  ['rar',  \&do_unrar,      ['rar','unrar'] ],
  ['arj',  \&do_unarj,      ['arj','unarj'] ],
  ['arc',  \&do_arc,        ['nomarch','arc'] ],
  ['zoo',  \&do_zoo,        'zoo'],
  ['lha',  \&do_lha,        'lha'],
  ['cab',  \&do_cabextract,  'cabextract'],
  ['tnef', \&do_tnef],
  ['exe',  \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ],
);
 
 
@av_scanners = (
 
 
### http://www.clamav.net/
['ClamAV-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
  qr/\bOK$/, qr/\bFOUND$/,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
 
  ### http://www.centralcommand.com/
  ['CentralCommand Vexira (new) vascan',
    ['vascan','/usr/lib/Vexira/vascan'],
    "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ".
    "--vdb=/usr/lib/Vexira/vexira8.vdb --log=/var/log/vascan.log {}",
    [0,3], [1,2,5],
    qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ / ],
 
  ### http://www.hbedv.com/
  ['H+BEDV AntiVir or the (old) CentralCommand Vexira Antivirus',
    ['antivir','vexira'],
    '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
    qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
        (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
 
  ### http://www.commandsoftware.com/
  ['Command AntiVirus for Linux', 'csav',
    '-all -archive -packed {}', [50], [51,52,53],
    qr/Infection: (.+)/ ],
 
  ### http://www.symantec.com/
  ['Symantec CarrierScan via Symantec CommandLineScanner',
    'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
    qr/^Files Infected:\s+0$/, qr/^Infected\b/,
    qr/^(?:Info|Virus Name):\s+(.+)/ ],
 
  ### http://www.symantec.com/
  ['Symantec AntiVirus Scan Engine',
    'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
    [0], qr/^Infected\b/,
    qr/^(?:Info|Virus Name):\s+(.+)/ ],
    # NOTE: check options and patterns to see which entry better applies
 
  ### http://www.f-secure.com/products/anti-virus/
  ['F-Secure Antivirus', 'fsav',
    '--dumb --mime --archive {}', [0], [3,8],
    qr/(?:infection|Infected|Suspected): (.+)/ ],
 
  ['CAI InoculateIT', 'inocucmd',  # retired product
    '-sec -nex {}', [0], [100],
    qr/was infected by virus (.+)/ ],
  # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html
 
  ### http://www3.ca.com/Solutions/Product.asp?ID=156  (ex InoculateIT)
  ['CAI eTrust Antivirus', 'etrust-wrapper',
    '-arc -nex -spm h {}', [0], [101],
    qr/is infected by virus: (.+)/ ],
    # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer
    # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783
 
  ### http://mks.com.pl/english.html
  ['MkS_Vir for Linux (beta)', ['mks32','mks'],
    '-s {}/*', [0], [1,2],
    qr/--[ \t]*(.+)/ ],
 
  ### http://mks.com.pl/english.html
  ['MkS_Vir daemon', 'mksscan',
    '-s -q {}', [0], [1..7],
    qr/^... (\S+)/ ],
 
  ### http://www.nod32.com/
  ['ESET Software NOD32', 'nod32',
    '--arch --mail {}', [0], [1,10], qr/^object=.*, virus="(.*?)",/ ],
  # with old versions use:
  #  '-all -subdir+ {}', [0], [1,2],
  #  qr/^.+? - (.+?)\s*(?:backdoor|joke|trojan|virus|worm)/ ],
 
  ### http://www.nod32.com/
  ['ESET Software NOD32 - Client/Server Version', 'nod32cli',
    '-a -r -d recurse --heur standard {}', [0], [10,11],
    qr/^\S+\s+infected:\s+(.+)/ ],
 
  ### http://www.norman.com/products_nvc.shtml
  ['Norman Virus Control v5 / Linux', 'nvcc',
    '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
    qr/(?i).* virus in .* -> \'(.+)\'/ ],
 
  ### http://www.pandasoftware.com/
  ['Panda Antivirus for Linux', ['pavcl'],
    '-aut -aex -heu -cmp -nbr -nor -nso -eng {}',
    qr/Number of files infected[ .]*: 0+(?!\d)/,
    qr/Number of files infected[ .]*: 0*[1-9]/,
    qr/Found virus :\s*(\S+)/ ],
 
  ### http://www.nai.com/
  ['NAI McAfee AntiVirus (uvscan)', 'uvscan',
    '--secure -rv --mime --summary --noboot - {}', [0], [13],
    qr/(?x) Found (?:
        \ the\ (.+)\ (?:virus|trojan)  |
        \ (?:virus|trojan)\ or\ variant\ ([^ ]+)  |
        :\ (.+)\ NOT\ a\ virus)/,
  ],
 
  ### http://www.virusbuster.hu/en/
  ['VirusBuster', ['vbuster', 'vbengcl'],
    "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
    qr/: '(.*)' - Virus/ ],
 
 
  ### http://www.cyber.com/
  ['CyberSoft VFind', 'vfind',
    '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/,
  # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'},
  ],
 
  ### http://www.ikarus-software.com/
  ['Ikarus AntiVirus for Linux', 'ikarus',
    '{}', [0], [40], qr/Signature (.+) found/ ],
 
  ### http://www.bitdefender.com/
  ['BitDefender', 'bdc',
    '--all --arc --mail {}', qr/^Infected files *:0+(?!\d)/,
    qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
    qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
 
);
 
 
@av_scanners_backup = (
 
  ### http://www.clamav.net/  - backs up clamd or Mail::ClamAV
  ['ClamAV-clamscan', 'clamscan',
    "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
 
  ### http://www.f-prot.com/  - backs up F-Prot Daemon
  ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
    '-dumb -archive -packed {}', [0,8], [3,6],
    qr/Infection: (.+)|\s+contains\s+(.+)$/ ],
 
  ### http://www.trendmicro.com/  - backs up Trophie
  ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
    '-za -a {}', [0], qr/Found virus/, qr/Found virus (.+) in/ ],
 
  ### http://www.sald.com/, http://drweb.imshop.de/  - backs up DrWebD
  ['drweb - DrWeb Antivirus',
    ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
    '-path={} -al -go -ot -cn -upn -ok-',
    [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'],
 
 
 
);
 
 
1;  # insure a defined return
 
 
 
'''automaatne start'''
 
amavisd_enable="YES"
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
 
 
 
'''kontroll töötamisel'''
 
heidame pilgu maillog faili
kõigi kirjadekohta peaks tekkima rida

Viimane redaktsioon: 23. september 2010, kell 12:44

Sissejuhatus

Postfix on postiedastusagent (ingl. k. mail transport agent, MTA). Postiedastusagendi ülesanne on sooritada kontrolle, võtta epost vastu võrgust või lokaalselt ja anda edasi

  • postijaotusagendile (ingl. k. mail delivery agent, MDA) kirjade kasutajate postkastidesse jaotamiseks või kopeerida ise failisüsteemi
  • järgmisele postiedastusagendile
  • viiruste ja spämmi analüüsi süsteemile

Postiedastusagent on epostisüsteemi keskne komponent, mis ühendab kokku kõik eposti liikumisega toimuvad tegevused 

                   internet (teised MTA'd)
 
                            | ^
                            v |
                           _____
 spämmi ja        <---->  |     | <---- lokaalne meilisaatja (nn /usr/sbin/sendmail STDIO)
 viiruste analüüs         | MTA | <---- MTA klient, nt Icedove või Thunderbird
                          |_____| ----> postijaotusagent nt Cyrus või lihtsamal juhul kopeeritakse 
                                        kiri faili /var/mail/kasutajanimilinefail

Kuutõrvajas on käsitletud seoses Postfixi kasutamisega selliseid teemasid

Pärit leheküljelt "https://kuutorvaja.eenet.ee/w/index.php?title=Postfix&oldid=22388"