邮件系统搭建（ExtMail Solution for Linux）

14 反病毒/内容过滤配置

反病毒及内容过滤器是依赖Amavisd-new软件包，它是一个多功能的过滤器，能与杀毒软件及内容过滤软件（如SpamAssassin）结合，通用性较强。

14.1 准备工作

安装依赖的Perl包

首先我们要确保系统自带的perl-Net-DNS软件包被删除干净，因为该包的版本较低（0.48），有已知的bug，所以必须替换成本文档提供的新版（0.5x），输入如下命令：

rpm -e --nodeps perl-Net-DNS 

Amavisd-new 及SpamAssassin需要依赖大量的第三方perl软件包，下列要安装的部分RPM在上述的操作中已经安装了，为了给出较明确的依赖关系，我们依然将这些包的名称列出，如果安装时提示有安装包已安装过，或者提示冲突，请不必惊慌。请安装如下的RPM软件包：

一、x86_32系统

rpm -ivh RPMS/perl-Digest-SHA1-2.07-5.i386.rpm
rpm -ivh RPMS/perl-Digest-HMAC-1.01-1hzq.i386.rpm
rpm -ivh RPMS/perl-Net-IP-1.24-1hzq.i386.rpm
rpm --nodeps -ivh RPMS/perl-Net-DNS-0.57-1hzq.i386.rpm
rpm -ivh RPMS/perl-Time-HiRes-1.72-1hzq.i386.rpm
rpm -ivh RPMS/perl-HTML-Tagset-3.03-30.noarch.rpm
rpm -ivh RPMS/perl-HTML-Parser-3.35-6.i386.rpm    
rpm -ivh RPMS/spamassassin-3.0.5-3.el4.i386.rpm
rpm -ivh RPMS/perl-IO-stringy-2.110-1hzq.i386.rpm
rpm -ivh RPMS/perl-IO-Multiplex-1.08-1hzq.i386.rpm
rpm -ivh RPMS/perl-Net_SSLeay.pm-1.30-1hzq.i386.rpm
rpm -ivh RPMS/perl-IO-Socket-SSL-0.97-1hzq.i386.rpm
rpm -ivh RPMS/perl-Net-Server-0.93-1hzq.i386.rpm
rpm -ivh RPMS/perl-Unix-Syslog-0.100-1hzq.i386.rpm
rpm -ivh RPMS/perl-TimeDate-1.16-1hzq.i386.rpm
rpm -ivh RPMS/perl-MailTools-1.67-1hzq.i386.rpm
rpm -ivh --force RPMS/perl-MIME-Base64-3.05-1hzq.i386.rpm
rpm -ivh RPMS/perl-Convert-BinHex-1.119-1hzq.i386.rpm
rpm -ivh RPMS/perl-MIME-tools-5.418-1hzq.i386.rpm
rpm -ivh RPMS/perl-BerkeleyDB-0.26-1hzq.i386.rpm
rpm -ivh RPMS/perl-Convert-TNEF-0.17-1hzq.i386.rpm
rpm -ivh RPMS/perl-Convert-UUlib-1.051-1hzq.i386.rpm
rpm -ivh RPMS/perl-Compress-Zlib-1.41-1hzq.i386.rpm
rpm -ivh RPMS/perl-Archive-Zip-1.16-1hzq.i386.rpm
rpm -ivh RPMS/perl-IO-Zlib-1.04-1hzq.i386.rpm
rpm -ivh RPMS/perl-Archive-Tar-1.26-1hzq.i386.rpm
rpm -ivh RPMS/arc-5.21o-1hzq.i386.rpm
rpm -ivh RPMS/zoo-2.10-9hzq.i386.rpm
rpm -ivh RPMS/unarj-2.65-49hzq.i386.rpm
export LANG=C
rpm -ivh RPMS/amavisd-new-2.4.0-1hzq.i386.rpm
chown amavis.amavis /var/spool/vscan/db/
chkconfig --add amavisd

二、x86_32系统

以下软件包来源rpmfind.net

rpm -ivh RPMS/perl-Digest-SHA1-2.07-5.x86_64.rpm
rpm -ivh RPMS/perl-Digest-HMAC-1.01-13.noarch.rpm
rpm -ivh RPMS/perl-Net-IP-1.25-1.el4.rf.noarch.rpm
rpm --nodeps -ivh RPMS/perl-Net-DNS-0.59-1.fc3.rf.x86_64.rpm
rpm -ivh RPMS/perl-Time-HiRes-1.65-1.x86_64.rpm
rpm -ivh RPMS/perl-HTML-Tagset-3.03-30.noarch.rpm
rpm -ivh RPMS/perl-HTML-Parser-3.35-6.x86_64.rpm    
rpm -ivh RPMS/spamassassin-3.1.7-1.el4.rf.x86_64.rpm
rpm -ivh RPMS/perl-IO-stringy-2.110-1.2.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-IO-Multiplex-1.08-3.el4.rf.noarch.rpm

Net_SSLeay.pm包无法从rpmfind.net获得，需要通过源码安装，到ttp://www.cpan.org下载编译：ar zxvf Net_SSLeay.pm-1.30.tar.gz
perl Makefile.PL
make
make test
make install

rpm -ivh RPMS/perl-Net_SSLeay.pm-1.30-el4.rf.x86_64.rpm
rpm -ivh RPMS/perl-IO-Socket-SSL-1.01-1.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-Net-Server-0.94-1.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-Unix-Syslog-0.100-1.2.el4.rf.x86_64.rpm
rpm -ivh RPMS/perl-TimeDate-1.16-1.2.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-MailTools-1.74-1.el4.rf.noarch.rpm

MIME-Base64包无法从rpmfind.net获得，需要通过源码安装，到ttp://www.cpan.org下载编译：
tar zxvf MIME-Base64-3.07.tar.gz
perl Makefile.PL
make
make test
make install

rpm -ivh --force RPMS/perl-MIME-Base64-3.05-1hzq.i386.rpm
rpm -ivh RPMS/perl-Convert-BinHex-1.119-2.2.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-MIME-tools-5.420-1.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-BerkeleyDB-0.31-1.el4.rf.x86_64.rpm
rpm -ivh RPMS/perl-Convert-TNEF-0.17-3.2.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-Convert-UUlib-1.051-1.2.el4.rf.x86_64.rpm
rpm -ivh RPMS/perl-Compress-Zlib-1.42-1.el4.rf.x86_64.rpm
rpm -ivh RPMS/perl-Archive-Zip-1.16-1.2.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-IO-Zlib-1.04-1.2.el4.rf.noarch.rpm
rpm -ivh RPMS/perl-Archive-Tar-1.30-1.el4.rf.noarch.rpm
rpm -ivh RPMS/arc-5.21j-0.2.el4.rf.x86_64.rpm
rpm -ivh RPMS/zoo-2.10-2.2.el4.rf.x86_64.rpm
rpm -ivh RPMS/unarj-2.63-0.a.2.el4.rf.x86_64.rpm

以下内容新增：
安装支持扩展名为.lzo的解码模块：

rpm -ivh lzo-1.08-4.2.el4.rf.x86_64.rpm
rpm -ivh lzop-1.01-1.2.el4.rf.x86_64.rpm

安装支持扩展名为rar的解码模块：

rpm -ivh compat-libstdc++-33-3.2.3-47.3.x86_64.rpm
rpm -ivh rar-3.5.1-1.2.el4.rf.x86_64.rpm

export LANG=C
rpm -ivh RPMS/amavisd-new-2.4.0-1hzq.x86_64.rpm
chown amavis.amavis /var/spool/vscan/db/
chkconfig --add amavisd

修改amavisd.conf

修改的主要参数如下，请逐一对照后修改：

$max_servers = 10;
$sa_spam_subject_tag = '[SPAM] ';
$mydomain = 'mail.ExtMail.org';
$myhostname = 'mail.ExtMail.org';
@local_domains_maps = qw(.);
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = 5.0;

注意事项：

上述$mydomain参数与$myhostname参数相同，主要是为了方便之后的病毒/垃圾汇报邮件发给系统管理员时，能投递到本地的别名里，再转交到虚拟域的特定用户。

增加如下参数（默认amavisd.conf没有）：

$sa_spam_modifies_subj = 0; # don't modify subject
$remove_existing_x_scanned_headers= 1; # remove existing headers
$remove_existing_spam_headers = 1;

附：x86_64系统：

如果要允许扩展名为zip|rar|arc|arj|zoo通过，则需要修改/etc/amavisd.conf，把

# [ qr'^.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives

前的#去掉就行了。如果需要其他扩展名，例如exe，则只要加入即可。

配置SpamAssassin

Amavisd-new 通过Mail::SpamAssassin 模块来调用SA的功能，因此这里配置SA和常规配置SA软件有些区别，主要集中在修改local.cf文件上。

编辑/etc/mail/spamassassin/local.cf文件

vi /etc/mail/spamassassin/local.cf

将其内容修改为：

report_safe             1
use_bayes               0
auto_learn              0
bayes_auto_expire       1
skip_rbl_checks         1
use_razor2              0
use_dcc                 0
use_pyzor               0
dns_available           no

增加Chinese_rules.cf支持

Chinese_rules.cf是教育科研网的反垃圾邮件小组对大量垃圾邮件和正常邮件进行分析后得出的一个关键字/分数规则集，用于处理中文（简体）垃圾邮件还是比较有效的。这里我们通过如下命令增加到系统：

wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf 

由于该规则每周更新一次，为了达到最好效果，最好在crontab里增加自动更新的内容，输入：

/usr/bin/crontab -e 

然后输入如下的内容：

0 0 1 * * wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf; /etc/init.d/amavisd restart 

存盘退出即可。最后运行以下调试命令以确认amavisd没有错误：

/usr/sbin/amavisd debug 

如果没有异常提示或报错退出则表示一切都正常，按ctrl+c终止，然后正常启动，若提示pid不存在等错误，不必理会，只要最后启动成功即可：

/etc/init.d/amavisd start