Linux Systeembeheer/Elektronische post: verschil tussen versies

Verwijderde inhoud Toegevoegde inhoud
JochemVD (overleg | bijdragen)
JochemVD (overleg | bijdragen)
Regel 145:
Voor CentOS 5.5 dienen we eerst een nieuwe repository toe te voegen om clamav te kunnen installeren.<br />
Eerst downloaden we de laatste versie van de repo ( te vinden op http://packages.sw.be/rpmforge-release/ ).<br />
::'''# $ wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm'''<br />
 
Installeren van DAG's GPG-key en package:
::'''# $ rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt'''<br />
::'''# $ rpm -i rpmforge-release-0.5.2-2.el5.rf.*.rpm'''<br />
Installeren van de package:
::'''#rpm -i rpmforge-release-0.5.2-2.el5.rf.*.rpm'''<br />
 
Installeren ClamAV (antivirus) en SpamAssassin (spamfilter):<br/>
::'''# $ yum install amavisd-new clamav clamav-devel clamd spamassassin'''<br />
 
Het config bestand clamd aanpassen:
::'''nano $ vi /etc/clamd.conf'''<br/>
<pre> TCPSocket 3310</pre>
 
amavisd.conf aanpassen:
::'''#nano $ vi /etc/amavisd.conf'''<br />
<pre> $mydomain = '3tina.org';
$MYHOME = '/var/amavis';
$helpers_home = "$MYHOME/var";
$lock_file = "$MYHOME/var/amavisd.lock";
$pid_file = "$MYHOME/var/amavisd.pid";
$virus_admin = "postmaster\@$mydomain";
$mailfrom_notify_admin = "postmaster\@$mydomain";
$mailfrom_notify_recip = "postmaster\@$mydomain";
$mailfrom_notify_spamadmin = "postmaster\@$mydomain";
$myhostname = ‘fedora’;
### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected archive)(.*) FOUND$/ ],</pre>
 
### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected archive)(.*) FOUND$/ ],</pre>
master.cf van postfix aanpassen:<br />
::'''#nano $ vi /etc/postfix/master.cf'''<br />
<pre> amavisfeed unix - - n - 2 lmtp
 
<pre>amavisfeed unix - - n - 2 lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
 
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
Regel 205 ⟶ 206:
-o local_recipient_maps=
-o relay_recipient_maps=
 
</pre>
Main van postfix aanpassen: <br/>
::'''#nano $ vi in /etc/postfix/main.cf'''<br />
<pre>content_filter=amavisfeed:[127.0.0.1]:10024</pre>
 
Services herstarten:<br />
<pre># $ service postfix restart
# $ service amavisd start
# $ service clamd start</pre>
<br/>
 
'''Aanpassingen in SELINUX'''<br />
<br/>
::'''#nano $ vi amavisdlocal.te'''<br />
<pre> module amavisdlocal 1.0;
 
require {
type traceroute_port_t;
type pgpkeyserver_port_t;
Regel 229 ⟶ 230:
class udp_socket name_bind;
class lnk_file { read create unlink getattr };
}
 
#============= amavis_t ==============
allow amavis_t clockspeed_port_t:udp_socket name_bind;
allow amavis_t pgpkeyserver_port_t:udp_socket name_bind;
allow amavis_t traceroute_port_t:udp_socket name_bind;
allow amavis_t amavis_var_lib_t:lnk_file { read create unlink getattr };
</pre>
 
Nieuwe file clamlocal.de aanmaken:<br/>
$ vi clamlocal.de
<pre> module clamlocal 1.0;
 

require {
type proc_t;
type var_t;
Regel 248 ⟶ 249:
class file { read getattr };
class dir { read search };
}
 
#============= clamd_t ==============
allow clamd_t proc_t:file { read getattr };
allow clamd_t sysctl_kernel_t:dir search;
allow clamd_t sysctl_kernel_t:file read;
allow clamd_t var_t:dir read;
allow clamd_t var_t:file { read getattr };
</pre>
 
::'''# $ checkmodule -M -m -o amavisdlocal.mod amavisdlocal.te'''
::'''# $ semodule_package -o amavisdlocal.pp -m amavisdlocal.mod'''
::'''# $ semodule -i amavisdlocal.pp'''
::'''# $ checkmodule -M -m -o clamlocal.mod clamlocal.te'''
::'''# $ semodule_package -o clamlocal.pp -m clamlocal.mod'''
::'''# $ semodule -i clamlocal.pp'''
 
== Labo-opdracht ==
Informatie afkomstig van https://nl.wikibooks.org Wikibooks NL.
Wikibooks NL is onderdeel van de wikimediafoundation.