Chinaunix首页 | 论坛 | 博客
  • 博客访问: 5360057
  • 博文数量: 1144
  • 博客积分: 11974
  • 博客等级: 上将
  • 技术积分: 12312
  • 用 户 组: 普通用户
  • 注册时间: 2005-04-13 20:06
文章存档

2017年(2)

2016年(14)

2015年(10)

2014年(28)

2013年(23)

2012年(29)

2011年(53)

2010年(86)

2009年(83)

2008年(43)

2007年(153)

2006年(575)

2005年(45)

分类:

2006-02-17 16:28:04

To install pcre-6.1.tar.gz, untar it to /usr/local/src and compile it with the commands bellow:
cd /usr/local/src
tar -xvzf /root/packages/simscan/pcre-6.1.tar.gz
cd pcre-6.1
./configure
make
make install

To install ripmime, untar it to /usr/local/src and compile it with the commands bellow:

cd /usr/local/src
tar -xvzf /root/packages/simscan/ripmime-1.4.0.5.tar.gz
cd ripmime-1.4.0.5
make
make install

The other prerequisites, ClamAV and qmail-queue-custom-error.patch, where already installed at this point.

[]
) to /root/packages/simscan/. This patch will call ripimime with the --disable-qmail-bounce option, which you want.

Untar it to /usr/local/src:

cd /usr/local/src
tar -xvzf /root/packages/simscan/simscan-1.1.tar.gz
cd simscan-1.1
patch -p0 < /root/packages/simscan/simscan.c.diff

Configuring simscan installation:

./configure --enable-per-domain=y \
--enable-attach=y --enable-clamav=y \
--enable-regex --enable-received \
--enable-clamavdb-path=/usr/local/share/clamav \
--enable-custom-smtp-reject

The command above will print the following lines:

Current settings

---------------------------------------
user                  = simscan
qmail directory       = /var/qmail
work directory        = /var/qmail/simscan
control directory     = /var/qmail/control
qmail queue program   = /var/qmail/bin/qmail-queue
clamdscan program     = /usr/local/bin/clamdscan
clamav scan           = ON
trophie scanning      = OFF
attachement scan      = ON
ripmime program       = /usr/local/bin/ripmime
custom smtp reject    = ON
drop message          = OFF
regex scanner         = ON
quarantine processing = OFF
domain based checking = ON
add received header   = ON
spam scanning         = OFF

Compile and install it:

make 
make install-strip
[]
Creating Simscan control files


Since we compiled Simscan with the --enable-per-domain option, simscan will be able to do “per domain scanning”. Per domain scanning allows the administrator to explicitly state what scanning occurs for what domain. In addition, attachment scanning can be enabled or disabled for each domain.


Simscan will read its scanning rules from /var/qmail/control/simcontrol.cdb. This .cdb file is generated by running /var/qmail/bin/simscanmk. This command will create that .cdb file based in a text file called /var/qmail/control/simcontrol, this is the file where we’ll define the per domain scanning rules.


Edit /var/qmail/control/simcontrol:

vi /var/qmail/control/simcontrol

Add the following rule to disable the spam scanner, enable clam and attach scanners, setting the attach scanner to unconditionally block every e-mail containing .pif, .bat, .com and .exe attachments:

:clam=yes,spam=no,attach=.scr:.bat:.com:.pif:.exe:.mp3:.avi:.mpeg:.rar:.wmv
NOTE: The syntax above is for a ‘default rule’, a rule valid for all domains in the machine. Observe that there is no domain name before the initial colon “:” sign. To add a rule valid only for a specific domain, put the domain name before the colon, Example.: somedomain.com:clam=yes,attach=no. Read the README file from simscan source for additional help with the syntax. 


Generate ~/simcontrol.cdb file:

/var/qmail/bin/simscanmk

There is another .cdb file simscan reads, /var/qmail/control/simversions.cdb, from where it gets the “scanner versions” information. This information is used by simscan to add a “Received: by simscan...” header to each scanned message containing the appropriate version of each of its scanners. The added header will look like this one bellow:

Received: by simscan 1.1.0 ppid: 8053, pid: 8054, t: 1.7363s
scanners: regex: 1.1.0 attach: 1.1.0 clamav: 0.85.1/m:31/d:858

To create the /var/qmail/control/simversions.cdb file simply run simscanmk with the ‘-g’ option:

/var/qmail/bin/simscanmk -g

This command will discover the proper scanner versions and add them to the .cdb file. Remember to rerun this command every time you update one of the scanners, say after you update clamav to a newer version.

阅读(1493) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~