全部博文(1144)
分类:
2006-02-17 16:28:04
cd /usr/local/src tar -xvzf /root/packages/simscan/pcre-6.1.tar.gz cd pcre-6.1 ./configure make make install
To install ripmime, untar it to /usr/local/src and compile it with the commands bellow:
cd /usr/local/src tar -xvzf /root/packages/simscan/ripmime-1.4.0.5.tar.gz cd ripmime-1.4.0.5 make make install
The other prerequisites, ClamAV and qmail-queue-custom-error.patch, where already installed at this point.
Untar it to /usr/local/src:
cd /usr/local/src tar -xvzf /root/packages/simscan/simscan-1.1.tar.gz cd simscan-1.1 patch -p0 < /root/packages/simscan/simscan.c.diff
Configuring simscan installation:
./configure --enable-per-domain=y \ --enable-attach=y --enable-clamav=y \ --enable-regex --enable-received \ --enable-clamavdb-path=/usr/local/share/clamav \ --enable-custom-smtp-reject
The command above will print the following lines:
Current settings --------------------------------------- user = simscan qmail directory = /var/qmail work directory = /var/qmail/simscan control directory = /var/qmail/control qmail queue program = /var/qmail/bin/qmail-queue clamdscan program = /usr/local/bin/clamdscan clamav scan = ON trophie scanning = OFF attachement scan = ON ripmime program = /usr/local/bin/ripmime custom smtp reject = ON drop message = OFF regex scanner = ON quarantine processing = OFF domain based checking = ON add received header = ON spam scanning = OFF
Compile and install it:
make make install-strip
Since we compiled Simscan with the --enable-per-domain option, simscan will be able to do “per domain scanning”. Per domain scanning allows the administrator to explicitly state what scanning occurs for what domain. In addition, attachment scanning can be enabled or disabled for each domain.
Simscan will read its scanning rules from /var/qmail/control/simcontrol.cdb. This .cdb file is generated by running /var/qmail/bin/simscanmk. This command will create that .cdb file based in a text file called /var/qmail/control/simcontrol, this is the file where we’ll define the per domain scanning rules.
Edit /var/qmail/control/simcontrol:
vi /var/qmail/control/simcontrol
Add the following rule to disable the spam scanner, enable clam and attach scanners, setting the attach scanner to unconditionally block every e-mail containing .pif, .bat, .com and .exe attachments:
:clam=yes,spam=no,attach=.scr:.bat:.com:.pif:.exe:.mp3:.avi:.mpeg:.rar:.wmv
NOTE: The syntax above is for a ‘default rule’, a rule valid for all domains in the machine. Observe that there is no domain name before the initial colon “:” sign. To add a rule valid only for a specific domain, put the domain name before the colon, Example.: somedomain.com:clam=yes,attach=no. Read the README file from simscan source for additional help with the syntax.
Generate ~/simcontrol.cdb file:
/var/qmail/bin/simscanmk
There is another .cdb file simscan reads, /var/qmail/control/simversions.cdb, from where it gets the “scanner versions” information. This information is used by simscan to add a “Received: by simscan...” header to each scanned message containing the appropriate version of each of its scanners. The added header will look like this one bellow:
Received: by simscan 1.1.0 ppid: 8053, pid: 8054, t: 1.7363s scanners: regex: 1.1.0 attach: 1.1.0 clamav: 0.85.1/m:31/d:858
To create the /var/qmail/control/simversions.cdb file simply run simscanmk with the ‘-g’ option:
/var/qmail/bin/simscanmk -g
This command will discover the proper scanner versions and add them to the .cdb file. Remember to rerun this command every time you update one of the scanners, say after you update clamav to a newer version.
