Ключевые слова:freebsd, mail, database, virtual, virus, (найти похожие документы)
From: someone@zmail.ru
Date: Mon, 2 Jul 2003 13:01:37 +0000 (UTC)
Subject: Почтовый сервер на базе Exim с использованием DbMail для аккаунтов пользователей.
Exim+DbMail+DrWeb.
Исходные данные:
FreeBSD 4.6
MySQL 3.23.49
OpenSSL 0.9.6i
Установка Dbmail.
http://www.dbmail.org
su-2.05a# cd /var/tmp
su-2.05a# wget http://www.dbmail.org/tgz/dbmail-1.1.tgz
su-2.05a# md5 dbmail-1.1.tgz
MD5 (dbmail-1.1.tgz) = e6d7be3eff38b69ab82ae6d47e3c83e2
Создаем пользователя необходимого для работы Dbmail.
su-2.05a# pw useradd dbmail -c "DBMail Server" -d /var/spool/dbmail -g mail -s /sbin/nologin
su-2.05a# mkdir /var/spool/dbmail
su-2.05a# chown dbmail.mail /var/spool/dbmail
su-2.05a# tar xzpf dbmail-1.1.tgz
su-2.05a# cd dbmail-1.1
Для того чтобы узнать путь к файлам библиотек и заголовков MySQL, выполним:
su-2.05a# mysql_config
Usage: /usr/local/bin/mysql_config [OPTIONS]
Options:
--cflags [-I'/usr/local/include/mysql']
--libs [-L'/usr/local/lib/mysql' -lmysqlclient -lz -lcrypt -lm]
--socket [/tmp/mysql.sock]
--port [3306]
--version [3.23.49]
Отредактируем файл build.sh, изменив следующее:
#!/bin/bash
на:
#!/bin/sh
install-dbmail.sh $bindir
на:
./install-dbmail.sh $bindir
Отредактируем файл install-dbmail.sh, изменив следующее:
#!/bin/bash
на:
#!/bin/sh
/bin/chown $user_dbmail:$group_dbmail $file
на:
/usr/sbin/chown $user_dbmail:$group_dbmail $file
После этого, выполним:
su-2.05a# ./build.sh
This is the dbmail build script
I will have to ask you some questions about your system
What database do you wish to use? Choices are (m)ysql and (p)ostgresql >
m
You have selected MySQL as database
The library directory for MySQL is now [/usr/local/lib/mysql/].
Enter new directory or press RETURN to keep this setting:
The include directory for MySQL is now [/usr/include/mysql/].
Enter new directory or press RETURN to keep this setting:
/usr/local/include/mysql
The libraries are currently set to [-lmysqlclient -lcrypto].
Enter new libraries (preceed each by -l) or press RETURN to keep this setting:
Creating makefile..
Done. You can now make dbmail by running 'make clean all'.
Do you want this to be executed right now?
y
Make succesfull. Do you want to install the binaries and man pages?
y
Target binary directory is now /usr/local/sbin.
Enter new directory or press RETURN to keep this setting:
This script will install dbmail on your system.
Before executing this script be sure to have read the INSTALL file.
Although dbmail is very easy to install you'll need to know a few little
things before you can start using it.
If you have any problems, man files will also be installed so you can
always check the manpage of a program.
Next i'll be asking you as what user and group you want to be running DBMAIL.
Best thing is to create a user called dbmail with a dbmail group.
Don't forget to edit these users in the dbmail.conf file and run dbmail-config
afterwards. The pop3 daemon and the imapd daemon have capabilities to
drop their privileges! Use that capability!
As what user are the dbmail daemons going to run? [default: dbmail]
As what group are the dbmail daemons going to run? [default: dbmail] mail
Ok installing dbmail executables as dbmail:mail..
Ok installing manfiles in /usr/local/man/man1/..
Done
su-2.05a# strip /usr/local/sbin/dbmail*
После чего создаем базу данных, пользователя и соответсвующие таблицы,
для этого выполним:
su-2.05a# mysql -u root -p < sql/mysql/create_tables.mysql
su-2.05a# mysql -u root mysql -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2 to server version: 3.23.49-log
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> GRANT ALL PRIVILEGES ON dbmail.* TO dbmail@localhost
-> IDENTIFIED BY 'my_password' WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)
mysql> \q
Bye
bash-2.05a# install -m 640 /var/tmp/dbmail-1.1/dbmail.conf /etc/
bash-2.05a# chown root.root /etc/dbmail.conf
После этого отредактируем конфигурационный /etc/dbmail.conf файл:
pass=
на:
pass=my_password
DBMAIL_FROM_ADDRESS=dbmail-bounce@dbmail.org
на:
DBMAIL_FROM_ADDRESS=mailer-daemon@mydomain.org
POSTMASTER=dbmail@dbmail.org
на:
POSTMASTER=postmaster@mydomain.org
Подробное описание по администрированию, Вы прочтете выполнив:
bash-2.05a# man dbmail-adduser
После этого, создаем файлы запуска dbmail pop3/imap.
su-2.05a# cat > /usr/local/etc/rc.d/pop3d.sh
#!/bin/sh
case "$1" in
start)
echo "starting Dbmail POP3d"
/usr/local/sbin/dbmail-pop3d
;;
restart)
echo "restarting Dbmail POP3d"
kill -HUP `cat /var/run/pop3d.pid`
;;
stop)
echo "stopping Dbmail POP3d"
kill -TERM `cat /var/run/pop3d.pid`
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
;;
esac
^D
su-2.05a# chmod +x /usr/local/etc/rc.d/pop3d.sh
su-2.05a# cat > /usr/local/etc/rc.d/imapd.sh
#!/bin/sh
case "$1" in
start)
echo "starting Dbmail imapd"
/usr/local/sbin/dbmail-imapd
;;
restart)
echo "restarting Dbmail imapd"
kill -HUP `cat /var/run/imapd.pid`
;;
stop)
echo "stopping Dbmail imapd"
kill -TERM `cat /var/run/imapd.pid`
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
;;
esac
^D
su-2.05a# chmod +x /usr/local/etc/rc.d/imap.sh
su-2.05a# /usr/local/etc/rc.d/pop3d.sh start
su-2.05a# /usr/local/etc/rc.d/imap.sh start
На этом этапе установка и настройка Dbmail окончена.
Установка Exim MTA.
http://www.exim.org
bash-2.05a# cd /var/tmp
bash-2.05a# wget ftp://ftp.exim.org/pub/exim/exim4/exim-4.20.tar.gz
bash-2.05a# md5 exim-4.20.tar.gz
MD5 (exim-4.20.tar.gz) = a1f06f1de1ab602a25d78ad2a20819f2
Создаем пользователя необходимого для работы Exim.
bash-2.05a# pw useradd mail -c "Mail Server" -d /var/spool/mqueue -g mail -s /sbin/nologin
su-2.05a# cat /etc/passwd |grep mail
mail:*:1005:6:Mail Server:/var/spool/mqueue:/sbin/nologin
su-2.05a# cat /etc/group |grep mail
mail:*:6:
su-2.05a# cd exim-4.20
su-2.05a# cp src/EDITME Local/Makefile
Отредактируем Local/Makefile изменив следующее:
BIN_DIRECTORY=/usr/exim/bin
на:
BIN_DIRECTORY=/usr/sbin
CONFIGURE_FILE=/usr/exim/configure
на:
CONFIGURE_FILE=/etc/mail/exim.conf
EXIM_USER=
на:
EXIM_USER=1005
# EXIM_GROUP=
на:
EXIM_GROUP=6
# SUPPORT_MAILDIR=yes
на:
SUPPORT_MAILDIR=yes
# LOOKUP_MYSQL=yes
на:
LOOKUP_MYSQL=yes
# LOOKUP_INCLUDE=-I /usr/local/ldap/include -I /usr/local/mysql/include -I/usr/local/pgsql/include
# LOOKUP_LIBS=-L/usr/local/lib -lldap -llber -lmysqlclient -lpq
на:
LOOKUP_INCLUDE=-I /usr/local/include/mysql
LOOKUP_LIBS=-L/usr/local/lib/mysql -lmysqlclient -lz -lcrypt -lm
EXIM_MONITOR=eximon.bin
на:
#EXIM_MONITOR=eximon.bin
# AUTH_CRAM_MD5=yes
# AUTH_PLAINTEXT=yes
на:
AUTH_CRAM_MD5=yes
AUTH_PLAINTEXT=yes
# SUPPORT_TLS=yes
на:
SUPPORT_TLS=yes
# TLS_LIBS=-lssl -lcrypto
на:
TLS_LIBS=-lssl -lcrypto
# LOG_FILE_PATH=syslog
на:
LOG_FILE_PATH=syslog
# EXIM_PERL=perl.o
на:
EXIM_PERL=perl.o
SYSTEM_ALIASES_FILE=/etc/aliases
на:
SYSTEM_ALIASES_FILE=/etc/mail/aliases
# CHOWN_COMMAND=/usr/bin/chown
на:
CHOWN_COMMAND=/usr/sbin/chown
# SUPPORT_MOVE_FROZEN_MESSAGES=yes
на:
SUPPORT_MOVE_FROZEN_MESSAGES=yes
su-2.05a# make
su-2.05a# cd
su-2.05a# find /* >exim1
su-2.05a# cd /var/tmp/exim-4.20
su-2.05a# make install
su-2.05a# ln -fs /usr/sbin/exim /usr/lib/sendmail
su-2.05a# ln -fs /usr/sbin/exim /usr/sbin/sendmail
su-2.05a# ln -fs /usr/sbin/exim /usr/bin/mailq
su-2.05a# ln -fs /usr/sbin/exim /usr/bin/runq
su-2.05a# strip /usr/sbin/exim*
su-2.05a# cd
su-2.05a# find /* >exim2
su-2.05a# diff exim1 exim2 >exim-inst
su-2.05a# cd /etc/mail/
su-2.05a# cp exim.conf exim.conf-default
su-2.05a# grep -v ^# exim.conf-default > exim.conf
Для правильной работы Exim, требуется добавить в созданную
ранее базу данных dbmail, таблицу с именем domains, для этого выполним:
su-2.05a# mysql -u dbmail -p dbmail
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3 to server version: 3.23.49-log
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> CREATE TABLE domains (
-> did int(10) unsigned NOT NULL auto_increment,
-> domainname varchar(128) NOT NULL default '',
-> type enum('LOCAL','RELAY','VIRTUAL') NOT NULL default 'LOCAL',
-> PRIMARY KEY (did)
-> );
Query OK, 0 rows affected (0.08 sec)
mysql> INSERT INTO domains (domainname, type) VALUES ('mydomain.org','LOCAL');
Query OK, 1 row affected (0.01 sec)
mysql> INSERT INTO domains (domainname, type) VALUES ('otherdomain.org','VIRTUAL');
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO domains (domainname, type) VALUES ('myfriend.org','RELAY');
Query OK, 1 row affected (0.00 sec)
mysql> \q
Bye
Теперь приступим к редактированию конфигурационного /etc/mail/exim.conf файла:
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
hide mysql_servers = "localhost/db/user/pass"
primary_hostname = mydomain.org
domainlist local_domains = ${lookup mysql{SELECT domainname FROM domains \
WHERE domainname='$domain' AND type='LOCAL'}}
domainlist relay_to_domains = ${lookup mysql{SELECT domainname FROM domains \
WHERE domainname='$domain' AND type='RELAY'}}
hostlist relay_from_hosts = 127.0.0.1
acl_smtp_rcpt = acl_check_rcpt
log_selector = \
+all_parents \
+lost_incoming_connection \
+received_sender \
+received_recipients \
+smtp_confirmation \
+smtp_syntax_error \
+smtp_protocol_error
allow_domain_literals = false
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 30m
timeout_frozen_after = 3d
freeze_tell = postmaster
auto_thaw = 1h
message_size_limit = 5M
smtp_accept_max = 50
smtp_accept_max_per_connection = 50
smtp_connect_backlog = 50
smtp_accept_max_per_host = 25
split_spool_directory = true
remote_max_parallel = 15
smtp_banner = "Welcome on our mail server!\n\
This system does not accept Unsolicited \
Commercial Email\nand will blacklist \
offenders via our spam processor.\nHave a \
nice day!\n\n${primary_hostname} ESMTP"
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_rcpt:
accept hosts = :
deny local_parts = ^.*[@%!/|] : ^\\.
accept local_parts = postmaster
domains = +local_domains
require verify = sender
# deny message = host is listed in $dnslist_domain
# dnslists = sbl.spamhaus.org : \
# relays.ordb.org : \
# opm.blitzed.org
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
dbmailuser:
driver = accept
condition = ${lookup mysql{SELECT alias_idnr FROM aliases WHERE \
alias='${quote_mysql:$local_part@$domain}' OR \
alias='${quote_mysql:@$domain}'}{yes}{no}}
transport = dbmail_delivery
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
begin transports
remote_smtp:
driver = smtp
dbmail_delivery:
driver = pipe
check_string =
command = /usr/local/sbin/dbmail-smtp -d ${pipe_addresses}
current_directory = "/var/spool/dbmail"
escape_string =
group = mail
message_prefix =
message_suffix =
path = "/bin:/sbin:/usr/local/bin:/usr/local/sbin"
user = dbmail
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# Domain Error Retries
# ------ ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
begin authenticators
# AUTH PLAIN authentication method with MySQL used by Netscape Messenger.
auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT user_idnr FROM users \
WHERE userid = '${quote_mysql:$2}' AND passwd = '${quote_mysql:$3}'}}
server_set_id = $2
# AUTH LOGIN authentication method with MySQL support used by Outlook Express.
auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT user_idnr FROM users \
WHERE userid = '${quote_mysql:$1}' AND passwd = '${quote_mysql:$2}'}}
server_prompts = "Username:: : Password::"
server_set_id = $1
# AUTH CRAM-MD5 authentication method with MySQL used by The Bat!.
auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT passwd FROM users \
WHERE userid = '${quote_mysql:$1}'}{$value}fail}
server_set_id = $1
######################################################################
# CONFIGURATION FOR local_scan() #
######################################################################
# If you have built Exim to include a local_scan() function that contains
# tables for private options, you can define those options here. Remember to
# uncomment the "begin" line. It is commented by default because it provokes
# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
# set in the Local/Makefile.
# begin local_scan
# End of Exim configuration file
После этого, создаем файл запуска Exim.
su-2.05a# cat > /usr/local/etc/rc.d/exim.sh
#!/bin/sh
case "$1" in
start)
echo "starting Exim MTA"
/usr/sbin/exim -bd -q30m
;;
restart)
echo "restarting Exim MTA"
kill -HUP `cat /var/spool/mqueue/exim-daemon.pid`
;;
stop)
echo "stopping Exim MTA"
kill -TERM `cat /var/spool/mqueue/exim-daemon.pid`
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
;;
esac
^D
su-2.05a# chmod +x /usr/local/etc/rc.d/exim.sh
Теперь проверим работу Exim'а.
su-2.05a# /usr/local/etc/rc.d/exim.sh start
su-2.05a# telnet localhost 25
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220-Welcome on our mail server!
220-This system does not accept Unsolicited Commercial Email
220-and will blacklist offenders via our spam processor.
220-Have a nice day!
220-
220 mydomain.org ESMTP
ehlo test.ru
250-mydomain.org Hello localhost [127.0.0.1]
250-SIZE 5242880
250-PIPELINING
250 HELP
mail from:someone at zmail.ru
250 OK
rcpt to:sysadmin@mydomain.org
250 Accepted
data
354 Enter message, ending with "." on a line by itself
Hello!
.
250 OK id=19NuQl-000NZA-47
quit
221 mydomain.org closing connection
Connection closed by foreign host.
su-2.05a# tail /var/log/maillog
Jun 5 13:05:28 free_access exim[90602]: 2003-06-05 13:05:28 19NuQl-000NZA-47 <= someone at zmail.ru H=localhost (test.ru) [127.0.0.1] P=esmtp S=317 from <someone at zmail.ru> for sysadmin@mydomain.org
Jun 5 13:05:30 free_access exim[90603]: 2003-06-05 13:05:30 19NuQl-000NZA-47 => sysadmin <sysadmin@mydomain.org> R=dbmailuser T=dbmail_delivery
Jun 5 13:05:30 free_access exim[90603]: 2003-06-05 13:05:30 19NuQl-000NZA-47 Completed
На первый взгляд все работает, идем дальше, теперь проверим dbmail-pop3d.
su-2.05a# telnet localhost 110
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK DBMAIL pop3 server ready to rock <15662.1057056129@mydomain.org>
user sysadmin@mydomain.org
+OK Password required for sysadmin@mydomain.org
pass mypassword
+OK sysadmin@mydomain.org has 1 message (667 octets)
list
+OK 1 message (667 octets)
1 667
.
quit
+OK see ya later
Connection closed by foreign host.
Теперь обеспечим работу антивируса DrWeb в связке с Exim.
Установка DrWeb.
http://www.drweb.ru
su-2.05a# cd /var/tmp
su-2.05a# wget ftp://ftp.drweb.ru/pub/unix/drweb-4.29.2-freebsd4.tar.gz
su-2.05a# md5 drweb-4.29.2-freebsd4.tar.gz
MD5 (drweb-4.29.2-freebsd4.tar.gz) = eb0a76a8a4c7aa9de8428f03210578a6
su-2.05a# wget ftp://ftp.drweb.ru/pub/unix/drweb-exim-4.29.10-freebsd4.tar.gz
su-2.05a# md5 drweb-exim-4.29.10-freebsd4.tar.gz
MD5 (drweb-exim-4.29.10-freebsd4.tar.gz) = 54cc16d2f0fc45af775f4639e3a18034
Создаем пользователя необходимого для работы DrWeb.
su-2.05a# pw useradd -c "DrWeb AntiVir" -d /var/drweb -g mail -s /sbin/nologin drweb
su-2.05a# tar xzpf drweb-4.29.2-freebsd4.tar.gz
su-2.05a# cd drweb-4.29.2-freebsd4
su-2.05a# ./install.sh
Enter destination directory (/opt/drweb is default):
Select interface language: 0) english 1) russian
0
Dr.Web is installed to /opt/drweb.
Edit /drweb32.ini to complete setup.
После этого, отредактируем конфигурационный /etc/drweb/drweb32.ini файл, изменив:
;User = drweb
на:
User = drweb
su-2.05a# cd ../
su-2.05a# tar xzpf drweb-exim-4.29.10-freebsd4.tar.gz
su-2.05a# cp -r drweb-exim/etc/drweb/* /etc/drweb/
su-2.05a# cp -r drweb-exim/opt/drweb/doc/* /opt/drweb/doc/
su-2.05a# cp -r drweb-exim/opt/drweb/drweb-* /opt/drweb/
После этого, отредактируем конфигурационный /etc/drweb/drweb_exim.conf
файл, изменив:
AdminMail = av-master@example.com
на:
AdminMail = sysadmin@mydomain.org
FilterMail = DrWEB-DAEMON@example.com
на:
FilterMail = MAILER-DAEMON@mydomain.org
su-2.05a# chown -R drweb.mail /var/drweb/
su-2.05a# chmod 744 /var/drweb/bases/
su-2.05a# chmod 744 /var/drweb/log/
su-2.05a# chmod 744 /var/drweb/run/
su-2.05a# chmod 774 /var/drweb/infected/
su-2.05a# chmod 774 /var/drweb/spool/
Обеспечим автоматический запуск демона drwebd
su-2.05a# mv /usr/local/etc/rc.d/00drwebd /usr/local/etc/rc.d/drwebd.sh
su-2.05a# /usr/local/etc/rc.d/drwebd.sh start
После этого отредактируем конфигурационный файл exim'а.
### начало /etc/mail/exim.conf ###
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
....
trusted_users = mail:drweb
....
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
# Enable Anti-Virus support with DrWeb.
drweb_router:
driver = accept
condition = "${if eq {$received_protocol}{drweb-scanned}{0}{1}}"
transport = drweb
no_verify
....
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
begin transports
....
address_reply:
driver = autoreply
# Enable Anti-Virus support with DrWeb.
drweb:
driver = pipe
check_string =
command = /opt/drweb/drweb-exim -f <${sender_address}> -- ${pipe_addresses}
current_directory = "/var/drweb/spool"
escape_string =
group = mail
headers_add = "X-Virus-Scanned: by DrWeb For Unix"
message_prefix =
message_suffix =
path = "/bin:/sbin:/usr/bin:/usr/sbin:/opt/drweb"
no_return_output
no_return_path_add
user = drweb
### конец /etc/mail/exim.conf ###
Автоматизируем процесс обновления вирусных баз DrWeb.
su-2.05a# wget http://cpan.org/modules/by-module/String/String-CRC32-1.2.tar.gz
su-2.05a# md5 String-CRC32-1.2.tar.gz
MD5 (String-CRC32-1.2.tar.gz) = 94b13443eac7241a323a876da95ac1c0
su-2.05a# tar xzpf String-CRC32-1.2.tar.gz
su-2.05a# cd String-CRC32-1.2
su-2.05a# perl Makeperl.PL
su-2.05a# make
su-2.05a# make test
su-2.05a# make install
su-2.05a# crontab -e
Указываем запуск скрипта обновления каждый день в 4-ре часа утра.
0 4 * * * /opt/drweb/update/update.pl
Несколько слов хочу сказать про установку SpamAssassin, собственно
сам процесс установки детально описан вот здесь:
http://www.opennet.dev/base/net/qmail_antispam.txt.html
Для обеспечения работы SpamAssassin+Exim, нужно выполнить следующее:
### начало /etc/mail/exim.conf ###
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
# Enable Anti-Virus support with DrWeb.
drweb_router:
driver = accept
condition = "${if or{ {eq {$received_protocol}{drweb-scanned}} \
{eq {$received_protocol}{spam-scanned}} } {0}{1}}"
transport = drweb
no_verify
# Enable Anti-Spam support with SpamAssassin.
spamcheck_router:
no_verify
condition = "${if and { {!def:h_X-Spam-Flag:} \
{!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
driver = accept
transport = spamcheck
....
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
begin transports
....
address_reply:
driver = autoreply
# Enable Anti-Spam support with SpamAssassin.
spamcheck:
driver = pipe
batch_max = 100
command = /usr/sbin/exim -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/spamc
home_directory = "/tmp"
current_directory = "/tmp"
user = mail
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
# Enable Anti-Virus support with DrWeb.
drweb:
driver = pipe
check_string =
command = /opt/drweb/drweb-exim -f <${sender_address}> -- ${pipe_addresses}
current_directory = "/var/drweb/spool"
escape_string =
group = mail
headers_add = "X-Virus-Scanned: by DrWeb For Unix"
message_prefix =
message_suffix =
path = "/bin:/sbin:/usr/bin:/usr/sbin:/opt/drweb"
no_return_output
no_return_path_add
user = drweb
### конец /etc/mail/exim.conf ###
Делал по статье ради интереса.
При запуске exim, вылетает ошибка о неизвестности пользователя dbmail. Все проверил еще раз, сделано идентично. Документация по экзиму не добавила ясности.. Может стоит прояснить как экзим работает с MySQL?
Убедись что ты создал MySQL юзера который прописан в строке:
==> hide mysql_servers = "localhost/db/user/pass"
твоего exim.conf и этот юзер имеет полный доступ к MySQL базе exim'a
Сделал как описано в вашей статье.
Теперь при SMTP авторизации выдает:
2005-09-13 17:06:17 auth_cram_md5 authenticator failed for ([127.0.0.1]) [192.168.0.94]: 535 Incorrect authentication data (set_id=demiurg)
2005-09-13 17:06:17 auth_plain authenticator failed for ([127.0.0.1]) [192.168.0.94]: 535 Incorrect authentication data (set_id=demiurg)
2005-09-13 17:06:17 auth_login authenticator failed for ([127.0.0.1]) [192.168.0.94]: 535 Incorrect authentication data (set_id=demiurg)
---
Секция авторизации Exim такая же как в статье.
Exim: 4.52
DBMail: 2.0.4