qmail Qmail-Scanner SpamAssassin インストール

この章を始める前に下記の設定が必要です
「アンチウイルス Clam Antivirus インストール」 「qmail tcpserver daemontools インストール」 「qmail Courier-Authlib Courier-IMAP インストール」 「qmail Courier-IMAP POP/IMAP over SSL」
SpamAssassinインストール
[root@freebsd ~]# cd /usr/ports/mail/p5-Mail-SpamAssassin
[root@freebsd p5-Mail-SpamAssassin]# make BATCH=yes WITHOUT_AS_ROOT=yes install clean

・
・
・
===>  Cleaning for p5-NetAddr-IP-4.02.7
===>  Cleaning for p5-Archive-Tar-1.60
===>  Cleaning for p5-Net-DNS-0.66
===>  Cleaning for p5-Compress-Zlib-2.015
===>  Cleaning for p5-IO-Zlib-1.10
===>  Cleaning for p5-HTML-Parser-3.65
===>  Cleaning for p5-IO-Compress-Zlib-2.015
===>  Cleaning for p5-Test-Harness-3.21
===>  Cleaning for p5-libwww-5.834
===>  Cleaning for p5-Encode-Detect-1.01
===>  Cleaning for p5-Mail-Tools-2.06
===>  Cleaning for p5-IO-Socket-SSL-1.33
===>  Cleaning for p5-Digest-SHA-5.48
===>  Cleaning for p5-Mail-DKIM-0.38
===>  Cleaning for p5-Crypt-OpenSSL-RSA-0.26
===>  Cleaning for p5-Time-HiRes-1.9721,1
===>  Cleaning for p5-IO-Socket-INET6-2.61
===>  Cleaning for gnupg-2.0.14_1
===>  Cleaning for razor-agents-2.84
===>  Cleaning for p5-IO-Compress-Bzip2-2.015
===>  Cleaning for p5-IO-String-1.08
===>  Cleaning for p5-Net-IP-1.25_1
===>  Cleaning for p5-Digest-HMAC-1.02
===>  Cleaning for p5-Compress-Raw-Zlib-2.027
===>  Cleaning for p5-IO-Compress-Base-2.015
===>  Cleaning for p5-HTML-Tagset-3.20
===>  Cleaning for p5-URI-1.54
===>  Cleaning for p5-ExtUtils-CBuilder-0.2703,1
===>  Cleaning for p5-Module-Build-0.3607
===>  Cleaning for p5-TimeDate-1.20,1
===>  Cleaning for p5-Net-SSLeay-1.36
===>  Cleaning for p5-Crypt-OpenSSL-Random-0.04
===>  Cleaning for p5-Crypt-OpenSSL-Bignum-0.04
===>  Cleaning for p5-Socket6-0.23
===>  Cleaning for libassuan-1.0.5
===>  Cleaning for libksba-1.0.7
===>  Cleaning for pth-2.0.7
===>  Cleaning for curl-7.20.0
===>  Cleaning for p5-Digest-SHA1-2.12
===>  Cleaning for p5-Compress-Raw-Bzip2-2.027
===>  Cleaning for p5-Math-BigInt-1.89
===>  Cleaning for p5-YAML-0.71
===>  Cleaning for p5-ExtUtils-ParseXS-2.22.03
===>  Cleaning for p5-ExtUtils-Install-1.54
===>  Cleaning for ca_root_nss-3.12.4
===>  Cleaning for p5-Mail-SpamAssassin-3.3.1
SpamAssassin起動
[root@freebsd p5-Mail-SpamAssassin]# vi /etc/rc.conf
spamd_enable="YES" ←追加
[root@freebsd p5-Mail-SpamAssassin]# /usr/local/bin/sa-update [root@freebsd p5-Mail-SpamAssassin]# /usr/local/etc/rc.d/sa-spamd start Starting spamd.

ヒント

# perl -e 'use Time::HiRes;'
# perl -e 'use DB_File;'
wgetインストール
[root@freebsd p5-Mail-SpamAssassin]# cd /usr/ports/ftp/wget
[root@freebsd wget]# make BATCH=yes install clean
tnefインストール
[root@freebsd wget]# cd /usr/ports/converters/tnef
[root@freebsd tnef]# make install clean
pcreインストール
[root@freebsd tnef]# cd /usr/ports/devel/pcre
[root@freebsd pcre]# make install clean
maildropインストール
[root@freebsd pcre]# cd /usr/ports/mail/maildrop
[root@freebsd maildrop]# make install clean
qmailqueue-patch
[root@freebsd qmail]# cd /usr/ports/mail/qmail
[root@freebsd qmail]# make BATCH=yes WITH_SMTP_AUTH_PATCH=yes WITH_QMAILQUEUE_PATCH=yes WITH_LOCALTIME_PATCH=yes deinstall reinstall clean
perl-suidperlインストール
[root@freebsd maildrop]# cd /usr/ports/lang/perl5.10
[root@freebsd perl5.10]# make BATCH=yes ENABLE_SUIDPERL=yes deinstall reinstall clean
unzipインストール
[root@freebsd perl5.10]# cd /usr/ports/archivers/unzip
[root@freebsd unzip]# make install clean
[root@freebsd unzip]# cd
Qmail-Scannerユーザー追加
[root@freebsd ~]# pw groupadd qscand
[root@freebsd ~]# pw useradd qscand -c "Qmail-Scanner" -g qscand -s /bin/false
qmail-scannerインストール
[root@freebsd ~]# fetch http://downloads.sourceforge.net/qmail-scanner/qmail-scanner-2.08.tgz
[root@freebsd ~]# tar zxvf qmail-scanner-2.08.tgz
[root@freebsd ~]# cd qmail-scanner-2.08
[root@freebsd qmail-scanner-2.08]# ./configure \
--admin postmaster \
--scanners clamdscan,verbose_spamassassin \
--add-dscr-hdrs yes \
--install

bash: not found
Building Qmail-Scanner 2.08...

This script will search your system for the virus scanners it knows
about, and will ensure that all external programs
qmail-scanner-queue.pl uses are explicitly pathed for performance
reasons.

Continue? ([Y]/N) ←Enterキークリック



/usr/bin/uudecode works as expected on system...



Found tnef on your system! That means we'll be able to decode stupid
M$ attachments :-)


The following binaries and scanners were found on your system:

mimeunpacker=/usr/local/bin/reformime
uudecode=/usr/bin/uudecode
tnef=/usr/local/bin/tnef

Content/Virus Scanners installed on your System

max-scan-size=100000000
[: /usr/local/bin/freshclam: unexpected operator
clamdscan=/usr/local/bin/clamdscan (which means clamscan won't be used as clamdscan is better)
[: unexpected operator
verbose_spamassassin=/usr/local/bin/spamc

Qmail-Scanner details.

log-details=syslog
log-crypto=0
fix-mime=2
ignore-eol-check=0
debug=1
notify=psender,nmlvadm
redundant-scanning=yes
sa-tempfail=1
sa-faulttolerant=1
sa-maxsize=256000
virus-admin=System Anti-Virus Administrator 
local-domains='ns1.freebsd.orz'
silent-viruses='klez','bugbear','hybris','yaha','braid','nimda','tanatos',
'sobig','winevar','palyh','fizzer','gibe','cailont','lovelorn','swen',
'dumaru','sober','hawawi','holar-i','mimail','poffer','bagle','worm.galil'
,'mydoom','worm.sco','tanx','novarg','\@mm'

scanners="clamdscan","verbose_spamassassin"

If that looks correct, I will now generate qmail-scanner-queue.pl
for your system...
Continue? ([Y]/N) ←Enterキークリック

Testing suid nature of /usr/bin/perl...
Looks OK...
Hit RETURN to create initial directory structure under /var/spool/qscan,
and install qmail-scanner-queue.pl under /var/qmail/bin:
perlscanner: generate new DB file from /var/spool/qscan/quarantine-events.txt
perlscanner: total of 12 entries.

Finished installation of initial directory structure for Qmail-Scanner
under /var/spool/qscan and qmail-scanner-queue.pl under /var/qmail/bin. ←Enterキークリック

Finished. Please read README(.html) and then go over the script
(/var/qmail/bin/qmail-scanner-queue.pl) to check paths/etc.

"/var/qmail/bin/qmail-scanner-queue.pl -r" should return some well-known virus
definitions to show that the internal perlscanner component is working.

That's it!



              ****** FINAL TEST ******

Please log into an unpriviledged account and run
/var/qmail/bin/qmail-scanner-queue.pl -g

If you see the error "Can't do setuid", or "Permission denied", then
refer to the FAQ.

(e.g.  "setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g")


That's it! To report success:

   % (echo 'First M. Last'; cat SYSDEF)|mail jhaar-s4vstats@crom.trimble.co.nz
Replace First M. Last with your name.

[root@freebsd qmail-scanner-2.08]# cd
qmail-scanner設定
[root@freebsd ~]# vi /var/spool/qscan/quarantine-events.txt
↓下記をコメント解除
.vbs	SIZE=-1	VBS files not allowed per Company security policy
.lnk	SIZE=-1	LNK files not allowed per Company security policy
.scr	SIZE=-1	SCR files not allowed per Company security policy
.wsh	SIZE=-1	WSH files not allowed per Company security policy
.hta	SIZE=-1	HTA files not allowed per Company security policy
.pif	SIZE=-1	PIF files not allowed per Company security policy
.cpl	SIZE=-1	CPL files not allowed per Company security policy
↓下記を記入
.bat	SIZE=-1	BAT files not allowed per Company security policy
.com	SIZE=-1	COM files not allowed per Company security policy
.exe	SIZE=-1	EXE files not allowed per Company security policy
[root@freebsd ~]# /var/qmail/bin/qmail-scanner-queue.pl -g perlscanner: generate new DB file from /var/spool/qscan/quarantine-events.txt perlscanner: total of 22 entries.
SpamAssassin設定
[root@freebsd ~]# vi /usr/local/etc/mail/spamassassin/v310.pre
#loadplugin Mail::SpamAssassin::Plugin::TextCat
↓
loadplugin Mail::SpamAssassin::Plugin::TextCat ←コメント解除
[root@freebsd ~]# vi /root/spamassassin
↓下記を記入
#!/bin/sh

cd /usr/local/etc/mail/spamassassin
/usr/local/bin/wget -qN http://tlec.linux.or.jp/docs/user_prefs
cp user_prefs local.cf
cat << EOF >> local.cf
report_safe 0
rewrite_header Subject ***SPAM***
EOF
/usr/local/etc/rc.d/sa-spamd restart > /dev/null
[root@freebsd ~]# chmod +x /root/spamassassin [root@freebsd ~]# /root/spamassassin [root@freebsd ~]# ll /usr/local/etc/mail/spamassassin total 674 -rw-r--r-- 1 root wheel 1300 May 19 22:28 init.pre -rw-r--r-- 1 root wheel 1300 May 19 22:28 init.pre.sample -rw-r--r-- 1 root wheel 308739 May 19 23:32 local.cf ←local.cfを確認 -rw-r--r-- 1 root wheel 2214 May 19 22:28 local.cf.sample drwx------ 2 root wheel 512 May 19 22:33 sa-update-keys -rw-r--r-- 1 root wheel 308691 May 4 18:00 user_prefs -rw-r--r-- 1 root wheel 2523 May 19 23:32 v310.pre -rw-r--r-- 1 root wheel 2524 May 19 22:28 v310.pre.sample -rw-r--r-- 1 root wheel 1194 May 19 22:28 v312.pre -rw-r--r-- 1 root wheel 1194 May 19 22:28 v312.pre.sample -rw-r--r-- 1 root wheel 2416 May 19 22:28 v320.pre -rw-r--r-- 1 root wheel 2416 May 19 22:28 v320.pre.sample -rw-r--r-- 1 root wheel 1237 May 19 22:28 v330.pre -rw-r--r-- 1 root wheel 1237 May 19 22:28 v330.pre.sample
tcp.smtp編集
[root@freebsd ~]# vi /etc/tcp.smtp
↓下記を記入
127.:allow,RELAYCLIENT=""
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
[root@freebsd ~]# tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
runスクリプト編集
[root@freebsd ~]# vi /var/qmail/service/smtpd/run
↓下記を記入
#!/bin/sh

QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
export QMAILQUEUE
exec env - PATH="/var/qmail/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin" \
/usr/local/bin/tcpserver -v -x /etc/tcp.smtp.cdb \
-R -H -l0 -u `id -u qmaild` -g `id -g qmaild` 0 smtp \
/var/qmail/bin/qmail-smtpd 2>&1
[root@freebsd ~]# vi /var/qmail/service/smtpd_ssl/run
↓下記を記入
#!/bin/sh

QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
export QMAILQUEUE
exec env - PATH="/var/qmail/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin" \
/usr/local/bin/tcpserver -v -s -x /etc/tcp.smtp.cdb -n /var/qmail/cert.pem \
-R -H -l0 -u `id -u qmaild` -g `id -g qmaild` 0 smtps \
/var/qmail/bin/qmail-smtpd 2>&1
qmail再起動
[root@freebsd tnef]# svc -t /var/service/* ←再起動
[root@freebsd tnef]# svstat /var/service/* ←起動確認
Procmail設定(POPの場合)
[root@freebsd ~]# vi /usr/local/etc/procmailrc
SHELL=/bin/sh
PATH=/bin:/usr/bin:/usr/local/bin
DROPPRIVS=yes
MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR/
#LOGFILE=$MAILDIR/procmail.log
#VERBOSE=ON # 詳細ログ出力

# 件名に「未承諾広告※」を含むメールを破棄する
:0
* ^Subject:.*=\?[Ii][Ss][Oo]-2022-[Jj][Pp]\?[Bb]\?GyRCTCQ\+NUJ6OS05cCIo
/dev/null

# ヘッダーに「X-Spam-***」がない場合、spamassassinを起動
:0fw
*!^X-Spam.*
|spamassassin
Outlook Expressの設定 (POPの場合)

1.「ツール」>「メッセージ ルール」>「メール」をクリック。

2.「件名に指定した言葉が含まれる場合」にチェックを入れ
「指定した言葉が含まれる」をクリック。

3.「***SPAM***」と入力して「追加」をクリック。

4.「OK」をクリック。

5.「指定したフォルダに移動する」にチェックを入れ
「指定したフォルダ」をクリック。

6.「新規フォルダ」をクリック。

7.「SPAM」と入力して「OK」をクリック。

8.「SPAM」を選択して「OK」をクリック。

9.「OK」をクリック。

10.「OK」をクリック。

11.件名に「***SPAM***」が付くメールはSPAMフォルダに格納される。
スパムメールボックス作成 (IMAPの場合)
[root@freebsd ~]# mkdir -p /home/user_name/Maildir/.spam/new
[root@freebsd ~]# mkdir -p /home/user_name/Maildir/.spam/cur
[root@freebsd ~]# mkdir -p /home/user_name/Maildir/.spam/tmp
[root@freebsd ~]# chmod -R 700 /home/user_name/Maildir/.spam
[root@freebsd ~]# chown -R user_name:user_name /home/user_name/Maildir/.spam
追加ユーザー用スパムメールボックス作成(IMAPの場合)
[root@freebsd ~]# mkdir -p /usr/share/skel/Maildir/.spam/new
[root@freebsd ~]# mkdir -p /usr/share/skel/Maildir/.spam/cur
[root@freebsd ~]# mkdir -p /usr/share/skel/Maildir/.spam/tmp
[root@freebsd ~]# chmod -R 700 /usr/share/skel/Maildir/.spam
Procmail設定(IMAPの場合)
[root@freebsd ~]# vi /usr/local/etc/procmailrc
SHELL=/bin/sh
PATH=/bin:/usr/bin:/usr/local/bin
DROPPRIVS=yes
MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR/
SPAM=$MAILDIR/.spam/
#LOGFILE=$MAILDIR/procmail.log
#VERBOSE=ON # 詳細ログ出力

# 件名に「未承諾広告※」を含むメールを破棄する
:0
* ^Subject:.*=\?[Ii][Ss][Oo]-2022-[Jj][Pp]\?[Bb]\?GyRCTCQ\+NUJ6OS05cCIo
/dev/null

# ヘッダーに「X-Spam-***」がない場合、spamassassinを起動
:0fw
*!^X-Spam.*
|spamassassin

# ヘッダーに「X-Spam-Status: Yes」がある場合、「.spam」ディレクトリに格納
:0
*^X-Spam-Status: Yes
$SPAM
スパムメール学習 (IMAPの場合)
[root@freebsd ~]# vi /etc/periodic/daily/700.sa-learn
↓下記を記入
#!/bin/sh

# spamフォルダをスパムとして学習
/usr/local/bin/sa-learn --spam /home/*/Maildir/.spam/cur

# Maildirフォルダを通常のメールとして学習
/usr/local/bin/sa-learn --ham /home/*/Maildir/cur

# spamフォルダ削除する場合は下記をコメント解除
#/bin/rm -f /home/*/Maildir/.spam/cur/*
[root@freebsd ~]# chmod 755 /etc/periodic/daily/700.sa-learn
Outlook Expressの設定 (IMAPの場合)

1.アカウントをクリックして「IMAPフォルダ」をクリック。

2.「リセット」をクリック。

3.「spam」フォルダを選択して「表示」をクリック。

4.「OK」をクリック。

5.ヘッダーに「X-Spam-Status: Yes」がある場合は「spam」フォルダに格納される。
スパムメール送信テスト
[root@freebsd ~]# echo "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X"|mail user_name@freebsd.orz
Home PageTop