mirror of
https://github.com/Cisco-Talos/clamav.git
synced 2025-10-19 10:23:17 +00:00
549 lines
11 KiB
HTML
549 lines
11 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
|
|
|
|
<!--Converted with LaTeX2HTML 2K.1beta (1.48)
|
|
original version by: Nikos Drakos, CBLU, University of Leeds
|
|
* revised and updated by: Marcus Hennecke, Ross Moore, Herb Swan
|
|
* with significant contributions from:
|
|
Jens Lippmann, Marek Rouchal, Martin Wilck and others -->
|
|
<HTML>
|
|
<HEAD>
|
|
<TITLE>Debian GNU/Linux Mail Server</TITLE>
|
|
<META NAME="description" CONTENT="Debian GNU/Linux Mail Server">
|
|
<META NAME="keywords" CONTENT="Debian_Mail_server">
|
|
<META NAME="resource-type" CONTENT="document">
|
|
<META NAME="distribution" CONTENT="global">
|
|
|
|
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
|
|
<META NAME="Generator" CONTENT="LaTeX2HTML v2K.1beta">
|
|
|
|
</HEAD>
|
|
|
|
<BODY >
|
|
<P>
|
|
|
|
<P>
|
|
|
|
<P>
|
|
|
|
<P>
|
|
<H1 ALIGN="CENTER">Debian GNU/Linux Mail Server</H1>
|
|
<P ALIGN="CENTER"><STRONG>Dennis Leeuw</STRONG></P>
|
|
<P ALIGN="CENTER"><STRONG>Versie 0.2.0</STRONG></P>
|
|
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00100000000000000000">
|
|
1. Mail User Agent</A>
|
|
</H1>
|
|
|
|
<P>
|
|
The MUA is the program that a user uses to read his or her mail. Some
|
|
examples: pine, mutt or Netscape (on Windows Outlook). The MUA can
|
|
use several protocols to fetch the mail. The most used services are
|
|
POP3, IMAP, but SMTP is also possible.
|
|
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00110000000000000000">
|
|
1.1 popping mail:</A>
|
|
</H1>
|
|
|
|
<P>
|
|
All incoming mail for a user is stored in one file in /var/spool/mail/<username>.
|
|
You could read your mail with more or less, but that is not very comfortable.
|
|
The most secure way of using pop3 is by using pop3 over SSL. This
|
|
way you get a SSH like pop3 system.
|
|
|
|
<P>
|
|
|
|
<H3><A NAME="SECTION00110100000000000000">
|
|
1.1.0.1 Installation</A>
|
|
</H3>
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>apt-get install courier-pop-ssl
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H3><A NAME="SECTION00110200000000000000">
|
|
1.1.0.2 Configuration</A>
|
|
</H3>
|
|
|
|
<P>
|
|
The configuration can be found in /etc/courier/.
|
|
|
|
<P>
|
|
[META] needs more docu about interfaces to run on and protocols/ports
|
|
to use.
|
|
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00200000000000000000">
|
|
2. Mail Transfer Agent</A>
|
|
</H1>
|
|
|
|
<P>
|
|
The MTA is a program that sends mail from one server to another. This
|
|
is done through the SMTP protocol. On Debian the default MTA is Exim,
|
|
however there are several GNU/Linux servers that contain this functionality
|
|
like: sendmail, postfix and qmail.
|
|
|
|
<P>
|
|
I like postfix so let's start with that one.
|
|
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00210000000000000000">
|
|
2.1 postfix</A>
|
|
</H1>
|
|
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00211000000000000000">
|
|
2.1.1 Installation</A>
|
|
</H2>
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>apt-get install postfix
|
|
</DD>
|
|
</DL>Choose no configuration when asked for configuration.
|
|
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00212000000000000000">
|
|
2.1.2 configuration</A>
|
|
</H2>
|
|
|
|
<P>
|
|
The postfix configuration files can be found in /etc/postfix/.
|
|
|
|
<P>
|
|
The most important file is main.cf. Elements in this file that need
|
|
special attention:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>myhostname = mail.domain.com
|
|
|
|
<P>
|
|
mydestination = $myhostname, localhost.$mydomain, $mydomain
|
|
|
|
<P>
|
|
mynetworks = 192.168.1.0/24, 127.0.0.0/8
|
|
|
|
<P>
|
|
relay_domains = $mydomain
|
|
<P>
|
|
home_mailbox = Maildir/
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00213000000000000000">
|
|
2.1.3 Test</A>
|
|
</H2>
|
|
|
|
<P>
|
|
Test the configuration with telnet:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>telnet localhost 25 # from the local machine
|
|
|
|
<P>
|
|
telnet smtp.domein.nl 25 # from a Internet machine
|
|
|
|
<P>
|
|
telnet 192.168.1.1 25 # from an internal machine
|
|
</DD>
|
|
</DL>Use the following procedure:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>helo domein.org
|
|
|
|
<P>
|
|
mail from: user@domein.org
|
|
|
|
<P>
|
|
rcpt to: user@domein.nl
|
|
|
|
<P>
|
|
data
|
|
|
|
<P>
|
|
.
|
|
|
|
<P>
|
|
quit
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00300000000000000000">
|
|
3. Mail Delivery Agent</A>
|
|
</H1>
|
|
|
|
<P>
|
|
The MDA is a program that incoming mail from the MTA accepts and it
|
|
stores in the users mailbox, Local Delivery. The program is on almost
|
|
any GNU/Linux systeem procmail. We use the functionality within postfix.
|
|
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00320000000000000000">
|
|
3.2 Fetchmail</A>
|
|
</H1>
|
|
|
|
<P>
|
|
It might be that you have some pop3 mail accounts on other servers
|
|
or providers. To get that mail on your local system you could use
|
|
fetchmail.
|
|
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00321000000000000000">
|
|
3.2.1 Installation</A>
|
|
</H2>
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>apt-get install fetchmail
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00322000000000000000">
|
|
3.2.2 Configuration</A>
|
|
</H2>
|
|
|
|
<P>
|
|
A sample configuration file:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>poll pop.provider.net proto pop3
|
|
|
|
<P>
|
|
user "jsmith", with password secret1, is "johans" here;
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00400000000000000000">
|
|
4. Virus checking</A>
|
|
</H1>
|
|
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00410000000000000000">
|
|
4.1 Clam Antivirus</A>
|
|
</H1>
|
|
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00411000000000000000">
|
|
4.1.1 Installation</A>
|
|
</H2>
|
|
|
|
<P>
|
|
Get the source from http://www.konarski.edu.pl/~zolw.
|
|
Read the documentation, which is very good, or do:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>groupadd clamav
|
|
|
|
<P>
|
|
useradd -g clamav -s /bin/false -c ``Clam Antivirus'' clamav
|
|
</DD>
|
|
</DL>To build the software do:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>./configure -prefix=/usr/local
|
|
|
|
<P>
|
|
make
|
|
|
|
<P>
|
|
make install
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00412000000000000000">
|
|
4.1.2 Help Out!</h2>
|
|
<p>The biggest challenge for an open source virus scanner is the virus signature database. The Clamav writer has written een great tool called sigtool. It is able to create a signature from a virus file with the help of another anti-virus program that detects the virus.</p>
|
|
|
|
<p>If you find a virus that is not detected by clamscan, but is detected by another virus scanner, do the following:<br>
|
|
<tt>
|
|
sigtool -s <string of virus-scanner that finds the virus, when it detects it> -f <file that contains the virus> -c <how the virus-scanner should be executed></tt>
|
|
|
|
<P>This creates a signature file. Which should be added to the clamav database. And the next time a virus passes by it will be detected by clamscan.</p>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00420000000000000000">
|
|
4.2 AMAVIS</A>
|
|
</H1>
|
|
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00421000000000000000">
|
|
4.2.1 Installation</A>
|
|
</H2>
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>groupadd vscan
|
|
|
|
<P>
|
|
useradd -g vscan -s /bin/false -c ``Amavis'' vscan
|
|
</DD>
|
|
</DL>Compile this from source http://www.amavis.org/. Use amavis-perl-11.tar.gz
|
|
|
|
<P>
|
|
Before you can use AMAVIS you first need a couple of perl modules:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>apt-get install libmime-perl libunix-syslog-perl \
|
|
|
|
<P>
|
|
libemail-valid-perl libconvert-uulib-perl \
|
|
|
|
<P>
|
|
libconvert-tnef-perl libarchive-tar-perl \
|
|
|
|
<P>
|
|
libarchive-zip-perl libcompress-zlib-perl
|
|
</DD>
|
|
</DL>And some tools:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>apt-get install file bzip2 lha unarj unrar unzoo
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H3><A NAME="SECTION00421100000000000000">
|
|
4.2.1.1 Arc521</A>
|
|
</H3>
|
|
|
|
<P>
|
|
Then there is arc, which is not GNU/Linux ready yet. So download the
|
|
source and do the following:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>mkdir temp
|
|
|
|
<P>
|
|
cd temp
|
|
|
|
<P>
|
|
tar zxvf ../arc521.tar.Z
|
|
</DD>
|
|
</DL>Edit arcdos.c and comment the struct timeval (don't do this on RH6.2 machines):
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>/*struct timeval { /* man page said <sys/types.h>, but it */
|
|
|
|
<P>
|
|
/* long tv_sec; /* really seems to be in <sys/time.h>, */
|
|
|
|
<P>
|
|
/* long tv_usec; /* but why bother... */
|
|
|
|
<P>
|
|
/*};*/
|
|
</DD>
|
|
</DL>Edit tmclock.c to look like this:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>#if BSD
|
|
|
|
<P>
|
|
#include <sys/time.h>
|
|
|
|
<P>
|
|
#include <time.h>
|
|
|
|
<P>
|
|
int daylight;
|
|
|
|
<P>
|
|
#else
|
|
|
|
<P>
|
|
#include <time.h>
|
|
|
|
<P>
|
|
#endif
|
|
</DD>
|
|
</DL>I have send these changes to the maintainer of arc, so the next release
|
|
might show better GNU/Linux support.
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>make
|
|
|
|
<P>
|
|
cp arc /usr/local/bin
|
|
<p>
|
|
cp arc.1 /usr/local/man/man1/
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H3><A NAME="SECTION00421200000000000000">
|
|
4.2.1.2 Compile AMAVIS</A>
|
|
</H3>
|
|
|
|
<P>
|
|
Compile AMAVIS:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>patch -p1 < ../clamav-<I><version></I>/support/amavis/clamavis.patch
|
|
|
|
<P>
|
|
find . -exec touch 01010000 {} \;
|
|
|
|
<P>
|
|
./configure --enable-smtp --with-smtp-port=10025 --enable-postfix
|
|
|
|
<P>
|
|
make
|
|
|
|
<P>
|
|
make install
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00422000000000000000">
|
|
4.2.2 AMAVIS and Postfix</A>
|
|
</H2>
|
|
|
|
<P>
|
|
Add to /etc/postfix/main.cf:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>content_filter = vscan:
|
|
</DD>
|
|
</DL>Adjust /etc/postfix/master.cf:
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>vscan unix - n n - 10 pipe user=vscan
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>argv=/usr/sbin/amavis ${sender} ${recipient}
|
|
</DD>
|
|
</DL>localhost:10025 inet n - n - - smtpd -o content_filter=
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H2><A NAME="SECTION00423000000000000000">
|
|
4.2.3 Test</A>
|
|
</H2>
|
|
|
|
<P>
|
|
Send an e-mail with the Eicar string to test the anti-virus functionality.
|
|
|
|
<P>
|
|
|
|
<DL COMPACT>
|
|
<DT>
|
|
<DD>X5O!P%@AP[4\PZX54(P)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
|
|
|
|
<P>
|
|
</DD>
|
|
</DL>
|
|
<P>
|
|
|
|
<H1><A NAME="SECTION00500000000000000000">
|
|
About this document ...</A>
|
|
</H1>
|
|
<STRONG>Debian GNU/Linux Mail Server</STRONG><P>
|
|
This document was generated using the
|
|
<A HREF="http://www-texdev.mpce.mq.edu.au/l2h/docs/manual/"><STRONG>LaTeX</STRONG>2<tt>HTML</tt></A> translator Version 2K.1beta (1.48)
|
|
<P>
|
|
Copyright © 1993, 1994, 1995, 1996,
|
|
<A HREF="http://cbl.leeds.ac.uk/nikos/personal.html">Nikos Drakos</A>,
|
|
Computer Based Learning Unit, University of Leeds.
|
|
<BR>
|
|
Copyright © 1997, 1998, 1999,
|
|
<A HREF="http://www.maths.mq.edu.au/~ross/">Ross Moore</A>,
|
|
Mathematics Department, Macquarie University, Sydney.
|
|
<P>
|
|
The command line arguments were: <BR>
|
|
<STRONG>latex2html</STRONG> <TT>-no_subdir -split 0 -show_section_numbers /tmp/lyx_tmpdir30758nJeXv/lyx_tmpbuf3075QAkyC5/Debian_Mail_server.tex</TT>
|
|
<P>
|
|
The translation was initiated by Dennis Leeuw on 2002-05-28<HR>
|
|
<!--Navigation Panel-->
|
|
<IMG WIDTH="81" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next_inactive"
|
|
SRC="/usr/share/latex2html/icons/nx_grp_g.png">
|
|
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up"
|
|
SRC="/usr/share/latex2html/icons/up_g.png">
|
|
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous"
|
|
SRC="/usr/share/latex2html/icons/prev_g.png">
|
|
<BR>
|
|
<!--End of Navigation Panel-->
|
|
<ADDRESS>
|
|
Dennis Leeuw
|
|
2002-05-28
|
|
</ADDRESS>
|
|
</BODY>
|
|
</HTML>
|