谁搞过QMAILSCAN+SpamAssass+CLAMV？

岚轩

如题！我要实现垃圾邮件过滤和杀毒功能，CLAMV已经用RPM安装并启动DAEMON，SpamAssassin也装了，但是在装QMAILSCAN时，还是提示SpamAssassin没有正确安装！
如下：
[root@rh9linux qmail-scanner-1.23]# ./configure --domain lanxuan.org
Building Qmail-Scanner 1.23...


                ***** NOTE ******

Qmail-Scanner doesn't have language translations for zh_CN.GB18030,
- so defaulting to english...

[Hit <RETURN> to continue]



This script will search your system for the virus scanners it knows
about, and will ensure that all external programs
qmail-scanner-queue.pl uses are explicitly pathed for performance
reasons.


It will then generate qmail-scanner-queue.pl - it is up to you to install it
correctly.

Continue? ([Y]/N)
Y

Something like spamc for SpamAssassin detected - but not correctly installed
(didn't include a "X-Spam-Status" line in output).
Please read Q-S FAQ if you want it - especially check that spamd daemon
is running. Ignoring...


The following binaries and scanners were found on your system:

mimeunpacker=/usr/local/bin/reformime
unzip=/usr/bin/unzip

Content/Virus Scanners installed on your System

clamdscan=/usr/bin/clamdscan (which means clamscan won't be used as clamdscan is better)

Qmail-Scanner details.

log-details=syslog
fix-mime=2
ignore-eol-check=0
debug=1
notify=psender,nmlvadm
redundant-scanning=yes
[email protected]
local-domains='lanxuan.org'
silent-viruses='klez','bugbear','hybris','yaha','braid','nimda','tanatos','sobig','winevar','palyh','fizzer','gibe','cailont','lovelorn','swen','dumaru','sober','hawawi','holar-i','mimail','poffer','bagle','worm.galil','mydoom','worm.sco','tanx','novarg','\@mm'
scanners="clamdscan_scanner"

If that looks correct, I will now generate qmail-scanner-queue.pl
for your system...
Continue? ([Y]/N)
我于是没有Y，停止了安装，麻烦高人说一个？

岚轩

其实关键是SpamAssassin的安装！怎么样才能装的完美一点，我安装时用的是：
perl Makefile.PL ENABLE_SSL=yes < /dev/null
make
make install
上面的还要procmail-3.22
编译用make recommend
make install
看了说明文件，好象为用户使用时才需要procmail，但是我就想把SpamAssassin装好了给QMAIL-SCANNER调用（全局使用），怎么做呢？SpamAssassin需要如何编译和配置？？

llc

兄弟，你这几个东西我都没装过，帮不上忙了
建议找gugong兄帮忙

gugong

我的是这样：
[code:1]Building Qmail-Scanner 1.23...

This script will search your system for the virus scanners it knows
about, and will ensure that all external programs
qmail-scanner-queue.pl uses are explicitly pathed for performance
reasons.



/usr/bin/uudecode works as expected on system...



Found tnef on your system! That means we'll be able to decode stupid
M$ attachments :-)


The following binaries and scanners were found on your system:

mimeunpacker=/usr/local/bin/reformime
uudecode=/usr/bin/uudecode
unzip=/usr/bin/unzip
tnef=/usr/bin/tnef

Content/Virus Scanners installed on your System

hbedv_antivir=/usr/bin/antivir
verbose_spamassassin=/usr/bin/spamc

Qmail-Scanner details.

log-details=syslog
fix-mime=2
ignore-eol-check=0
debug=0
notify=sender
redundant-scanning=yes
[email protected]
local-domains='xxx.com'
silent-viruses='klez','bugbear','hybris','yaha','braid','nimda','tanatos','sobig','winevar','palyh','fizzer','gibe','cailont','lovelorn','swen','dumaru','sober','hawawi','holar-i','mimail','poffer','bagle','worm.galil','mydoom','worm.sco','tanx','novarg','\@mm'
scanners="hbedv_scanner","verbose_spamassassin"

If that looks correct, I will now generate qmail-scanner-queue.pl
for your system...
Testing suid nature of /usr/bin/perl...
Looks OK...
perlscanner: generate new DB file from /var/spool/qmailscan/quarantine-attachments.txt
perlscanner: total of 9 entries.

Finished installation of initial directory structure for Qmail-Scanner
under /var/spool/qmailscan and qmail-scanner-queue.pl under /var/qmail/bin.

Finished. Please read README(.html) and then go over the script
(/var/qmail/bin/qmail-scanner-queue.pl) to check paths/etc.

"/var/qmail/bin/qmail-scanner-queue.pl -r" should return some well-known virus
definitions to show that the internal perlscanner component is working.

That's it!



              ****** FINAL TEST ******

Please log into an unpriviledged account and run
/var/qmail/bin/qmail-scanner-queue.pl -g

If you see the error "Can't do setuid", or "Permission denied", then
refer to the FAQ.

(e.g.  "setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g")


That's it! To report success:

   % (echo 'First M. Last'; cat SYSDEF)|mail [email protected]
Replace First M. Last with your name.
[/code:1]

岚轩

古公兄，我其实也试过不装SpamAssassin，只是安装QMAIL-SCANNER+Clam Antivius（CLAMV）的，但是我测试时，情况如下：
[root@rh9linux contrib]# ./test_installation.sh -doit
QMAILQUEUE was not set, defaulting to /var/qmail/bin/qmail-scanner-queue.pl for this test...

Sending standard test message - no viruses...
done!

Sending eicar test virus - should be caught by perlscanner module...
qmail-inject: fatal: qq temporary problem (#4.3.0)
Bad error. qmail-inject died

我看了邮箱，测试的邮件确实是收到的，但是查到病毒后的警告邮件却没有发到[email protected]，我也查看了qmail-smtp/log，发现好象是检测到有病毒的，但警告邮件没有发到我的管理员邮箱，而且我看了你的置顶帖，好象你测试这个文件是没有下面的问题啊！
qmail-inject: fatal: qq temporary problem (#4.3.0)
Bad error. qmail-inject died

提一下我的环境：qmail使用maildir投递。
我的想法，是否需要同时装上Spam Assassin Daemon（SpamAssassin），才可以查到有毒的邮件时立刻发信到管理员？并且这个软件还可以防垃圾邮件啊，但如何很好的集成啊，需要如何编译？我1楼的编译如何？故宫兄，你的看法呢？

gugong

qq temporary problem

岚轩

[quote:14c427d3ff="gugong"]qq temporary problem[/quote]

古公兄，您不要总是这样吗？
我并非看不懂这点英文，只是我虽然能字面上了解其含义，但还是不知到其处理方法啊！你知道成因和解决方法？难道就不能说说？或者你都没有碰到此类情况？就算你也没有碰到此类情况，以你的经验来看，怎么考虑？

gugong

google

岚轩

古公大人，现在OK了吧？？

[root@rh9linux qmail-scanner-1.23]# ./configure --spooldir /var/lib/qmailscan --qmaildir /var/qmail --bindir /var/qmail/bin --qmail-queue-binary /var/qmail/bin/qmail-queue  --admin postmaster --domain lanxuan.com --notify none --silent-viruses auto --lang de_DE --debug 1 --unzip 0 --add-dscr-hdrs 0 --archive 1 --redundant no --log-details --fix-mime 1  --scanners "verbose_spamassassin" --install 1
Building Qmail-Scanner 1.23...


                ***** NOTE ******

Qmail-Scanner doesn't have language translations for zh_CN.GB18030,
- so defaulting to english...

[Hit <RETURN> to continue]



This script will search your system for the virus scanners it knows
about, and will ensure that all external programs
qmail-scanner-queue.pl uses are explicitly pathed for performance
reasons.

Continue? ([Y]/N)
Y

The following binaries and scanners were found on your system:

mimeunpacker=/usr/local/bin/reformime
unzip=/usr/bin/unzip

Content/Virus Scanners installed on your System

verbose_spamassassin=/usr/bin/spamc

Qmail-Scanner details.

log-details=syslog
fix-mime=1
ignore-eol-check=0
debug=1
notify=none
redundant-scanning=no
archiving everything into /var/lib/qmailscan/archives/
[email protected]
local-domains='lanxuan.com'
silent-viruses='klez','bugbear','hybris','yaha','braid','nimda','tanatos','sobig','winevar','palyh','fizzer','gibe','cailont','lovelorn','swen','dumaru','sober','hawawi','holar-i','mimail','poffer','bagle','worm.galil','mydoom','worm.sco','tanx','novarg','\@mm'
scanners="verbose_spamassassin"

If that looks correct, I will now generate qmail-scanner-queue.pl
for your system...
Continue? ([Y]/N)
y
Testing suid nature of /usr/bin/perl...
Looks OK...
Hit RETURN to create initial directory structure under /var/lib/qmailscan,
and install qmail-scanner-queue.pl under /var/qmail/bin:
perlscanner: generate new DB file from /var/lib/qmailscan/quarantine-attachments.txt
perlscanner: total of 9 entries.

Finished installation of initial directory structure for Qmail-Scanner
under /var/lib/qmailscan and qmail-scanner-queue.pl under /var/qmail/bin.

Finished. Please read README(.html) and then go over the script
(/var/qmail/bin/qmail-scanner-queue.pl) to check paths/etc.

"/var/qmail/bin/qmail-scanner-queue.pl -r" should return some well-known virus
definitions to show that the internal perlscanner component is working.

That's it!



              ****** FINAL TEST ******

Please log into an unpriviledged account and run
/var/qmail/bin/qmail-scanner-queue.pl -g

If you see the error "Can't do setuid", or "Permission denied", then
refer to the FAQ.

(e.g.  "setuidgid qmaild /var/qmail/bin/qmail-scanner-queue.pl -g")


That's it! To report success:

   % (echo 'First M. Last'; cat SYSDEF)|mail [email protected]
Replace First M. Last with your name.
[root@rh9linux qmail-scanner-1.23]# cd contrib/
[root@rh9linux contrib]# ls
avpdeamon.init              qmail-scanner-queue.o  sub-sender-cache.pl
logging_first_80_chars.eml  qs2mrtg.pl             test-clamd.pl
logrotate.qmailscanner      rbl_scanner.txt        test_installation.sh
Makefile                    reformime-test.eml     test-sophie.pl
mrtg-qmail-scanner.cfg      spamc-nasty.eml        test-trophie.pl
qmail-scanner-queue         spamc-nice.eml         vpopmail-issues.eml
qmail-scanner-queue.c       sub-avpdaemon.pl       ziptest.zip
[root@rh9linux contrib]# ./test_installation.sh -doit
QMAILQUEUE was not set, defaulting to /var/qmail/bin/qmail-scanner-queue.pl for this test...

Sending standard test message - no viruses...
done!

Sending eicar test virus - should be caught by perlscanner module...
done!

Sending eicar test virus with altered filename - should only be caught by commercial anti-virus modules (if you have any)...

Sending bad spam message for anti-spam testing - In case you are using SpamAssassin...
Done!

Finished test. Now go and check Email for [email protected]

我也在[email protected]发现3封邮件；）

岚轩

这个应该是警告信吧？





居然还有广告？

gugong

你的 qmail-scanner-queue.pl 里面没有杀毒引擎

岚轩

[quote:c26f3ffd8f="gugong"]你的 qmail-scanner-queue.pl 里面没有杀毒引擎[/quote]

其实qmail-scanner只是自己没有监测到CLAMV已经运行，早再编译了一次QMAIL-SCANNER，之前先开启CLAMD、SPAMD，这样就都监测到了，现在OK啦，不过我仍然可以收到警告信的，似乎关系不大，另外，我用的这个免费东西好象至多查毒吧？

岚轩

不过我再次发了个测试的./test_installation.sh -doit
虽然没有报错，但是[email protected]里面没有警告信啊！就是那种说XXX的信有病毒的那种，看来现在最好找个有毒的邮件附件发到[email protected]试啦~