Qmail-scan+Mcafee VirusScan Command Line
¡¡¡¡qmail-scanµÄÍøÕ¾ http://qmail-scanner.sourceforge.net/£¬×îа汾1.22
¡¡¡¡ÐèÒªÒÀÀµµÄ³ÌÐò
¡¡¡¡reformime (À´×Ô Maildrop 1.3.8+ )
¡¡¡¡Perl 5.6.1
¡¡¡¡Perl module Time::HiRes
¡¡¡¡Perl module DB_File (¿ÉÄܲ»ÐèÒª»òÕßϵͳÒѾ´æÔÚ)
¡¡¡¡Perl module Sys::Syslog (¿ÉÄܲ»ÐèÒª»òÕßϵͳÒѾ´æÔÚ)
¡¡¡¡TNEF unpacker
¡¡¡¡ÕâÀï½éÉÜÊÖ¶¯°²×°£¬Ö÷ÒªÊDz»ÏëÖØбàÒëQmail¼ÓÈëQMAILQUEUE
¡¡¡¡°²×°Mcafee VirusScan Command Line,²¢ÇÒ½«uvscan lnµ½/usr/local/bin ºÍ .soÎļþlnµ½/usr/local/lib
¡¡¡¡tar zxf qmail-scanner-1.22.gz
¡¡¡¡cd qmail-scanner-1.22 |
¡¡¡¡ÅäÖÃqmail-scanner,·¾¶×Ô¶¨Òå,yourdomainÌ滻ΪÄãµÄÓòÃû,ÏêϸµÄ²Î¿´./configure --help
./configure --spooldir /mail/qmailscan --qmaildir
/mail/qmail --bindir /mail/qmail/bin --qmail-queue-binary
/mail/qmail/bin/qmail-queue.real --admin root
--domain yourdomain --notify recips --local-domains yourdomain
--silent-viruses auto --lang en_GB --debug no --unzip
1 --add-dscr-hdrs 0 --archive 0 --redundant no --log-details
0 --log-crypto 0 --fix-mime 2 --scanners "uvscan"
--ignore-eol-check 0 --no-QQ-check |
¡¡¡¡Ìí¼ÓÓû§ºÍ×é
pw groupadd qscand -g 65530
pw useradd qscand -g qscand -d /mail/qmailscan -s /nonexistent -u 65530 ¡¡¡¡´´½¨Ä¿Â¼
mkdir -p /mail/qmailscan
mkdir -p /mail/qmailscan/quarantine/tmp /mail/qmailscan/quarantine/cur
/mail/qmailscan/quarantine/new
mkdir -p /mail/qmailscan/working/tmp /mail/qmailscan/working/cur /mail/qmailscan/working/new
mkdir -p /mail/qmailscan/archive/tmp /mail/qmailscan/archive/cur /mail/qmailscan/archive/new ¡¡¡¡ |
¡¡¡¡¸´ÖÆÎļþ£¬ÉèÖÃȨÏÞ
cp quarantine-attachments.txt /mail/qmailscan/
chown -R qscand.qscand /mail/qmailscan/
cp qmail-scanner-queue.pl /mail/qmail/bin/qmail-scanner-queue.pl
chown qscand.qscand /mail/qmail/bin/qmail-scanner-queue.pl
chmod 4755 /mail/qmail/bin/qmail-scanner-queue.pl ¡¡¡¡³õʼ»¯qmail-scan,´úÌæqmail-queueÏȵ÷ÓÃ
/mail/qmail/bin/qmail-scanner-queue.pl -h
/mail/qmail/bin/qmail-scanner-queue.pl -z
/mail/qmail/bin/qmail-scanner-queue.pl -g
mv /mail/qmail/bin/qmail-queue /mail/qmail/bin/qmail-queue.real
ln -s /mail/qmail/bin/qmail-scanner-queue.pl /mail/qmail/bin/qmail-queue |
¡¡¡¡mcafee²¡¶¾¿â×Ô¶¯¸üнű¾update.sh, ·ÅÔÚuvscanĿ¼ÏÂÃæ
#!/bin/sh
install_directory=`dirname $0`
mkdir /tmp/dat-updates
cd /tmp/dat-updates
current_version=`$install_directory/uvscan
--version
| grep "Virus data file"
| awk '{ print substr($4,2,4) }'`
ftp "ftp://ftp.nai.com/pub/datfiles/english/dat-*.tar"
new_version=`echo dat-*.tar | awk '{ print substr($1,5,4) }'`
if [ "$current_version" -ge "$new_version" ]
then
echo "No new .DATs available at this time"
echo "Currently installed version: $current_version"
echo "Version on FTP site: $new_version"
else
tar -xf dat-*.tar
for file in `tar -tf dat-*.tar`
do
newfile=`echo $file | tr [A-Z] [a-z]`
mv -f ./$file "$install_directory/$newfile"
done
current_version=`$install_directory/uvscan
--version | grep "Virus data file" | awk '{ print substr($4,2,4) }'`
if [ ! "$current_version" -eq "$new_version" ]
then
echo "DAT file updates did not work correctly."
echo "Please try manually."
else
echo "DAT file updates successful"
echo "Currently installed version: $current_version"
fi
fi
cd /
rm -rf /tmp/dat-updates
chmod +x update.sh |
¡¡¡¡×ö¸öcrondÿ6Сʱ¸üÐÂÒ»´Î
0 */6 * * * /uvscan-path/update.sh
¡¡¡¡Èç¹ûÓʼþϵͳ¸ººÉºÜ´ó£¬¿ÉÒÔ¿¼ÂÇʹÓÃsophie+sophosÀ´×ö
¡¡¡¡sophieÄܹ»×÷Ϊһ¸ödaemon£¬½«²¡¶¾ÒýÇæºÍ²¡¶¾¿â×°ÔØÔÚÄÚ´æÖУ¬È»ºó´´½¨Ò»¸ösocket¹©ÆäËû³ÌÐòµ÷ÓÃ
¡¡¡¡ÒÔϼòÂÔ˵Ã÷Ò»ÏÂ
¡¡¡¡1.°²×°ºÃsophos£¬Ä¬ÈÏ·¾¶Îª /usr/local/sav
ln -s /usr/local/sav/libsavi.so /usr/local/sav/libsavi.so.3
ln -s /usr/local/sav/libsavi.so /usr/local/lib/libsavi.so.3 |
¡¡¡¡ÔËÐÐ./sweepÄܹ»Õý³£¸ø³ö²ÎÊýÐÅÏ¢
¡¡¡¡2.ÏÂÔØsophie£¬±àÒë,°²×°
./configure --prefix=/usr/local/sav/sophie --with-savilib=/usr/local/sav
make
mkdir /usr/local/sav/sophie
mkdir /usr/local/sav/sophie/bin
mkdir /usr/local/sav/sophie/etc
mkdir /usr/local/sav/sophie/var
cp sophie /usr/local/sav/sophie/bin
ln -s /usr/local/sav/sophie/bin/sophie /usr/local/bin/
cp etc/sophie.cfg etc/sophie.savi /usr/local/sav/sophie/etc
ln -s /usr/local/sav/sophie/etc/sophie.cfg /etc/ |
¡¡¡¡ÊÖ¶¯ÉèÖúÃ/usr/local/sav/sophie/etc ÏÂÃæµÄsophie.cfgºÍsophie.savi
¡¡¡¡×¢Òâsophie.cfgÀïÃæµÄÉèÖÃsophieÔËÐеÄÓû§ÓÃroot,×éÓÃqscand
¡¡¡¡sophie.savi¿ÉÒÔ½«ËùÓÐÀàÐ͵ļì²é¶¼´ò¿ª£¬ÀýÈçzip/rarÖ®ÀàµÄ
¡¡¡¡ÏÈÖ±½ÓÆô¶¯sophie, /usr/local/bin/sophie
¡¡¡¡3.ÖØÐÂÅäÖÃqmail-scanner
./configure --spooldir /mail/qmailscan --qmaildir
/mail/qmail --bindir /mail/qmail/bin --qmail-queue-binary
/mail/qmail/bin/qmail-queue.real --admin root --domain
yourdomain --notify recips --local-domains yourdomain
--silent-viruses auto --lang en_GB --debug no --unzip
1 --add-dscr-hdrs 0 --archive 0 --redundant no --log-details
0 --log-crypto 0 --fix-mime 1 --scanners "sophie"
--ignore-eol-check 0 --no-QQ-check.... |
¡¡¡¡ÒòΪsophieÄܹ»Ö±½Ó¼ì²ézipµÈ£¬¿ÉÒÔ½«qmail-scannerÀïÃæ¹ØÓÚzip/tnefÕâЩµÄ±äÁ¿ÖµÉèΪ¿Õ
¡¡¡¡ÀýÈçmy $unzip_binary='';
¡¡¡¡4.Ò»Çй¤×÷Õý³££¬¾Í¿ÉÒÔ½«sophie·ÅÈëºǫ́ÔËÐÐ
sophie -D
¡¡¡¡5.¹ØÓÚ²¡¶¾¿â¸üÐÂ
¡¡¡¡ÔÚ http://www.sophos.com/downloads/ide
¡¡¡¡ÕÒµ½¶ÔÓ¦ÄãµÄsophosµÄ°æ±¾µÄideµÄ¸üÐÂÏÂÔØURL£¬ÎÒµÄÊÇ3.80Ϊ
http://www.sophos.com/downloads/ide/380_ides.zip
¡¡¡¡Ð´¸öscript×Ô¶¯¸üÐÂ
¡¡¡¡ÓйØsophie£¬²Î¼û¡£
¡¡¡¡http://www.vanja.com/tools/sophie/
¡¡¡¡²¢ÇÒÔĶÁqmail-scannerµÄFAQ¡£
¡¡¡¡ÁíÍ⣬qmail-scanner½¨ÒéʹÓÃdaemontoolsÀ´ÔËÐÐsophie¡£
¡¡¡¡ÓÃÓÚÏÞÖÆsophieµÄ×ÊԴʹÓúͼì²ésophie daemonÊÇ·ñ»¹»î×Å¡£
¡¡¡¡ÁíÍ⣬·¢ÏÖ±ØÐëÓÃperl 5.6²ÅÄÜÅÜÆðÀ´ qmail-scanner ²»ÖªµÀÊDz»ÊÇRPWT¡£