在 ubuntu 16.04 上使用 Exim 设置 spammassin 和 clamav

在 ubuntu 16.04 上使用 Exim 设置 spammassin 和 clamav

我一直在寻求有关使用 Exim 设置 Spammassassin 和 ClamAV 的帮助(在 ubuntu-16.04 上),但所有指南都过时了。有人可以分享他们的设置吗?

答案1

这些指南可能相当陈旧,但设置过程并没有真正改变。Exim4 规范包含一章关于ACL 时的内容扫描这应该可以帮你入门了。我认为你需要安装exim4-daemon-heavy才能进行扫描。

这是我的配置的摘录。我删除了一些研究功能。

安装完成后,clamav您需要取消注释主配置中的以下行:

av_scanner = clamd:/var/run/clamav/clamd.ctl

/etc/exim4/conf.d/main/02_exim4-config_options如果您使用拆分配置或者/etc/exim4/exim4.conf.template使用单一配置文件选项, 则会出现这种情况。

进行扫描的最简单方法是创建一个/etc/exim4/acls/40_local-config_check-data像这样的本地数据 acl。

# --------------------------------------------------------------------
# Anti-Virus scanning
# This requires an 'av_scanner' setting in the main section.

# Defer if we find malware
defer
  malware = */defer_ok retry=60

# --- BEGIN EXISCAN configuration ---
# Invoke SpamAssassin to obtain $spam_score and $spam_report.
# SA: log messages emulate sa-exim output for eximstats
#
# If the message is classified as spam, and we have not previously
# set $acl_m_sa to indicate that we want to accept it anyway,
# reject it.

# Add a spam flag
warn
  spam = mail:true
  add_header = X-Spam-Connect-Host: $sender_fullhost
  add_header = X-Spam-Mail-From: $sender_address
  add_header = X-Spam-Recipients: $recipients
  add_header = X-Spam-Flag: ${if >= {$spam_score_int}{SPAM_LIMIT}{YES}{NO}}
  add_header = X-Spam-Level: ${tr{$spam_bar}{+}{*}}

# Add headers for data we will be reporting
warn
  condition = ${if >= {$spam_score_int}{SPAM_REPORT}}
  add_header = X-Spam-Report: $spam_report

# New Subject for BACN and SPAM
warn
  condition = ${if >= {$spam_score_int}{SPAM_IS_HAM}}
  add_header = X-Spam-Subject: $h_Subject
  remove_header = Subject
  add_header = Subject: ${if < {$spam_score_int}{SPAM_IS_BACN} \
      {BACN}{SPAM}} $spam_score: $h_Subject

# Blackhole serious Spam
discard
  condition = ${if eq {$acl_m_sa}{canreject}}
  condition = ${if >= {$spam_score_int}{SPAM_BLACKHOLE}}
  message = Discard recipients for this message spam $spam_score.
  logwrite = SA: Action: Blackholed message: score=$spam_score. \
      From \<$sender_address\> $sender_fullhost for $recipients

# Deny Spam
deny
  condition = ${if eq {$acl_m_sa}{canreject}}
  condition = ${if >= {$spam_score_int}{SPAM_REJECT}}
  message = This message looks like spam $spam_score.
  logwrite = SA: Action: permanently rejected message: score=$spam_score. \
      From \<$sender_address\> $sender_fullhost for $recipients

您需要定义垃圾邮件限制值。这些值将输入/etc/exim4/conf.d/main/00_local_macros/etc/exim4/exim4.conf.localmacros取决于您使用的配置文件方法。

 # Spamassassin
SPAM_REPORT = -10
SPAM_IS_HAM = 25
SPAM_LIMIT = 35
SPAM_IS_BACN = 50
SPAM_REJECT = 100
SPAM_BLACKHOLE = 200

该变量acl_m_sa被设置为指示这是邮件管理员/滥用消息还是发送给用户的消息。这在包的说明中有记录sa-exim。您可能更喜欢使用sa-exim而不是EXISCAN上面的 ACL 部分。

答案2

    # order of lines matters
    warn
      spam = nobody:true #this line needed to define spam_score_int
      condition = ${if >{$spam_score_int}{60}{true}{false}} 
      add_header = X-Spam_score: $spam_score #this line must be after
      # to ensure X-Spam_score is only added when the condition is met
      # (lines before the condition are not subject to the condition)  
      add_header = X-Spam_bar: $spam_bar # this line subject to condition
      # spam_score_int = spam_score * 10 so 60 above corresponds to 6.0

相关内容