horas simalango wrote: > I am using sendmail as MTA, and I am looking for free anti virus. > About the milter, where can I download it? > > Thank you > > Horasima I don't think all of this is available via the the conventional centos mirrors but I'd bet they're on Dag's as well as a few others. find one you trust. I am pasting the following from this website http://www.be4mind.com/?q=node/190 I gave it a once over and it looks fairly complete. This write includes adding greylisting as well. PLEASE COPY CONFIGURATION FILE OPTIONS FROM THE ATTACHED DOCUMENT (NEWLINES PROBLEMS IN HTML) OTHERWISE SOMETHING COULD GO WRONG (EXPECIALLY WITH SENDMAIL). Follow these steps to try stopping sPaMmErs :) 1. CONFIGURING YUM REPOSITORIES [root at mailserver ~]# wget http://centos.karan.org/kbsingh-CentOS-Extras.repo [root at mailserver ~]# wget http://centos.karan.org/kbsingh-CentOS-Misc.repo [root at mailserver ~]# mv *.repo /etc/yum.repos.d/ [root at mailserver ~]# rpm --import http://centos.karan.org/RPM-GPG-KEY-karan.org.txt [root at mailserver ~]# wget http://dag.wieers.com/packages/rpmforge-release/rpmforge-release-0.3.6-1.el4.rf.i386.rpm [root at mailserver ~]# rpm -ivh rpmforge-release-0.3.6-1.el4.rf.i386.rpm 2. INSTALLING REQUIRED PACKAGES #FROM kbsingh [root at mailserver ~]# yum install milter-greylist spamassassin spamass-milter pyzor #FROM rpmforge [root at omafoligno ~]# yum install clamd.i386 Installed: clamd.i386 0:0.90.3-1.el4.rf Dependency Installed: clamav.i386 0:0.90.3-1.el4.rf clamav-db.i386 0:0.90.3-1.el4.rf Complete! [root at omafoligno mail]# yum install clamav-milter.i386 Installed: clamav-milter.i386 0:0.90.3-1.el4.rf Complete! 3. SENDMAIL CONFIGURATION -Backup your sendmail config files and edit sendmail.mc: [root at mailserver ~]# cd /etc/mail [root at mailserver mail]# cp sendmail.mc sendmail.mc.orig [root at mailserver mail]# mv sendmail.cf sendmail.cf.orig -Add the following line just before the two MAILER lines: [root at mailserver mail]# vi sendmail.mc [...] dnl #-------------------------------------------------------- dnl # ANTISPAM/VIRUS AND GREYLIST AND DNSBL dnl #-------------------------------------------------------- FEATURE(`dnsbl',`relays.ordb.org')dnl FEATURE(`dnsbl',`list.dsbl.org')dnl FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl INPUT_MAIL_FILTER(`greylist',`S=local:/var/lib/milter-greylist/run/milter-greylist.sock') define(`confMILTER_MACROS_CONNECT', `j, {if_addr}') define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}') define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}') INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter/spamass-milter.sock, F=,T=C:15m;S:4m;R:4m;E:10m')dnl INPUT_MAIL_FILTER(`clamav', `S=local:/var/clamav/clmilter.socket, F=T, T=S:4m;R:4m') dnl #-------------------------------------------------------- MAILER(smtp)dnl MAILER(procmail)dnl -Compile sendmail.mc: [root at mailserver mail]# m4 sendmail.mc > sendmail.cf 4. CONFIGURE SPAMASSASIN -There's a nice spamassasin configurator at: http://www.yrex.com/spam/spamconfig.php -Create your config file and put it in /etc/mail/spamassassin/local.cf [root at mailserver mail]# cp /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.orig [root at mailserver mail]# vi /etc/mail/spamassassin/local.cf --------------------------------------------------------------------------------- # SpamAssassin config file for version 3.x # NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6 # See http://www.yrex.com/spam/spamconfig25.php for earlier versions # Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50) # How many hits before a message is considered spam. required_score 3.0 # Change the subject of suspected spam rewrite_header subject *****SPAM***** # Encapsulate spam in an attachment (0=no, 1=yes, 2=safe) report_safe 1 # Enable the Bayes system use_bayes 1 # Enable Bayes auto-learning bayes_auto_learn 1 # Enable or disable network checks skip_rbl_checks 0 use_razor2 1 use_pyzor 1 # Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales en ## General Whitelist ## Be careful using "whitelist_from" can be easly forged by spammers, use ## trusted_networks combined with whitelist_from_rcvd instead #internal_networks 127.0.0.1 192.168.1.0/24 #trusted_networks 127.0.0.1 192.168.1.0/24 64.233.0.0/16 #whitelist_from_rcvd *@gmail.com *gmail.com,*google.com #whitelist_from matte at somedomain.com --------------------------------------------------------------------------------- 5. CONFIGURE CLAMAV: Make sure config files are enabled by editing them as follows: [root at mailserver mail]# vi /etc/freshclam.conf Comment or remove the line below. #Example [root at mailserver mail]# vi /etc/clamd.conf Comment or remove the line below. #Example Edit freshclam config file and remove or comment last line with FRESHCLAM_DELAY directive. Optionally run freshclam from the root console to check that everything works. Use the cron daemon to run freshclam. You have to add the following line to the crontab of root or clamav user: N * * * * /usr/local/bin/freshclam --quiet to check for a new database every hour. N should be a number between 3 and 57 of your choice. Don't choose any multiple of 10, because there are already too many clients using those time slots. 6. GREYLIST CONFIGURATION: Edit /etc/mail/greylist.conf and add your WAN/LAN address to the whitelist: addr 192.168.0.0/24 # (for example) Check new version of the servers which brake grey-list functionality for some reasons at: http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt Add GMail Servers to the whitelist: addr 64.233.0.0/16 # GMAIL Infact, it seems that GMail tries to resend the same email with multiple different ip addresses causing a large delay. You can change the `greylist` directive (default 30m which stands for 30 minutes of delay) and `dumpfreq` directive (interval for dumping the db file, 0 means at dump at every change) for your needs. 7. ENABLE SERVICES [root at mailserver mail]# chkconfig clamav-milter on [root at mailserver mail]# chkconfig clamd on [root at mailserver mail]# chkconfig milter-greylist on [root at mailserver mail]# chkconfig spamassassin on [root at mailserver mail]# chkconfig spamass-milter on [root at mailserver mail]# service clamd start Starting clamd: [ OK ] [root at mailserver mail]# service clamav-milter start Starting clamav-milter: [ OK ] [root at mailserver mail]# service milter-greylist start Starting Milter-Greylist: [ OK ] [root at mailserver mail]# service spamassassin start Starting spamd: [ OK ] [root at mailserver mail]# service spamass-milter start Starting SpamAssassin milter (spamass-milter): [ OK ] [root at mailserver mail]# /etc/init.d/sendmail restart Shutting down sendmail: [ OK ] Shutting down sm-client: [ OK ] Starting sendmail: [ OK ] Starting sm-client: [ OK ]