clamAV, amavisd-new をyum-リポジトリrpmforgeでインストール
December 5, 2012 – 12:43 amMail Serverのウィルス対策用ツール、clamAVがoutdateとのメッセージがlogwatchにでていた。これを最新版に更新するための作業を行なった。更新にあたっては、従来使用していたyumリポジトリepelに代え、rpmforgeを使ってインストールしなおした。
インストール時の一連の関連作業をメモしておいた。
更新前の状態: 今回の更新作業前のclamAV, amavisd-newは、yumリポジトリepelを用いてインストールしている。その際のインストール作業記録は、「Scientific Linux 6.1 で自宅サーバー再構築(その4)」に記述している。今回のyum リポジトリrpmforgeを使ったインストール記録は、そのなかの「ウィルス対策のためのclamav,amavisd-newのインストールと設定」に対応、置き換わる。
なお、以下に記述するインストール作業に先立って、該当するパッケージのアンインストール作業を行っている。アンインストールは以下のコマンドにより実行:
# yum remove clam\* # yum remove amavis\*
yum リポジトリ rpmforgeを用いたclamav, amavisd-newのインストールと設定:
(1) clamav の yum install
[root@ ~]# yum --enablerepo=rpmforge install clam\* Loaded plugins: refresh-packagekit, security rpmforge | 1.9 kB 00:00 Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package clamav.x86_64 0:0.97.6-1.el6.rf will be installed ---> Package clamav-db.x86_64 0:0.97.6-1.el6.rf will be installed ---> Package clamav-devel.x86_64 0:0.97.6-1.el6.rf will be installed ---> Package clamav-milter.x86_64 0:0.97.6-1.el6.rf will be installed ---> Package clamd.x86_64 0:0.97.6-1.el6.rf will be installed ---> Package clamtk.noarch 0:4.25-1.el6.rf will be installed --> Processing Dependency: perl(Locale::gettext) for package: clamtk-4.25-1.el6.rf.noarch --> Processing Dependency: perl(Glib) for package: clamtk-4.25-1.el6.rf.noarch --> Processing Dependency: perl(File::Find::Rule) for package: clamtk-4.25-1.el6.rf.noarch --> Processing Dependency: perl(Gtk2::SimpleList) for package: clamtk-4.25-1.el6.rf.noarch --> Processing Dependency: perl(Gtk2) for package: clamtk-4.25-1.el6.rf.noarch --> Processing Dependency: perl(Date::Calc) for package: clamtk-4.25-1.el6.rf.noarch --> Running transaction check ---> Package perl-Date-Calc.noarch 0:6.3-2.el6 will be installed --> Processing Dependency: perl(Bit::Vector) >= 7.1 for package: perl-Date-Calc-6.3-2.el6.noarch --> Processing Dependency: perl(Carp::Clan) for package: perl-Date-Calc-6.3-2.el6.noarch --> Processing Dependency: perl(Bit::Vector) for package: perl-Date-Calc-6.3-2.el6.noarch ---> Package perl-File-Find-Rule.noarch 0:0.30-9.el6 will be installed --> Processing Dependency: perl(Text::Glob) for package: perl-File-Find-Rule-0.30-9.el6.noarch --> Processing Dependency: perl(Number::Compare) for package: perl-File-Find-Rule-0.30-9.el6.noarch ---> Package perl-Glib.x86_64 0:1.222-1.el6.rf will be installed ---> Package perl-Gtk2.x86_64 0:1.221-1.el6.rf will be installed --> Processing Dependency: perl(Pango) for package: perl-Gtk2-1.221-1.el6.rf.x86_64 ---> Package perl-gettext.x86_64 0:1.05-1.el6.rf will be installed --> Running transaction check ---> Package perl-Bit-Vector.x86_64 0:7.1-2.el6 will be installed ---> Package perl-Carp-Clan.noarch 0:6.03-2.el6 will be installed ---> Package perl-Number-Compare.noarch 0:0.01-13.el6 will be installed ---> Package perl-Pango.x86_64 0:1.221-1.el6.rf will be installed ---> Package perl-Text-Glob.noarch 0:0.08-7.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ========================================================================================================= Package Arch Version Repository Size ========================================================================================================= Installing: clamav x86_64 0.97.6-1.el6.rf rpmforge 2.0 M clamav-db x86_64 0.97.6-1.el6.rf rpmforge 34 M clamav-devel x86_64 0.97.6-1.el6.rf rpmforge 8.0 k clamav-milter x86_64 0.97.6-1.el6.rf rpmforge 73 k clamd x86_64 0.97.6-1.el6.rf rpmforge 151 k clamtk noarch 4.25-1.el6.rf rpmforge 68 k Installing for dependencies: perl-Bit-Vector x86_64 7.1-2.el6 sl 168 k perl-Carp-Clan noarch 6.03-2.el6 sl 24 k perl-Date-Calc noarch 6.3-2.el6 sl 208 k perl-File-Find-Rule noarch 0.30-9.el6 sl 31 k perl-Glib x86_64 1.222-1.el6.rf rpmforge 697 k perl-Gtk2 x86_64 1.221-1.el6.rf rpmforge 3.0 M perl-Number-Compare noarch 0.01-13.el6 sl 8.0 k perl-Pango x86_64 1.221-1.el6.rf rpmforge 339 k perl-Text-Glob noarch 0.08-7.el6 sl 9.9 k perl-gettext x86_64 1.05-1.el6.rf rpmforge 44 k Transaction Summary ========================================================================================================= Install 16 Package(s) Total download size: 41 M Installed size: 60 M Is this ok [y/N]: y Downloading Packages: (1/16): clamav-0.97.6-1.el6.rf.x86_64.rpm | 2.0 MB 00:12 (2/16): clamav-db-0.97.6-1.el6.rf.x86_64.rpm | 34 MB 02:57 (3/16): clamav-devel-0.97.6-1.el6.rf.x86_64.rpm | 8.0 kB 00:00 (4/16): clamav-milter-0.97.6-1.el6.rf.x86_64.rpm | 73 kB 00:01 (5/16): clamd-0.97.6-1.el6.rf.x86_64.rpm | 151 kB 00:01 (6/16): clamtk-4.25-1.el6.rf.noarch.rpm | 68 kB 00:00 (7/16): perl-Bit-Vector-7.1-2.el6.x86_64.rpm | 168 kB 00:01 (8/16): perl-Carp-Clan-6.03-2.el6.noarch.rpm | 24 kB 00:00 (9/16): perl-Date-Calc-6.3-2.el6.noarch.rpm | 208 kB 00:01 (10/16): perl-File-Find-Rule-0.30-9.el6.noarch.rpm | 31 kB 00:00 (11/16): perl-Glib-1.222-1.el6.rf.x86_64.rpm | 697 kB 00:04 (12/16): perl-Gtk2-1.221-1.el6.rf.x86_64.rpm | 3.0 MB 00:12 (13/16): perl-Number-Compare-0.01-13.el6.noarch.rpm | 8.0 kB 00:00 (14/16): perl-Pango-1.221-1.el6.rf.x86_64.rpm | 339 kB 00:02 (15/16): perl-Text-Glob-0.08-7.el6.noarch.rpm | 9.9 kB 00:00 (16/16): perl-gettext-1.05-1.el6.rf.x86_64.rpm | 44 kB 00:00 --------------------------------------------------------------------------------------------------------- Total 190 kB/s | 41 MB 03:41 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : perl-Glib-1.222-1.el6.rf.x86_64 1/16 Installing : clamav-db-0.97.6-1.el6.rf.x86_64 2/16 Installing : clamav-0.97.6-1.el6.rf.x86_64 3/16 Installing : perl-Carp-Clan-6.03-2.el6.noarch 4/16 Installing : perl-Bit-Vector-7.1-2.el6.x86_64 5/16 Installing : perl-Date-Calc-6.3-2.el6.noarch 6/16 Installing : clamd-0.97.6-1.el6.rf.x86_64 7/16 Installing : perl-Pango-1.221-1.el6.rf.x86_64 8/16 Installing : perl-Gtk2-1.221-1.el6.rf.x86_64 9/16 Installing : perl-Text-Glob-0.08-7.el6.noarch 10/16 Installing : perl-Number-Compare-0.01-13.el6.noarch 11/16 Installing : perl-File-Find-Rule-0.30-9.el6.noarch 12/16 Installing : perl-gettext-1.05-1.el6.rf.x86_64 13/16 Installing : clamtk-4.25-1.el6.rf.noarch 14/16 Installing : clamav-milter-0.97.6-1.el6.rf.x86_64 15/16 Installing : clamav-devel-0.97.6-1.el6.rf.x86_64 16/16 Verifying : clamav-devel-0.97.6-1.el6.rf.x86_64 1/16 Verifying : clamtk-4.25-1.el6.rf.noarch 2/16 Verifying : perl-Carp-Clan-6.03-2.el6.noarch 3/16 Verifying : perl-File-Find-Rule-0.30-9.el6.noarch 4/16 Verifying : perl-Bit-Vector-7.1-2.el6.x86_64 5/16 Verifying : perl-gettext-1.05-1.el6.rf.x86_64 6/16 Verifying : clamav-0.97.6-1.el6.rf.x86_64 7/16 Verifying : perl-Number-Compare-0.01-13.el6.noarch 8/16 Verifying : clamav-milter-0.97.6-1.el6.rf.x86_64 9/16 Verifying : perl-Gtk2-1.221-1.el6.rf.x86_64 10/16 Verifying : perl-Text-Glob-0.08-7.el6.noarch 11/16 Verifying : clamd-0.97.6-1.el6.rf.x86_64 12/16 Verifying : perl-Pango-1.221-1.el6.rf.x86_64 13/16 Verifying : perl-Date-Calc-6.3-2.el6.noarch 14/16 Verifying : perl-Glib-1.222-1.el6.rf.x86_64 15/16 Verifying : clamav-db-0.97.6-1.el6.rf.x86_64 16/16 Installed: clamav.x86_64 0:0.97.6-1.el6.rf clamav-db.x86_64 0:0.97.6-1.el6.rf clamav-devel.x86_64 0:0.97.6-1.el6.rf clamav-milter.x86_64 0:0.97.6-1.el6.rf clamd.x86_64 0:0.97.6-1.el6.rf clamtk.noarch 0:4.25-1.el6.rf Dependency Installed: perl-Bit-Vector.x86_64 0:7.1-2.el6 perl-Carp-Clan.noarch 0:6.03-2.el6 perl-Date-Calc.noarch 0:6.3-2.el6 perl-File-Find-Rule.noarch 0:0.30-9.el6 perl-Glib.x86_64 0:1.222-1.el6.rf perl-Gtk2.x86_64 0:1.221-1.el6.rf perl-Number-Compare.noarch 0:0.01-13.el6 perl-Pango.x86_64 0:1.221-1.el6.rf perl-Text-Glob.noarch 0:0.08-7.el6 perl-gettext.x86_64 0:1.05-1.el6.rf Complete!
(2) amavisd-new のyum instll
[root@ ~]# yum install --enablerepo=rpmforge amavis\* Loaded plugins: refresh-packagekit, security Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package amavisd-new.x86_64 0:2.6.6-3.el6.rf will be installed ---> Package amavisd-new-snmp.x86_64 0:2.6.6-3.el6.rf will be installed --> Finished Dependency Resolution Dependencies Resolved ========================================================================================================= Package Arch Version Repository Size ========================================================================================================= Installing: amavisd-new x86_64 2.6.6-3.el6.rf rpmforge 745 k amavisd-new-snmp x86_64 2.6.6-3.el6.rf rpmforge 17 k Transaction Summary ========================================================================================================= Install 2 Package(s) Total download size: 762 k Installed size: 2.7 M Is this ok [y/N]: y Downloading Packages: (1/2): amavisd-new-2.6.6-3.el6.rf.x86_64.rpm | 745 kB 00:04 (2/2): amavisd-new-snmp-2.6.6-3.el6.rf.x86_64.rpm | 17 kB 00:00 --------------------------------------------------------------------------------------------------------- Total 119 kB/s | 762 kB 00:06 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : amavisd-new-2.6.6-3.el6.rf.x86_64 1/2 Installing : amavisd-new-snmp-2.6.6-3.el6.rf.x86_64 2/2 Verifying : amavisd-new-2.6.6-3.el6.rf.x86_64 1/2 Verifying : amavisd-new-snmp-2.6.6-3.el6.rf.x86_64 2/2 Installed: amavisd-new.x86_64 0:2.6.6-3.el6.rf amavisd-new-snmp.x86_64 0:2.6.6-3.el6.rf Complete!
(3) clamd, amavisd-new 導入にかかわる設定
(3-1) /etc/clamd.confの編集
インストール時の設定ファイルをそのまま使用
(3-2) /etc/amavisd.confの編集
domain, hostnameをサーバーに対応するものに変更(我が自宅サーバーのドメイン名、ホスト名をそのまま示していることに注意)
$mydomain = 'yamasnet.com'; # a convenient default for other settings $myhostname = 'yamasserver01.yamasnet.com'; # must be a fully-qualified domain name!virusと判定されたメイルをReject, spamと判定されたものは、そのままclient側におくるよう設定
$final_virus_destiny = D_REJECT; $final_spam_destiny = D_PASS;@av_scanners のなかのClamAv-clamdの設定部をコメントアウトし、ソケット名をclamd.confで指定したもの(/var/run/clamav/clamd.sock)と一致させる
@av_scanners = ( # ### http://www.clamav.net/ ['ClamAV-clamd', \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"], qr/\bOK$/m, qr/\bFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
(3-3) /etc/postfix/master.cf の編集
最終行に以下を追加(SL6再構成時の時点とは最終の3行が追加されていることに注意)
smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
Mailサーバーの起動と自動起動: 以上で関連モジュールのインストール設定を終了したところで、サーバーの起動ならびに自動起動の設定を行う。
SL6に導入した部分と同様
1 Trackback(s)