「ウィルスとスパムに強いメールサーバを作る!」と言うわけで postfix+amavisd-new+clamd+postgrey をCentOS5.0で動かしてみる。postfixは定番のMTAだから話すことも無いんだけど、 amavisd-new+clamd+postgrey は俺が好きで使ってる。
インスコ環境)
マシン:Dellサーバ専用機 PowerEdge SC430
OS:CentOS5.0
注:postfixは既に入っている環境として説明を行う。
1.セットアップの準備
初っぱなにサードパーティリポジトリ追加。
[root@ns2 /]# cd /etc/yum.repos.d
ファイル名は何でも良い。編集して以下青字部分を追加。
[root@ns2 yum.repos.d]# vi /etc/yum.repos.d/Third.repo
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
GPGキーのインストール。RPM の署名を検証のためのキー設定。
[root@ns2 yum.repos.d]# rpm –import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt ←実際は一行で
一応、更新パッケージチェックしてみる。
[root@ns2 yum.repos.d]# yum check-update
あれば、パッケージ更新。
[root@ns2 yum.repos.d]# yum update
念のため開発環境を整える(インストールしたてのCentOS5の場合)。
[root@ns2 yum.repos.d]# yum install gcc-c++ gcc-java gcc-objc gcc4 gcc4-c++ autoconf libtool automake bison flex ncurses-devel
2.yumでインスコ
1)ウィルススキャナマネージャ amavisd-new のインスコ
[root@ns2 yum.repos.d]# yum install amavisd-new
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
–> Populating transaction set with selected packages. Please wait.
—> Package amavisd-new.i386 0:2.4.5-1.el5.rf set to be updated
–> Running transaction check
–> Processing Dependency: unrar >= 2.71 for package: amavisd-new
–> Processing Dependency: ncompress for package: amavisd-new
–> Processing Dependency: perl(Net::Server) >= 0.87 for package: amavisd-new
–> Processing Dependency: perl(Digest::SHA1) for package: amavisd-new
–> Processing Dependency: arc >= 5.21e for package: amavisd-new
–> Processing Dependency: zoo >= 2.10 for package: amavisd-new
–> Processing Dependency: perl(Net::DNS) for package: amavisd-new
–> Processing Dependency: perl(Unix::Syslog) for package: amavisd-new
–> Processing Dependency: perl(Archive::Tar) for package: amavisd-new
–> Processing Dependency: perl(Archive::Zip) >= 1.14 for package: amavisd-new
–> Processing Dependency: perl(Mail::SpamAssassin) for package: amavisd-new
–> Processing Dependency: unarj for package: amavisd-new
–> Processing Dependency: perl(Digest::HMAC) for package: amavisd-new
–> Processing Dependency: cabextract for package: amavisd-new
–> Processing Dependency: perl(Net::Server) >= 0.93 for package: amavisd-new
–> Processing Dependency: ripole for package: amavisd-new
–> Processing Dependency: nomarch >= 1.2 for package: amavisd-new
–> Processing Dependency: freeze for package: amavisd-new
–> Processing Dependency: perl(Net::Server::PreForkSimple) for package: amavisd-new
–> Processing Dependency: lzop for package: amavisd-new
–> Processing Dependency: perl(BerkeleyDB) for package: amavisd-new
–> Processing Dependency: perl(Convert::UUlib) for package: amavisd-new
–> Restarting Dependency Resolution with new changes.
–> Populating transaction set with selected packages. Please wait.
—> Package perl-Convert-UUlib.i386 0:1.051-1.2.el5.rf set to be updated
—> Package perl-Unix-Syslog.i386 0:0.100-1.2.el5.rf set to be updated
—> Package perl-Net-DNS.i386 0:0.59-1.fc6 set to be updated
—> Package ncompress.i386 0:4.2.4-47 set to be updated
—> Package ripole.i386 0:0.2.0-1.2.el5.rf set to be updated
—> Package zoo.i386 0:2.10-2.2.el5.rf set to be updated
—> Package nomarch.i386 0:1.4-1.el5.rf set to be updated
—> Package unarj.i386 0:2.63-0.a.2.el5.rf set to be updated
—> Package lzop.i386 0:1.01-2.el5.rf set to be updated
—> Package perl-Digest-HMAC.noarch 0:1.01-15 set to be updated
—> Package perl-Archive-Tar.noarch 0:1.30-1.fc6 set to be updated
—> Package spamassassin.i386 0:3.1.8-2.el5 set to be updated
—> Package perl-Archive-Zip.noarch 0:1.16-1.2.1 set to be updated
—> Package cabextract.i386 0:1.2-1.el5.rf set to be updated
—> Package unrar.i386 0:3.7.4-1.el5.rf set to be updated
—> Package perl-Net-Server.noarch 0:0.95-1.el5.rf set to be updated
—> Package freeze.i386 0:2.5.0-1.2.el5.rf set to be updated
—> Package perl-Digest-SHA1.i386 0:2.11-1.2.1 set to be updated
—> Package arc.i386 0:5.21o-1.el5.rf set to be updated
—> Package perl-BerkeleyDB.i386 0:0.31-1.el5.rf set to be updated
–> Running transaction check
–> Processing Dependency: perl(Net::IP) for package: perl-Net-DNS
–> Processing Dependency: perl(IO::Socket::INET6) for package: spamassassin
–> Processing Dependency: perl(IO::Zlib) for package: perl-Archive-Tar
–> Processing Dependency: liblzo.so.1 for package: lzop
–> Restarting Dependency Resolution with new changes.
–> Populating transaction set with selected packages. Please wait.
—> Package perl-IO-Socket-INET6.noarch 0:2.51-2.fc6 set to be updated
—> Package perl-IO-Zlib.noarch 0:1.04-4.2.1 set to be updated
—> Package lzo.i386 0:1.08-4.2.el5.rf set to be updated
—> Package perl-Net-IP.noarch 0:1.25-2.fc6 set to be updated
–> Running transaction check
–> Processing Dependency: perl(Socket6) for package: perl-IO-Socket-INET6
–> Restarting Dependency Resolution with new changes.
–> Populating transaction set with selected packages. Please wait.
—> Package perl-Socket6.i386 0:0.19-3.fc6 set to be updated
–> Running transaction check
Dependencies Resolved
===================================================================
Package Arch Version Repository Size
===================================================================
Installing:
amavisd-new i386 2.4.5-1.el5.rf dag 627 k
Installing for dependencies:
arc i386 5.21o-1.el5.rf dag 63 k
cabextract i386 1.2-1.el5.rf dag 47 k
freeze i386 2.5.0-1.2.el5.rf dag 23 k
lzo i386 1.08-4.2.el5.rf dag 143 k
lzop i386 1.01-2.el5.rf dag 47 k
ncompress i386 4.2.4-47 base 23 k
nomarch i386 1.4-1.el5.rf dag 18 k
perl-Archive-Tar noarch 1.30-1.fc6 base 47 k
perl-Archive-Zip noarch 1.16-1.2.1 base 138 k
perl-BerkeleyDB i386 0.31-1.el5.rf dag 225 k
perl-Convert-UUlib i386 1.051-1.2.el5.rf dag 305 k
perl-Digest-HMAC noarch 1.01-15 base 12 k
perl-Digest-SHA1 i386 2.11-1.2.1 base 48 k
perl-IO-Socket-INET6 noarch 2.51-2.fc6 base 13 k
perl-IO-Zlib noarch 1.04-4.2.1 base 15 k
perl-Net-DNS i386 0.59-1.fc6 base 215 k
perl-Net-IP noarch 1.25-2.fc6 base 31 k
perl-Net-Server noarch 0.95-1.el5.rf dag 150 k
perl-Socket6 i386 0.19-3.fc6 base 22 k
perl-Unix-Syslog i386 0.100-1.2.el5.rf dag 48 k
ripole i386 0.2.0-1.2.el5.rf dag 47 k
spamassassin i386 3.1.8-2.el5 updates 921 k
unarj i386 2.63-0.a.2.el5.rf dag 19 k
unrar i386 3.7.4-1.el5.rf dag 111 k
zoo i386 2.10-2.2.el5.rf dag 71 k
Transaction Summary
===================================================================
Install 26 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 3.3 M
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: perl-Digest-SHA1 ####################### [ 1/26]
Installing: perl-Digest-HMAC ####################### [ 2/26]
Installing: unrar ####################### [ 3/26]
Installing: cabextract ####################### [ 4/26]
Installing: ripole ####################### [ 5/26]
Installing: perl-Unix-Syslog ####################### [ 6/26]
Installing: perl-BerkeleyDB ####################### [ 7/26]
Installing: zoo ####################### [ 8/26]
Installing: perl-Net-IP ####################### [ 9/26]
Installing: perl-Net-DNS ####################### [10/26]
Installing: lzo ####################### [11/26]
Installing: lzop ####################### [12/26]
Installing: perl-IO-Zlib ####################### [13/26]
Installing: perl-Archive-Tar ####################### [14/26]
Installing: arc ####################### [15/26]
Installing: perl-Convert-UUlib ####################### [16/26]
Installing: perl-Socket6 ####################### [17/26]
Installing: perl-IO-Socket-INET6 ####################### [18/26]
Installing: spamassassin ####################### [19/26]
Installing: freeze ####################### [20/26]
Installing: nomarch ####################### [21/26]
Installing: perl-Archive-Zip ####################### [22/26]
Installing: perl-Net-Server ####################### [23/26]
Installing: unarj ####################### [24/26]
Installing: ncompress ####################### [25/26]
id: clamav: No such user
usermod: user clamav does not exist
Installing: amavisd-new ####################### [26/26]
Installed: amavisd-new.i386 0:2.4.5-1.el5.rf
Dependency Installed: arc.i386 0:5.21o-1.el5.rf cabextract.i386 0:1.2-1.el5.rf freeze.i386 0:2.5.0-
1.2.el5.rf lzo.i386 0:1.08-4.2.el5.rf lzop.i386 0:1.01-2.el5.rf ncompress.i386 0:4.2.4-47 nomarch.i386
0:1.4-1.el5.rf perl-Archive-Tar.noarch 0:1.30-1.fc6 perl-Archive-Zip.noarch 0:1.16-1.2.1
perl-BerkeleyDB.i386 0:0.31-1.el5.rf perl-Convert-UUlib.i386 0:1.051-1.2.el5.rf perl-Digest-
HMAC.noarch 0:1.01-15 perl-Digest-SHA1.i386 0:2.11-1.2.1 perl-IO-Socket-INET6.noarch
0:2.51-2.fc6 perl-IO-Zlib.noarch 0:1.04-4.2.1 perl-Net-DNS.i386 0:0.59-1.fc6 perl-Net-IP.noarch
0:1.25-2.fc6 perl-Net-Server.noarch 0:0.95-1.el5.rf perl-Socket6.i386 0:0.19-3.fc6 perl-Unix-Syslog.i386
0:0.100-1.2.el5.rf ripole.i386 0:0.2.0-1.2.el5.rf spamassassin.i386 0:3.1.8-2.el5 unarj.i386 0:2.63-0.a.2.el5.rf
unrar.i386 0:3.7.4-1.el5.rf zoo.i386 0:2.10-2.2.el5.rf
Complete!
2)ウィルススキャナ clamav のインスコ
[root@ns2 yum.repos.d]# yum install clamd
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
–> Populating transaction set with selected packages. Please wait.
—> Downloading header for clamd to pack into transaction set.
clamd-0.90.2-1.el5.rf.i38 100% |=========================| 6.1 kB 00:00
—> Package clamd.i386 0:0.90.2-1.el5.rf set to be updated
–> Running transaction check
–> Processing Dependency: clamav = 0.90.2-1.el5.rf for package: clamd
–> Processing Dependency: libclamav.so.2 for package: clamd
–> Restarting Dependency Resolution with new changes.
–> Populating transaction set with selected packages. Please wait.
—> Downloading header for clamav to pack into transaction set.
clamav-0.90.2-1.el5.rf.i3 100% |=========================| 9.4 kB 00:01
—> Package clamav.i386 0:0.90.2-1.el5.rf set to be updated
–> Running transaction check
–> Processing Dependency: clamav-db = 0.90.2-1.el5.rf for package: clamav
–> Restarting Dependency Resolution with new changes.
–> Populating transaction set with selected packages. Please wait.
—> Downloading header for clamav-db to pack into transaction set.
clamav-db-0.90.2-1.el5.rf 100% |=========================| 3.7 kB 00:00
—> Package clamav-db.i386 0:0.90.2-1.el5.rf set to be updated
–> Running transaction check
Dependencies Resolved
===================================================================
Package Arch Version Repository Size
===================================================================
Installing:
clamd i386 0.90.2-1.el5.rf dag 81 k
Installing for dependencies:
clamav i386 0.90.2-1.el5.rf dag 1.0 M
clamav-db i386 0.90.2-1.el5.rf dag 9.1 M
Transaction Summary
===================================================================
Install 3 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 10 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): clamd-0.90.2-1.el5 100% |=========================| 81 kB 00:02
(2/3): clamav-0.90.2-1.el 100% |=========================| 1.0 MB 00:48
(3/3): clamav-db-0.90.2-1 100% |=========================| 9.1 MB 08:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: clamav-db ######################### [1/3]
Installing: clamav ######################### [2/3]
Installing: clamd ######################### [3/3]
Installed: clamd.i386 0:0.90.2-1.el5.rf
Dependency Installed: clamav.i386 0:0.90.2-1.el5.rf clamav-db.i386 0:0.90.2-1.el5.rf
Complete!
3)スパム対策モジュール postgrey のインスコ
CentOS5.0から、postgreyが正式にCentOSパッケージとして登場。
[root@ns2 /]# yum install postgrey
Setting up Install Process
Setting up repositories
dag 100% |=========================| 1.1 kB 00:00
base 100% |=========================| 1.1 kB 00:00
updates 100% |=========================| 951 B 00:00
addons 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
–> Populating transaction set with selected packages. Please wait.
—> Downloading header for postgrey to pack into transaction set.postgrey-1.27-3.el5.rf.no 100% |=========================| 5.4 kB 00:00
—> Package postgrey.noarch 0:1.27-3.el5.rf set to be updated
–> Running transaction check
–> Processing Dependency: perl(IO::Multiplex) for package: postgrey
–> Restarting Dependency Resolution with new changes.
–> Populating transaction set with selected packages. Please wait.
—> Downloading header for perl-IO-Multiplex to pack into transaction set.perl-IO-Multiplex-1.08-3. 100% |=========================| 3.1 kB 00:00
—> Package perl-IO-Multiplex.noarch 0:1.08-3.el5.rf set to be updated
–> Running transaction check
Dependencies Resolved
===================================================================
Package Arch Version Repository Size
===================================================================
Installing:
postgrey noarch 1.27-3.el5.rf dag 40 k
Installing for dependencies:
perl-IO-Multiplex noarch 1.08-3.el5.rf dag 20 k
Transaction Summary
===================================================================
Install 2 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 60 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): postgrey-1.27-3.el 100% |=========================| 40 kB 00:01
(2/2): perl-IO-Multiplex- 100% |=========================| 20 kB 00:01
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: perl-IO-Multiplex ######################### [1/2]
Installing: postgrey # [2/2]warning: /etc/postfix/postgrey_whitelist_clients created as /etc/postfix/postgrey_whitelist_clientsrpmnew
Installing: postgrey # [2/2]warning: /etc/postfix/postgrey_whitelist_clients.local created as /etc/postfix/postgrey_whitelist_clients.local.rpmnew
Installing: postgrey # [2/2]warning: /etc/postfix/postgrey_whitelist_recipients created as /etc/postfix/postgrey_whitelist_recipients.rpmnew
Installing: postgrey ######################### [2/2]
Installed: postgrey.noarch 0:1.27-3.el5.rf
Dependency Installed: perl-IO-Multiplex.noarch 0:1.08-3.el5.rf
Complete!
3.clamdのセッティング
1)clamd.confの編集
[root@ns2 /]# vi /etc/clamd.conf
#Example ←コメントする
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 0
LogTime yes
LogSyslog yes
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /var/tmp
DatabaseDirectory /var/clamav
LocalSocket /var/run/clamav/clamd.sock
FixStaleSocket yes
TCPSocket 3310
TCPAddr 127.0.0.1
MaxConnectionQueueLength 30
MaxThreads 50
ReadTimeout 300
User clamav
AllowSupplementaryGroups yes
ScanPE yes
ScanELF yes
DetectBrokenExecutables yes
ScanOLE2 yes
ScanMail yes
ScanArchive yes
ArchiveMaxCompressionRatio 300
ArchiveBlockEncrypted no
ArchiveBlockMax no
2)freshclamのセッティング
ウィルス定義ファイルのアップデータの設定。
[root@ns2 /]# vi /etc/freshclam.conf
#Example ←コメントする
UpdateLogFile /var/log/clamav/freshclam.log
PidFile /var/run/clamav/freshclam.pid
AllowSupplementaryGroups yes
以降省略
3)エラーメッセージ
Apr 24 11:24:03 mail2 amavis[2675]: (02675-01) (!!)ask_av (ClamAV-clamd) FAILED-
unexpected result: /var/amavis/tmp/amavis-20070424T112403-02675/parts: lstat() failed. ERROR\n
Apr 24 11:24:03 mail2 amavis[2675]: (02675-01) (!!)WARN: all primary virus scanners failed,
considering backups
これを、yesにして許可しないと上記のようなエラーメッセージがlogに現れる。
AllowSupplementaryGroups yes
4.amavisd-newのセッティング
1)amavisd-newのサービスポート追加
[root@ns2 /]# vi /etc/services
省略
amavisd 10024/tcp # amavis service
smtp-amavis 10025/tcp # amavis smtp service
省略
2)amavisd.confの編集
[root@ns2 /]# vi /etc/amavisd.conf
use strict;
@bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code
$max_servers = 2; # num of pre-forked children (2..15 is common), -m
$daemon_user = “amavis”; # (no default; customary: vscan or amavis), -u
$daemon_group = “amavis”; # (no default; customary: vscan or amavis), -g
$mydomain = ‘xxxxxxxxxx.jp’; # a convenient default for other settings
$MYHOME = ‘/var/amavis’; # a convenient default for other settings, -H
$TEMPBASE = “$MYHOME/tmp”; # working directory, needs to exist, -T
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = “/var/virusmails”;
$db_home = “$MYHOME/db”; # dir for bdb nanny/cache/snmp databases, -D
@local_domains_maps = ( [“.$mydomain”] );
$log_level = 0; # verbosity 0..5, -d
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_facility = ‘mail’; # Syslog facility as a string
# e.g.: mail, daemon, user, local0, … local7
$syslog_priority = ‘debug’; # Syslog base (minimal) priority as a string,
# choose from: emerg, alert, crit, err, warning, notice, info, debug
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # listen on this local TCP port(s) (see $protocol)
$unix_socketname = “$MYHOME/amavisd.sock”; # amavisd-release or amavis-milter
# option(s) -p overrides $inet_socket_port and $unix_socketname
$interface_policy{‘SOCK’}=’AM.PDP-SOCK’; # only relevant with $unix_socketname
$policy_bank{‘AM.PDP-SOCK’} = { protocol=>’AM.PDP’ };
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add ‘spam detected’ headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 400*1024; # don’t waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
$virus_admin = “virusalert\@$mydomain”; # notifications recip.
$mailfrom_notify_admin = “virusalert\@$mydomain”; # notifications sender
$mailfrom_notify_recip = “virusalert\@$mydomain”; # notifications sender
$mailfrom_notify_spamadmin = “spam.police\@$mydomain”; # notifications sender
$mailfrom_to_quarantine = ”; # null return path; uses original sender if undef
@addr_extension_virus_maps = (‘virus’);
@addr_extension_banned_maps = (‘banned’);
@addr_extension_spam_maps = (‘spam’);
@addr_extension_bad_header_maps = (‘badh’);
$path = ‘/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin’;
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$sa_spam_subject_tag = ‘***SPAM*** ‘;
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
$defang_by_ccat{+CC_BADH.”,3″} = 1; # NUL or CR character in header
$defang_by_ccat{+CC_BADH.”,5″} = 1; # header line longer than 998 characters
$defang_by_ccat{+CC_BADH.”,6″} = 1; # header field syntax error
$myhostname = ‘ns2.xxxxxxxxxx.jp’; # must be a fully-qualified domain name!
$forward_method = ‘smtp:[127.0.0.1]:10025’; # set to undef with milter!
$notify_method = $forward_method
途中省略
[‘ClamAV-clamd’,
\&ask_daemon, [“CONTSCAN {}\n”, “/var/run/clamav/clamd.sock”],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
以下省略
3)グループの相互リンク
互いに、ユーザを参加させる。
[root@ns2 postfix]# vi /etc/group
省略
amavis:x:101:amavis,clamav
clamav:x:102:clamav,amavis
省略
4)テストする
デバッグモードで動かしてみる。
[root@ns2 postfix]# amavisd debug
Apr 23 13:44:03 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: starting. /usr/sbin/amavisd at
ns2.xxxxxxxxxx.jp amavisd-new-2.4.5 (20070130), Unicode aware, LANG=”C”
Apr 23 13:44:03 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: user=, EUID: 0 (0); group=,
EGID: 0 10 6 4 3 2 1 0 (0 10 6 4 3 2 1 0)
Apr 23 13:44:03 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Perl version 5.008008
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: 2007/04/23-13:44:04
Amavis (type Net::Server::PreForkSimple) starting! pid(21986)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: Binding to UNIX socket file /var/amavis/amavisd.sock using SOCK_STREAM
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: Setting gid to “101 101”
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: Setting uid to “101”
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: Setting up serialization via flock
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Amavis::Conf 2.078
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Archive::Tar 1.30
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Archive::Zip 1.16
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module BerkeleyDB 0.31
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Compress::Zlib 1.42
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Convert::TNEF 0.17
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Convert::UUlib 1.051
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Digest::MD5 2.36
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module MIME::Entity 5.420
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module MIME::Parser 5.420
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module MIME::Tools 5.420
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Mail::Header 1.74
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Mail::Internet 1.74
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Net::Cmd 2.26
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Net::SMTP 2.29
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Net::Server 0.95
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Time::HiRes 1.86
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Module Unix::Syslog 0.100
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Amavis::DB code loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Amavis::Cache code loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: SQL base code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: SQL::Log code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: SQL::Quarantine NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Lookup::SQL code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Lookup::LDAP code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: AM.PDP-in proto code loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: SMTP-in proto code loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Courier proto code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: SMTP-out proto code loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Pipe-out proto code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: BSMTP-out proto code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Local-out proto code loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: OS_Fingerprint code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: ANTI-VIRUS code loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: ANTI-SPAM code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: ANTI-SPAM-SA code NOT loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Unpackers code loaded
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found $file at /usr/bin/file
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No $dspam, not using it
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .mail
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .asc
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .uue
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .hqx
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .ync
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .F at /usr/bin/unfreeze
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .Z at /usr/bin/uncompress
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .gz at /usr/bin/gzip -d
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .gz (backup, not used)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .bz2 at /usr/bin/bzip2 -d
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .lzo at /usr/bin/lzop -d
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .rpm at /usr/bin/rpm2cpio
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .cpio at /usr/bin/pax
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .tar at /usr/bin/pax
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .tar (backup, not used)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .deb at /usr/bin/ar
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .zip
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .rar at /usr/bin/unrar
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .arj at /usr/bin/unarj
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .arc at /usr/bin/nomarch
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .zoo at /usr/bin/zoo
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .lha at /usr/bin/lha
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .cab at /usr/bin/cabextract
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No decoder for .tnef tried: tnef
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Internal decoder for .tnef
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found decoder for .exe at /usr/bin/unrar; /usr/bin/lha; /usr/bin/unarj
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Using primary internal av scanner code for
ClamAV-clamd
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: KasperskyLab AVP – aveclient
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: KasperskyLab AntiViral Toolkit Pro (AVP)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: KasperskyLab AVPDaemonClient
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: CentralCommand Vexira (new) vascan
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: Avira AntiVir
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: Command AntiVirus for
Linux
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: Symantec CarrierScan
via Symantec CommandLineScanner
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: Symantec AntiVirus
Scan Engine
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: F-Secure Antivirus for
Linux servers
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: CAI InoculateIT
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: CAI eTrust Antivirus
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: MkS_Vir for Linux
(beta)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: MkS_Vir daemon
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: ESET NOD32 for Linux
Mail servers
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: ESET NOD32 for Linux
File servers
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: Norman Virus Control
v5 / Linux
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: Panda Command
LineSecure 9 for Linux
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: NAI McAfee AntiVirus (uvscan)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: VirusBuster
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: CyberSoft VFind
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: avast! Antivirus
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: Ikarus AntiVirus
for Linux
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No primary av scanner: BitDefender
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Found secondary av scanner
ClamAV-clamscan at /usr/bin/clamscan
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No secondary av scanner:
FRISK F-Prot Antivirus
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No secondary av scanner:
Trend Micro FileScanner
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No secondary av scanner:
drweb – DrWeb Antivirus
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: No secondary av scanner:
Kaspersky Antivirus v5.5
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Creating db in
/var/amavis/db/; BerkeleyDB 0.31, libdb 4.3
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: Beginning prefork (2 processes)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: Starting “2” children
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21987]: Net::Server: Child Preforked (21987)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21988]: Net::Server: Child Preforked (21988)
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21987]: TIMING [total 6 ms] – bdb-open: 6 (100%)100, rundown: 0 (0%)100
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21988]: TIMING [total 5 ms] – bdb-open: 5 (100%)100, rundown: 0 (0%)100
Apr 23 13:44:04 ns2.xxxxxxxxxx.jp /usr/sbin/amavisd[21986]: Net::Server: Parent ready for children.
←ここでストップして行ったっきりになれば成功!
5.sasl2(smtp-auth)のセッティング
1)ユーザのアカウント登録
[root@ns2 postfix]# useradd -g users michiyoshi_hirono
[root@ns2 postfix]# passwd michiyoshi_hirono
Changing password for user michiyoshi_hirono.
New UNIX password:********
Retype new UNIX password:********
passwd: all authentication tokens updated successfully.
[root@ns2 postfix]# saslpasswd2 -c -u ns2.xxxxxxxxxx.jp michiyoshi_hirono
Password:********
Again (for verification):********
2)アカウント登録確認
[root@ns2 postfix]# sasldblistusers2
michiyoshi_hirono@ns2.xxxxxxxxxx.jp: userPassword
3)smtpd.confの編集
[root@ns2 postfix]# vi /usr/lib/sasl2/smtpd.conf
pwcheck_method: auxprop
mech_list: cram-md5
4)postfixにsasl2のデータベースの在処を知らせる
[root@ns2 postfix]# locate sasldb2
[root@ns2 postfix]# updatedb
[root@ns2 postfix]# locate sasldb2
/etc/sasldb2
[root@ns2 postfix]# cp /etc/sasldb2 /var/spool/postfix/sasldb2
[root@ns2 postfix]# chgrp postfix /var/spool/postfix/sasldb2
[root@ns2 postfix]# chmod 640 /var/spool/postfix/sasldb2
これをしないと、以下のエラーがlogに出力される。
Apr 23 15:07:30 ns2 postfix/smtpd[22723]: connect from unknown[xxx.xxx.xxx.xxx]
Apr 23 15:07:30 ns2 postfix/smtpd[22723]: warning: SASL authentication problem:unable to open Berkeley db /etc/sasldb2: Permission denied
Apr 23 15:07:30 ns2 postfix/smtpd[22723]: warning: SASL authentication problem:unable to open Berkeley db /etc/sasldb2: Permission denied
Apr 23 15:07:30 ns2 postfix/smtpd[22723]: warning: SASL authentication failure:no secret in database
Apr 23 15:07:30 ns2 postfix/smtpd[22723]: warning: unknown[xxx.xxx.xxx.xxx]: SASL CRAM-MD5
authentication failed: authentication failure
6.postfixのセッティング
1)main.cfの編集
[root@ns2 /]# vi /etc/postfix/main.cf
省略
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,
regexp:/etc/postfix/recipient_checks.reg,
check_client_access hash:/etc/postfix/bad_clients,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
permit_sasl_authenticated,
reject_unauth_destination,
check_policy_service inet:127.0.0.1:10023
省略
content_filter = smtp-amavis:127.0.0.1:10024
以下省略
2)master.cfの編集
[root@ns2 /]# vi /etc/postfix/master.cf
smtp inet n – n – – smtpd
submission inet n – n – – smtpd
pickup fifo n – n 60 1 pickup
cleanup unix n – n – 0 cleanup
qmgr fifo n – n 300 1 qmgr
rewrite unix – – n – – trivial-rewrite
bounce unix – – n – 0 bounce
defer unix – – n – 0 bounce
trace unix – – n – 0 bounce
verify unix – – n – 1 verify
flush unix n – n 1000? 0 flush
proxymap unix – – n – – proxymap
smtp unix – – n – – smtp
relay unix – – n – – smtp
showq unix n – n – – showq
error unix – – n – – error
local unix – n n – – local
virtual unix – n n – – virtual
lmtp unix – – n – – lmtp
anvil unix – – n – 1 anvil
maildrop unix – n n – – pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix – n n – – pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
cyrus unix – n n – – pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix – n n – – pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender – $nexthop!rmail ($recipient)
ifmail unix – n n – – pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix – n n – – pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
smtp-amavis unix – – n – 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n – n – – smtpd
-o smtpd_sasl_auth_enable=yes
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtp_error_sleep_time=0
-o smtp_soft_error_limit=1001
-o smtp_hard_error_limit=1000
↑-o以前は必ずスペースを入れる
scache unix – – n – 1 scache
discard unix – – n – – discard
tlsmgr unix – – n 1000? 1 tlsmgr
7.Postgreyセッティング
1)起動スクリプトの編集
[root@ns2 postfix]# vi /etc/init.d/postgrey
省略
prog=postgrey
postgrey=/usr/sbin/$prog
DBPATH=/var/spool/postfix/postgrey
SOCKET=$DBPATH/socket
OPTIONS=”–whitelist-recipients=/etc/postfix/postgrey_whitelist_recipients
–inet=10023 -d –unix=$SOCKET“
以下省略
8.起動と起動スクリプトの登録
1)postfix、amavisd-new、clamd、postgreyの起動
[root@ns2 /]# /etc/init.d/postfix start
[root@ns2 /]# /etc/init.d/amavisd start
[root@ns2 /]# /etc/init.d/clamd start
[root@ns2 /]# /etc/init.d/postgrey start
2)起動スクリプトの登録状況確認
[root@ns2 /]# chkconfig –list
省略
amavisd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
clamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off
postgrey 0:off 1:off 2:on 3:on 4:on 5:on 6:off
省略
3)freshclamの起動と登録
[root@ns2 /]# /usr/bin/freshclam -d -c 5
[root@ns2 /]# vi /etc/rc.d/rc.local
# ClamAntiVirus Freshclam Start
if [ -x /usr/bin/freshclam]; then
/usr/bin/freshclam -d -c 5
fi
4)起動プロセスの確認
[root@ns2 postfix]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Apr19 ? 00:00:01 init [3]
root 2 1 0 Apr19 ? 00:00:00 [migration/0]
root 3 1 0 Apr19 ? 00:00:00 [ksoftirqd/0]
root 4 1 0 Apr19 ? 00:00:00 [watchdog/0]
root 5 1 0 Apr19 ? 00:00:00 [migration/1]
root 6 1 0 Apr19 ? 00:00:00 [ksoftirqd/1]
root 7 1 0 Apr19 ? 00:00:00 [watchdog/1]
root 8 1 0 Apr19 ? 00:00:00 [events/0]
root 9 1 0 Apr19 ? 00:00:00 [events/1]
root 10 1 0 Apr19 ? 00:00:00 [khelper]
root 11 1 0 Apr19 ? 00:00:00 [kthread]
root 15 11 0 Apr19 ? 00:00:00 [kblockd/0]
root 16 11 0 Apr19 ? 00:00:00 [kblockd/1]
root 17 11 0 Apr19 ? 00:00:00 [kacpid]
root 92 11 0 Apr19 ? 00:00:00 [cqueue/0]
root 93 11 0 Apr19 ? 00:00:00 [cqueue/1]
root 96 11 0 Apr19 ? 00:00:00 [khubd]
root 98 11 0 Apr19 ? 00:00:00 [kseriod]
root 163 11 0 Apr19 ? 00:00:00 [pdflush]
root 164 11 0 Apr19 ? 00:00:00 [kswapd0]
root 165 11 0 Apr19 ? 00:00:00 [aio/0]
root 166 11 0 Apr19 ? 00:00:00 [aio/1]
root 328 11 0 Apr19 ? 00:00:00 [kpsmoused]
root 358 11 0 Apr19 ? 00:00:00 [ata/0]
root 359 11 0 Apr19 ? 00:00:00 [ata/1]
root 360 11 0 Apr19 ? 00:00:00 [ata_aux]
root 364 11 0 Apr19 ? 00:00:00 [scsi_eh_0]
root 365 11 0 Apr19 ? 00:00:00 [scsi_eh_1]
root 366 11 0 Apr19 ? 00:00:00 [kjournald]
root 390 11 0 Apr19 ? 00:00:00 [kauditd]
root 422 1 0 Apr19 ? 00:00:00 /sbin/udevd -d
root 1267 11 0 Apr19 ? 00:00:00 [kmirrord]
root 1289 11 0 Apr19 ? 00:00:00 [kjournald]
root 1626 1 0 Apr19 ? 00:00:00 /usr/sbin/acpid
root 1687 1 0 Apr19 ? 00:00:00 xinetd -stayalive -pidfile /var/
root 1701 1 0 Apr19 ? 00:00:00 crond
root 1726 1 0 Apr19 ? 00:00:00 /usr/sbin/atd
root 1746 1 0 Apr19 tty1 00:00:00 /sbin/mingetty tty1
root 1747 1 0 Apr19 tty2 00:00:00 /sbin/mingetty tty2
root 1748 1 0 Apr19 tty3 00:00:00 /sbin/mingetty tty3
root 1857 1 0 Apr19 ? 00:00:00 /usr/sbin/sshd
root 10364 11 0 Apr20 ? 00:00:00 [pdflush]
root 13499 1 0 Apr21 ? 00:00:00 syslogd -m 0
root 13502 1 0 Apr21 ? 00:00:00 klogd -x
postgrey 22012 1 0 14:01 ? 00:00:00 /usr/sbin/postgrey -d –whitelis
amavis 22114 1 0 14:02 ? 00:00:00 amavisd (master)
amavis 22116 22114 0 14:02 ? 00:00:00 amavisd (virgin child)
amavis 22117 22114 0 14:02 ? 00:00:00 amavisd (virgin child)
clamav 22125 1 0 14:03 ? 00:00:03 clamd
clamav 22137 1 0 14:06 ? 00:00:00 /usr/bin/freshclam -d -c 5
root 22203 1857 0 14:09 ? 00:00:00 sshd: mity [priv]
mity 22205 22203 0 14:09 ? 00:00:00 sshd: mity@pts/0
mity 22206 22205 0 14:09 pts/0 00:00:00 -bash
root 22232 22206 0 14:09 pts/0 00:00:00 su –
root 22233 22232 0 14:09 pts/0 00:00:00 -bash
root 22439 1 0 14:14 ? 00:00:00 /usr/libexec/postfix/master
postfix 22441 22439 0 14:14 ? 00:00:00 pickup -l -t fifo -u
postfix 22442 22439 0 14:14 ? 00:00:00 qmgr -l -t fifo -u
postfix 22444 22439 0 14:14 ? 00:00:00 smtpd -n smtp -t inet -u
postfix 22445 22439 0 14:14 ? 00:00:00 proxymap -t unix -u
root 22447 22233 0 14:15 pts/0 00:00:00 ps -ef
9.テストする
1)sasl2をテストする
[root@ns2 postfix]# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 ns2.xxxxxxxxxx.jp ESMTP
EHLO localhost
250-ns2.xxxxxxxxxx.jp
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-AUTH CRAM-MD5
250-AUTH=CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
↑ここで行ったっきりになって止まれば成功!
quit
221 2.0.0 Bye
Connection closed by foreign host.
以上
コメント