purk
2002-02-09, 05:41 AM
介紹另一種 Mail Virus Scanner
--------------------------------------------------------------------------------
作者﹕ huckly <[email protected]>
以下 是小弟在 TLUG 11 月發表過的 另一種 mail Virus Scanner
現在提供 給 貴站 算是 野人獻曝吧 請多指教
之前有參考 Song Huang 的方式
還沒試之前 看到一長排 的安裝文件就傻眼了 ,尤其我又不會 perl 真不知何處著
手.剛好 這次 SecurityFocus.com 114號電子報 有提到 mailscanner 的工具
我就姑且試試 以下是我的安裝方式我是直接把 mailscanner [MailScanner
Installation Guide - Linux RPM] 這一章節 直接翻譯
參考網址 http://www.sng.ecs.soton.ac.uk/mailscanner/install/linux.shtml
MailScanner Installation Guide - Linux RPM
一 Assumptions and Pre-requisites
假設你已經環境設定完成
For the purposes of this installation guide, it is assumed that you have
installed a Linux server, including the packages
如果你有意願安裝到 linux server 則需確認你已安裝下列套件
perl
sendmail
lynx
If you are missing any of these packages, you will find them all on the
Linux installation CD-ROM. I also assume that you already have a
mailserver which currently handles your incoming mail. For the sake of
this description, this mail host will be called "mailserver.your.domain".
如果你遺漏了其中幾項,則可以從linux 安裝光碟中找到,同時也假定你準備好了
mail server 開始收信 , 為了以後敘述方便 ,mail 主機 我們稱為
"mail.huckly.net".
二 Download the Linux RPM file,
參考網址 http://www.sng.ecs.soton.ac.uk/mailscanner/downloads.shtml
and copy it to somewhere like /tmp. Login as root. Run the command
下載 檔案後 copy 到您的暫存目錄下 譬如:/tmp(我習慣放在/usr/src 不知可好
) 執行下行 指令
rpm -ivh mailscanner.i386.rpm
where mailscanner.rpm should be replaced with the exact name of the file
you downloaded. This will do virtually all the configuration for you.
mailscanner.rpm 將會強制置換你的檔案 , 其實 安裝完成後也幾乎幫您完成設定了
三 There are 2 jobs left, configuring sendmail and installing Sophos.
You can then start MailScanner.
接下兩個步驟,設定sendmail 及安裝 Sophos.就可以執行 MailScanner.
Sendmail
The first thing left to do is to tell the sendmail program where to find
your mail server. Edit the file /etc/sendmail.cf. Look for a couple of
lines somewhere near the start of the file that start with "DM" and
"DH". Replace the text after these letters with the full name of your
existing mail server, e.g. "mailserver.your.domain".
第一個步驟就是 告訴 sendmail 你的 mail server 確切位置, 編輯 sendmail.cf
在接近開頭幾行(我找了幾十行) 可以找到 "DM" and "DH". 在這 兩個 組態設定
值後 加上你完整的 mail server name ,譬如 "mail.huckly.net"
Sophos
The second job is to install the Sophos anti-virus package. Assuming you
have this on CD, or have downloaded it from Sophos' web site, login as
root if you haven't already done so and change into the directory in
which you have a copy of it. This should either contain a file called
"linux.intel.libc6.tar.Z" or a directory "sav-install". Run the command
第二步 就是從你購買的CD,或Sophos 網站下載程式 的安裝 Sophos 防毒套件 .轉
成 root 登入後 解壓縮 .進入解壓縮完成的目錄內 這目錄 可能是叫做
"linux.intel.libc6.tar.Z" 或是 "sav-install". 執行 下列指令,
參考網址 http://www.sophos.com
/usr/local/MailScanner/bin/Sophos.install
and Sophos will be installed in /usr/local/Sophos for you. It will also
attempt to update your copy of Sophos to use all the latest virus
identity (.IDE) files from the Sophos web site.
之後 Sophos將被安裝到你主機內的 /usr/local/Sophos ,他同時將從你由 Sophos
網站 捉下的病毒碼更新.
四 Starting MailScanner
啟動 MailScanner
The MailScanner will automatically start the next time you reboot the
PC, or else you can start it immediately with the command
MailScanner 將再你下次重新開機時自動執行, 或是你直接下指令.
/etc/rc.d/init.d/mailscanner start
五 以下是我自己加的 修改回覆信件 為中文
當 mail SERVER 收到 有毒的 e-mail時 會寄出兩封 e-mail 一封給寄件者
寄件者部分:
可以從 /usr/local/MailScanner/etc 下尋找 sender.report.txt
把他改寫 成中文檔 以下是修改範例
From: "Email Virus Scanner" <$Config::LocalPostmaster>
To: $from
Subject:警告:您的電子郵件帶有病毒 Warning: E-mail viruses detected
您剛剛寄來一份電子郵件觸發我們的病毒防護系統:-
Our virus detector has just been triggered by a message you sent:-
收件者: $to
主旨: $subject
日期: $date
收件者將無法收到任何被感染的郵件.
Any infected parts of the message have not been delivered.
本信將僅告您,您的電腦可能被病毒感染,請務必檢查.
This message is simply to warn you that your computer system may have a
virus present and should be checked.
您所寄的電子郵件可能內含的病毒
The virus detector said this about the message:
Report: $report
--
huckly.net
Email Virus Scanner
至於收件人 的訊息檔 我就沒有找到了
--------------------------------------------------------------------------------
Julian Field
huckly編譯
http://huckly.net
--------------------------------------------------------------------------------
作者﹕ huckly <[email protected]>
以下 是小弟在 TLUG 11 月發表過的 另一種 mail Virus Scanner
現在提供 給 貴站 算是 野人獻曝吧 請多指教
之前有參考 Song Huang 的方式
還沒試之前 看到一長排 的安裝文件就傻眼了 ,尤其我又不會 perl 真不知何處著
手.剛好 這次 SecurityFocus.com 114號電子報 有提到 mailscanner 的工具
我就姑且試試 以下是我的安裝方式我是直接把 mailscanner [MailScanner
Installation Guide - Linux RPM] 這一章節 直接翻譯
參考網址 http://www.sng.ecs.soton.ac.uk/mailscanner/install/linux.shtml
MailScanner Installation Guide - Linux RPM
一 Assumptions and Pre-requisites
假設你已經環境設定完成
For the purposes of this installation guide, it is assumed that you have
installed a Linux server, including the packages
如果你有意願安裝到 linux server 則需確認你已安裝下列套件
perl
sendmail
lynx
If you are missing any of these packages, you will find them all on the
Linux installation CD-ROM. I also assume that you already have a
mailserver which currently handles your incoming mail. For the sake of
this description, this mail host will be called "mailserver.your.domain".
如果你遺漏了其中幾項,則可以從linux 安裝光碟中找到,同時也假定你準備好了
mail server 開始收信 , 為了以後敘述方便 ,mail 主機 我們稱為
"mail.huckly.net".
二 Download the Linux RPM file,
參考網址 http://www.sng.ecs.soton.ac.uk/mailscanner/downloads.shtml
and copy it to somewhere like /tmp. Login as root. Run the command
下載 檔案後 copy 到您的暫存目錄下 譬如:/tmp(我習慣放在/usr/src 不知可好
) 執行下行 指令
rpm -ivh mailscanner.i386.rpm
where mailscanner.rpm should be replaced with the exact name of the file
you downloaded. This will do virtually all the configuration for you.
mailscanner.rpm 將會強制置換你的檔案 , 其實 安裝完成後也幾乎幫您完成設定了
三 There are 2 jobs left, configuring sendmail and installing Sophos.
You can then start MailScanner.
接下兩個步驟,設定sendmail 及安裝 Sophos.就可以執行 MailScanner.
Sendmail
The first thing left to do is to tell the sendmail program where to find
your mail server. Edit the file /etc/sendmail.cf. Look for a couple of
lines somewhere near the start of the file that start with "DM" and
"DH". Replace the text after these letters with the full name of your
existing mail server, e.g. "mailserver.your.domain".
第一個步驟就是 告訴 sendmail 你的 mail server 確切位置, 編輯 sendmail.cf
在接近開頭幾行(我找了幾十行) 可以找到 "DM" and "DH". 在這 兩個 組態設定
值後 加上你完整的 mail server name ,譬如 "mail.huckly.net"
Sophos
The second job is to install the Sophos anti-virus package. Assuming you
have this on CD, or have downloaded it from Sophos' web site, login as
root if you haven't already done so and change into the directory in
which you have a copy of it. This should either contain a file called
"linux.intel.libc6.tar.Z" or a directory "sav-install". Run the command
第二步 就是從你購買的CD,或Sophos 網站下載程式 的安裝 Sophos 防毒套件 .轉
成 root 登入後 解壓縮 .進入解壓縮完成的目錄內 這目錄 可能是叫做
"linux.intel.libc6.tar.Z" 或是 "sav-install". 執行 下列指令,
參考網址 http://www.sophos.com
/usr/local/MailScanner/bin/Sophos.install
and Sophos will be installed in /usr/local/Sophos for you. It will also
attempt to update your copy of Sophos to use all the latest virus
identity (.IDE) files from the Sophos web site.
之後 Sophos將被安裝到你主機內的 /usr/local/Sophos ,他同時將從你由 Sophos
網站 捉下的病毒碼更新.
四 Starting MailScanner
啟動 MailScanner
The MailScanner will automatically start the next time you reboot the
PC, or else you can start it immediately with the command
MailScanner 將再你下次重新開機時自動執行, 或是你直接下指令.
/etc/rc.d/init.d/mailscanner start
五 以下是我自己加的 修改回覆信件 為中文
當 mail SERVER 收到 有毒的 e-mail時 會寄出兩封 e-mail 一封給寄件者
寄件者部分:
可以從 /usr/local/MailScanner/etc 下尋找 sender.report.txt
把他改寫 成中文檔 以下是修改範例
From: "Email Virus Scanner" <$Config::LocalPostmaster>
To: $from
Subject:警告:您的電子郵件帶有病毒 Warning: E-mail viruses detected
您剛剛寄來一份電子郵件觸發我們的病毒防護系統:-
Our virus detector has just been triggered by a message you sent:-
收件者: $to
主旨: $subject
日期: $date
收件者將無法收到任何被感染的郵件.
Any infected parts of the message have not been delivered.
本信將僅告您,您的電腦可能被病毒感染,請務必檢查.
This message is simply to warn you that your computer system may have a
virus present and should be checked.
您所寄的電子郵件可能內含的病毒
The virus detector said this about the message:
Report: $report
--
huckly.net
Email Virus Scanner
至於收件人 的訊息檔 我就沒有找到了
--------------------------------------------------------------------------------
Julian Field
huckly編譯
http://huckly.net