Aqui falaremos sobre os procedimentos que utilizamos para instalar o SpamAssassin sobre o CentOS (sugerimos que leiam nosso artigo sobre nossa Instalação Padrão do CentOS 7, disponível também nas referências abaixo). . Antes de iniciar esse procedimento, recomendamos uma lida em nosso artigo (neste link, ou nas referências abaixo) comparando algumas soluções antispam, para lhe ajudar a decidir se esta solução é a melhor para seu caso.
Lembre-se de alterar as partes em cinza para o padrão de sua empresa.
Após o SO instalado, para poder conectar via ssh e executar os commandos mínimos execute como root:
yum install gcc vim open-vm-tools unzip ntp net-tools wget telnet rsync -y- Criar o Servidor. Estes procedimentos foram baseados na versão ASSP 2.6.1, caso queira usar outra versão, acesse https://sourceforge.net/projects/assp/ e use a versão desejada. Lembre-se de verificar o nome DNS que será usado e adaptar a este manual (que aqui será usado como: antispam.suaempresa.com.br), caso o endereço seja diferente altere em todos os locais com o mesmo realce de cor cinza.
- Configurando o Postfix. A aplicação SPAMASSASSIN filtra as mensagens, mas o envio de e-mails é feito pelo Postfix. Para realizar a configuração básica do postfix siga as etapas abaixo:
echo "# CONFIGURACAO PADRAO" >> /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
echo "biff = no" >> /etc/postfix/main.cf
echo "append_dot_mydomain = no" >> /etc/postfix/main.cf
echo "readme_directory = no" >> /etc/postfix/main.cf
echo "myhostname = antispam.suaempresa.com.br" >> /etc/postfix/main.cf
echo "mydomain = suaempresa.com.br" >> /etc/postfix/main.cf
echo "myorigin = $mydomain" >> /etc/postfix/main.cf
echo "inet_interfaces = all" >> /etc/postfix/main.cf
echo "relay_domains = suaempresa.com.br" >> /etc/postfix/main.cf
echo "mynetworks = 127.0.0.0/8 sua_rede/sua_mascara" >> /etc/postfix/main.cf
echo "mailbox_command = procmail -a \"$EXTENSION\"" >> /etc/postfix/main.cf
echo "recipient_delimiter = +" >> /etc/postfix/main.cf
echo "" >> /etc/postfix/main.cf
echo "# REGRA DE TRANSPORTE (PARA O EXCHANGE)" >> /etc/postfix/main.cf
echo "transport_maps = texthash:/etc/postfix/transport" >> /etc/postfix/main.cf
echo "suaempresa.com.br smtp:[seu_IP]:25" >> /etc/postfix/transport
echo "# HARDENING" >> /etc/postfix/main.cf
echo "smtpd_banner = antispam.suaempresa.com.br ESMTP" >> /etc/postfix/main.cf
echo "disable_vrfy_command = yes" >> /etc/postfix/main.cf
echo "smtpd_helo_required = yes" >> /etc/postfix/main.cf
echo "smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname" >> /etc/postfix/main.cf
echo "mynetworks_style = host" >> /etc/postfix/main.cf
echo "smtpd_delay_reject = yes" >> /etc/postfix/main.cf
echo "smtpd_error_sleep_time = 1s" >> /etc/postfix/main.cf
echo "smtpd_soft_error_limit = 10" >> /etc/postfix/main.cf
echo "smtpd_hard_error_limit = 20" >> /etc/postfix/main.cf
echo "smtpd_client_connection_count_limit = 10" >> /etc/postfix/main.cf
echo "smtpd_client_connection_rate_limit = 60" >> /etc/postfix/main.cf
systemctl restart postfix- Adicionando Consulta DNS e RBLs. Para adicionar uma segurança ao Postfix, execute:
echo "" >> /etc/postfix/main.cf
echo "# DNS e RBLs" >> /etc/postfix/main.cf
echo "smtpd_recipient_restrictions =" >> /etc/postfix/main.cf
echo " permit_mynetworks," >> /etc/postfix/main.cf
echo " reject_unauth_destination," >> /etc/postfix/main.cf
echo " reject_unauth_pipelining," >> /etc/postfix/main.cf
echo " check_client_access texthash:/etc/postfix/rbl_whitelist," >> /etc/postfix/main.cf
echo " reject_unknown_reverse_client_hostname," >> /etc/postfix/main.cf
echo " reject_invalid_helo_hostname," >> /etc/postfix/main.cf
echo " reject_non_fqdn_helo_hostname," >> /etc/postfix/main.cf
echo " reject_non_fqdn_sender," >> /etc/postfix/main.cf
echo " reject_non_fqdn_recipient," >> /etc/postfix/main.cf
echo " reject_unknown_sender_domain," >> /etc/postfix/main.cf
echo " reject_unknown_recipient_domain," >> /etc/postfix/main.cf
echo " reject_invalid_hostname," >> /etc/postfix/main.cf
echo " check_client_access texthash:/etc/postfix/client_checks," >> /etc/postfix/main.cf
echo " reject_rbl_client zen.spamhaus.org," >> /etc/postfix/main.cf
echo " reject_rbl_client bl.spamcop.net," >> /etc/postfix/main.cf
echo " reject_rbl_client b.barracudacentral.org" >> /etc/postfix/main.cf
echo " permit" >> /etc/postfix/main.cf
touch /etc/postfix/rbl_whitelist
touch /etc/postfix/client_checks
systemctl restart postfix- Instalando o SpamAssassin. Para instalar e configurar o spamassassin, execute:
yum install spamassassin -y
sed -i "s/rewrite_header/\#rewrite_header/g" /etc/spamassassin/local.cf
echo "report_safe 0" >> /etc/mail/spamassassin/local.cf
echo "required_score 5.0" >> /etc/mail/spamassassin/local.cf
echo "use_bayes 1" >> /etc/mail/spamassassin/local.cf
echo "bayes_auto_learn 1" >> /etc/mail/spamassassin/local.cf
echo "bayes_min_spam_num 30" >> /etc/mail/spamassassin/local.cf
echo "" >> /etc/mail/spamassassin/local.cf
echo "score ALL_TRUSTED -4.000" >> /etc/mail/spamassassin/local.cf
echo "score DATE_IN_PAST_12_24 2.000" >> /etc/mail/spamassassin/local.cf
echo "score DCC_CHECK 2.500" >> /etc/mail/spamassassin/local.cf
echo "score DNS_FROM_AHBL_RHSBL 0" >> /etc/mail/spamassassin/local.cf
echo "score FORGED_OUTLOOK_HTML 1.500" >> /etc/mail/spamassassin/local.cf
echo "score HEADER_FROM_DIFFERENT_DOMAINS 2.000" >> /etc/mail/spamassassin/local.cf
echo "score HTML_FONT_LOW_CONTRAST 2.00" >> /etc/mail/spamassassin/local.cf
echo "score HTML_IMAGE_RATIO_02 2.000" >> /etc/mail/spamassassin/local.cf
echo "score RCVD_IN_BRBL_LASTEXT 3.500" >> /etc/mail/spamassassin/local.cf
echo "score RCVD_IN_PBL 0.905" >> /etc/mail/spamassassin/local.cf
echo "score RCVD_IN_RP_CERTIFIED -2.500" >> /etc/mail/spamassassin/local.cf
echo "score T_HTML_ATTACH 2.000" >> /etc/mail/spamassassin/local.cf
echo "score T_LONG_HEADER_LINE_80 0.500" >> /etc/mail/spamassassin/local.cf
echo "score T_NOT_A_PERSON 0.500" >> /etc/mail/spamassassin/local.cf
echo "score T_OBFU_HTML_ATTACH 1.000" >> /etc/mail/spamassassin/local.cf
echo "score T_REMOTE_IMAGE 2.500" >> /etc/mail/spamassassin/local.cf
echo "score UPPERCASE_50_75 0.700" >> /etc/mail/spamassassin/local.cf
echo "score URIBL_BLACK 4.250" >> /etc/mail/spamassassin/local.cf
echo "score URIBL_DBL_REDIR 1.500" >> /etc/mail/spamassassin/local.cf
echo "score URIBL_DBL_SPAM 5.000" >> /etc/mail/spamassassin/local.cf
echo "score URIBL_JP_SURB 5.000" >> /etc/mail/spamassassin/local.cf
echo "score URIBL_JP_SURBL 5.000" >> /etc/mail/spamassassin/local.cf
echo "score URIBL_WS_SURBL 5.000" >> /etc/mail/spamassassin/local.cf
echo "score SUBJ_ALL_CAPS 1.000" >> /etc/mail/spamassassin/local.cf
echo "score LOTS_OF_MONEY 0.700" >> /etc/mail/spamassassin/local.cf
echo "score T_HK_MUCHMONEY 0.700" >> /etc/mail/spamassassin/local.cf
echo "score T_KHOP_FOREIGN_CLICK 0.700" >> /etc/mail/spamassassin/local.cf
echo "score T_SHORTENED_URL_HREF 0.400" >> /etc/mail/spamassassin/local.cf
echo "score T_URL_SHORTENER 0.400" >> /etc/mail/spamassassin/local.cf
echo "score BAD_ENC_HEADER 0.400" >> /etc/mail/spamassassin/local.cf
echo "score T_UNKNOWN_ORIGIN 0.700" >> /etc/mail/spamassassin/local.cf
echo "score RP_MATCHES_RCVD -0.000" >> /etc/mail/spamassassin/local.cf
echo "score BAYES_90 4.300" >> /etc/mail/spamassassin/local.cf
echo "score BAYES_80 3.500" >> /etc/mail/spamassassin/local.cf
echo "score BAYES_60 3.000" >> /etc/mail/spamassassin/local.cf
echo "score BAYES_50 2.500" >> /etc/mail/spamassassin/local.cf
echo "score BAYES_00 -0.500" >> /etc/mail/spamassassin/local.cf
groupadd spamd
useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
chown spamd:spamd /var/log/spamassassin
sed -i "s/smtp inet n - n - - smtpd/smtp inet n - n - - smtpd -o content_filter=spamassassin/g" /etc/postfix/master.cf
echo "spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}" >> /etc/postfix/master.cf
systemctl enable spamassassin
sa-update && systemctl restart spamassassin
systemctl restart postfix
echo "00 01 * * * root /bin/sa-update && systemctl restart spamassassin" >> /var/spool/cron/root
ln -s /etc/mail/spamassassin /etc/spamassassin- Habilitando o Pyzor
yum install pyzor --enablerepo=fedora-source -y
echo "use_pyzor 1" >> /etc/mail/spamassassin/local.cf
echo "pyzor_path /usr/bin/pyzor" >> /etc/mail/spamassassin/local.cf
echo "pyzor_timeout 20" >> /etc/mail/spamassassin/local.cf- Instalando o antivírus ClamAV. Para instalar, configurar e colocar sua inicialização automática, execute:
yum install amavisd-new clamav clamav-devel clamav-scanner-systemd clamav-server clamav-server-systemd clamav-update --enablerepo=fedora-source -y
sed -i '/^Example/d' /etc/freshclam.conf
sed -i 's/#LogFileMaxSize 2M/LogFileMaxSize 2M/g' /etc/freshclam.conf
sed -i 's/#LogRotate yes/LogRotate yes/g' /etc/freshclam.conf
echo "d /var/run/clamd.amavisd 0755 amavis amavis -" >> /etc/tmpfiles.d/clamd.amavisd.conf
sed -i "1 i\ " /usr/lib/systemd/system/clamd@.service
sed -i "1 i\WantedBy=multi-user.target" /usr/lib/systemd/system/clamd@.service
sed -i "1 i\[Install]" /usr/lib/systemd/system/clamd@.service
sed -i "s/host.example.com/antispam.suaempresa.com.br/g" /etc/amavisd/amavisd.conf
sed -i "s/example.com/suaempresa.com.br/g" /etc/amavisd/amavisd.conf
sed -i "s/\# $myhostname/\$myhostname/g" /etc/amavisd/amavisd.conf
sed -i "s/\# $notify_method/\$notify_method/g" /etc/amavisd/amavisd.conf
sed -i "s/\# $forward_method/\$forward_method/g" /etc/amavisd/amavisd.conf
sed -i "s/final_spam_destiny = D_DISCARD/final_spam_destiny = D_PASS/g" /etc/amavisd/amavisd.conf
sed -i "s/final_bad_header_destiny = D_BOUNCE/final_bad_header_destiny = D_PASS/g" /etc/amavisd/amavisd.conf
sed -i "s/= D_DISCARD/= D_REJECT/g" /etc/amavisd/amavisd.conf
sed -i "s/= D_BOUNCE/= D_REJECT/g" /etc/amavisd/amavisd.conf
sed -i "s/$sa_tag_level_deflt = 2.0/$sa_tag_level_deflt = -9999/g" /etc/amavisd/amavisd.conf
sed -i "s/\*\*\*Spam\*\*\* //g" /etc/amavisd/amavisd.conf
sed -i "$((`grep -n final_virus_destiny /etc/amavisd/amavisd.conf | cut -d: -f1`+1)) i$virus_quarantine_to = undef;" /etc/amavisd/amavisd.conf
sed -i "$((`grep -n final_banned_destiny /etc/amavisd/amavisd.conf | cut -d: -f1`+1)) i$banned_quarantine_to = undef;" /etc/amavisd/amavisd.conf
sed -i "$((`grep -n final_bad_header_destiny /etc/amavisd/amavisd.conf | cut -d: -f1`+1)) i$bad_header_quarantine_to = undef;" /etc/amavisd/amavisd.conf
echo "30 3 * * * /usr/local/bin/freshclam --quiet" >> /var/spool/cron/root
systemctl enable clamd@amavisd
systemctl start clamd@amavisd
systemctl enable amavisd
systemctl start amavisdPara bloquear mais algumas extensões de arquivos anexos, execute:
sed -i "s/cpl)/cpl|vbe|com|reg|msi|ps1)/g" /etc/amavisd/amavisd.confPara adicionar o antivirus ao SMTP, execute:
echo "" >> /etc/postfix/main.cf
echo "# AMAVIS" >> /etc/postfix/main.cf
echo "content_filter=smtp-amavis:[127.0.0.1]:10024" >> /etc/postfix/main.cf
echo "smtp-amavis unix - - n - 2 smtp" >> /etc/postfix/master.cf
echo " -o smtp_data_done_timeout=1200" >> /etc/postfix/master.cf
echo " -o smtp_send_xforward_command=yes" >> /etc/postfix/master.cf
echo " -o disable_dns_lookups=yes" >> /etc/postfix/master.cf
echo "127.0.0.1:10025 inet n - n - - smtpd" >> /etc/postfix/master.cf
echo " -o content_filter=" >> /etc/postfix/master.cf
echo " -o local_recipient_maps=" >> /etc/postfix/master.cf
echo " -o relay_recipient_maps=" >> /etc/postfix/master.cf
echo " -o smtpd_restriction_classes=" >> /etc/postfix/master.cf
echo " -o smtpd_client_restrictions=" >> /etc/postfix/master.cf
echo " -o smtpd_helo_restrictions=" >> /etc/postfix/master.cf
echo " -o smtpd_sender_restrictions=" >> /etc/postfix/master.cf
echo " -o smtpd_recipient_restrictions=permit_mynetworks,reject" >> /etc/postfix/master.cf
echo " -o mynetworks=127.0.0.0/8" >> /etc/postfix/master.cf
echo " -o strict_rfc821_envelopes=yes" >> /etc/postfix/master.cf
echo " -o smtpd_error_sleep_time=0" >> /etc/postfix/master.cf
echo " -o smtpd_soft_error_limit=1001" >> /etc/postfix/master.cf
echo " -o smtpd_hard_error_limit=1000" >> /etc/postfix/master.cf
echo "" > /var/log/maillog
init 6Fontes/Referências
NVLAN – Comparativo Soluções Mail Gateway/Antispam OpenSource (gratuitas)
NVLAN – Instalação padrão do CentOS7
Mais Informações
Esperamos ter ajudado da melhor forma possível e estaremos sempre a disposição para mais informações.
Entre em contato conosco pelo e-mail equipe@nvlan.com.br.
