在Debian挤压下用Exim和Mailman设置ClamAV

要在Debian中使用clamav，需要先安装exim4-daemon-heavy软件包，而不是默认的exim4-daemon-light版本，重要的守护进程被编译为更多的function，包括链接到clamav的function。 只要做一个apt-get install exim4-daemon-heavy ，它不会有太大的变化，而且运行起来非常安全。

启用后，您需要进行一些设置。 我假设你正在使用拆分configuration，如果不是，你将不得不将下面的翻译到组合configuration文件中的正确位置。

我通常创build一个文件/etc/exim4/conf.d/main/04_exim4-config_filter ，看起来像这样。

 # socket for clamd av_scanner = clamd:/var/run/clamav/clamd.ctl 

然后我取消注释/etc/exim4/conf.d/acl/40_exim4-config_check_data文件中的恶意软件configuration。

  # Deny if the message contains malware. Before enabling this check, you # must install a virus scanner and set the av_scanner option in the # main configuration. # # exim4-daemon-heavy must be used for this section to work. # deny malware = * message = This message was detected as possible malware ($malware_name). 

您可能还想阻止某些types的附件。

我通常创build一个文件acl来检查MIME扩展名。 /etc/exim4/conf.d/acl/50_exim4-config_check_mime

 # This access control list is used for every MIME part in a an incoming # SMTP message. # acl_check_mime: # Decode MIME parts to disk. This will support virus scanners later. warn decode = default # File extension filtering. deny message = This file extension has been blacklisted and is not allowed \ through our email system. Send an email to [email protected] if \ you have received this message in error. condition = ${if match \ {${lc:$mime_filename}} \ {\N(\.ade|\.adpx|\.app|\.bas|\.bat|\.chm|\.cmd|\.com|\.cpl|\ \.crt|\.exe|\.fxp|\.hlp|\.hta|\.inf|\.ins|\.isp|\ \.js|\.jse|\.lnk|\.mda|\.mdb|\.mde|\.mdt|\.mdw|\.mdz|\ \.msc|\.msi|\.msp|\.mst|\.ops|\.pcd|\.pif|\.prf|\.prg|\ \.reg|\.scf|\.scr|\.sct|\.shb|\.shs|\.url|\.vb|\.vbe|\ \.vbs|\.wsc|\.wsf|\.wsh|\.xsl)$\N} \ {1}{0}} 

要启用这个acl，你必须在/etc/exim4/conf.d/main/02_exim4-config_options文件中添加一些行。

 # Defines the access control list that is run when an # SMTP DATA command is received. # .ifndef MAIN_ACL_CHECK_MIME MAIN_ACL_CHECK_MIME = acl_check_mime .endif acl_smtp_mime = MAIN_ACL_CHECK_MIME