### 准备工作 添加postgrey的yum仓库 ```bash $ wget http://packages.psychotic.ninja/6/base/x86_64/RPMS/psychotic-release-1.0.0-1.el6.psychotic.noarch.rpm $ rpm -Uvh psychotic-release-1.0.0-1.el6.psychotic.noarch.rpm ``` 　　 ### 安装 `反垃圾过滤` `病毒检测` `灰名单` 等相关软件包 ```bash $ yum --enablerepo=psychotic-testing --enablerepo=epel install spamassassin amavisd-new clamav clamd pyzor perl-Mail-SPF perl-Mail-DKIM postgrey tmpwatch lzop -y ``` 　　 ### 配置postfix Amavisd-new集成到postfix，从postfix的queue队列中接收未过滤的邮件,需要添加下面的参数 添加`-o content_filter=smtp-amavis:[127.0.0.1]:10024`到/etc/postfix/master.cf的`smtp inet n - n - - smtpd`这行下面 ```bash $ vim /etc/postfix/master.cf ``` ``` smtp inet n - n - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024 ``` 上面的配置会把邮件发送给amavisd-new。需要amavisd-new把邮件返回给postfix，添加下面的配置 ```bash $ vim /etc/postfix/master.cf ``` ``` # amavisd-new deamon smtp-amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes # smtpd deamon for amavisd-new to send mails back to postfix 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o strict_rfc821_envelopes=yes ``` amavisd-new 将会发送警告消息,配置别名让这些消息发送给root或者其他收件人,编辑/etc/aliases添加下面一行 ```bash $ vim /etc/aliases ``` ``` virusalert: root ``` ```bash $ newaliases ``` Postgrey需要集成到postfix，Postgrey叫做策略服务器.postfix使用策略服务器去决定接受还是拒绝这些邮件。添加`check_policy_service unix:/var/spool/postfix/postgrey/socket`到smtpd_recipient_restrictions中,内容如下 ```bash $ vim /etc/postfix/main.cf ``` ``` smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, check_policy_service unix:/var/spool/postfix/postgrey/socket reject_unauth_destination, permit ``` 　　 　　 ### 配置postgrey Postgrey是一个灰名单策略服务器,后面是一个简单的灰名单。它包含了一些垃圾邮件服务器.Postgrey将会第一次拒绝这些服务器的邮件并且返回临时错误代码。用于识别客户端ip/发件人/收件人。当发件人多次重试去发送邮件。Postgrey会接收它。 Centos配置Postgrey,打开/etc/sysconfig/postgrey文件，添加下面的内容(`delay选项将会延迟60秒转发邮件，max-age选项定义了多久时间内，将会直接转发那些成功邮件的后续邮件`) ```bash $ vim /etc/sysconfig/postgrey ``` ``` POSTGREY_OPTS="--inet=127.0.0.1:10023 --max-age=365 --delay=60 --unix=/var/spool/postfix/postgrey/socket" ``` 　　 ### 配置Amavisd-New Amavisd-New的配置文件下面的参数需要修改 ```bash $ vim /etc/amavisd/amavisd.conf ``` ``` $mydomain = 'unotes.co'; #配置你的域名 @mynetworks = qw( 127.0.0.0/8 [::1] ); $sa_spam_subject_tag = '[Spam] '; $allowed_added_header_fields{lc('Received')} = 0; #禁掉 "Received"头添加到邮件头 ['ClamAV-clamd', \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"], qr/\bOK$/m, qr/\bFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], $sa_tag_level_deflt = -999; ``` 　　 ### 配置Spamassassin ```bash $ mkdir /etc/mail/bayes $ vim /etc/mail/spamassassin/local.cf ``` ``` # The score from which an email will be considered spam required_hits 5.0 # Subject prefix if spam is detected rewrite_header Subject [SPAM] # Disable encapsulate spam in an attachment report_safe 0 # Configure the Bayes system use_bayes 1 bayes_auto_learn 0 bayes_path /etc/mail/bayes/bayes bayes_file_mode 0666 # Enable or disable network checks skip_rbl_checks 0 # pyzor configuration use_pyzor 1 pyzor_options --homedir /etc/mail/spamassassin pyzor_timeout 5 ``` 　　 ### 安装Pyzor 用root运行下面的命令 ```bash $ pyzor --homedir /etc/mail/spamassassin/ discover ``` ### 重启服务 ```bash $ /etc/init.d/clamd restart $ /etc/init.d/spamassassin restart $ /etc/init.d/amavisd restart $ /etc/init.d/postgrey restart $ /etc/init.d/postfix restart $ chkconfig spamassassin on $ chkconfig amavisd on $ chkconfig clamd on $ chkconfig postgrey on ``` 翻译: https://blog.tinned-software.net/setup-amavisd-new-with-spamassassin-and-clamav-with-postfix/