构建反病毒反垃圾邮件系统(五)






  二、防病毒系统


  1、安装McAfee uvscan for linux


  McAfee uvscan for linux虽然是试用,但是没有什么限制,可以升级,也没有过期。


  # wget http://www.XXXX.com/products/evaluation/virusscan/english/
cmdline/linux/version_4.24/intel/vlnx424e.tar.Z
  # tar xzf vlnx424e.tar.Z
  # ./install-uvscan


  默认会装到/usr/local/uvscan目录下,不过uvscan需要libstdc++.so.2.8,直接运行出现如下错误:


  # uvscan
  uvscan: error while loading shared libraries: libstdc++.so.2.8:
cannot open shared objectfile: No such file or directory


  可以从如下地址获得libstdc++.so.2.8的安装包:


  # wget http://debian.marlow.dk/dists/woody/virus/pool/
lib/libstdc++2.8_2.90.29-2.deb
  # dpkg -i libstdc++2.8_2.90.29-2.deb


  这样uvscan就可以正常运行了,不过会提示病毒库比较老了云云。写个病毒库更新脚本扔到crontab跑去吧:


  #!/bin/sh
  #
  # update-dat.sh
  #
  cd /usr/local/uvscan/
  wget -q -O readme.txt http://http://www.XXXX.com/products/datfiles/
4.x/nai/readme.txt >/dev/null
  AVVER=`head -5 readme.txt | grep ‘ 4[0-9][0-9][0-9] ‘ | head -1 |
sed -e ‘s/^.* \(4[0-9]*\) .*$/\1/’`
  if [ ! -f dat-$AVVER.tar ]; then
  for i in *.tar ; do
  mv $i $i.old
  done
  if wget http://http://www.XXXX.com/products/datfiles/4.x/nai/
dat-$AVVER.tar >/dev/null ; then
  for i in *.dat ; do
  cp -p $i $i.bak
  done
  if tar xf dat-$AVVER.tar ; then
  rm -f *.old
  echo `date` Successfully updated AntiVirus DAT files to $AVVER
  fi
  fi
  fi


  2、AMaViS的安装


  AMaViS是uvscan和postfix之间的一个桥梁,完成邮件解码,交给uvscan查毒,然后再处理,转发操作。


  安装amavisd前先确定以下软件已经安装,lha、unarj等使用的no-free的分支版本:


  # apt-get install libio-stringy-perl mailtools libmime-perl libmailtools-perl libmime-base64-perl \
  libcompress-zlib-perl libconvert-uulib-perl libconvert-tnef-perl tnef libarchive-tar-perl \
  libarchive-zip-perl libtime-hires-perl libunix-syslog-perl libdigest-md5-perl lha unarj unzip \
  gzip unrar zoo


  stable版本的amavisd比较老,使用如下链接:


  # wget http://www.XXXX..dk/dists/woody/custom/pool/compress/arc_5.21e-5_i386.deb
  # wget http://www.XXXX..dk/dists/woody/virus/pool/wrapper/amavisd-new_20030314p1-2_all.deb
  # wget http://www.XXXX..dk/dists/woody/virus/pool/lib/libnet-perl_1.12-1_all.deb
  # wget http://www.XXXX..dk/dists/woody/virus/pool/lib/libnet-server-perl_0.84-3_all.deb


  先安装CPAN:


  # perl -MCPAN -e shell
  cpan> install CPAN
  cpan> install LWP
  cpan> install Archive::Tar
  cpan> install Archive::Zip
  cpan> install Compress::Zlib
  cpan> install Convert::TNEF
  cpan> install Convert::UUlib
  cpan> install MIME::Base64
  cpan> install MIME::Parser
  cpan> install Mail::Internet
  cpan> install Net::Server
  cpan> install Net::SMTP
  cpan> install Digest::MD5
  cpan> install IO::Stringy
  cpan> install Time::HiRes
  cpan> install Unix::Syslog