Email Server Secuirty ( Postfix SMTP + ClamAV Unofficial Signatures clamav-unofficial-sigs ) CentOS 6
Notes: the following will be done to an existing CentOS/RHCE mail server.
Assumptions: clamav installed and configured.
Prepare the node:
1 2 |
yum install -y wget curl rsync gnupg yum install -y clamav-unofficial-sigs |
SCAMP: 3rd Party ClamAV definitions
Download SCAMP: 3rd Party ClamAV definitions
Download the latest version from: http://sourceforge.net/projects/scamp/
1 2 3 4 5 6 7 |
wget http://sourceforge.net/projects/scamp/files/latest/download -O /tmp/scamp.tar.gz cd /tmp && tar xfz scamp.tar.gz cd scamp-* mkdir -p /usr/local/scamp/ cp scamp.sh /usr/local/scamp/ chown clam:clam /usr/local/scamp/scamp.sh chmod +x /usr/local/scamp/scamp.sh |
Configure SCAMP for CentOS
Assumes user/group is clam
1 |
sed -i 's|CLAMAV_DB:-""|CLAMAV_DB:-"/var/lib/clamav"|g;s|C_USER:-"clamav"|C_USER:-"clam"|g;s|C_GROUP:-"clamav"|C_GROUP:-"clam"|g;s|MK_LOG:-0|MK_LOG:-1|g;' /usr/local/scamp/scamp.sh |
Install SCAMP
USE ALL THE DEFAULT OPTIONS
1 |
/usr/local/scamp/scamp.sh |
Clamav Database location: [ /var/lib/clamav ]
temp directory: [ /var/lib/clamav/tmp ]
PID file: [ /var/run/clamav/clamd.pid ]
random download timer: [ 1 ]
GROUP ownership: [ clam ]
USER ownership: [ clam ]
Install the Sanesecurity files: [ 1 ]
Install the Sanesecurity *.ldb files: [ 1 ]
Install the Winnow files : [ 1 ]
(1) = Install the non-scoring files only: [ 1 ]
Install the foxhole_all.cdb file : [ 1 ]
Install the Malware files: [ 1 ]
install all of the SecurityInfo files: [ 5 ]
Reload clamd after update: [ 1 ]
Do you want a summary screen printed out when finished?: [ 0 ]
Do you want to create a log file?: [ 1 ]
Do you want to use that name or one that is incremented each month?: [ 0 ]
Scamp can also log to the system logger: [ 1 ]
Do you want to set the GNUPGHOME environment variable?: [ ]
Initialize the SCAMP GPG Keys and Databases
1 |
/usr/local/scamp/scamp.sh |
Create the Cron Job (Hourly Updates)
1 |
echo -e "#"!"/bin/shn/usr/local/scamp/scamp.sh -L -q -R" > /etc/cron.hourly/scamp.cron && chmod +x /etc/cron.hourly/scamp.cron |
Leave a Reply
Want to join the discussion?Feel free to contribute!