MailWatch蒐集MailScanner郵件過濾的判定紀錄,可用於分析、管理規則的設定
1.安裝MYSQL及相關元件
yum install mysql mysql-server mod_auth_mysql perl-DBD-MySQL
2.安裝PHP及相關元件
yum install php php-gd php-pear php-mysql php-devel
3.設定啟動服務
chkconfig httpd on
chkconfig mysqld on
6.設定PHP
vim /etc/php.ini
short_open_tag = On
safe_mode = Off
register_globals = Off
magic_quotes_gpc = On
magic_quotes_runtime = Off
session.auto_start = 0
7.安裝MailWatch
下載http://sourceforge.net/project/showfiles.php?group_id=87163
tar -zxvf mailwatch-1.0.4.tar.gz
8.建立資料庫
cd mailwatch-1.0.4
mysql -p < create.sql
產生mailscanner資料庫並建立資料表
9.修改MailWatch資料庫設定
vim MailWatch.pm
my($db_name) = ‘mailscanner’; (資料庫名稱)
my($db_host) = ‘localhost’; (資料庫位置)
my($db_user) = ‘root’; (使用者名稱)
my($db_pass) = ‘xxxxxx′; (使用者密碼)
10.複製設定檔
cp MailWatch.pm /usr/lib/MailScanner/MailScanner/CustomFunctions/
11.新增網頁使用者
mysql mailscanner -u root -p
Enter password: ******
mysql> INSERT INTO users VALUES ('root',md5('xxxxxx'),'root','A','0','0','0','0','0');
11.設置網頁檔案
mv mailscanner /var/www/html/
12.修改網頁權限
cd /var/www/html/mailscanner
chown root:apache images
chmod ug+rwx images
chown root:apache images/cache
chmod ug+rwx images/cache
13.複製設定檔
cp conf.php.example conf.php
14.設定conf.php
vim conf.php
define(DB_TYPE, ‘mysql’);
define(DB_USER, ‘root’);
define(DB_PASS, ‘xxxxxx');
define(DB_HOST, ‘localhost’);
define(DB_NAME, ‘mailscanner’);
15.設定MailScanner
vim /etc/MailScanner/MailScanner.conf
Quarantine User = root
Quarantine Group = apache (this should be the same group as your web server)
Quarantine Permissions = 0660
Quarantine Whole Message = yes
Quarantine Whole Message As Queue Files = no
Detailed Spam Report = yes
Include Scores In SpamAssassin Report = yes
Always Looked Up Last = &MailWatchLogging
16.設定黑白名單
vim /root/mailwatch-1.0.4/SQLBlackWhiteList.pm
my($db_name) = 'mailscanner';
my($db_host) = 'localhost';
my($db_user) = 'root';
my($db_pass) = '!Q@W#E$R';
cp /root/mailwatch-1.0.4/SQLBlackWhiteList.pm /usr/lib/MailScanner/MailScanner/CustomFunctions/
vim /etc/MailScanner/MailScanner.conf
Is Definitely Not Spam = &SQLWhitelist
Is Definitely Spam = &SQLBlacklist
17. 修改SpamAssassin設定
vim /etc/MailScanner/spam.assassin.prefs.conf
加入
bayes_path /etc/MailScanner/bayes/bayes
bayes_file_mode 0660
18.建立新的bayes目錄
mkdir /etc/MailScanner/bayes
chown root:apache /etc/MailScanner/bayes
chmod g+rws /etc/MailScanner/bayes
19.複製已經存在的bayes資料庫
cp /root/.spamassassin/bayes_* /etc/MailScanner/bayes
chown root:apache /etc/MailScanner/bayes/bayes_*
chmod g+rw /etc/MailScanner/bayes/bayes_*
20.測試SpamAssassin
spamassassin -D -p /etc/MailScanner/spam.assassin.prefs.conf --lint
21.重新啟動MailScanner
service MailScanner restart
22.執行mailwatch內建的權限自動修正程式
cd mailwatch-1.0.4
./fix_quarantine_permissions
23.手動維護資料庫資料
連線至mysql
mysql mailscanner
下指令 delete from maillog where date < '2006-03-06';
即可刪除日期之前資料
備註:
◎網頁中文化
說明 http://csc.ocean-pioneer.com/modules/news/article.php?storyid=17
檔案 http://csc.ocean-pioneer.com/docum/mailscanner.tar.gz
下載後覆蓋即可,中文測試時有些設定功能會失效,可能是版本不同造成的。
◎改網頁編碼
若顯示Big5中文會出現亂碼,可以在/etc/httpd/conf.d下建立設定檔案
vim /etc/httpd/conf.d/mailwatch.conf
Alias /mailscanner /var/www/html/mailscanner
<Location /mailscanner>
Order allow,deny
allow from all
AddDefaultCharset Big5
</Location>
網頁錯誤訊息:
Unable to select a regular expression for your primary virus scanner (f-prot-6) - please see the examples in functions.php to create one.
修正vi /var/www/html/mailscanner/functions.php
case 'f-prot': <==改 f-prot-6 新版f-prot的執行檔為 f-prot-6
define(VIRUS_REGEX, '/(.+) Infection: (\S+)/');
break;
無法看到Reports圖形畫面:
確定 yum install php-gd 有安裝,且
vi /etc/php.d/gd.ini
; Enable gd extension module
extension=gd.so <==有起來
重新啟動HTTPD應該就可以看到。
===============================================================
MailWatch觀看IP國別設定
1. 建立TEMP目錄(視MailWatch安裝的網頁路徑下建立temp目錄)
mkdir /var/www/html/mailscanner/temp
chown root.apache /var/www/html/mailscanner/temp
chmod 775 /var/www/html/mailscanner/temp
2. 進入MailWatch網頁
更新完國別資料庫後,即可看到Report內有Country欄位會自動秀出對應IP的國別
留言列表
