Opensuse 11.1 mit Amavisd-ng + postfix; funktionsfähige Konfiguration als Mail-Server mit clamAV und SpamAss
jetzt möchte ich als zusätzlichen virenscanner den AVG Antivir hinzufügen.
Installation und manueller scan ist kein problem; die Anpassung der Amavis Konfiguration auf port 54322 habe ich vorgenommen.
Laut der Datei /opt/avg/avg8/doc/README.amavis habe ich die Änderungen vorgenommen.
Trotzdem ist der Port 54322 vom avgtcpd nicht offen.
Netstat zeigt nur den (offenen, aber in meiner Konfiguration nicht benutzen smtpd port 54321 des AVG):
Amavis beschwert sich immer:
Hier der Teil der Konfiguration des AVG:
Was habe ich hier übersehen oder falsch gemacht?
Wer kann helfen?
Vielen Dank schon mal
jetzt möchte ich als zusätzlichen virenscanner den AVG Antivir hinzufügen.
Installation und manueller scan ist kein problem; die Anpassung der Amavis Konfiguration auf port 54322 habe ich vorgenommen.
Code:
@av_scanners = (
['AVG Anti-Virus',
\&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
qr/^200 [oO][kK]/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ],
Laut der Datei /opt/avg/avg8/doc/README.amavis habe ich die Änderungen vorgenommen.
Code:
2) Configuring avgtcpd
# avgcfgctl -w Default.tcpd.avg.enabled=true
Enabling AVG protocol interface.
# avgcfgctl -w Default.tcpd.avg.address=127.0.0.1
# avgcfgctl -w Default.tcpd.avg.ports=|54322|
Address where avgtcpd will be listening to AVG protocol.
# avgcfgctl -w Default.tcpd.avg.use_socket=true
Enables socket access for AVG protocol.
# avgcfgctl -w Default.tcpd.avg.socket=<socket>
AVG protocol socket interface, where socket has format:
unix:<socket name>
or
inet:<host>:<port>
NOTE: <socket name> must be simple filename without path. Socket will be created
in /opt/avg/avg8/var/run/ directory. Socket name with path must not be longer
than 128 characters.
In the amavisd-new configuration must be '127.0.0.1:54322' changed to
'/opt/avg/avg8/var/run/<socket name>'
# avgcfgctl -w Default.tcpd.avg.limiter_start=20
# avgcfgctl -w Default.tcpd.avg.limiter_stop=25
Limiters are used to limit count of accepted connections for every
opened AVG port. If the limits are too low (handling of more e-mails
at the same time is required), the e-mails which will not be accepted
will be queued in e-mail queue.
If the limits are too high, avgtcpd should use more file handles than
allowed and therefore port 54322 will be closed by system. Avgtcpd needs
at least 5 file descriptors for every currently processed e-mail. If
port 54322 disappears from output of 'netstat', you should set the
values lower and restart avgtcpd.
If you have enabled AVG protocol interface, you should also take into
account file descriptors needed avg avgtcpd for every connection.
# avgcfgctl -w Default.tcpd.avg.timeout=0
Timeout (in miliseconds, 0 for infinity) is used to ensure that avgtcpd will
be not blocked by many lingering scan operations. Limits the time in which
avgtcpd must finish the request and respond. If reached, server returns
"451 timeout" and ends connection.
Netstat zeigt nur den (offenen, aber in meiner Konfiguration nicht benutzen smtpd port 54321 des AVG):
Code:
netstat -tnap | grep "avgtcpd"
tcp 0 0 127.0.0.1:54321 0.0.0.0:* LISTEN 26249/avgtcpd
Code:
Jun 19 22:57:38 lin amavis[23739]: (23739-01) (!)AVG Anti-Virus: Can't connect to INET socket 127.0.0.1:54322: Connection refused, retrying (2)
Jun 19 22:57:44 lin amavis[23739]: (23739-01) (!!)AVG Anti-Virus av-scanner FAILED: run_av error: Too many retries to talk to 127.0.0.1:54322 (Can't connect to INET socket 127.0.0.1:54322: Connection refused) at (eval 101) line 309.
Hier der Teil der Konfiguration des AVG:
Code:
Default.tcpd.avg.address=127.0.0.1
Default.tcpd.avg.enabled=true
Default.tcpd.avg.limiter_start=20
Default.tcpd.avg.limiter_stop=25
Default.tcpd.avg.ports=|54322|
Default.tcpd.avg.socket=inet:127.0.0.1:54322
Default.tcpd.avg.timeout=0
Default.tcpd.avg.use_socket=true
Default.tcpd.milter.enabled=false
Default.tcpd.milter.socket=
Default.tcpd.milter.timeout=0
Default.tcpd.milter.verbosity=0
Default.tcpd.parsing.mime_certification_enabled=false
Default.tcpd.parsing.mime_certify_msg=No virus found in this incoming message.
Default.tcpd.rules.phishing.action=0
Default.tcpd.rules.phishing.bounce_addr=
Default.tcpd.rules.spam.action=0
Default.tcpd.rules.spam.bounce_addr=
Default.tcpd.rules.virus.action=0
Default.tcpd.rules.virus.bounce_addr=
Default.tcpd.scan.header.enabled=true
Default.tcpd.scan.header.value=X-Antivirus-Avg
Default.tcpd.scan.subj_prefix=[VIRUS]
Default.tcpd.smtp.address=127.0.0.1
Default.tcpd.smtp.client_address=127.0.0.1
Default.tcpd.smtp.client_port=10026
Default.tcpd.smtp.enabled=true
Default.tcpd.smtp.limiter_start=20
Default.tcpd.smtp.limiter_stop=25
Default.tcpd.smtp.ports=|54321|
Default.tcpd.smtp.queue_max=20
Default.tcpd.smtp.read_buffer=4096
Default.tcpd.smtp.timeout=0
Default.tcpd.spam.enabled=true
Default.tcpd.spam.header.enabled=true
Default.tcpd.spam.header.value=X-Antispam-Avg
Default.tcpd.spam.phish_subj_prefix=[PHISHING]
Default.tcpd.spam.spamscore_level=90
Default.tcpd.spam.subj_prefix=[SPAM]
Was habe ich hier übersehen oder falsch gemacht?
Wer kann helfen?
Vielen Dank schon mal