Voila un addon IPCOP sympa :) POP3 + VIRUS scan

[JaDiuM]

Bonsoir, <BR> <BR> <BR>Voila un projet (aboutit apparement) POP3 + scan mail (en flux et redirect) + antispam. <BR> <BR>support F-prot - Clamav - Avp <BR> <BR><!-- BBCode auto-link start --><a href="http://members.inode.at/m.madlener/ipcop/" target="_blank">http://members.inode.at/m.madlener/ipcop/</a><!-- BBCode auto-link end --> <BR> <BR>Warn:1.4x necessaire

[SIMS]

Salut, <BR> <BR>F-Prot est il un antivirus gratuit ??? <BR>

[Fesch]

Est-ce qu'il y a quelqû'un qui a déjà testé et puisse dire si c'est bien et si cela fonctionne?

[micheldp]

réponse à SIMS: <!-- BBCode auto-link start --><a href="https://secure.f-prot.com/cgi-bin/buy#price-note" target="_blank">https://secure.f-prot.com/cgi-bin/buy#price-note</a><!-- BBCode auto-link end --> <BR>Fprot n'est pas gratuit

[Coca-Cola]

L'intéret d'IPCOP c'est d'être une distrib relativement "secure", mais à force d'y apposer des addons ces failles augmentent et son rôle principale (FW) ressemble plus à un pauvre zonealarm sur un XP d'origine. Car si on fait le tour des addons (serveur web, serveur ftp, installation de rpm, viruscan, pop3, routeur smtp,...) et qu'on rajoute une interface X on obtient, une Mandrake 9.2 <IMG SRC="images/smiles/icon_smile.gif"> <BR>C'est mon avis et il n'engage que moi ....

[braouazou]

Même si je trouve ça intéressant, je dois avouer que je serais surpris de voir ça sur une passerelle... Autant installer directement ça sur les serveurs concernés (antispam + antivirus sur le serveur mails etc..). En outre, pour utiliser certaines de ces applications, les ressources nécessaires pour un traffic personnel (!) sont relativement importantes (je ne saurais pas les chiffrer, mais je vois que ç a rame sec en ce moment avec tous les Mydoom et les messages de retour sur un Athlon 500Mhz dédié aux mails). <BR> <BR>Mais bon, c vrai, ça peut permettre à certains de mieux se protéger, à condition d'avoir une bonne machine <IMG SRC="images/smiles/icon_wink.gif">

[Fesch]

A des fins personnel, cela pourrait quand-même être très intéressant je trouve, non? <BR> <BR>Je vais l'essayer en tout cas ...

[JaDiuM]

<!-- BBCode Quote Start --><TABLE BORDER=0 ALIGN=CENTER WIDTH=85%><TR><TD><font size=-2>En réponse à:</font><HR></TD></TR><TR><TD><FONT SIZE=-2><BLOCKQUOTE> <BR>Le 2004-02-07 22:30, Coca-Cola a écrit: <BR>L'intéret d'IPCOP c'est d'être une distrib relativement "secure", mais à force d'y apposer des addons ces failles augmentent et son rôle principale (FW) ressemble plus à un pauvre zonealarm sur un XP d'origine. Car si on fait le tour des addons (serveur web, serveur ftp, installation de rpm, viruscan, pop3, routeur smtp,...) et qu'on rajoute une interface X on obtient, une Mandrake 9.2 <IMG SRC="images/smiles/icon_smile.gif"> <BR>C'est mon avis et il n'engage que moi .... <BR></BLOCKQUOTE></FONT></TD></TR><TR><TD><HR></TD></TR></TABLE><!-- BBCode Quote End --> <BR> <BR> <BR>C'est sur... mais la il s'agit d'un proxy POP3 donc interessant pour les gens qui n'ont pas de serveur mail perso ou pro (toutes les requetes du réseau interne sur le port 110 sont redirigées, et parsées puis livrées au poste client) <BR> <BR>mais bon à chacun de voir. <BR> <BR> <BR>@fesch <BR> <BR>Oui je l'ai installé mais pas encore entièrement décortiqué (apparement quelques fichiers sont maquants et il faut revoir la config P3scan, mais rien d'insurmontable) <BR> <BR>@fesch/end <BR> <BR>Attention, si vous n'etes pas bidouilleur dans l'ame je déconseille l'installation (surtout si vous êtes en production cela va de soit) <BR> <BR> <BR> <BR> <BR>

[shenlong]

(Je previen suis un newbee de newbee ...) Je tourne actuelement sur clarkconnect 2.0 Mais je cherche une distrib super sécurisé (C'est pas que clark n'est pas sécurisé mais ...). J'entend par super sécurisé, firewall + antivirus. étand tombé sur ce post, je cherche si possible quelqu'un qui aurais réeusit, et qui pourais m'aidé <IMG SRC="images/smiles/icon_razz.gif"> <BR>Merci

[Fesch]

Bon, je suis coinçé déjà à l'install <IMG SRC="images/smiles/icon_bawling.gif"> <BR> <BR>install.sh: line 265: syntax error: unexpected end of file <BR> <BR>... donc c'est déjà fini le rêve ... <IMG SRC="images/smiles/icon_cry.gif">

[JaDiuM]

Mais non pleure pas <IMG SRC="images/smiles/icon_smile.gif"> <BR> <BR><!-- BBCode auto-link start --><a href="http://members.inode.at/m.madlener/ipcop/ipcop_addon_pkg_200402072217_public.tgz" target="_blank">http://members.inode.at/m.madlener/ipcop/ipcop_addon_pkg_200402072217_public.tgz</a><!-- BBCode auto-link end --> <BR> <BR>Voici le fichier à jour et fonctionnel en date d'hier 22h17 <IMG SRC="images/smiles/icon_smile.gif">

[Fesch]

Non, c'est bien avec ce fichier là que cela ne marche pas <IMG SRC="images/smiles/icon_bawling.gif">

[JaDiuM]

re re re fesh <IMG SRC="images/smiles/icon_smile.gif"> <BR> <BR>voila pour ton bonheur <IMG SRC="images/smiles/icon_smile.gif"> (le message d'erreur à la fin c'est rien de bien grave ! ) <BR> <BR>fichier install.sh <BR>------------------------------------------------------------------------------------------------- <BR> <BR>#!/bin/sh <BR> <BR>############################################################### <BR># package creation: <BR># <BR># cd /usr/local/opt;chown -R filter.filter mail-spamassassin ; chown -R root.root f-prot f-prot_tools ; chown -R p3scan.p3scan p3scan p3scan_tools ; chown -R privoxy.privoxy privoxy ; chown -R clamav.clamav clamav; rm -rf /usr/local/opt/p3scan/default/var/spool/p3scan/children/* ; rm /usr/local/opt/p3scan/default/var/spool/p3scan/* <BR># cd /root/ipcop_addon_pkg <BR># tar czvf install/opt.tgz /usr/local/opt /etc/rc.d/init.d/dnsmasq <BR># cp /etc/hosts install/ <BR># vi install/hosts and remove the private stuff !! <BR># chmod u+x install*.sh <BR># cd /root; chown root.root /etc/rc.d/init.d/dnsmasq <BR># chown -R root.root ipcop_addon_pkg <BR># #tar czvf ipcop_addons_`date +%Y%m%d%H%M`.tgz install.sh ipcop_addons ipcop_addons.txt <BR># tar czvf ipcop_addon_pkg_`date +%Y%m%d%H%M`.tgz ipcop_addon_pkg <BR># <BR># <BR># for public distribution <BR># tar xzvf ipcop_addon_pkg_xxxxxxxxxxx.tgz <BR># vi ipcop_addon_pkg/etc/ipcop_addons_settings <BR># vi ipcop_addon_pkg/bin/update_ip_address.sh <BR># rm ipcop_addon_pkg/bin/after_pptpdial.sh ipcop_addon_pkg/bin/before_pptpdial.sh <BR># cd ipcop_addon_pkg/install <BR># tar xzvf opt.tgz <BR># <BR># remove private stuff from these files: <BR># vi usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf <BR># vi usr/local/opt/privoxy/etc/user.action (leave .sourceforge.net .mybank.com .privoxy.org) <BR># vi usr/local/opt/privoxy/etc/default.action (delete everything from {+block} .adultterra.com <BR># vi ../install.sh (remove check if hosts file is there installation of hosts file) <BR># <BR># then do <BR># rm usr/local/opt/privoxy/etc/*.backup <BR># rm usr/local/opt/mail-spamassassin/etc/mail/spamassassin/*.backup <BR># rm usr/local/opt/f-prot/default <BR># remove the version of f-prot installed <BR># #rm -rf usr/local/opt/f-prot/[0-9]* <BR># comment the crontab line where f-prot antivirus update script is executed in the install.sh file <BR># comment the crontab line where the wlanip update is done <BR># comment the whole f-prot section in usr/local/opt/p3scan_tools/default/bin/mailscanner.sh <BR># cp -p usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf usr/local/opt/mail-spamassassin/conf_2.61_backup/etc/mail/spamassassin/local.cf <BR># cp -p usr/local/opt/privoxy/etc/user.action usr/local/opt/privoxy/conf_3.0.2_backup/etc/user.action <BR># cp -p usr/local/opt/p3scan_tools/default/bin/mailscanner.sh usr/local/opt/p3scan_tools/conf_1.2_backup/bin/mailscanner.sh <BR># rm opt.tgz <BR># tar czvf opt.tgz usr/local/opt etc/rc.d/init.d/dnsmasq <BR># #rm -rf usr etc <BR># rm hosts* <BR># cd ..; rm -rf old_stuff/ ; cd .. <BR># tar czvf ipcop_addon_pkg_`date +%Y%m%d%H%M`_public.tgz ipcop_addon_pkg <BR># finished !! <BR># untar original distribution ! just in case i want to further develop the package, so i <BR># don't mistakenly use the public one <BR># <BR># if updating check for new versions of <BR># mail-spamassassin, privoxy, p3scan, ripmime and f-prot <BR> <BR>############################################################### <BR># privoxy <BR># <BR># use this filter to customize webfilter rules <BR># /usr/local/opt/privoxy/etc/default.action <BR># /usr/local/opt/privoxy/etc/user.action <BR> <BR>############################################################### <BR># p3scan <BR># <BR># script based scanning of emails possible: <BR># use this file to add additional virus-scanners, filters, etc <BR># /usr/local/opt/p3scan_tools/default/bin/mailscanner.sh <BR> <BR>############################################################### <BR># ripmime <BR># <BR># add new ripmime versions here: <BR># /usr/local/opt/p3scan_tools/default/bin/ripmime <BR> <BR>############################################################### <BR># clamav <BR># <BR># updates are done via script in /etc/crontab, change update times there <BR> <BR>############################################################### <BR># f-prot <BR># <BR># updates are done via script in /etc/crontab, change update times there <BR> <BR>############################################################### <BR># mail-spamassassin <BR># <BR># use this file to customize spam-assassin <BR># /usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf <BR> <BR> <BR> <BR>############################################################### <BR># installation: <BR> <BR>CURRENTDIR=`pwd` <BR> <BR># check if files exist: <BR>if [ ! -f $CURRENTDIR/install/perl_modules_for_f-prot.tgz -o ! -f $CURRENTDIR/install/perl_modules_for_spamassassin.tgz -o <BR> ! -f $CURRENTDIR/install/opt.tgz ] ; then <BR> echo at least one the the following files is missing: <BR> echo $CURRENTDIR/install/perl_modules_for_f-prot.tgz <BR> echo $CURRENTDIR/install/perl_modules_for_spamassassin.tgz <BR> echo $CURRENTDIR/install/opt.tgz <BR> echo $CURRENTDIR/install/hosts <BR> exit <BR>fi <BR> <BR> <BR> <BR>UNIQ_FILE=`date +%Y%m%d%H%M%S` <BR> <BR># backup config files <BR>if [ -f /usr/local/opt/privoxy/etc/user.action ] ; then <BR> cp -p /usr/local/opt/privoxy/etc/config /usr/local/opt/privoxy/etc/config.$UNIQ_FILE.backup <BR> cp -p /usr/local/opt/privoxy/etc/user.action /usr/local/opt/privoxy/etc/user.action.$UNIQ_FILE.backup <BR> cp -p /usr/local/opt/privoxy/etc/default.action /usr/local/opt/privoxy/etc/default.action.$UNIQ_FILE.backup <BR>fi <BR> <BR>if [ -f /usr/local/opt/privoxy/etc/user.action ] ; then <BR> cp -p /usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf /usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf.$UNIQ_FILE.backup <BR>fi <BR> <BR># install packages <BR>tar xzvf $CURRENTDIR/install/opt.tgz -C / <BR>tar xzvf $CURRENTDIR/install/perl_modules_for_f-prot.tgz -C / <BR>tar xzvf $CURRENTDIR/install/perl_modules_for_spamassassin.tgz -C / <BR> <BR>rm /usr/local/opt/p3scan/default/var/spool/p3scan/* <BR>rm -rf /usr/local/opt/p3scan/default/var/spool/p3scan/children/* <BR> <BR> <BR># restore config files (after tar extraction) <BR>if [ -f /usr/local/opt/privoxy/etc/user.action.$UNIQ_FILE.backup ] ; then <BR> cp -fp /usr/local/opt/privoxy/etc/config.$UNIQ_FILE.backup /usr/local/opt/privoxy/etc/config <BR> cp -fp /usr/local/opt/privoxy/etc/user.action.$UNIQ_FILE.backup /usr/local/opt/privoxy/etc/user.action <BR> cp -fp /usr/local/opt/privoxy/etc/default.action.$UNIQ_FILE.backup /usr/local/opt/privoxy/etc/default.action <BR>fi <BR> <BR>if [ -f /usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf.$UNIQ_FILE.backup ] ; then <BR> cp -fp /usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf.$UNIQ_FILE.backup /usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf <BR>fi <BR> <BR> <BR># adding hosts_entries_to_block_banners <BR>#grep hosts_entries_to_block_banners /etc/hosts > /dev/null <BR>#if [ $? != 0 ]; then <BR># echo adding hosts entries to block banners <BR># cat $CURRENTDIR/install/hosts >>/etc/hosts <BR>#else <BR># echo hosts entries to block banners already added <BR>#fi <BR> <BR> <BR># add configuration to squid (test first if already added) <BR># PROBLEM: if package is installed before squid is enabled, GUI will bring an error ! <BR> <BR>grep negative_dns_ttl /etc/squid/squid.conf > /dev/null <BR>if [ $? != 0 ]; then <BR> echo adding negative_dns_ttl parameter in /etc/squid/squid.conf <BR> echo "negative_dns_ttl 0 minutes" >> /etc/squid/squid.conf <BR> SQUID_PID=`pidof squid` <BR> <BR> # sending HUP signal to squid to reread config file if its running <BR> PRG_PID=`pidof "(squid)"` <BR> if [ $? != 0 ]; then <BR> PRG_PID="" <BR> fi <BR> if [ x$PRG_PID = "x" ]; then <BR> echo ok, squid is currently not running <BR> else <BR> kill -HUP $PRG_PID <BR> echo "sent a HUP signal to squid to reread its config file ..." <BR> fi <BR> else <BR> echo negative_dns_ttl in /etc/squid/squid.conf already added <BR>fi <BR> <BR> <BR># add startup scripts to ipcop installation <BR>grep privoxy /etc/rc.d/rc.sysinit > /dev/null <BR>if [ $? != 0 ]; then <BR> echo adding start scripts to /etc/rc.d/rc.sysinit <BR> cat <<EOF>> /etc/rc.d/rc.sysinit <BR># start local programs <BR>/usr/local/opt/privoxy/etc/init.d/privoxy start <BR>/usr/local/opt/p3scan/etc/init.d/p3scan start <BR>/usr/local/opt/mail-spamassassin/etc/init.d/spamd start <BR>EOF <BR>else <BR>echo startup scripts already added <BR>fi <BR> <BR> <BR># add users and groups for privoxy, p3scan and mail-spamassassin, delete them before adding them <BR>userdel privoxy <BR>userdel p3scan <BR>userdel filter <BR>userdel clamav <BR>userdel razor <BR>groupdel privoxy <BR>groupdel p3scan <BR>groupdel filter <BR>groupdel clamav <BR>groupdel razor <BR>groupadd -g 700 privoxy <BR>useradd -g privoxy -d /tmp -M -s /bin/false -u 700 privoxy <BR>groupadd -g 701 p3scan <BR>useradd -g p3scan -d /tmp -M -s /bin/false -u 701 p3scan <BR>groupadd -g 702 filter <BR>useradd -g filter -d /tmp -M -s /bin/false -u 702 filter <BR>groupadd -g 703 clamav <BR>useradd -g clamav -d /tmp -M -s /bin/false -u 703 clamav <BR>groupadd -g 704 razor <BR>useradd -g razor -d /tmp -M -s /bin/false -u 704 razor <BR> <BR>chown -R filter.filter /usr/local/opt/mail-spamassassin <BR>chown -R root.root /usr/local/opt/f-prot /usr/local/opt/f-prot_tools <BR>chown -R p3scan.p3scan /usr/local/opt/p3scan /usr/local/opt/p3scan_tools <BR>chown -R privoxy.privoxy /usr/local/opt/privoxy <BR>chown -R clamav.clamav /usr/local/opt/clamav <BR> <BR># add startup script links to ipcop installation <BR>cd /etc/rc.d/init.d <BR>ln -s /usr/local/opt/privoxy/etc/init.d/privoxy <BR>ln -s /usr/local/opt/p3scan/etc/init.d/p3scan <BR>ln -s /usr/local/opt/mail-spamassassin/etc/init.d/spamd <BR> <BR># customize privoxy installation <BR>cd /root <BR>#ln -s /usr/local/opt/privoxy/etc/user.action privoxy_user.action <BR>#ln -s /usr/local/opt/privoxy/etc/default.action privoxy_default.action <BR>#ln -s /usr/local/opt/mail-spamassassin/etc/mail/spamassassin/local.cf spamassassin_local.cf <BR>#ln -s /etc/ipcop_addons_settings <BR> <BR>cd /tmp <BR># change privoxy config (listen and forward ip address + port) <BR>IP=`ifconfig |grep -1 eth0 |grep -i inet |sed -e "s/.*:(.*) B.*/1/"` <BR>echo <BR>echo eth0 ip address is $IP, changing forward and listen-address to $IP in /usr/local/opt/privoxy/etc/config <BR>echo <BR> <BR>cat /usr/local/opt/privoxy/etc/config |sed -e "s/^forward.*/forward / $IP:800/" >config.tmp <BR>mv config.tmp /usr/local/opt/privoxy/etc/config <BR> <BR>cat /usr/local/opt/privoxy/etc/config |sed -e "s/^listen.*/listen-address $IP:8118/" >config.tmp <BR>mv config.tmp /usr/local/opt/privoxy/etc/config <BR> <BR>chown privoxy.privoxy /usr/local/opt/privoxy/etc/config <BR> <BR> <BR> <BR># customize f-prot installation <BR>fcrontab -l >fcrontab.tmp <BR>grep check-updates_f-prot.sh fcrontab.tmp > /dev/null <BR>if [ $? != 0 ]; then <BR> echo adding antivirus update definition files script to fcrontab <BR>echo CRONTAB has now to be done via fcrontab -e !!!!! <BR>cat <<EOF>> fcrontab.tmp <BR># the 2 following entries need to be run as root, since only root is allowed to open outgoing port 25 to send email <BR>16,46 * * * * root /usr/local/opt/clamav/tools/check-updates_clamav.sh <BR>55 5 * * 1 p3scan rm /usr/local/opt/p3scan/default/var/spool/p3scan/* <BR> <BR># update wanip.opencl.com <BR>*/5 * * * * root /root/ipcop_addon_pkg/bin/update_ip_address.sh <BR>EOF <BR>fcrontab fcrontab.tmp <BR>else <BR>echo antivirus update definitionfiles script in fcrontab already added <BR>fi <BR>rm -f fcrontab.tmp <BR> <BR>cd /usr/local/bin <BR>ln -s ../opt/f-prot_tools/default/bin/* . <BR>#fprot fails to run if it is called via the link, so don't make it <BR>#ln -s ../opt/f-prot/default/f-prot . <BR>ln -s ../opt/clamav/default/bin/* . <BR> <BR> <BR> <BR># start the installed tools <BR>/usr/local/opt/privoxy/etc/init.d/privoxy restart <BR>/usr/local/opt/p3scan/etc/init.d/p3scan restart <BR>/usr/local/opt/mail-spamassassin/etc/init.d/spamd restart <BR> <BR> <BR>echo <BR>echo don't forget to set your email address,.. in /root/ipcop_addon_pkg/etc/ipcop_addons_settings <BR>echo and READ ipcop_addon_pkg/doc/INSTALL <BR>echo <BR>----------------------------------------------------------------------------------------- <BR> <BR>Attention de bien éditer le ipcop_addons_setting comme précisé dans la doc <IMG SRC="images/smiles/icon_smile.gif"> <BR> <BR> <BR> <BR>_________________ <BR>---------------------------------- <BR>"Computers are like air conditionners. They stop working properly when you open Windows" <BR>----------------------------------<BR><BR><font size=-2></font>

[belugha]

<!-- BBCode Quote Start --><TABLE BORDER=0 ALIGN=CENTER WIDTH=85%><TR><TD><font size=-2>En réponse à:</font><HR></TD></TR><TR><TD><FONT SIZE=-2><BLOCKQUOTE> <BR>Le 2004-02-07 22:24, micheldp a écrit: <BR>réponse à SIMS: <!-- BBCode auto-link start --><a href="https://secure.f-prot.com/cgi-bin/buy#price-note" target="_blank">https://secure.f-prot.com/cgi-bin/buy#price-note</a><!-- BBCode auto-link end --> <BR>Fprot n'est pas gratuit <BR></BLOCKQUOTE></FONT></TD></TR><TR><TD><HR></TD></TR></TABLE><!-- BBCode Quote End --> <BR> <BR>FAUX <BR> <BR>Pour un usage personnel, F-Prot est gratuit <IMG SRC="images/smiles/icon_smile.gif"> <BR><!-- BBCode auto-link start --><a href="http://www.f-prot.com/products/home_use/linux/" target="_blank">http://www.f-prot.com/products/home_use/linux/</a><!-- BBCode auto-link end --> <BR> <BR>F-Prot Antivirus for Linux Workstations is FREE for use by personal users on personal workstations <BR> <BR> <BR> <BR>

[carbone]

SAlut, <BR>J'ai installé l'add-on dont on parle dans ce topic, il tourne super, bon ok aux heures de pointes il est parfois difficile de récupérer ses mails mais j'ai pas une super machine(PI 150, 64Ram,HD 1Go) et on est 20 à pomper. <BR>Mais par contre,j'ai un problème avec Clamav, dans plusieurs mails, il me détecte un oversized zip, c'est duû à un taux de compression trop élevé. Ce problème est réglé via une variable dans le conf mais avec la version .66 et supp de clamav or c'est la version .65 foiurnie avec cet add-on <IMG SRC="images/smiles/icon_bawling.gif"> <BR>Donc ma question, quelqu'un a-t-il déjà eu ce problème, comment l'a-t-il résolu? <BR>et comment peut-on installer une version supp de clamav, sans compilateur? (pas d'autre distrib linux de dispo)