Email Security : Postfix, Amavis, ClamAV dan Spamassassin…

Mau kasih kata pengantar buat praktek email security kali ini kok rasanya males, udah ngantuk pula. Jadi langsung saya tulis aja ya, silahkan Anda coba  sendiri ya .. (Sumber : hasil praktikum di lab Jaringan Komputer PENS-ITS)

Tahapan konfigurasinya sebagai berikut:

Installasi DNS

IP local = 10.252.108.238

# apt-get install bind9

Konfigurasi file /etc/resolv.conf

# vim /etc/resolv.conf, ketikkan :

domain tatas.co.id

search tatas.co.id

nameserver 10.252.108.238

Copy template database

# cp /etc/bind/db.local /var/cache/bind/tatas.co.id.db

# cp /etc/bind/db.255 /var/cache/bind/tatas.co.id.rev

Edit Database File

# vim /var/cache/bind/tatas.co.id/db

;

;BIND data file for local loopback interface

;

$TTL 604800

@ IN SOA www.tatas.co.id. Root.tatas.co.id. (

1 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800) ; Negative Cache TTLlocal alte

lv.conf

8

;

@ IN NS localhost.

@ IN A 127.0.0.1

www IN A 10.252.108.238

akira IN A 10.252.108.239

ftp IN CNAME www

Edit file database reverse file

# vim /var/cache/bind/tatas.co.id.rev

;

BIND reverse data file for broadcast zone

;

$TTL 604800

@ IN SOA www.tatas.co.id. Root.tatas.co.id. (

1 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800) ; Negative Cache TTL

;

@ IN NS localhost.

238 IN PTR www.tatas.co.id.

239 IN PTR akira.tatas.co.id

Edit file konfigurasi named.conf.local

# vim /etc/bind/named.conf.local

Zone “tatas.co.id”{

Type master;

File ”/var/cache/bind/tatas.co.id.db”;

}

Zone “108.252.10.in-addr.arpa”{

Type master;

File “/var/cache/bind/tatas.co.id.rev”;

}

Edit named.conf.options

# vim /etc/bind/named.conf.options

Forwarders {

202.154.187.2;

202.154.187.3;

}

Restart bind9

# /etc/init.d/bind9 restart

Cek

# nslookup www.tatas.co.id

========================================

Modifikasi Postfix

# postconf –e ‘home_mailbox=Maildir/’

# postconf -e ‘mailbox_command=’

# postconf -e ‘myhostname=akira’

# postconf -e ‘myorigin=akira.tatas.co.id’

# postconf -e ‘mydestination= akira.tatas.co.id, localhost, $myhostname, $myorigin’

Mengaktifkan Postfix

# /etc/init.d/postfix start

=================================

Instalasi ClamAV

# apt-get install unrar lha unzoo zoo arj unzip bzip2 lzop daemon

# apt-get install clamav clamav-daemon clamav-freshclam

• Kemudian pilih daemon
• Kemudian pilih virus update server
• Pilih db.id.clamav.net (Indonesia)
• Masukkan proxy server (options)
• Format : http://proxy.eepis-its.edu:3128
• Notified (yes)

Mengaktifkan ClamAV

# /etc/init.d/clamav-daemon start

=================================

Instalasi SpamAssassin

# apt-get install spamassassin pyzor razor

Rubah di file /etc/default/spamassassin

ENABLED=0

menjadi

ENABLED=1

Mengaktifkan SpamAssassin

# /etc/init.d/spamassassin start

==============================

Instalasi Amavisd

# apt-get install amavis

Edit file /etc/postfix/master.cf

# vim /etc/postfix/master.cf, tambahkan :

smtp-amavis unix - - n - 2 smtp

-o smtp_data_done_timeout=1200

-o smtp_send_xforward_command=yes

-o disable_dns_lookups=yes

Tambahkan baris berikut pada /etc/posfix/master.cf

127.0.0.1:10025 inet n - n - - smtpd

-o content_filter=

-o local_recipient_maps=

-o relay_recipient_maps=

-o smtpd_restriction_classes=

-o smtpd_client_restrictions=

-o smtpd_helo_restrictions=

-o smtpd_sender_restrictions=

-o smtpd_recipient_restrictions=permit_mynetworks,reject

-o mynetworks=127.0.0.1

-o strict_rfc821_envelopes=no

-o smtpd_error_sleep_time=0

-o smtpd_soft_error_limit=1001

-o smtpd_hard_error_limit=1000

Integrasi dengan Postfix

# postconf -e ‘content_filter=smtp-amavis:[127.0.0.1]:10024‘

# postconf -e ‘mailbox_command=’

Mengaktifkan Amavis

# /etc/init.d/postfix restart

Integrasi dengan ClamAV

Ubah permission /var/run/clamav ke user amavis

# chown amavis.amavis –R /var/run/clamav

Ubah “User clamav” pada /etc/clamav/clamd.conf

User amavis

# /etc/init.d/clamav-daemon restart

# /etc/init.d/amavis restart

Integrasi dengan SpamAssassin

# vim /etc/amavis/amavisd.conf, rubah

$sa_local_tests_only = 1;

Menjadi

$sa_local_tests_only = 0;

Restart amavis

# /etc/init.d/amavis restart

Instalasi Squirrelmail

# apt-get install apache2 php4 php4-imap libapache2-mod-php4

# a2enmod php4

# apt-get install squirrelmail courier-imap

Buat symlink untuk apache2

# ln –s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf

Mengkonfigurasi squirrelmail

# /etc/squirrelmail/conf.pl

Pilih :

• 2 – server
• A – update imap server
• 8 – imap server
• courier
• s – save data

Modifikasi User

# cd /etc/skel

# maildirmake Maildir

Tambahkan user

# adduser coba

Test Intalasi

Menggunakan browser arahkan

http://localhost/squirrelmail

Menggunakan web-ssl

https://localhost/squirrelmail/

Masuk dengan user yg telah dibuat

Coba Email yang mengandung virus

# telnet localhost 10024

Isikan dengan

• MAIL FROM:<heh@hehe.com>
• RCPT TO: <postmaster>
• DATA
• Subject : virus
• X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
• .
  

Edit Database File

# vim /var/cache/bind/tatas.co.id/db

;

;BIND data file for local loopback interface

;

$TTL 604800

@ IN SOA www.tatas.co.id. Root.tatas.co.id. (

1 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800) ; Negative Cache TTLlocal alte

lv.conf

8

;

@ IN NS localhost.

@ IN A 127.0.0.1

www IN A 10.252.108.238

akira IN A 10.252.108.239

ftp IN CNAME www