(원문) TESTING POSTFIX AFTER INSTALLATION WITH CLAMAV AND SPAMASSASIN

(참고) http://www.jetmore.org/john/code/swaks/latest/doc/ref.txt

  1. GTUBE 시험 파일 생성: sample-spam-GTUBE.txt
echo 'XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X' \
> sample-spam-GTUBE.txt

2. 바이러스 시험 메일 발송

swaks --to black@mailserver.net --body sample-spam-GTUBE.txt

3. 수신 메일 서버

1) /var/log/mail/mail.log 에서 ‘Blocked INFECTED’ 확인

Apr 20 11:18:32 mail2 policyd-spf[15703]: prepend Received-SPF: None (mailfrom) identity=mailfrom; client-ip=14.xx.xx.xx; helo=jmini.no-ip.org; envelope-from=black@jmini.no-ip.org; receiver=<UNKNOWN>
Apr 20 11:18:32 mail2 postfix/cleanup[16063]: 9C1DA7432D5: message-id=<20180420111830.023339@jmini.no-ip.org>
Apr 20 11:18:32 mail2 opendmarc[1772]: 9C1DA7432D5: jmini.no-ip.org none
Apr 20 11:18:32 mail2 postfix/qmgr[16442]: 9C1DA7432D5: from=<srs0=skrn=hj=jmini.no-ip.org=black@vivans.net>, size=689, nrcpt=1 (queue active)
Apr 20 11:18:37 mail2 amavis[12434]: (12434-07) Blocked SPAM {DiscardedInbound,Quarantined}, [14.xx.xx.xx]:58312 [14.xx.xx.xx] <srs0=skrn=hj=jmini.no-ip.org=black@mailserver.net> -> <black@mailserver.net>, quarantine: T/spam-TcuioR0O5EEM.gz, Queue-ID: 9C1DA7432D5, Message-ID: <20180420111830.023339@jmini.no-ip.org>, mail_id: TcuioR0O5EEM, Hits: 1000.535, size: 696, 4898 ms

2) 격리 메일 /var/mail-state/lib-amavis/virusmails/T/spam-TcuioR0O5EEM.gz 내용 확인

Delivered-To: spam-quarantine
X-Envelope-To: <black@mailserver.net>
X-Envelope-To-Blocked: <black@mailserver.net>
X-Quarantine-ID: <TcuioR0O5EEM>
X-Spam-Flag: YES
X-Spam-Score: 1000.535
X-Spam-Level: ****************************************************************
X-Spam-Status: Yes, score=1000.535 tag=2 tag2=3.8 kill=3.8
 tests=[BAYES_00=-1.9, GTUBE=1000, HEADER_FROM_DIFFERENT_DOMAINS=0.25,
 PYZOR_CHECK=1.392, RDNS_NONE=0.793] autolearn=no autolearn_force=no