(원문) TESTING POSTFIX AFTER INSTALLATION WITH CLAMAV AND SPAMASSASIN
(참고) http://www.jetmore.org/john/code/swaks/latest/doc/ref.txt
- GTUBE 시험 파일 생성: sample-spam-GTUBE.txt
echo 'XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X' \ > sample-spam-GTUBE.txt
2. 바이러스 시험 메일 발송
swaks --to black@mailserver.net --body sample-spam-GTUBE.txt
3. 수신 메일 서버
1) /var/log/mail/mail.log 에서 ‘Blocked INFECTED’ 확인
Apr 20 11:18:32 mail2 policyd-spf[15703]: prepend Received-SPF: None (mailfrom) identity=mailfrom; client-ip=14.xx.xx.xx; helo=jmini.no-ip.org; envelope-from=black@jmini.no-ip.org; receiver=<UNKNOWN>
Apr 20 11:18:32 mail2 postfix/cleanup[16063]: 9C1DA7432D5: message-id=<20180420111830.023339@jmini.no-ip.org>
Apr 20 11:18:32 mail2 opendmarc[1772]: 9C1DA7432D5: jmini.no-ip.org none
Apr 20 11:18:32 mail2 postfix/qmgr[16442]: 9C1DA7432D5: from=<srs0=skrn=hj=jmini.no-ip.org=black@vivans.net>, size=689, nrcpt=1 (queue active)
Apr 20 11:18:37 mail2 amavis[12434]: (12434-07) Blocked SPAM {DiscardedInbound,Quarantined}, [14.xx.xx.xx]:58312 [14.xx.xx.xx] <srs0=skrn=hj=jmini.no-ip.org=black@mailserver.net> -> <black@mailserver.net>, quarantine: T/spam-TcuioR0O5EEM.gz, Queue-ID: 9C1DA7432D5, Message-ID: <20180420111830.023339@jmini.no-ip.org>, mail_id: TcuioR0O5EEM, Hits: 1000.535, size: 696, 4898 ms
2) 격리 메일 /var/mail-state/lib-amavis/virusmails/T/spam-TcuioR0O5EEM.gz 내용 확인
Delivered-To: spam-quarantine X-Envelope-To: <black@mailserver.net> X-Envelope-To-Blocked: <black@mailserver.net> X-Quarantine-ID: <TcuioR0O5EEM> X-Spam-Flag: YES X-Spam-Score: 1000.535 X-Spam-Level: **************************************************************** X-Spam-Status: Yes, score=1000.535 tag=2 tag2=3.8 kill=3.8 tests=[BAYES_00=-1.9, GTUBE=1000, HEADER_FROM_DIFFERENT_DOMAINS=0.25, PYZOR_CHECK=1.392, RDNS_NONE=0.793] autolearn=no autolearn_force=no
