#!/bin/bash set -e # SYSTEMD SOCKET AUS systemctl disable clamav-daemon.socket 2>/dev/null || true systemctl stop clamav-daemon.socket 2>/dev/null || true rm -f /etc/systemd/system/clamav-daemon.socket systemctl daemon-reload # PAKETE apt-get update apt-get install -y clamav-daemon clamav-freshclam rspamd redis-server postfix swaks systemctl enable --now redis-server # SIGNATUREN systemctl stop clamav-freshclam || true freshclam systemctl start clamav-freshclam # CLAMAV KONFIG ANPASSEN CONF="/etc/clamav/clamd.conf" sed -i 's/^\s*TCPSocket/#TCPSocket/g' "$CONF" sed -i 's/^\s*TCPAddr/#TCPAddr/g' "$CONF" grep -q "^LocalSocket " "$CONF" || echo "LocalSocket /run/clamav/clamd.ctl" >> "$CONF" grep -q "^LocalSocketMode " "$CONF" || echo "LocalSocketMode 666" >> "$CONF" mkdir -p /run/clamav chown clamav:clamav /run/clamav # RSPAMD KONFIG mkdir -p /etc/rspamd/override.d mkdir -p /etc/rspamd/local.d cat < /etc/rspamd/override.d/antivirus.conf enabled = true; clamav { type = "clamav"; symbol = "CLAM_VIRUS"; servers = "/run/clamav/clamd.ctl"; scan_text_mime = true; scan_mime_parts = true; min_size = 0; scan_unauthenticated = true; stream = true; action = "reject"; } EOF cat < /etc/rspamd/local.d/redis.conf servers = "127.0.0.1:6379"; EOF # WebUI Passwort korrekt erzeugen HASH=$(rspamadm pw -p '123Start$') cat < /etc/rspamd/override.d/worker-controller.inc password = "$HASH"; bind_socket ="*:11334"; EOF # POSTFIX MILTER postconf -e "smtpd_milters=inet:127.0.0.1:11332" postconf -e "non_smtpd_milters=inet:127.0.0.1:11332" postconf -e "milter_protocol=6" postconf -e "milter_default_action=accept" # RESTART (REIHENFOLGE) systemctl restart clamav-daemon systemctl restart rspamd systemctl restart postfix systemctl restart clamav-daemon systemctl restart rspamd redis-cli flushall # SPAM TEST echo "=== SPAM TEST ===" swaks --to root@localhost --server 127.0.0.1 \ --data "Subject: spam test XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X" # VIRUS TEST cat < /tmp/test.eml From: test@test.local To: root@localhost Subject: EICAR MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="abc" --abc Content-Type: text/plain Test --abc Content-Type: application/octet-stream Content-Disposition: attachment; filename="eicar.com" X5O!P%@AP[4\PZX54(P^)7CC)7}\$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!\$H+H* --abc-- EOF echo "=== VIRUS TEST ===" rspamc /tmp/test.eml echo "" echo "WEBUI: http://:11334" echo "User: admin" echo "Passwort: 123Start$"