/l3/users/25-05-2009/nt-net/debian5.unix.nt/root :1 :2 :3 :4
[ править ]

Журнал лабораторных работ

Содержание

Журнал

Пятница (05/29/09)

/dev/ttyp0
11:02:18
#tail -f /var/log/mail.log 
May 29 10:19:37 debian5 sm-mta[13322]: starting daemon (8.13.8): SMTP+queueing@00:10:00
May 29 10:26:27 debian5 sm-mta[14020]: gethostbyaddr(192.168.56.190) failed: 1
May 29 10:26:27 debian5 sm-mta[14020]: gethostbyaddr(192.168.56.193) failed: 1
May 29 10:26:27 debian5 sm-mta[14022]: starting daemon (8.13.8): SMTP+queueing@00:10:00
May 29 10:44:05 debian5 sm-mta[17309]: n4T7i4hN017309: ruleset=check_rcpt, arg1=<user@elena.net.nt>, relay=debian1.sergey.net.nt [192.168.16.1], reject=553 5.1.8 <user@elena.net.nt>... Domain of sender address user@debian1.net.nt does not exist
May 29 10:44:05 debian5 sm-mta[17309]: n4T7i4hN017309: from=<user@debian1.net.nt>, size=745, class=0, nrcpts=0, bodytype=8BITMIME, proto=ESMTP, daemon=MTA-v4, relay=debian1.sergey.net.nt [192.168.16.1]
May 29 11:02:16 debian5 sm-mta[14022]: restarting /usr/sbin/sendmail-mta due to signal
May 29 11:02:16 debian5 sm-mta[14022]: gethostbyaddr(192.168.56.190) failed: 1
May 29 11:02:16 debian5 sm-mta[14022]: gethostbyaddr(192.168.56.193) failed: 1
May 29 11:02:16 debian5 sm-mta[17675]: starting daemon (8.13.8): SMTP+queueing@00:10:00
11:03:30
#tail -f /var/log/mail.log 
[root@debian5:mail]#
May 29 11:03:35 debian5 sm-mta[17712]: n4T83Zih017712: Milter (clamav): local socket name /var/run/clamav/clamav-milter.ctl unsafe
May 29 11:03:35 debian5 sm-mta[17712]: n4T83Zih017712: Milter (clamav): to error state
May 29 11:03:36 debian5 sm-mta[17712]: n4T83Zih017712: ruleset=check_rcpt, arg1=<user@elena.net.nt>, relay=debian1.sergey.net.nt [192.168.16.1], reject=553 5.1.8 <user@elena.net.nt>... Domain of sender address user@debian1.net.nt does not exist
May 29 11:03:36 debian5 sm-mta[17712]: n4T83Zih017712: from=<user@debian1.net.nt>, size=907, class=0, nrcpts=0, bodytype=8BITMIME, proto=ESMTP, daemon=MTA-v4, relay=debian1.sergey.net.nt [192.168.16.1]
May 29 11:10:07 debian5 sm-mta[17841]: n4T8A7xG017841: Milter (clamav): local socket name /var/run/clamav/clamav-milter.ctl unsafe
May 29 11:10:07 debian5 sm-mta[17841]: n4T8A7xG017841: Milter (clamav): to error state
May 29 11:10:08 debian5 sm-mta[17841]: n4T8A7xG017841: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:10:09 debian5 sm-mta[17843]: n4T8A7xG017841: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8ACSB002025 Message accepted for delivery)
May 29 11:10:10 debian5 sm-mta[17843]: n4T8A7xG017841: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8AFag008755 Message accepted for delivery)
...
May 29 11:18:45 debian5 sm-mta[21438]: n4T8Ih4f021434: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8ImVi002052 Message accepted for delivery)
May 29 11:18:46 debian5 sm-mta[21438]: n4T8Ih4f021434: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8IpsT008796 Message accepted for delivery)
May 29 11:18:47 debian5 sm-mta[21438]: n4T8Ih4f021434: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T8IqJ5031007 Message accepted for delivery)
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: milter=clamav, quarantine=quarantined by clamav-milter
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: to=<user@andrey.net.nt>, delay=00:00:00, mailer=esmtp, pri=91362, quarantine=quarantined by clamav-milter, stat=quarantined
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: to=<user@lnet.net.nt>, delay=00:00:00, mailer=esmtp, pri=91362, quarantine=quarantined by clamav-milter, stat=quarantined
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: to=<user@sergey.net.nt>, delay=00:00:00, mailer=esmtp, pri=91362, quarantine=quarantined by clamav-milter, stat=quarantined
May 29 11:21:28 debian5 sendmail[22779]: gethostbyaddr(192.168.56.190) failed: 1
May 29 11:21:28 debian5 sendmail[22779]: gethostbyaddr(192.168.56.193) failed: 1
/dev/ttyp6
11:07:27
#tail -f /var/log/mail. 
tail: невозможно открыть `/var/log/mail.' для чтения: Нет такого файла или каталога
tail: больше нет файлов
11:08:42
#vim /etc/
11:08:47
#tail -f /var/log/mail. 
tail: невозможно открыть `/var/log/mail.' для чтения: Нет такого файла или каталога
tail: больше нет файлов
11:10:15
#tail -f /var/log/mail.log 
May 29 11:03:35 debian5 sm-mta[17712]: n4T83Zih017712: Milter (clamav): local socket name /var/run/clamav/clamav-milter.ctl unsafe
May 29 11:03:35 debian5 sm-mta[17712]: n4T83Zih017712: Milter (clamav): to error state
May 29 11:03:36 debian5 sm-mta[17712]: n4T83Zih017712: ruleset=check_rcpt, arg1=<user@elena.net.nt>, relay=debian1.sergey.net.nt [192.168.16.1], reject=553 5.1.8 <user@elena.net.nt>... Domain of sender address user@debian1.net.nt does not exist
May 29 11:03:36 debian5 sm-mta[17712]: n4T83Zih017712: from=<user@debian1.net.nt>, size=907, class=0, nrcpts=0, bodytype=8BITMIME, proto=ESMTP, daemon=MTA-v4, relay=debian1.sergey.net.nt [192.168.16.1]
May 29 11:10:07 debian5 sm-mta[17841]: n4T8A7xG017841: Milter (clamav): local socket name /var/run/clamav/clamav-milter.ctl unsafe
May 29 11:10:07 debian5 sm-mta[17841]: n4T8A7xG017841: Milter (clamav): to error state
May 29 11:10:08 debian5 sm-mta[17841]: n4T8A7xG017841: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:10:09 debian5 sm-mta[17843]: n4T8A7xG017841: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8ACSB002025 Message accepted for delivery)
May 29 11:10:10 debian5 sm-mta[17843]: n4T8A7xG017841: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8AFag008755 Message accepted for delivery)
May 29 11:10:11 debian5 sm-mta[17843]: n4T8A7xG017841: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T8AGKC030969 Message accepted for delivery)
11:10:29
#vim /etc/mail/sendmail.mc
11:11:06
#less /var/log/clamav/clamav.log
11:11:17
#vim /etc/clamav/clamav-milter.conf
--- /tmp/l3-saved-17765.28805.14351	2009-05-29 11:11:28.000000000 +0300
+++ /etc/clamav/clamav-milter.conf	2009-05-29 11:11:55.000000000 +0300
@@ -12,10 +12,10 @@
 OnClean Accept
 OnInfected Quarantine
 OnFail Defer
-AddHeader false
+AddHeader true
 LogSyslog true
-LogFacility LOG_LOCAL6
-LogVerbose false
+LogFacility LOG_DAEMON
+LogVerbose true
 LogInfected Off
 MaxFileSize 25M
 TemporaryDirectory /tmp
11:11:55
#exit 










11:12:08




#mv /etc/default/clamav-milter /tmp


[root@debian5:~]# /etc/init.d/clamav-milter restart
Stopping Sendmail milter plugin for ClamAV: clamav-milter.
Starting Sendmail milter plugin for ClamAV: clamav-milter/usr/sbin/clamav-milter: unrecognized option `--max-children=2'
ERROR: Unknown option passed
ERROR: Can't parse command line options
 failed!











11:12:23




#/etc/init.d/clamav-milter restart


Stopping Sendmail milter plugin for ClamAV: clamav-milter.
Starting Sendmail milter plugin for ClamAV: clamav-milterWARNING: Ignoring option local:/var/run/clamav/milter-milter.ctl
.











11:12:26




#vim /etc/mail/sendmail.mc













11:12:31




#less /var/log/daemon.log










11:12:37




#tail -f /var/log/daemon.log





May 29 11:11:42 debian5 popa3d[17965]: Session from 192.168.16.6
May 29 11:11:42 debian5 popa3d[17965]: Authentication passed for user
May 29 11:11:42 debian5 popa3d[17965]: 18 messages (19653 bytes) loaded
May 29 11:11:42 debian5 popa3d[17965]: 0 (0) deleted, 18 (19653) left
May 29 11:12:26 debian5 clamav-milter[18558]: Local socket unix:/var/run/clamav/clamd.ctl added to the pool (slot 1)
May 29 11:12:26 debian5 clamav-milter[18558]: Probe for slot 1 returned: success
May 29 11:12:42 debian5 popa3d[18611]: Session from 192.168.16.6
May 29 11:12:42 debian5 popa3d[18611]: Authentication passed for user
May 29 11:12:42 debian5 popa3d[18611]: 18 messages (19653 bytes) loaded
May 29 11:12:42 debian5 popa3d[18611]: 0 (0) deleted, 18 (19653) left
May 29 11:12:58 debian5 popa3d[18615]: Session from 192.168.16.6
May 29 11:12:58 debian5 popa3d[18615]: Authentication passed for user
May 29 11:12:58 debian5 popa3d[18615]: 18 messages (19653 bytes) loaded
May 29 11:12:58 debian5 popa3d[18615]: 0 (0) deleted, 18 (19653) left
May 29 11:13:00 debian5 popa3d[18619]: Session from 192.168.16.6
May 29 11:13:00 debian5 popa3d[18619]: Authentication passed for user
May 29 11:13:00 debian5 popa3d[18619]: 18 messages (19653 bytes) loaded
May 29 11:13:00 debian5 popa3d[18619]: 0 (0) deleted, 18 (19653) left











11:13:26




#ps aux | grep clam


[root@debian5:~]# tail -f /var/log/mail.log
May 29 11:10:08 debian5 sm-mta[17841]: n4T8A7xG017841: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:10:09 debian5 sm-mta[17843]: n4T8A7xG017841: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8ACSB002025 Message accepted for delivery)
May 29 11:10:10 debian5 sm-mta[17843]: n4T8A7xG017841: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8AFag008755 Message accepted for delivery)
May 29 11:10:11 debian5 sm-mta[17843]: n4T8A7xG017841: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T8AGKC030969 Message accepted for delivery)
May 29 11:12:58 debian5 sm-mta[18614]: n4T8CwGP018614: Milter (clamav): local socket name /var/run/clamav/clamav-milter.ctl unsafe
May 29 11:12:58 debian5 sm-mta[18614]: n4T8CwGP018614: Milter (clamav): to error state
May 29 11:12:59 debian5 sm-mta[18614]: n4T8CwGP018614: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:13:00 debian5 sm-mta[18618]: n4T8CwGP018614: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8D3XN002033 Message accepted for delivery)
May 29 11:13:01 debian5 sm-mta[18618]: n4T8CwGP018614: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8D6ka008767 Message accepted for delivery)
May 29 11:13:02 debian5 sm-mta[18618]: n4T8CwGP018614: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T8D7pU030975 Message accepted for delivery)
clamav   15171  0.0  0.1   5748   720 ?        Ss   10:32   0:00 /usr/bin/freshclam -d --quiet
clamav   16454  0.0 11.3  78508 67260 ?        Ssl  10:38   0:00 /usr/sbin/clamd
root     17483  0.0  0.1   5004   972 ttyp5    S+   10:54   0:00 less /usr/share/doc/clamav-milter/README.Debian.gz
clamav   18558  0.0  0.1  42980   688 ?        Ssl  11:12   0:00 /usr/sbin/clamav-milter -p /var/run/clamav/clamav-milter.pid local:/var/run/clamav/milter-milter.ctl
root     18658  0.0  0.1   4784   776 ttyp7    R+   11:13   0:00 grep clam











11:13:34




#/etc/init.d/clamav-daemon resatrt





Usage: /etc/init.d/clamav-daemon {start|stop|restart|force-reload|reload-log|reload-database|status} failed!











11:13:57




#/etc/init.d/clamav-daemon restart


Stopping ClamAV daemon: clamd.
Starting ClamAV daemon: clamd LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days!  ***
LibClamAV Warning: ***   Please update it as soon as possible.    ***
LibClamAV Warning: **************************************************
.











11:14:06




#less /var/log/clamav/clamav.log










11:14:18




#ps aux | grep clam


clamav   15171  0.0  0.1   5748   720 ?        Ss   10:32   0:00 /usr/bin/freshclam -d --quiet
root     17483  0.0  0.1   5004   972 ttyp5    S+   10:54   0:00 less /usr/share/doc/clamav-milter/README.Debian.gz
clamav   18558  0.0  0.1  42980   688 ?        Ssl  11:12   0:00 /usr/sbin/clamav-milter -p /var/run/clamav/clamav-milter.pid local:/var/run/clamav/milter-milter.ctl
clamav   19534  0.0 11.3  78508 67232 ?        Ssl  11:14   0:00 /usr/sbin/clamd
root     19574  0.0  0.1   4780   772 ttyp7    R+   11:14   0:00 grep clam











11:14:21




#kill -9  15171












11:14:30




#ps aux | grep clam


root     17483  0.0  0.1   5004   972 ttyp5    S+   10:54   0:00 less /usr/share/doc/clamav-milter/README.Debian.gz
clamav   18558  0.0  0.1  42980   688 ?        Ssl  11:12   0:00 /usr/sbin/clamav-milter -p /var/run/clamav/clamav-milter.pid local:/var/run/clamav/milter-milter.ctl
clamav   19534  0.0 11.3  78508 67232 ?        Ssl  11:14   0:00 /usr/sbin/clamd
root     19611  0.0  0.1   4780   772 ttyp7    R+   11:14   0:00 grep clam











11:14:48




#/etc/init.d/clamav-milter restart


[root@debian5:~]# tail -f /var/log/daemon.log
May 29 11:13:00 debian5 popa3d[18619]: 18 messages (19653 bytes) loaded
May 29 11:13:00 debian5 popa3d[18619]: 0 (0) deleted, 18 (19653) left
May 29 11:13:42 debian5 popa3d[18666]: Session from 192.168.16.6
May 29 11:13:42 debian5 popa3d[18666]: Authentication passed for user
May 29 11:13:42 debian5 popa3d[18666]: 18 messages (19653 bytes) loaded
May 29 11:13:42 debian5 popa3d[18666]: 0 (0) deleted, 18 (19653) left
May 29 11:14:42 debian5 popa3d[20294]: Session from 192.168.16.6
May 29 11:14:42 debian5 popa3d[20294]: Authentication passed for user
May 29 11:14:42 debian5 popa3d[20294]: 18 messages (19653 bytes) loaded
May 29 11:14:42 debian5 popa3d[20294]: 0 (0) deleted, 18 (19653) left
Stopping Sendmail milter plugin for ClamAV: clamav-milter.
Starting Sendmail milter plugin for ClamAV: clamav-milterWARNING: Ignoring option local:/var/run/clamav/milter-milter.ctl
.











11:14:58




#tail -f /var/log/daemon.log





May 29 11:13:42 debian5 popa3d[18666]: Session from 192.168.16.6
May 29 11:13:42 debian5 popa3d[18666]: Authentication passed for user
May 29 11:13:42 debian5 popa3d[18666]: 18 messages (19653 bytes) loaded
May 29 11:13:42 debian5 popa3d[18666]: 0 (0) deleted, 18 (19653) left
May 29 11:14:42 debian5 popa3d[20294]: Session from 192.168.16.6
May 29 11:14:42 debian5 popa3d[20294]: Authentication passed for user
May 29 11:14:42 debian5 popa3d[20294]: 18 messages (19653 bytes) loaded
May 29 11:14:42 debian5 popa3d[20294]: 0 (0) deleted, 18 (19653) left
May 29 11:14:58 debian5 clamav-milter[20579]: Local socket unix:/var/run/clamav/clamd.ctl added to the pool (slot 1)
May 29 11:14:58 debian5 clamav-milter[20579]: Probe for slot 1 returned: success











11:15:03




#tail -f /var/log/mail.





tail: невозможно открыть `/var/log/mail..log' для чтения: Нет такого файла или каталога
tail: больше нет файлов











11:15:33




#clamscan -r /usr/share/clamav-testfiles/





LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days!  ***
LibClamAV Warning: ***   Please update it as soon as possible.    ***
LibClamAV Warning: **************************************************
/usr/share/clamav-testfiles/clam-v2.rar: OK
/usr/share/clamav-testfiles/clam-v3.rar: OK
/usr/share/clamav-testfiles/debugm.c: OK
/usr/share/clamav-testfiles/clam.cab: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.bz2: ClamAV-Test-File FOUND
----------- SCAN SUMMARY -----------
Known viruses: 538745
Engine version: 0.95.1
Scanned directories: 1
Scanned files: 7
Infected files: 4
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 2.678 sec (0 m 2 s)











11:15:45




#tail -f /var/log/mail.log





May 29 11:12:59 debian5 sm-mta[18614]: n4T8CwGP018614: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:13:00 debian5 sm-mta[18618]: n4T8CwGP018614: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8D3XN002033 Message accepted for delivery)
May 29 11:13:01 debian5 sm-mta[18618]: n4T8CwGP018614: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8D6ka008767 Message accepted for delivery)
May 29 11:13:02 debian5 sm-mta[18618]: n4T8CwGP018614: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T8D7pU030975 Message accepted for delivery)
May 29 11:15:22 debian5 sm-mta[20612]: n4T8FMeL020612: Milter (clamav): local socket name /var/run/clamav/clamav-milter.ctl unsafe
May 29 11:15:22 debian5 sm-mta[20612]: n4T8FMeL020612: Milter (clamav): to error state
May 29 11:15:23 debian5 sm-mta[20612]: n4T8FMeL020612: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:15:25 debian5 sm-mta[20614]: n4T8FMeL020612: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8FSuM002041 Message accepted for delivery)
May 29 11:15:26 debian5 sm-mta[20614]: n4T8FMeL020612: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8FUw3008780 Message accepted for delivery)
May 29 11:15:27 debian5 sm-mta[20614]: n4T8FMeL020612: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:04, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T8FVV9030984 Message accepted for delivery)











11:16:03




#vim /etc/clamav/clamav-milter.conf










11:16:41




#tail -f /var/log/mail.log















11:16:45




#vim /etc/clamav/clam













11:18:01




#/etc/init.d/clamav-


[root@debian5:~]#
clamav-daemon     clamav-freshclam  clamav-milter











11:18:16




#tail -f /var/log/clamav/clamav.log





LibClamAV debug: regex_list: added new suffix /nc.moc.lapyap, for regex: /nc.moc.lapyap
LibClamAV debug: regex_list: added new suffix /kh.moc.lapyap, for regex: /kh.moc.lapyap
LibClamAV debug: regex_list: added new suffix /ym.moc.lapyap, for regex: /ym.moc.lapyap
LibClamAV debug: regex_list: added new suffix /gs.moc.lapyap, for regex: /gs.moc.lapyap
LibClamAV debug: regex_list: added new suffix /rb.moc.ocsedarb, for regex: /rb.moc.ocsedarb
LibClamAV debug: regex_list: added new suffix /moc.omb, for regex: /moc.omb
LibClamAV debug: regex_list: added new suffix /moc.knabtsorf, for regex: /moc.knabtsorf
LibClamAV debug: regex_list: added new suffix /zn.oc.knabiwik, for regex: /zn.oc.knabiwik
LibClamAV debug: /tmp/clamav-d20c940b8a80858fb201166f2992082e/daily.pdb loaded
LibClamAV debug: Loading regex_list
...
Fri May 29 11:18:16 2009 -> Portable Executable support enabled.
Fri May 29 11:18:16 2009 -> ELF support enabled.
Fri May 29 11:18:16 2009 -> Mail files support enabled.
Fri May 29 11:18:16 2009 -> OLE2 support enabled.
Fri May 29 11:18:16 2009 -> PDF support enabled.
Fri May 29 11:18:16 2009 -> HTML support enabled.
Fri May 29 11:18:16 2009 -> Self checking every 3600 seconds.
Fri May 29 11:18:16 2009 -> Listening daemon: PID: 21421
Fri May 29 11:18:16 2009 -> MaxQueue set to: 100
Fri May 29 11:18:16 2009 -> fds_poll_recv: timeout after 3600 seconds











11:18:50




#apt-get --purge remove clamav-milter


Чтение списков пакетов... Готово
Построение дерева зависимостей... Готово
Пакеты, которые будут УДАÐlamav-milter*
обновлено 0, установлено 0 новых пакетов, для удаления отмечено 1 пакетов, и 356 пакетов не обновлено.
Необходимо скачать 0Б архивов.
После распаковки объем занятого дискового пространства уменьшится на 528kB.
Хотите продолжить [Д/н]?
(Чтение базы данных... на данный момент установлено 26021 файлов и каталогов.)
Удаляется пакет clamav-milter...
Stopping Sendmail milter plugin for ClamAV: clamav-milter.
Удаляются файлы конфигурации пакета clamav-milter...











11:19:14




#rm /var/run/clamav/clamd.





clamd.ctl  clamd.pid











11:19:14




#rm /var/run/clamav/





clamd.ctl      clamd.pid      freshclam.pid











11:19:14




#rm /var/run/clamav/















11:19:26




#rm /etc/clamav/





[root@debian5:~]# rm /etc/clamav/
clamd.conf         freshclam.conf     onerrorexecute.d/  onupdateexecute.d/ virusevent.d/











11:19:35




#apt-get install clamav-milter


Чтение списков пакетов... Готово
Построение дерева зависимостей... Готово
Предлагаемые пакеты:
  daemon clamav-docs
НОВЫЕ пакеты, которые будут установлены:
  clamav-milter
обновлено 0, установлено 1 новых пакетов, для удаления отмечено 0 пакетов, и 356 пакетов не обновлено.
Необходимо скачать 0B/259kB архивов.
После распаковки объем занятого дискового пространства возрастёт на 528kB.
Предварительная настройка пакетов ...
Выбор ранее не выбранного пакета clamav-milter.
(Чтение базы данных... на данный момент установлено 26000 файлов и каталогов.)
Распаковывается пакет clamav-milter (из файла .../clamav-milter_0.95.1+dfsg-2_i386.deb)...
Настраивается пакет clamav-milter (0.95.1+dfsg-2) ...
Starting Sendmail milter plugin for ClamAV: clamav-milterWARNING: Ignoring option local:/var/run/clamav/milter.ctl
.











11:20:08




#/etc/init.d/clamav-milter restart


  9 Foreground false$
 10 PidFile /var/run/clamav/clamav-milter.pid$
 11 ClamdSocket unix:/var/run/clamav/clamd.ctl$
 12 OnClean Accept$
 13 OnInfected Quarantine$
 14 OnFail Defer$
 15 AddHeader false$
 16 LogSyslog true$
 17 LogFacility LOG_DAEMON$
 18 LogVerbose true$
...
~
~
~
~
~
~
"/etc/clamav/clamav-milter.conf" 21L, 589C записано                                            сь
Stopping Sendmail milter plugin for ClamAV: clamav-milter.
Starting Sendmail milter plugin for ClamAV: clamav-milterWARNING: Ignoring option local:/var/run/clamav/clamav-milter.ctl
.











11:20:19




#tail -f /var/log/mail.log





May 29 11:15:23 debian5 sm-mta[20612]: n4T8FMeL020612: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:15:25 debian5 sm-mta[20614]: n4T8FMeL020612: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8FSuM002041 Message accepted for delivery)
May 29 11:15:26 debian5 sm-mta[20614]: n4T8FMeL020612: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8FUw3008780 Message accepted for delivery)
May 29 11:15:27 debian5 sm-mta[20614]: n4T8FMeL020612: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:04, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T8FVV9030984 Message accepted for delivery)
May 29 11:18:43 debian5 sm-mta[21434]: n4T8Ih4f021434: Milter (clamav): local socket name /var/run/clamav/clamav-milter.ctl unsafe
May 29 11:18:43 debian5 sm-mta[21434]: n4T8Ih4f021434: Milter (clamav): to error state
May 29 11:18:44 debian5 sm-mta[21434]: n4T8Ih4f021434: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:18:45 debian5 sm-mta[21438]: n4T8Ih4f021434: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T8ImVi002052 Message accepted for delivery)
May 29 11:18:46 debian5 sm-mta[21438]: n4T8Ih4f021434: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T8IpsT008796 Message accepted for delivery)
May 29 11:18:47 debian5 sm-mta[21438]: n4T8Ih4f021434: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:01, mailer=esmtp, pri=181362, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T8IqJ5031007 Message accepted for delivery)
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: from=<user@elena.net.nt>, size=1362, class=0, nrcpts=3, msgid=<1243584622.3780.11.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: milter=clamav, quarantine=quarantined by clamav-milter
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: to=<user@andrey.net.nt>, delay=00:00:00, mailer=esmtp, pri=91362, quarantine=quarantined by clamav-milter, stat=quarantined
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: to=<user@lnet.net.nt>, delay=00:00:00, mailer=esmtp, pri=91362, quarantine=quarantined by clamav-milter, stat=quarantined
May 29 11:21:01 debian5 sm-mta[22753]: n4T8L0CV022753: to=<user@sergey.net.nt>, delay=00:00:00, mailer=esmtp, pri=91362, quarantine=quarantined by clamav-milter, stat=quarantined











11:21:13




#mailq


MSP Queue status...
/var/spool/mqueue-client is empty
                Total requests: 0
MTA Queue status...
                /var/spool/mqueue (1 request)
-----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
n4T8L0CV022753     1026 Fri May 29 11:21 <user@elena.net.nt>
     QUARANTINE: quarantined by clamav-milter
                                         <user@andrey.net.nt>
                                         <user@lnet.net.nt>
                                         <user@sergey.net.nt>
                Total requests: 1









прошло 30 минут




/dev/ttyp0
11:52:01




#apt-get install  spamassassin spamass-milter


LibClamAV debug: regex_list: added new suffix /moc.knab-pooc, for regex: /moc.knab-pooc
LibClamAV debug: regex_list: added new suffix /moc.knabellasal, for regex: /moc.knabellasal
LibClamAV debug: regex_list: added new suffix /moc.enilnoknab-pooc, for regex: /moc.enilnoknab-pooc
LibClamAV debug: regex_list: added new suffix /moc.detinutaknab, for regex: /moc.detinutaknab
LibClamAV debug: regex_list: added new suffix /moc.blown, for regex: /moc.blown
LibClamAV debug: regex_list: added new suffix /ua.moc.egroegts.www, for regex: /ua.moc.egroegts.www
LibClamAV debug: regex_list: added new suffix /ku.oc.anbm, for regex: /ku.oc.anbm
LibClamAV debug: regex_list: added new suffix /moc.enilnoknabsnezitic, for regex: /moc.enilnoknabsnezitic
LibClamAV debug: regex_list: added new suffix /moc.snoiger, for regex: /moc.snoiger
LibClamAV debug: regex_list: added new suffix /ed.knabitic, for regex: /ed.knabitic











11:55:38




#vim /etc/default/spamass-milter













11:57:08




#ls -l


-rw-r--r-- 1 root root 730 2009-01-24 07:21 /etc/default/spamass-milter











11:57:17




#vim /etc/default/spamass-milter













11:57:53




#vim /etc/spamassassin/local.cf





--- /tmp/l3-saved-2422.15572.26429	2009-05-29 11:58:37.000000000 +0300
+++ /etc/spamassassin/local.cf	2009-05-29 11:59:10.000000000 +0300
@@ -31,7 +31,7 @@
 
 #   Set the threshold at which a message is considered spam (default: 5.0)
 #
-# required_score 5.0
+ required_score -0.8
 
 
 #   Use Bayesian classifier (default: 1)









11:59:10




#vim /etc/default/spamassassin





--- /tmp/l3-saved-2422.8520.14376	2009-05-29 11:59:27.000000000 +0300
+++ /etc/default/spamassassin	2009-05-29 11:59:42.000000000 +0300
@@ -5,7 +5,7 @@
 # There may be security risks.
 
 # Change to one to enable spamd
-ENABLED=0
+ENABLED=1
 
 # Options
 # See man spamd for possible options. The -d option is automatically added.









11:59:42




#vim /etc/mail/sendmail.mc





--- /tmp/l3-saved-2422.29574.24628	2009-05-29 12:00:53.000000000 +0300
+++ /etc/mail/sendmail.mc	2009-05-29 12:13:16.000000000 +0300
@@ -61,7 +61,8 @@
 define(`confPRIVACY_FLAGS',dnl
 `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
 INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m' )dnl
-define(`confINPUT_MAIL_FILTERS', `clamav')dnl
+INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m:E:10m' )dnl
+define(`confINPUT_MAIL_FILTERS', `spamassassin,clamav')dnl
 dnl # Define connection throttling and window length
 define(`confCONNECTION_RATE_THROTTLE', `15')dnl
 define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl









/dev/ttyp6
12:02:11




#dpkg --help


Использование: dpkg [<параметр> ...] <команда>
Команды:
  -i|--install      <имя файла .deb> ... | -R|--recursive <каталог> ...
  --unpack          <имя файла .deb> ... | -R|--recursive <каталог> ...
  -A|--record-avail <имя файла .deb> ... | -R|--recursive <каталог> ...
  --configure       <имя пакета> ... | -a|--pending
  --triggers-only   <имя пакета> ... | -a|--pending
  -r|--remove |     <имя пакета> ... | -a|--pending
  -P|--purge        <имя пакета> ... | -a|--pending
  --get-selections [<шаблон> ...]     Вывести список в стандартный поток
...
                                   Прекратить работу при
                                   обнаружении проблем
  --abort-after <n>                Прекратить работу после
                                   обнаружения <n> количества ошибок
Операторы сравнения, возможные в --compare-versions:
  lt le eq ne ge gt       (пустое значение версии считать самой ранней);
  lt-nl le-nl ge-nl gt-nl (пустое значение версии считать самой поздней);
  < << <= = >= >> >       (для совместимости с синтаксисом файла control).
Программы `dselect' или 'aptitude' предоставляют дружественный интерфейс
управления пакетами.











12:02:55




#mc













12:03:43




#apt-get install mc


Чтение списков пакетов... Готово
Построение дерева зависимостей... Готово
Будут установлены следующие дополнительные пакеты:
  libglib2.0-0 libgpm2 libpcre3 libselinux1 libslang2
Предлагаемые пакеты:
  gpm zip unzip arj xpdf dbview odt2txt
Рекомендуемые пакеты:
  libglib2.0-data
НОВЫЕ пакеты, которые будут установлены:
  libgpm2 mc
...
Подготовка к замене пакета libpcre3 6.7+7.4-4 (используется файл .../libpcre3_7.8-2+b1_i386.deb) ...
Распаковывается замена для пакета libpcre3 ...
Подготовка к замене пакета libglib2.0-0 2.12.4-2+etch1 (используется файл .../libglib2.0-0_2.20.1-2_i386.deb) ...
Распаковывается замена для пакета libglib2.0-0 ...
Выбор ранее не выбранного пакета mc.
Распаковывается пакет mc (из файла .../mc_2%3a4.6.2-2_i386.deb)...
Настраивается пакет libgpm2 (1.20.4-3.2) ...
Настраивается пакет libpcre3 (7.8-2+b1) ...
Настраивается пакет libglib2.0-0 (2.20.1-2) ...
Настраивается пакет mc (2:4.6.2-2) ...











12:04:33




#whereis spamassassin


â<─ /          Имя              │Размер âv>┐┌<─ ~ ───────────────────────┐’ремя правки │”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€v>┐
â/bin                           │   2480│Май 29 10:18 ▴│/..                      р   C-x q  │  48│Мар 13  2008 ◈
â/dev                           │ 282016│Ð7ай 8 ▒│/.gconfd                    │          │    176│Май 25 10:32 ▒
â/home                                                                               и          │ │     72│Мар 13  2008 ▒
â/lib                     │  Вы действительно хотите выйти из Midnight Commander?  │ °Ð¹ 29 11:21 ▒
â/media                   │                    [ Да ]  [ Нет ]                     │        │    444│Мар 12  2008 ▒
â/opt                                                                                       │      │     99│Май 29 11:14 ▒
â/root                          │  44836│Май 9 ▒│ .profile                €â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€ │
â/selinux                       │     4Фев 21 15 ▒│ .viminfo                ─────────────────┘
â/sys                           │    028│Ð7ай 89 12:04 –’│                                │       │             ▒
│/tmp                           │    328│Май 29 12:04 ▒│                                │       │             ▒
â”bin       ──────────────────────────────────────────────────┘└──────────────────────────────────────────────────────┘
#
spamassassin: /usr/bin/spamassassin /etc/spamassassin /usr/X11R6/bin/spamassassin /usr/bin/X11/spamassassin /usr/share/spamassassin /usr/share/man/man1/spamassassin.1p.gz











12:04:45




#/usr/share/man/man1/spamassassin.1p.gz





bash: /usr/share/man/man1/spamassassin.1p.gz: Отказано в доступе











/dev/ttyp0
12:13:16




#make


Updating databases ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/databases...
Updating auth ...
sasl2-bin not installed, not configuring sendmail support.
To enable sendmail SASL2 support at a later date, invoke "/usr/share/sendmail/update_auth"
Creating /etc/mail/relay-domains
# Optional file...
Updating Makefile ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/Makefile...
Updating sendmail.cf ...
The following file(s) have changed:
  /etc/mail/sendmail.cf
** ** You should issue `/etc/init.d/sendmail reload` ** **











12:13:19




#/etc/init.d/sendmail reload


Reloading Mail Transport Agent configuration: sendmail.











12:13:28




#vim /etc/spamassassin/local.cf













12:20:03




#vim /etc/spamassassin










12:21:18




#make


Updating auth ...
sasl2-bin not installed, not configuring sendmail support.
To enable sendmail SASL2 support at a later date, invoke "/usr/share/sendmail/update_auth"
Creating /etc/mail/relay-domains
# Optional file...
The following file(s) have changed:
** ** You should issue `/etc/init.d/sendmail reload` ** **











12:21:38




#/etc/init.d/sendmail reload


Reloading Mail Transport Agent configuration: sendmail.











12:21:51




#tail /var/log/mail.log


May 29 12:21:49 debian5 sm-mta[25164]: gethostbyaddr(192.168.56.193) failed: 1
May 29 12:21:49 debian5 sm-mta[25310]: starting daemon (8.13.8): SMTP+queueing@00:10:00
May 29 12:22:44 debian5 sm-mta[25332]: n4T9Mibb025332: Milter (spamassassin): local socket name /var/run/spamass.sock unsafe
May 29 12:22:44 debian5 sm-mta[25332]: n4T9Mibb025332: Milter (spamassassin): to error state
May 29 12:22:45 debian5 sm-mta[25332]: n4T9Mibb025332: from=<user@andrey.net.nt>, size=7125, class=0, nrcpts=1, msgid=<1243588968.6502.23.camel@debian7.andrey.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian8.andrey.net.nt [192.168.16.8]
May 29 12:22:45 debian5 sm-mta[25334]: n4T9Mibb025332: to=<user@elena.net.nt>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=37323, dsn=2.0.0, stat=Sent
May 29 12:24:20 debian5 sm-mta[25342]: n4T9OJqo025342: Milter (spamassassin): local socket name /var/run/spamass.sock unsafe
May 29 12:24:20 debian5 sm-mta[25342]: n4T9OJqo025342: Milter (spamassassin): to error state
May 29 12:24:21 debian5 sm-mta[25342]: n4T9OJqo025342: from=<user@elena.net.nt>, size=49071, class=0, nrcpts=1, msgid=<1243589075.3780.13.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 12:24:27 debian5 sm-mta[25345]: n4T9OJqo025342: to=<elena@net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:06, xdelay=00:00:06, mailer=esmtp, pri=169071, relay=debian11.net.nt. [192.168.16.11], dsn=4.0.0, stat=Deferred: debian11.net.nt.: No route to host











12:24:50




#tail -f





May 29 12:22:45 debian5 sm-mta[25332]: n4T9Mibb025332: from=<user@andrey.net.nt>, size=7125, class=0, nrcpts=1, msgid=<1243588968.6502.23.camel@debian7.andrey.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian8.andrey.net.nt [192.168.16.8]
May 29 12:22:45 debian5 sm-mta[25334]: n4T9Mibb025332: to=<user@elena.net.nt>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=37323, dsn=2.0.0, stat=Sent
May 29 12:24:20 debian5 sm-mta[25342]: n4T9OJqo025342: Milter (spamassassin): local socket name /var/run/spamass.sock unsafe
May 29 12:24:20 debian5 sm-mta[25342]: n4T9OJqo025342: Milter (spamassassin): to error state
May 29 12:24:21 debian5 sm-mta[25342]: n4T9OJqo025342: from=<user@elena.net.nt>, size=49071, class=0, nrcpts=1, msgid=<1243589075.3780.13.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 12:24:27 debian5 sm-mta[25345]: n4T9OJqo025342: to=<elena@net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:06, xdelay=00:00:06, mailer=esmtp, pri=169071, relay=debian11.net.nt. [192.168.16.11], dsn=4.0.0, stat=Deferred: debian11.net.nt.: No route to host
May 29 12:26:23 debian5 sm-mta[25372]: n4T9QNfi025372: Milter (spamassassin): local socket name /var/run/spamass.sock unsafe
May 29 12:26:23 debian5 sm-mta[25372]: n4T9QNfi025372: Milter (spamassassin): to error state
May 29 12:26:24 debian5 sm-mta[25372]: n4T9QNfi025372: from=<user@elena.net.nt>, size=82953, class=0, nrcpts=1, msgid=<1243589198.3780.15.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 12:26:27 debian5 sm-mta[25375]: n4T9QNfi025372: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:03, mailer=esmtp, pri=202953, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T9QSK1003313 Message accepted for delivery)











12:26:48




##















12:27:26




#tail /var/log/mail.log | grep n4T9QNfi025372


May 29 12:26:23 debian5 sm-mta[25372]: n4T9QNfi025372: Milter (spamassassin): local socket name /var/run/spamass.sock unsafe
May 29 12:26:23 debian5 sm-mta[25372]: n4T9QNfi025372: Milter (spamassassin): to error state
May 29 12:26:24 debian5 sm-mta[25372]: n4T9QNfi025372: from=<user@elena.net.nt>, size=82953, class=0, nrcpts=1, msgid=<1243589198.3780.15.camel@debian6.net.nt>, proto=ESMTP, daemon=MTA-v4, relay=debian6.elena.net.nt [192.168.16.6]
May 29 12:26:27 debian5 sm-mta[25375]: n4T9QNfi025372: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:03, xdelay=00:00:03, mailer=esmtp, pri=202953, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T9QSK1003313 Message accepted for delivery)











12:28:03




#vim /etc/spamassassin/local.cf













12:31:01




#tail /var/log/mail.log | grep 12:4















/dev/ttyp2
12:32:07




#less /var/log/mail.log










12:32:29




#vim /etc/default/spamass













12:32:29




#vim /etc/default/spamassassin










12:32:49




#vim /etc/default/spamass-milter










12:33:02




#ls -l /var/run/spamass/


итого 4
-rw-r--r-- 1 spamass-milter nogroup 6 2009-05-29 11:55 spamass.pid
srw------- 1 root           root    0 2009-05-29 11:55 spamass.sock











12:33:09




#ls -l /var/run/clamav/


итого 12
srwxr-xr-x 1 clamav clamav 0 2009-05-29 11:20 clamav-milter.ctl
-rw-rw---- 1 clamav clamav 5 2009-05-29 11:20 clamav-milter.pid
srwxrwxrwx 1 clamav clamav 0 2009-05-29 11:55 clamd.ctl
-rw-rw---- 1 clamav clamav 5 2009-05-29 11:55 clamd.pid
-rw-rw---- 1 clamav clamav 5 2009-05-29 11:55 freshclam.pid
srwxr-xr-x 1 clamav clamav 0 2009-05-29 11:19 milter.ctl











12:33:15




#vim /etc/mail/sendmail.mc


--- /tmp/l3-saved-25471.5671.30787	2009-05-29 12:33:31.000000000 +0300
+++ /etc/mail/sendmail.mc	2009-05-29 12:34:00.000000000 +0300
@@ -61,7 +61,7 @@
 define(`confPRIVACY_FLAGS',dnl
 `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
 INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m' )dnl
-INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m:E:10m' )dnl
+INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass/spamass.sock, F=, T=C:15m;S:4m;R:4m:E:10m' )dnl
 define(`confINPUT_MAIL_FILTERS', `spamassassin,clamav')dnl
 dnl # Define connection throttling and window length
 define(`confCONNECTION_RATE_THROTTLE', `15')dnl









12:34:01




#cd /etc/mail/


[root@debian5:~]# cd /etc/mail/sendmail.mc
bash: cd: /etc/mail/sendmail.mc: Это не каталог











12:34:04




#make


Updating databases ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/databases...
Updating auth ...
sasl2-bin not installed, not configuring sendmail support.
To enable sendmail SASL2 support at a later date, invoke "/usr/share/sendmail/update_auth"
Creating /etc/mail/relay-domains
# Optional file...
Updating Makefile ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/Makefile...
Updating sendmail.cf ...
The following file(s) have changed:
  /etc/mail/sendmail.cf
** ** You should issue `/etc/init.d/sendmail reload` ** **











12:34:15




#vim /etc/mail/sendmail.mc


--- /tmp/l3-saved-25471.19552.2862	2009-05-29 12:34:20.000000000 +0300
+++ /etc/mail/sendmail.mc	2009-05-29 12:35:05.000000000 +0300
@@ -61,7 +61,7 @@
 define(`confPRIVACY_FLAGS',dnl
 `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
 INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m' )dnl
-INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass/spamass.sock, F=, T=C:15m;S:4m;R:4m:E:10m' )dnl
+INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass/spamass.sock, F=, T=C:15m;S:4m;R:4m:E:10m')dnl
 define(`confINPUT_MAIL_FILTERS', `spamassassin,clamav')dnl
 dnl # Define connection throttling and window length
 define(`confCONNECTION_RATE_THROTTLE', `15')dnl









12:35:05




#make


Updating databases ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/databases...
Updating auth ...
sasl2-bin not installed, not configuring sendmail support.
To enable sendmail SASL2 support at a later date, invoke "/usr/share/sendmail/update_auth"
Creating /etc/mail/relay-domains
# Optional file...
Updating Makefile ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/Makefile...
Updating sendmail.cf ...
The following file(s) have changed:
  /etc/mail/sendmail.cf
** ** You should issue `/etc/init.d/sendmail reload` ** **











12:35:30




#vim sendmail.cf










12:36:20




#cd /etc/mail/sendmail.mc





bash: cd: /etc/mail/sendmail.mc: Это не каталог











12:36:24




#vim /etc/mail/sendmail.mc


--- /tmp/l3-saved-25471.3908.25042	2009-05-29 12:36:27.000000000 +0300
+++ /etc/mail/sendmail.mc	2009-05-29 12:36:45.000000000 +0300
@@ -60,7 +60,7 @@
 FEATURE(`use_cw_file')dnl
 define(`confPRIVACY_FLAGS',dnl
 `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
-INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m' )dnl
+INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m')dnl
 INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass/spamass.sock, F=, T=C:15m;S:4m;R:4m:E:10m')dnl
 define(`confINPUT_MAIL_FILTERS', `spamassassin,clamav')dnl
 dnl # Define connection throttling and window length









12:36:48




#/etc/init.d/sendmail restart


[root@debian5:mail]# make\
>
Updating databases ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/databases...
Updating auth ...
sasl2-bin not installed, not configuring sendmail support.
To enable sendmail SASL2 support at a later date, invoke "/usr/share/sendmail/update_auth"
Creating /etc/mail/relay-domains
...
Validating configuration.
Creating /etc/mail/Makefile...
Updating sendmail.cf ...
The following file(s) have changed:
  /etc/mail/sendmail.cf
** ** You should issue `/etc/init.d/sendmail reload` ** **
Restarting Transport Agent: sendmail550 /etc/mail/sendmail.cf: line 1712: Invalid time unit `:'
550 /etc/mail/sendmail.cf: line 1712: Invalid time unit `E'
550 /etc/mail/sendmail.cf: line 1712: Invalid time unit `:'
.











12:36:54




#vim sendmail.cf










12:37:21




#grep -v ^# sendmail.cf | less










12:37:58




#vim sendmail.













12:38:04




#vim sendmail.mc


--- /tmp/l3-saved-25471.23705.9155	2009-05-29 12:38:10.000000000 +0300
+++ sendmail.mc	2009-05-29 12:39:06.000000000 +0300
@@ -61,7 +61,7 @@
 define(`confPRIVACY_FLAGS',dnl
 `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
 INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m')dnl
-INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass/spamass.sock, F=, T=C:15m;S:4m;R:4m:E:10m')dnl
+INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass/spamass.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
 define(`confINPUT_MAIL_FILTERS', `spamassassin,clamav')dnl
 dnl # Define connection throttling and window length
 define(`confCONNECTION_RATE_THROTTLE', `15')dnl









12:39:06




#make


Updating databases ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/databases...
Updating auth ...
sasl2-bin not installed, not configuring sendmail support.
To enable sendmail SASL2 support at a later date, invoke "/usr/share/sendmail/update_auth"
Creating /etc/mail/relay-domains
# Optional file...
Updating Makefile ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/Makefile...
Updating sendmail.cf ...
The following file(s) have changed:
  /etc/mail/sendmail.cf
** ** You should issue `/etc/init.d/sendmail reload` ** **











12:39:10




#/etc/init.d/sendmail restart


Restarting Transport Agent: sendmail.











12:39:21




#vim sendmail.mc













12:39:25




#tail -v /var/log/mail.log


==> /var/log/mail.log <==
May 29 12:35:28 debian5 sm-mta[25881]: starting daemon (8.13.8): SMTP+queueing@00:10:00
May 29 12:35:34 debian5 sm-mta[25882]: n4T9OJqo025342: to=<elena@net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:11:13, xdelay=00:00:06, mailer=esmtp, pri=439071, relay=debian11.net.nt. [192.168.16.11], dsn=4.0.0, stat=Deferred: debian11.net.nt.: No route to host
May 29 12:36:52 debian5 sm-mta[26060]: gethostbyaddr(192.168.56.190) failed: 1
May 29 12:36:52 debian5 sm-mta[26060]: gethostbyaddr(192.168.56.193) failed: 1
May 29 12:36:52 debian5 sm-mta[26062]: starting daemon (8.13.8): SMTP+queueing@00:10:00
May 29 12:36:58 debian5 sm-mta[26063]: n4T9OJqo025342: to=<elena@net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:12:37, xdelay=00:00:06, mailer=esmtp, pri=529071, relay=debian11.net.nt. [192.168.16.11], dsn=4.0.0, stat=Deferred: debian11.net.nt.: No route to host
May 29 12:39:15 debian5 sm-mta[26355]: gethostbyaddr(192.168.56.190) failed: 1
May 29 12:39:15 debian5 sm-mta[26355]: gethostbyaddr(192.168.56.193) failed: 1
May 29 12:39:15 debian5 sm-mta[26357]: starting daemon (8.13.8): SMTP+queueing@00:10:00
May 29 12:39:21 debian5 sm-mta[26358]: n4T9OJqo025342: to=<elena@net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:15:00, xdelay=00:00:06, mailer=esmtp, pri=619071, relay=debian11.net.nt. [192.168.16.11], dsn=4.0.0, stat=Deferred: debian11.net.nt.: No route to host











/dev/ttyp0
12:40:30




#tail /var/log/mail.log | grep 12:


[root@debian5:mail]# tail /var/log/mail.log | grep 12:
May 29 12:39:42 debian5 spamc[26421]: connect to spamd on 127.0.0.1 failed, retrying (#1 of 3): Connection refused
May 29 12:39:43 debian5 spamc[26421]: connect to spamd on 127.0.0.1 failed, retrying (#2 of 3): Connection refused
May 29 12:39:44 debian5 spamc[26421]: connect to spamd on 127.0.0.1 failed, retrying (#3 of 3): Connection refused
May 29 12:39:45 debian5 spamc[26421]: connection attempt to spamd aborted after 3 retries
May 29 12:39:45 debian5 sm-mta[26416]: n4T9dfRF026416: Milter delete: header X-Spam-Flag: YES
May 29 12:39:45 debian5 sm-mta[26416]: n4T9dfRF026416: Milter delete: header X-Spam-Status: Yes, score=2.7 required=1.0 tests=ALL_TRUSTED,AWL,\n\tDRUGS_ERECTILE,LONGWORDS autolearn=no version=3.2.5
May 29 12:39:45 debian5 sm-mta[26416]: n4T9dfRF026416: Milter delete: header X-Spam-Level: **
May 29 12:39:45 debian5 sm-mta[26416]: n4T9dfRF026416: Milter delete: header X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on debian8.net.nt
May 29 12:39:45 debian5 sm-mta[26423]: n4T9dfRF026416: to=<user@elena.net.nt>, delay=00:00:03, xdelay=00:00:00, mailer=local, pri=67306, dsn=2.0.0, stat=Sent
May 29 12:39:47 debian5 sm-mta[26423]: n4T9dfRF026416: to=<user@andrey.net.nt>, delay=00:00:05, xdelay=00:00:02, mailer=esmtp, pri=67306, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T9do4P003348 Message accepted for delivery)
May 29 12:41:38 debian5 spamd[26574]: spamd: identified spam (2.4/1.0) for spamass-milter:107 in 0.3 seconds, 7580 bytes.
May 29 12:41:38 debian5 spamd[26574]: spamd: result: Y 2 - ALL_TRUSTED,DRUGS_ERECTILE,LONGWORDS scantime=0.3,size=7580,user=spamass-milter,uid=107,required_score=1.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=48621,mid=<1243588968.6502.23.camel@debian7.andrey.net.nt>,autolearn=no
May 29 12:41:38 debian5 spamd[26545]: prefork: child states: II
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter change: header X-Spam-Status: from Yes, score=2.7 required=1.0 tests=ALL_TRUSTED,AWL,\n\tDRUGS_ERECTILE,LONGWORDS autolearn=no version=3.2.5 to Yes, score=2.4 required=1.0 tests=ALL_TRUSTED,DRUGS_ERECTILE,\n\tLONGWORDS autolearn=no version=3.2.5
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter change: header X-Spam-Checker-Version: from SpamAssassin 3.2.5 (2008-06-10) on debian8.net.nt to SpamAssassin 3.2.5 (2008-06-10) on debian5.net.nt
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter change: header Subject: from *****SPAM andrey***** qqq to *****SPAM_from_elena***** *****SPAM andrey***** qqq
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter change: header Content-Type: from multipart/mixed; boundary="----------=_4A1FA968.57A4AB5B" to multipart/mixed; boundary="----------=_4A1FADD2.DE86F139"
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter message: body replaced
May 29 12:41:38 debian5 sm-mta[26582]: n4T9fb0A026577: to=<user@elena.net.nt>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=70464, dsn=2.0.0, stat=Sent
May 29 12:41:40 debian5 sm-mta[26582]: n4T9fb0A026577: to=<user@andrey.net.nt>, delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=70464, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T9fhwQ003374 Message accepted for delivery)











/dev/ttyp2
12:40:34




#/etc/init.d/spamassassin restart


  7 #$
  8 ###########################################################################$
  9 $
 10 #   Add *****SPAM***** to the Subject header of spam e-mails$
 11 #$
 12  rewrite_header Subject *****SPAM_from_elena*****$
 13 $
 14 $
 15 #   Save spam messages as a message/rfc822 MIME attachment instead of$
 16 #   modifying the original message (0: off, 2: use text/plain instead)$
...
~
~
~
~
~
~
~
"/etc/spamassassin/local.cf" 53L, 1214C записано                                                                                                                                 сь
Restarting SpamAssassin Mail Filter Daemon: No /usr/bin/perl found running; none killed.
spamd.











12:40:43




#/etc/init.d/spamassassin restart





Restarting SpamAssassin Mail Filter Daemon: No /usr/bin/perl found running; none killed.
[26522] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Адрес уже используется
[26522] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Адрес уже используется
[26522] error: spamd: could not create INET socket on 127.0.0.1:783: Адрес уже используется
spamd: could not create INET socket on 127.0.0.1:783: Адрес уже используется











12:40:48




#/etc/init.d/spamassassin stop


Stopping SpamAssassin Mail Filter Daemon: spamd.











12:40:58




#/etc/init.d/spamassassin start


Starting SpamAssassin Mail Filter Daemon: spamd.











/dev/ttyp0
12:41:54




#tail -f





May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter add: header: X-Spam-Flag: YES
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter add: header: X-Spam-Status: Yes, score=4.8 required=1.0 tests=ALL_TRUSTED,DRUGS_ERECTILE,\n\tFR_ALMOST_VIAG2,LONGWORDS autolearn=no version=3.2.5
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter add: header: X-Spam-Level: ****
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on debian5.net.nt
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter change: header Subject: from Re: *****SPAM_from_elena***** *****SPAM andrey***** qqq to *****SPAM_from_elena***** Re: *****SPAM_from_elena***** *****SPAM andrey***** qqq
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter change: header Content-Type: from multipart/mixed; boundary="=-b3ktfd4wm6sif3xGVa0i" to multipart/mixed; boundary="----------=_4A1FAE7D.FA2422FB"
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter message: body replaced
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: milter=clamav, quarantine=quarantined by clamav-milter
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: to=<user@andrey.net.nt>, delay=00:00:02, mailer=esmtp, pri=141791, quarantine=quarantined by clamav-milter, stat=quarantined
May 29 12:44:29 debian5 spamd[26545]: prefork: child states: II
...
May 29 12:47:50 debian5 sm-mta[27456]: n4T9lmGJ027456: Milter add: header: X-Spam-Level: **
May 29 12:47:50 debian5 sm-mta[27456]: n4T9lmGJ027456: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on debian5.net.nt
May 29 12:47:50 debian5 sm-mta[27456]: n4T9lmGJ027456: Milter change: header Subject: from Fwd:spamtest to *****SPAM_from_elena***** Fwd:spamtest
May 29 12:47:50 debian5 sm-mta[27456]: n4T9lmGJ027456: Milter change: header Content-Type: from multipart/mixed; boundary="=-YQFmmh99a2rFSZ0iLgZ8" to multipart/mixed; boundary="----------=_4A1FAF46.11D22776"
May 29 12:47:50 debian5 sm-mta[27456]: n4T9lmGJ027456: Milter message: body replaced
May 29 12:47:50 debian5 spamd[26545]: prefork: child states: II
May 29 12:47:53 debian5 sm-mta[27460]: n4T9lmGJ027456: to=<user@andrey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:04, xdelay=00:00:03, mailer=esmtp, pri=259851, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T9lti7003404 Message accepted for delivery)
May 29 12:47:56 debian5 sm-mta[27460]: n4T9lmGJ027456: to=<user@lnet.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:07, xdelay=00:00:03, mailer=esmtp, pri=259851, relay=debian10.lnet.net.nt. [192.168.16.10], dsn=2.0.0, stat=Sent (n4T9lxPS011445 Message accepted for delivery)
May 29 12:47:57 debian5 sm-mta[27460]: n4T9lmGJ027456: to=<user@sergey.net.nt>, ctladdr=<user@elena.net.nt> (1000/1000), delay=00:00:08, xdelay=00:00:01, mailer=esmtp, pri=259851, relay=debian1.sergey.net.nt. [192.168.16.1], dsn=2.0.0, stat=Sent (n4T9m1lI002845 Message accepted for delivery)
^[[B^[[B











/dev/ttyp2
12:43:26




#make





[root@debian5:mail]# tail -f /var/log/mail.log
May 29 12:40:46 debian5 spamd[26512]: prefork: child states: II
May 29 12:40:47 debian5 spamd[26522]: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Ð\220дÑ\200еÑ\201 Ñ\203же иÑ\201полÑ\214зÑ\203еÑ\202Ñ\201Ñ\217
May 29 12:40:48 debian5 spamd[26522]: spamd: could not create INET socket on 127.0.0.1:783: Ð\220дÑ\200еÑ\201 Ñ\203же иÑ\201полÑ\214зÑ\203еÑ\202Ñ\201Ñ\217
May 29 12:40:58 debian5 spamd[26512]: spamd: server killed by SIGTERM, shutting down
May 29 12:41:02 debian5 spamd[26543]: logger: removing stderr method
May 29 12:41:04 debian5 spamd[26545]: spamd: server started on port 783/tcp (running version 3.2.5)
May 29 12:41:04 debian5 spamd[26545]: spamd: server pid: 26545
May 29 12:41:04 debian5 spamd[26545]: spamd: server successfully spawned child process, pid 26574
May 29 12:41:04 debian5 spamd[26545]: spamd: server successfully spawned child process, pid 26575
...
May 29 12:41:38 debian5 spamd[26574]: spamd: identified spam (2.4/1.0) for spamass-milter:107 in 0.3 seconds, 7580 bytes.
May 29 12:41:38 debian5 spamd[26574]: spamd: result: Y 2 - ALL_TRUSTED,DRUGS_ERECTILE,LONGWORDS scantime=0.3,size=7580,user=spamass-milter,uid=107,required_score=1.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=48621,mid=<1243588968.6502.23.camel@debian7.andrey.net.nt>,autolearn=no
May 29 12:41:38 debian5 spamd[26545]: prefork: child states: II
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter change: header X-Spam-Status: from Yes, score=2.7 required=1.0 tests=ALL_TRUSTED,AWL,\n\tDRUGS_ERECTILE,LONGWORDS autolearn=no version=3.2.5 to Yes, score=2.4 required=1.0 tests=ALL_TRUSTED,DRUGS_ERECTILE,\n\tLONGWORDS autolearn=no version=3.2.5
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter change: header X-Spam-Checker-Version: from SpamAssassin 3.2.5 (2008-06-10) on debian8.net.nt to SpamAssassin 3.2.5 (2008-06-10) on debian5.net.nt
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter change: header Subject: from *****SPAM andrey***** qqq to *****SPAM_from_elena***** *****SPAM andrey***** qqq
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter change: header Content-Type: from multipart/mixed; boundary="----------=_4A1FA968.57A4AB5B" to multipart/mixed; boundary="----------=_4A1FADD2.DE86F139"
May 29 12:41:38 debian5 sm-mta[26577]: n4T9fb0A026577: Milter message: body replaced
May 29 12:41:38 debian5 sm-mta[26582]: n4T9fb0A026577: to=<user@elena.net.nt>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=70464, dsn=2.0.0, stat=Sent
May 29 12:41:40 debian5 sm-mta[26582]: n4T9fb0A026577: to=<user@andrey.net.nt>, delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=70464, relay=debian8.andrey.net.nt. [192.168.16.8], dsn=2.0.0, stat=Sent (n4T9fhwQ003374 Message accepted for delivery)











12:44:00




#ls -l /var/run/clamav/


итого 12
srwxr-xr-x 1 clamav clamav 0 2009-05-29 11:20 clamav-milter.ctl
-rw-rw---- 1 clamav clamav 5 2009-05-29 11:20 clamav-milter.pid
srwxrwxrwx 1 clamav clamav 0 2009-05-29 11:55 clamd.ctl
-rw-rw---- 1 clamav clamav 5 2009-05-29 11:55 clamd.pid
-rw-rw---- 1 clamav clamav 5 2009-05-29 11:55 freshclam.pid
srwxr-xr-x 1 clamav clamav 0 2009-05-29 11:19 milter.ctl











12:44:05




#vim /etc/clamav/clamav-milter.conf










12:44:36




#ps aux | grep clam


clamav   22736  0.0  0.1  42976   816 ?        Ssl  11:20   0:00 /usr/sbin/clamav-milter -p /var/run/clamav/clamav-milter.pid local:/var/run/clamav/clamav-milter.ctl
clamav   24195  0.0 11.3  86564 67612 ?        Ssl  11:55   0:00 /usr/sbin/clamd
clamav   24461  0.0  0.2   5920  1644 ?        Ss   11:55   0:01 /usr/bin/freshclam -d --quiet
root     26711  0.0  0.1   4780   772 ttyp3    R+   12:44   0:00 grep clam











12:44:40




#/etc/init.d/clamav-daemon restart


LibClamAV debug: regex_list: added new suffix /moc.yabe, for regex: /moc.yabe
LibClamAV debug: regex_list: added new suffix /ua.moc.yabe, for regex: /ua.moc.yabe
LibClamAV debug: regex_list: added new suffix /nc.moc.yabe, for regex: /nc.moc.yabe
LibClamAV debug: regex_list: added new suffix /kh.moc.yabe, for regex: /kh.moc.yabe
LibClamAV debug: regex_list: added new suffix /ym.moc.yabe, for regex: /ym.moc.yabe
LibClamAV debug: regex_list: added new suffix /gs.moc.yabe, for regex: /gs.moc.yabe
LibClamAV debug: regex_list: added new suffix /rf.lapyap, for regex: /rf.lapyap
LibClamAV debug: regex_list: added new suffix /ti.lapyap, for regex: /ti.lapyap
LibClamAV debug: regex_list: added new suffix /ta.lapyap, for regex: /ta.lapyap
LibClamAV debug: regex_list: added new suffix /ac.lapyap, for regex: /ac.lapyap
...
LibClamAV debug: regex_list: added new suffix /kh.moc.lapyap, for regex: .+\.paypal\.(de|fr|it|at|ca|be|ch|nl|pl|es|co\.uk|com|com\.(au|cn|hk|my|sg))([/?].*)?:(.+\.)?paypal\.(de|fr|it|at|ca|be|ch|nl|pl|es|co\.uk|com|com\.(au|cn|hk|my|sg))/
LibClamAV debug: regex_list: added new suffix /ym.moc.lapyap, for regex: .+\.paypal\.(de|fr|it|at|ca|be|ch|nl|pl|es|co\.uk|com|com\.(au|cn|hk|my|sg))([/?].*)?:(.+\.)?paypal\.(de|fr|it|at|ca|be|ch|nl|pl|es|co\.uk|com|com\.(au|cn|hk|my|sg))/
LibClamAV debug: regex_list: added new suffix /gs.moc.lapyap, for regex: .+\.paypal\.(de|fr|it|at|ca|be|ch|nl|pl|es|co\.uk|com|com\.(au|cn|hk|my|sg))([/?].*)?:(.+\.)?paypal\.(de|fr|it|at|ca|be|ch|nl|pl|es|co\.uk|com|com\.(au|cn|hk|my|sg))/
LibClamAV debug: regex_list: added new suffix /moc.knabitic, for regex: .+\.citibank\.com([/?].*)?:(.+\.)?citibank\.com/
LibClamAV debug: regex_list: added new suffix /moc.notgnitnuh, for regex: .+\.huntingtonoptout\.com([/?].*)?:(.+\.)?huntington\.com/
LibClamAV debug: regex_list: added new suffix /moc.aciremafoknab.www:moc.erutrevo.vrs.tsae-su.cr, for regex: /moc.aciremafoknab.www:moc.erutrevo.vrs.tsae-su.cr
LibClamAV debug: regex_list: added new suffix /moc.sraes.www:moc.gnitekram-sharrah.kcilc, for regex: /moc.sraes.www:moc.gnitekram-sharrah.kcilc
LibClamAV debug: regex_list: added new suffix /moc.yenomnigriv:ku.oc.anbm.ecivresremotsuc, for regex: /moc.yenomnigriv:ku.oc.anbm.ecivresremotsuc
LibClamAV debug: /tmp/clamav-db87dc0ba438733dbcc8b334c1c77bfd/daily.wdb loaded
LibClamAV debug: /tmp/clamav-db87dc0ba438733dbcc8b334c1c77bfd/daily.zmd loaded











12:45:01




#tail -f /var/log/mail.log





May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter add: header: X-Spam-Flag: YES
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter add: header: X-Spam-Status: Yes, score=4.8 required=1.0 tests=ALL_TRUSTED,DRUGS_ERECTILE,\n\tFR_ALMOST_VIAG2,LONGWORDS autolearn=no version=3.2.5
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter add: header: X-Spam-Level: ****
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on debian5.net.nt
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter change: header Subject: from Re: *****SPAM_from_elena***** *****SPAM andrey***** qqq to *****SPAM_from_elena***** Re: *****SPAM_from_elena***** *****SPAM andrey***** qqq
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter change: header Content-Type: from multipart/mixed; boundary="=-b3ktfd4wm6sif3xGVa0i" to multipart/mixed; boundary="----------=_4A1FAE7D.FA2422FB"
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: Milter message: body replaced
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: milter=clamav, quarantine=quarantined by clamav-milter
May 29 12:44:29 debian5 sm-mta[26668]: n4T9iQ0R026668: to=<user@andrey.net.nt>, delay=00:00:02, mailer=esmtp, pri=141791, quarantine=quarantined by clamav-milter, stat=quarantined
May 29 12:44:29 debian5 spamd[26545]: prefork: child states: II











/dev/ttyp0
12:48:29




#make


Updating auth ...
sasl2-bin not installed, not configuring sendmail support.
To enable sendmail SASL2 support at a later date, invoke "/usr/share/sendmail/update_auth"
Creating /etc/mail/relay-domains
# Optional file...
The following file(s) have changed:
** ** You should issue `/etc/init.d/sendmail reload` ** **









Статистика
Время первой команды журнала11:02:18 2009- 5-29
Время последней команды журнала12:48:29 2009- 5-29
Количество командных строк в журнале101
Процент команд с ненулевым кодом завершения, %25.74
Процент синтаксически неверно набранных команд, % 0.99
Суммарное время работы с терминалом *, час 1.26
Количество командных строк в единицу времени, команда/мин 1.34
Частота использования команд
vim26|=======================| 23.85%
tail20|==================| 18.35%
grep8|=======|  7.34%
make7|======|  6.42%
less5|====|  4.59%
/etc/init.d/sendmail4|===|  3.67%
ps4|===|  3.67%
/etc/init.d/spamassassin4|===|  3.67%
rm4|===|  3.67%
apt-get4|===|  3.67%
ls4|===|  3.67%
/etc/init.d/clamav-milter3|==|  2.75%
/etc/init.d/clamav-daemon3|==|  2.75%
cd2|=|  1.83%
dpkg1||  0.92%
/etc/init.d/clamav-1||  0.92%
#1||  0.92%
whereis1||  0.92%
mailq1||  0.92%
spamassassin.1p.gz1||  0.92%
kill1||  0.92%
mv1||  0.92%
exit1||  0.92%
mc1||  0.92%
clamscan1||  0.92%
____
*) Интервалы неактивности длительностью 30 минут и более не учитываются
Справка
    Для того чтобы использовать LiLaLo, не нужно знать ничего особенного:
    всё происходит само собой.
    Однако, чтобы ведение и последующее использование журналов
    было как можно более эффективным, желательно иметь в виду следующее:
    
    
    
  1.  
    В журнал автоматически попадают все команды, данные в любом терминале системы.
    
    2. 
    
  2. 
    Для того чтобы убедиться, что журнал на текущем терминале ведётся, 
    и команды записываются, дайте команду w.
    В поле WHAT, соответствующем текущему терминалу, 
    должна быть указана программа script.
    
    3. 
    
  3. 
    Команды, при наборе которых были допущены синтаксические ошибки, 
    выводятся перечёркнутым текстом:

    

    


    $ l s-l
    

    bash: l: command not found

    
    		

    

    

    
    
    4. 
    
  4. 
    Если код завершения команды равен нулю, 
    команда была выполнена без ошибок.
    Команды, код завершения которых отличен от нуля, выделяются цветом.

    

    


    $ test 5 -lt 4
    

    		

    

    
    Обратите внимание на то, что код завершения команды может быть отличен от нуля
    не только в тех случаях, когда команда была выполнена с ошибкой.
    Многие команды используют код завершения, например, для того чтобы показать результаты проверки

    
    
    5. 
    
  5. 
    Команды, ход выполнения которых был прерван пользователем, выделяются цветом.

    

    


    $ find / -name abc
    

    find: /home/devi-orig/.gnome2: Keine Berechtigung
find: /home/devi-orig/.gnome2_private: Keine Berechtigung
find: /home/devi-orig/.nautilus/metafiles: Keine Berechtigung
find: /home/devi-orig/.metacity: Keine Berechtigung
find: /home/devi-orig/.inkscape: Keine Berechtigung
^C

    
    		

    

    

    
    
    6. 
    
  6. 
    Команды, выполненные с привилегиями суперпользователя,
    выделяются слева красной чертой.

    

    


    # id
    

    uid=0(root) gid=0(root) Gruppen=0(root)

    
    		

    

    
    
    
    
    7. 
    
  7. 
    Изменения, внесённые в текстовый файл с помощью редактора, 
    запоминаются и показываются в журнале в формате ed.
    Строки, начинающиеся символом "<", удалены, а строки,
    начинающиеся символом ">" -- добавлены.

    

    


    $ vi ~/.bashrc
    

    2a3,5
>    if [ -f /usr/local/etc/bash_completion ]; then
>         . /usr/local/etc/bash_completion
>        fi

    		

    

    
    
    
    
    8. 
    
  8. 
    Для того чтобы изменить файл в соответствии с показанными в диффшоте
    изменениями, можно воспользоваться командой patch.
    Нужно скопировать изменения, запустить программу patch, указав в
    качестве её аргумента файл, к которому применяются изменения,
    и всавить скопированный текст:

    

    


    $ patch ~/.bashrc
    
    		

    

    
    В данном случае изменения применяются к файлу ~/.bashrc
    
    9. 
    
  9. 
    Для того чтобы получить краткую справочную информацию о команде, 
    нужно подвести к ней мышь. Во всплывающей подсказке появится краткое
    описание команды.
    
    
    
    
    Если справочная информация о команде есть, 
    команда выделяется голубым фоном, например: vi.
    Если справочная информация отсутствует,
    команда выделяется розовым фоном, например: notepad.exe.
    Справочная информация может отсутствовать в том случае, 
    если (1) команда введена неверно; (2) если распознавание команды LiLaLo выполнено неверно;
    (3) если информация о команде неизвестна LiLaLo.
    Последнее возможно для редких команд.
    
    10. 
    
  10. 
    Большие, в особенности многострочные, всплывающие подсказки лучше 
    всего показываются браузерами KDE Konqueror, Apple Safari и Microsoft Internet Explorer.
    В браузерах Mozilla и Firefox они отображаются не полностью, 
    а вместо перевода строки выводится специальный символ.
    
    11. 
    
  11. 
    Время ввода команды, показанное в журнале, соответствует времени 
    начала ввода командной строки, которое равно тому моменту, 
    когда на терминале появилось приглашение интерпретатора
    
    12. 
    
  12. 
    Имя терминала, на котором была введена команда, показано в специальном блоке.
    Этот блок показывается только в том случае, если терминал
    текущей команды отличается от терминала предыдущей.
    
    13. 
    
  13. 
    Вывод не интересующих вас в настоящий момент элементов журнала,
    таких как время, имя терминала и других, можно отключить.
    Для этого нужно воспользоваться формой управления журналом
    вверху страницы.
    
    14. 
    
  14. 
    Небольшие комментарии к командам можно вставлять прямо из командной строки.
    Комментарий вводится прямо в командную строку, после символов #^ или #v.
    Символы ^ и v показывают направление выбора команды, к которой относится комментарий:
    ^ - к предыдущей, v - к следующей.
    Например, если в командной строке было введено:

    $ whoami

    

    user

    

    $ #^ Интересно, кто я?

    
    в журнале это будет выглядеть так:
    

    $ whoami

    

    user

    

    

      Интересно, кто я?
     
     
    
    15. 
    
  15. 
    Если комментарий содержит несколько строк,
    его можно вставить в журнал следующим образом:

    $ whoami

    

    user

    

    $ cat > /dev/null #^ Интересно, кто я?

    

    Программа whoami выводит имя пользователя, под которым 
мы зарегистрировались в системе.
-
Она не может ответить на вопрос о нашем назначении 
в этом мире.

    
    В журнале это будет выглядеть так:

    

    


    $ whoami
    

    user

    

    Интересно, кто я?
    
Программа whoami выводит имя пользователя, под которым
    
мы зарегистрировались в системе.
    

    
Она не может ответить на вопрос о нашем назначении
    
в этом мире.
    

    
    		

    

    
    Для разделения нескольких абзацев между собой
    используйте символ "-", один в строке.
    
    

    16. 
    
  16. 
    Комментарии, не относящиеся непосредственно ни к какой из команд, 
    добавляются точно таким же способом, только вместо симолов #^ или #v 
    нужно использовать символы #=
    
    17. 

    
  17. 
    Содержимое файла может быть показано в журнале.
    Для этого его нужно вывести с помощью программы cat.
    Если вывод команды отметить симоволами #!, 
    содержимое файла будет показано в журнале
    в специально отведённой для этого секции.
    
    18. 

    
    
    
  18. 
    Для того чтобы вставить скриншот интересующего вас окна в журнал,
    нужно воспользоваться командой l3shot.
    После того как команда вызвана, нужно с помощью мыши выбрать окно, которое
    должно быть в журнале.
    
    19. 
    
    

    
    
    
  19. 
    Команды в журнале расположены в хронологическом порядке.
    Если две команды давались одна за другой, но на разных терминалах,
    в журнале они будут рядом, даже если они не имеют друг к другу никакого отношения.

    1
    2
3   
    4

    
    Группы команд, выполненных на разных терминалах, разделяются специальной линией.
    Под этой линией в правом углу показано имя терминала, на котором выполнялись команды.
    Для того чтобы посмотреть команды только одного сенса, 
    нужно щёкнуть по этому названию.
    
    20. 
    
    



О программе
    

    LiLaLo (L3) расшифровывается как Live Lab Log.

    Программа разработана для повышения эффективности обучения Unix/Linux-системам.

    (c) Игорь Чубин, 2004-2008

    

$Id$