Postfix+MySQL+AMAVIS+SPAMASSASSIN+Razor installaion on Debian
++INSTALL++
apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authmysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl postfix-tls libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl phpmyadmin
already have ne mysql and few changes
apt-get update
apt-get install postfix postfix-mysql postfix-doc courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl postfix-tls libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl phpmyadmin
Create directories for web-based administration ? <– No
General type of configuration? <– Internet site
Mail name? <– ubuntusrv.net
SSL certificate required <– Ok
Which web server would you like to reconfigure automatically? <– lighttpd, apache2–select apache2
apt-get install build-essential dpkg-dev fakeroot debhelper libdb4.2-dev libgdbm-dev libldap2-dev libpcre3-dev zlib1g-dev libssl-dev libsasl2-dev po-debconf dpatch
cd /usr/src
apt-get source postfix
wget http://web.onda.com.br/nadal/postfix/VDA/postfix-2.3.3-vda.patch.gz
gunzip postfix-2.3.3-vda.patch.gz
cd postfix-2.6.5
patch -p1 < ../postfix-2.3.3-vda.patch
dpkg-buildpackage
error:-dpkg-checkbuilddeps: Unmet build dependencies: debhelper (>= 4.1.16) po-debconf (>= 0.5.0) libdb-dev (>= 4.6.19) libldap2-dev (>= 2.1) libpcre3-dev libmysqlclient-dev | libmysqlclient15-dev | libmysqlclient14-dev libssl-dev (>= 0.9.7) libsasl2-dev libpq-dev libcdb-dev | tinycdb hardening-wrapper
dpkg-buildpackage: warning: Build dependencies/conflicts unsatisfied; aborting.
dpkg-buildpackage: warning: (Use -d flag to override.)
cd ..
apt-get install debhelper po-debconf libdb-dev libldap2-dev libpcre3-dev libmysqlclient-dev libmysqlclient15-dev libssl-dev libsasl2-dev libpq-dev libcdb-dev tinycdb hardening-wrapper libdb-dev libldap2-dev
dpkg-buildpackage
cd ..
dpkg -i postfix_2.6.5-3_i386.deb
++CREATE DATABASE FOR MAILS++
mysqladmin -u root -p create mail
mysql -u root -psajith
GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO ‘mail_admin’@’localhost’ IDENTIFIED BY ‘mail_admin_password’;
GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO ‘mail_admin’@’localhost.localdomain’ IDENTIFIED BY ‘mail_admin_password’;
FLUSH PRIVILEGES;
mysql>use mail;
CREATE TABLE domains (
domain varchar(50) NOT NULL,
PRIMARY KEY (domain) )
TYPE=MyISAM;
CREATE TABLE forwardings (
source varchar(80) NOT NULL,
destination TEXT NOT NULL,
PRIMARY KEY (source) )
TYPE=MyISAM;
CREATE TABLE users (
email varchar(80) NOT NULL,
password varchar(20) NOT NULL,
quota INT(10) DEFAULT ‘10485760’,
PRIMARY KEY (email)
) TYPE=MyISAM;
CREATE TABLE transport (
domain varchar(128) NOT NULL default ”,
transport varchar(128) NOT NULL default ”,
UNIQUE KEY domain (domain)
) TYPE=MyISAM;
mysql> show tables;
+—————-+
| Tables_in_mail |
+—————-+
| domains |
| forwardings |
| transport |
| users |
+—————-+
4 rows in set (0.02 sec)
check vim /etc/mysql/my.cnf contains the following line:
bind-address = 127.0.0.1
++CREATE VIRTUAL DOMAIN AND MAPS++
vim /etc/postfix/mysql-virtual_domains.cf add
etc/postfix/mysql-virtual_domains.cf:
user = mail_admin
password = mail_admin_password
dbname = mail
table = domains
select_field = ‘virtual’
where_field = domain
hosts = 127.0.0.1
vim /etc/postfix/mysql-virtual_forwardings.cf add
user = mail_admin
password = mail_admin_password
dbname = mail
table = domains
select_field = ‘virtual’
where_field = domain
hosts = 127.0.0.1
vim /etc/postfix/mysql-virtual_mailboxes.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = CONCAT(SUBSTRING_INDEX(email,’@’,-1),’/’,SUBSTRING_INDEX(email,’@’,1),’/’)
where_field = email
hosts = 127.0.0.1
vim /etc/postfix/mysql-virtual_email2email.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = email
where_field = email
hosts = 127.0.0.1
vim /etc/postfix/mysql-virtual_transports.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = email
where_field = email
hosts = 127.0.0.1
vim /etc/postfix/mysql-virtual_mailbox_limit_maps.cf
user = mail_admin
password = mail_admin_password
dbname = mail
table = users
select_field = email
where_field = email
hosts = 127.0.0.1
chmod o= /etc/postfix/mysql-virtual_*.cf
chgrp postfix /etc/postfix/mysql-virtual_*.cf
groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m
vim/etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA’s job.
append_dot_mydomain = no
# Uncomment the next line to generate “delayed mail” warnings
#delay_warning_time = 4h
readme_directory = /usr/share/doc/postfix
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = ubuntusrv.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ubuntusrv.net, localhost.net, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
Next we do some Postfix configuration. Go sure that you replace server1.example.com with a valid FQDN, otherwise your Postfix might not work properly!
++POSTFIX CONFIGURATIONS++
postconf -e ‘virtual_alias_domains =’
postconf -e ‘ virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf’
postconf -e ‘virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf’
postconf -e ‘virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf’
postconf -e ‘virtual_mailbox_base = /home/vmail’
postconf -e ‘smtpd_sasl_auth_enable = yes’
postconf -e ‘broken_sasl_auth_clients = yes’
postconf -e ‘smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination’
postconf -e ‘smtpd_use_tls = yes’
postconf -e ‘smtpd_tls_cert_file = /etc/postfix/smtpd.cert’
postconf -e ‘smtpd_tls_key_file = /etc/postfix/smtpd.key’
postconf -e ‘transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf’
postconf -e ‘virtual_create_maildirsize = yes’
postconf -e ‘virtual_maildir_extended = yes’
postconf -e ‘virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf’
postconf -e ‘virtual_mailbox_limit_override = yes’
postconf -e ‘virtual_maildir_limit_message = “The user you are trying to reach is over quota.”‘
postconf -e ‘virtual_overquota_bounce = yes’
postconf -e ‘proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps’
now my vim /etc/postfix/main.cf has been added
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = “The user you are trying to reach is over quota.”
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509
chmod o= /etc/postfix/smtpd.key
++SASLAUTH++
mkdir -p /var/spool/postfix/var/run/saslauthd
Edit /etc/default/saslauthd. Remove the # in front of START=yes and add the line PARAMS=”-m /var/spool/postfix/var/run/saslauthd -r”. The file should then look like this:
START=yes
MECHANISMS=”pam”
PARAMS=”-m /var/spool/postfix/var/run/saslauthd -r”
We must also edit /etc/init.d/saslauthd and change the location of saslauthd’s PID file. Change the value of PIDFILE to /var/spool/postfix/var/run/${NAME}/saslauthd.pid:
PIDFILE=”/var/spool/postfix/var/run/${NAME}/saslauthd.pid”
Then create the file /etc/pam.d/smtp. It should contain only the following two lines (go sure to fill in your correct database details):
auth required pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
Next create the file /etc/postfix/sasl/smtpd.conf. It should look like this:
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: mail_admin_password
sql_database: mail
sql_select: select password from users where email = ‘%u’
Then restart Postfix and Saslauthd:
/etc/init.d/postfix restart
postfix check
/etc/init.d/saslauthd restart
++COURIER CONFIG++
Then edit /etc/courier/authmysqlrc. It should look like this (again, make sure to fill in the correct database details):
MYSQL_SERVER localhost
MYSQL_USERNAME mail_admin
MYSQL_PASSWORD mail_admin_password
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD “/home/vmail”
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,’@’,-1),’/’,SUBSTRING_INDEX(email,’@’,1),’/’)
MYSQL_QUOTA_FIELD quota
Then restart Courier:
/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop restart
/etc/init.d/courier-pop-ssl restart
++AMAVIS AND SPAMASSASSIN++
apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2
Now we have to edit /etc/amavis/amavisd.conf. This is a very long file with lots of comments. I have stripped out the unnecessary parts, this is with what I ended up (make sure you adjust line 112 (@lookup_sql_dsn = ( [‘DBI:mysql:database=mail;host=127.0.0.1;port=3306’, ‘mail_admin’, ‘mail_admin_password’] ); to your own database settings):
use strict;$MYHOME = ‘/var/lib/amavis’; # (default is ‘/var/amavis’)$mydomain = ‘localhost’;# $myhostname = ‘host.example.com’; # fqdn of this host, default by uname(3)$daemon_user = ‘amavis’; # (no default (undef))$daemon_group = ‘amavis’; # (no default (undef))$TEMPBASE = $MYHOME; # (must be set if other config vars use is)$pid_file = “/var/run/amavis/amavisd.pid”; # (default: “$MYHOME/amavisd.pid”)$lock_file = “/var/run/amavis/amavisd.lock”; # (default: “$MYHOME/amavisd.lock”)$ENV{TMPDIR} = $TEMPBASE; # wise to set TMPDIR, but not obligatory$max_servers = 4; # number of pre-forked children (default 2)$max_requests = 10; # retire a child after that many accepts (default 10)$child_timeout=5*60; # abort child if it does not complete each task in n sec # (default: 8*60 seconds)# @bypass_virus_checks_acl = qw( . ); # uncomment to DISABLE anti-virus code# @bypass_spam_checks_acl = qw( . ); # uncomment to DISABLE anti-spam code@local_domains_acl = ( “.$mydomain” ); # $mydomain and its subdomains$relayhost_is_client = 0; # (defaults to false)$insert_received_line = 1;$unix_socketname = undef;$inet_socket_port = 10024;$inet_socket_bind = ‘127.0.0.1’;@inet_acl = qw( 127.0.0.1 );$DO_SYSLOG = 1;$LOGFILE = “/var/log/amavis.log”; # (defaults to empty, no log)#$log_level = 2; # (defaults to 0)$log_templ = ‘[? %#V |[? %#F |[?%#D|Not-Delivered|Passed]|BANNED name/type (%F)]|INFECTED (%V)], #[?%o|(?)|<%o>] -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c’;read_l10n_templates(‘en_US’, ‘/etc/amavis’);$final_virus_destiny = D_REJECT; # (defaults to D_BOUNCE)$final_banned_destiny = D_REJECT; # (defaults to D_BOUNCE)$final_spam_destiny = D_PASS; # (defaults to D_REJECT)$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested$viruses_that_fake_sender_re = new_RE( qr’nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar’i, qr’tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces’i, qr’dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la’i, qr’frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown’i, qr’@mm|@MM’, # mass mailing viruses as labeled by f-prot and uvscan qr’Worm’i, # worms as labeled by ClamAV, Kaspersky, etc [qr’^(EICAR|Joke\.|Junk\.)’i => 0], [qr’^(WM97|OF97|W95/CIH-|JS/Fort)’i => 0], [qr/.*/ => 1], # true by default (remove or comment-out if undesired));$virus_admin = “postmaster\@$mydomain”; # due to D_DISCARD default$mailfrom_to_quarantine = ”; # override sender address with null return path$QUARANTINEDIR = ‘/var/lib/amavis/virusmails’;$virus_quarantine_to = ‘virus-quarantine’; # traditional local quarantine$spam_quarantine_to = ‘spam-quarantine’;$X_HEADER_TAG = ‘X-Virus-Scanned’; # (default: undef)$X_HEADER_LINE = “by $myversion (Debian) at $mydomain”;$undecipherable_subject_tag = ‘***UNCHECKED*** ‘; # undef disables it$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone#$remove_existing_x_scanned_headers= 1; # remove existing headers # (defaults to false)#$remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone$remove_existing_spam_headers = 1; # remove existing spam headers if # spam scanning is enabled (default)$keep_decoded_original_re = new_RE(# qr’^MAIL$’, # retain full original message for virus checking (can be slow) qr’^MAIL-UNDECIPHERABLE$’, # retain full mail if it contains undecipherables qr’^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)’i,# qr’^Zip archive data’,);$banned_filename_re = new_RE(# qr’^UNDECIPHERABLE$’, # is or contains any undecipherable components qr’\.[^.]*\.(exe|vbs|pif|scr|bat|cmd|com|dll)$’i, # some double extensions qr'[{}]’, # curly braces in names (serve as Class ID extensions – CLSID)
# qr’.\.(exe|vbs|pif|scr|bat|cmd|com)$’i, # banned extension – basic
# qr’.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js|
# jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb|
# vbe|vbs|wsc|wsf|wsh)$’ix, # banned extension – long
# qr’.\.(mim|b64|bhx|hqx|xxe|uu|uue)$’i, # banned extension – WinZip vulnerab.
# qr’^\.(zip|lha|tnef|cab)$’i, # banned file(1) types
# qr’^\.exe$’i, # banned file(1) types
# qr’^application/x-msdownload$’i, # banned MIME types
# qr’^application/x-msdos-program$’i,
qr’^message/partial$’i, # rfc2046. this one is deadly for Outcrook
# qr’^message/external-body$’i, # block rfc2046
);
@lookup_sql_dsn =
( [‘DBI:mysql:database=mail;host=127.0.0.1;port=3306’, ‘mail_admin’, ‘mail_admin_password’] );
$sql_select_policy = ‘SELECT “Y” as local FROM domains WHERE CONCAT(“@”,domain) IN (%k)’;
$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting
$recipient_delimiter = ‘+’; # (default is ‘+’)
$replace_existing_extension = 1; # (default is false)
$localpart_is_case_sensitive = 0; # (default is false)
$blacklist_sender_re = new_RE(
qr’^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@’i,
qr’^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@’i,
qr’^(new\.tld\.registry|opt-out|opt-in|optin|saveonl|smoking2002k)@’i,
qr’^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@’i,
qr’^(workathome|yesitsfree|your_friend|greatoffers)@’i,
qr’^(inkjetplanet|marketopt|MakeMoney)\d*@’i,
);
map { $whitelist_sender{lc($_)}=1 } (qw(
nobody@cert.org
owner-alert@iss.net
slashdot@slashdot.org
bugtraq@securityfocus.com
NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
security-alerts@linuxsecurity.com
amavis-user-admin@lists.sourceforge.net
razor-users-admin@lists.sourceforge.net
notification-return@lists.sophos.com
mailman-announce-admin@python.org
zope-announce-admin@zope.org
owner-postfix-users@postfix.org
owner-postfix-announce@postfix.org
owner-sendmail-announce@lists.sendmail.org
sendmail-announce-request@lists.sendmail.org
ca+envelope@sendmail.org
owner-technews@postel.ACM.ORG
lvs-users-admin@LinuxVirtualServer.org
ietf-123-owner@loki.ietf.org
cvs-commits-list-admin@gnome.org
rt-users-admin@lists.fsck.com
owner-announce@mnogosearch.org
owner-hackers@ntp.org
owner-bugs@ntp.org
clp-request@comp.nus.edu.sg
surveys-errors@lists.nua.ie
emailNews@genomeweb.com
owner-textbreakingnews@CNNIMAIL12.CNN.COM
yahoo-dev-null@yahoo-inc.com
));
$MAXLEVELS = 14; # (default is undef, no limit)
$MAXFILES = 1500; # (default is undef, no limit)
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified)
$MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified)
$path = ‘/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin’;
$file = ‘file’; # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip = ‘gzip’;
$bzip2 = ‘bzip2’;
$lzop = ‘lzop’;
$uncompress = [‘uncompress’, ‘gzip -d’, ‘zcat’];
$unfreeze = [‘unfreeze’, ‘freeze -d’, ‘melt’, ‘fcat’];
$arc = [‘nomarch’, ‘arc’];
$unarj = [‘arj’, ‘unarj’]; # both can extract, arj is recommended
$unrar = [‘rar’, ‘unrar’]; # both can extract, same options
$zoo = ‘zoo’;
$lha = ‘lha’;
$cpio = ‘cpio’; # comment out if cpio does not support GNU options
$sa_local_tests_only = 0; # (default: false)
#$sa_auto_whitelist = 1; # turn on AWL (default: false)
# Timout for SpamAssassin. This is only used if spamassassin does NOT
# override it (which it often does if sa_local_tests_only is not true)
$sa_timeout = 30; # timeout in seconds for a call to SpamAssassin
# (default is 30 seconds, undef disables it)# AWL (auto whitelisting), requires spamassassin 2.44 or better# $sa_auto_whitelist = 1; # defaults to undef$sa_mail_body_size_limit = 150*1024;$sa_tag_level_deflt = 3.0; # add spam info headers if at, or above that level$sa_tag2_level_deflt = 4.0; # add ‘spam detected’ headers at that level$sa_kill_level_deflt = $sa_tag2_level_deflt;$sa_dsn_cutoff_level = 10;$sa_spam_subject_tag = ‘***SPAM*** ‘;$first_infected_stops_scan = 1;@av_scanners = (### http://www.clamav.net/%5B‘Clam Antivirus-clamd’, \&ask_daemon, [“CONTSCAN {}\n”, “/var/run/clamav/clamd.ctl”], qr/\bOK$/, qr/\bFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],# NOTE: run clamd under the same user as amavisd; match the socket# name (LocalSocket) in clamav.conf to the socket name in this entry# When running chrooted one may prefer: [“CONTSCAN {}\n”,”$MYHOME/clamd”],);@av_scanners_backup = ( ### http://www.clamav.net/ [‘Clam Antivirus – clamscan’, ‘clamscan’, “–stdout –no-summary -r –tempdir=$TEMPBASE {}”, [0], [1], qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],);1; # insure a defined return
adduser clamav amavis
/etc/init.d/amavis restart
/etc/init.d/clamav-daemon restart
Now we have to configure Postfix to pipe incoming email through amavisd-new:
postconf -e ‘content_filter = amavis:[127.0.0.1]:10024’
postconf -e ‘receive_override_options = no_address_mappings’
vim /etc/postfix/master.cf this is the file ,we need to add
smtp inet n – – – – smtpd
pickup fifo n – – 60 1 pickup
cleanup unix n – – – 0 cleanup
qmgr fifo n – n 300 1 qmgr
#qmgr fifo n – – 300 1 oqmgr
tlsmgr unix – – – 1000? 1 tlsmgr
rewrite unix – – – – – trivial-rewrite
bounce unix – – – – 0 bounce
defer unix – – – – 0 bounce
trace unix – – – – 0 bounce
verify unix – – – – 1 verify
flush unix n – – 1000? 0 flush
proxymap unix – – n – – proxymap
proxywrite unix – – n – 1 proxymap
smtp unix – – – – – smtp
relay unix – – – – – smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n – – – – showq
error unix – – – – – error
retry unix – – – – – error
discard unix – – – – – discard
local unix – n n – – local
virtual unix – n n – – virtual
lmtp unix – – – – – lmtp
anvil unix – – – – 1 anvil
scache unix – – – – 1 scache
maildrop unix – n n – – pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix – n n – – pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender – $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix – n n – – pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix – n n – – pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix – n n – 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix – n n – – pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
Afterwards append the following lines to /etc/postfix/master.cf:
amavis unix – – – – 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes127.0.0.1:10025 inet n – – – – smtpd -o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1
and restart Postfix:
/etc/init.d/postfix restart
postfix check
++RAZOR INSTALL++
apt-get install razor pyzor dcc-client
error:-E: Couldn’t find package dcc-client
apt-get install razor pyzor
Now we have to tell SpamAssassin to use these three programs. Edit /etc/spamassassin/local.cf so that it looks like this:
# rewrite_header Subject *****SPAM*****
# report_safe 1
# trusted_networks 212.17.35.
# lock_method flock
# dcc
#use_dcc 1
#dcc_path /usr/bin/dccproc
#dcc_add_header 1
#dcc_dccifd_path /usr/sbin/dccifd
#pyzor
use_pyzor 1
pyzor_path /usr/bin/pyzor
pyzor_add_header 1
#razor
use_razor2 1
razor_config /etc/razor/razor-agent.conf
#bayes
use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1
/etc/init.d/amavis restart
****************************************************
if need Now I want to insert some custom rulesets that can be found on the internet into SpamAssassin. I have tested those rulesets, and they make spam filtering a lot more effective. Create the file /usr/local/sbin/sa_rules_update.sh:
#!/bin/shPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bincd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/71_sare_redirect_pre3.0.0.cf -O 71_sare_redirect_pre3.0.0.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf -O 70_sare_bayes_poison_nxm.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html.cf -O 70_sare_html.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html4.cf -O 70_sare_html4.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html_x30.cf -O 70_sare_html_x30.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header0.cf -O 70_sare_header0.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header3.cf -O 70_sare_header3.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header_x30.cf -O 70_sare_header_x30.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_specific.cf -O 70_sare_specific.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_adult.cf -O 70_sare_adult.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/72_sare_bml_post25x.cf -O 72_sare_bml_post25x.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_sare_fraud_post25x.cf -O 99_sare_fraud_post25x.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_spoof.cf -O 70_sare_spoof.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_random.cf -O 70_sare_random.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_oem.cf -O 70_sare_oem.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj0.cf -O 70_sare_genlsubj0.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj3.cf -O 70_sare_genlsubj3.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj_x30.cf -O 70_sare_genlsubj_x30.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_unsub.cf -O 70_sare_unsub.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_uri.cf -O 70_sare_uri.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf -O antidrug.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf -O bogus-virus-warnings.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.yackley.org/sa-rules/evilnumbers.cf -O evilnumbers.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.stearns.org/sa-blacklist/random.current.cf -O random.current.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_body.cf -O 88_FVGT_body.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_rawbody.cf -O 88_FVGT_rawbody.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_subject.cf -O 88_FVGT_subject.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_headers.cf -O 88_FVGT_headers.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_uri.cf -O 88_FVGT_uri.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_DomainDigits.cf -O 99_FVGT_DomainDigits.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf -O 99_FVGT_Tripwire.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_meta.cf -O 99_FVGT_meta.cf &> /dev/nullcd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.nospamtoday.com/download/mime_validate.cf -O mime_validate.cf &> /dev/null/etc/init.d/amavis restart &> /dev/null
chmod 755 /usr/local/sbin/sa_rules_update.sh
/usr/local/sbin/sa_rules_update.sh
crontab -e
23 4 */2 * * /usr/local/sbin/sa_rules_update.sh &> /dev/null
(Note (a little off-topic): on Debian Sarge crontab -e will automatically open the editor nano. If you are used to working with the editor vi (like me), run the following commands:
rm -f /etc/alternatives/editor
ln -s /usr/bin/vi /etc/alternatives/editor
Afterwards, run crontab -e, and vi will come up.)
cd /usr/local/sbin/
wget http://puuhis.net/vhcs/quota.txt
mv quota.txt quota_notify
chmod 755 quota_notify
Open /usr/local/sbin/quota_notify and edit the variables at the top:
my $POSTFIX_CF = “/etc/postfix/main.cf”;
my $MAILPROG = “/usr/sbin/sendmail -t”;
my $WARNPERCENT = 80;my @POSTMASTERS = (‘postmaster@isp.tld’);
my $CONAME = ‘ISP.tld’;
my $COADDR = ‘postmaster@isp.tld’;
my $SUADDR = ‘postmaster@isp.tld’;
my $MAIL_REPORT = 1;
my $MAIL_WARNING = 1;
Run crontab -e to create a cron job for that script:
0 0 * * * /usr/local/sbin/quota_notify &> /dev/null
***********************************************************************************
++TESTING++
root@ubuntusrv:/etc/postfix# telnet localhost 25
Trying ::1…
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 ubuntusrv.net ESMTP Postfix (Ubuntu)
ehlo localhost
500 5.5.2 Error: bad syntax
ehlo
501 Syntax: EHLO hostname
ehlo ubuntuserv.net
250-ubuntusrv.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
Posted on January 20, 2014, in LInux Based, Uncategorized. Bookmark the permalink. Leave a comment.
Leave a comment
Comments 0