====== qmail-ldap With Simscan ====== Simscan is an alternative to the qmail-scanner.pl which is written in C and will reject viruses and spam above a certain score.

The use of perl in qmail-scanner has always bothered me for performance reasons, so I am happy to see something written in C which will do the same and more than the qmail-scanner.

You need to install spamassassin and clamav

Create a role account which simscan will run as:

/usr/sbin/useradd -u 75 -g qmail -c "SimScan" -d /var/qmail/simscan -m -k /dev/null simscan Untar and configure simscan: aptitude install libpcre3-dev tar xvzf simscan-1.4.0.tar.gz cd simscan-1.4.0 ./configure --enable-clamav=y --enable-custom-smtp-reject=y --enable-spam=y --enable-regex=y --enable-per-domain --enable-spam-hits=9.0 --enable-spamc-args="-t 60" --enable-attach=y --enable-received=y make && make install-strip usermod -G qmail clamav /etc/init.d/clamav-daemon restart Consider making the temporary scan directory into a ram drive: Add to /etc/fstab: none /var/qmail/simscan tmpfs mode=2770,uid=simscan,gid=qmail 0 0 - or - if you're going to leave temp files on disk - check permissions: chgrp qmail /var/qmail/simscan chmod g+ws /var/qmail/simscan Configure matching rules, this defines the default: echo ":clam=yes,spam=yes,spam_hits=9.0,attach=.vbs:.scr:.wsh:.hta:.pif:.lnk:.cpl:.exe:.bat:.com:.bas:.class:.ocx,regex=Date\s\x3a\s:personnel\sto\ssupport\sour\slogistics\sprojects" > /var/qmail/control/simcontrol /var/qmail/bin/simscanmk /var/qmail/bin/simscanmk -g echo "OnUpdateExecute /var/qmail/bin/simscanmk -g" >> /etc/clam/freshclam.conf Test: QMAILQUEUE=/var/qmail/bin/simscan SIMSCAN_DEBUG=2 /var/qmail/bin/qmail-inject test@mrzesty.net
Simscan post 1.1 from CVS has a patch which prevents SpamAssassin from running when RELAYCLIENT is set (don't scan client's mail). The qmail-ldap patch as of 20041201 does not set RELAYCLIENT when a client SMTP authenticates as vpopmail apparently does.

I make the following patch to qmail-smtpd.c to set RELAYCLIENT so that clients' mail received by SMTP authentication is not tagged by SpamAssassin.

--- qmail-smtpd.c.orig 2005-06-07 22:37:50.609842453 -0400 +++ qmail-smtpd.c 2005-06-07 22:36:49.173623568 -0400 @@ -852,7 +852,10 @@ /* check if we are authenticated, if yes enable relaying */ if (flagauthok && relayclient == 0) + { relayclient = ""; + if (!env_put("RELAYCLIENT=")) die_nomem(); + } /* smtp size check */ if (databytes && !sizelimit(arg))