Simscan is an alternative to the qmail-scanner.pl which is written in C and will reject viruses and spam above a certain score.
<uri strref=“http://www.inter7.com/index.php?page=simscan”/> <p>The use of perl in qmail-scanner has always bothered me for performance reasons, so I am happy to see something written in C which will do the same and more than the qmail-scanner.</p><p>You need to install spamassassin and clamav <link idref=“41”></link></p><p>Create a role account which simscan will run as:</p>
/usr/sbin/useradd -u 75 -g qmail -c "SimScan" -d /var/qmail/simscan -m -k /dev/null simscan
Untar and configure simscan:
aptitude install libpcre3-dev tar xvzf simscan-1.4.0.tar.gz cd simscan-1.4.0 ./configure --enable-clamav=y --enable-custom-smtp-reject=y --enable-spam=y --enable-regex=y --enable-per-domain --enable-spam-hits=9.0 --enable-spamc-args="-t 60" --enable-attach=y --enable-received=y make && make install-strip usermod -G qmail clamav /etc/init.d/clamav-daemon restart
Consider making the temporary scan directory into a ram drive:
Add to <tt>/etc/fstab</tt>:
none /var/qmail/simscan tmpfs mode=2770,uid=simscan,gid=qmail 0 0
- or - if you're going to leave temp files on disk - check permissions:
chgrp qmail /var/qmail/simscan chmod g+ws /var/qmail/simscan
Configure matching rules, this defines the default:
echo ":clam=yes,spam=yes,spam_hits=9.0,attach=.vbs:.scr:.wsh:.hta:.pif:.lnk:.cpl:.exe:.bat:.com:.bas:.class:.ocx,regex=Date\s\x3a\s:personnel\sto\ssupport\sour\slogistics\sprojects" > /var/qmail/control/simcontrol /var/qmail/bin/simscanmk /var/qmail/bin/simscanmk -g echo "OnUpdateExecute /var/qmail/bin/simscanmk -g" >> /etc/clam/freshclam.conf
Test:
QMAILQUEUE=/var/qmail/bin/simscan SIMSCAN_DEBUG=2 /var/qmail/bin/qmail-inject [email protected]
<hr/> Simscan post 1.1 from CVS has a patch which prevents SpamAssassin from running when RELAYCLIENT is set (don't scan client's mail).
The qmail-ldap patch as of 20041201 does not set RELAYCLIENT when a client SMTP authenticates as vpopmail apparently does. <p>I make the following patch to qmail-smtpd.c to set RELAYCLIENT so that clients' mail received by SMTP authentication is not tagged by SpamAssassin.</p>
--- qmail-smtpd.c.orig 2005-06-07 22:37:50.609842453 -0400
+++ qmail-smtpd.c 2005-06-07 22:36:49.173623568 -0400
@@ -852,7 +852,10 @@
/* check if we are authenticated, if yes enable relaying */
if (flagauthok && relayclient == 0)
+ {
relayclient = "";
+ if (!env_put("RELAYCLIENT=")) die_nomem();
+ }
/* smtp size check */
if (databytes && !sizelimit(arg))