Mr Zesty's BrainDump

User Tools

Site Tools

Trace: qmail-ldap With Simscan
qmail-ldapwithsimscan

qmail-ldap With Simscan

Simscan is an alternative to the qmail-scanner.pl which is written in C and will reject viruses and spam above a certain score.

<uri strref=“http://www.inter7.com/index.php?page=simscan”/> <p>The use of perl in qmail-scanner has always bothered me for performance reasons, so I am happy to see something written in C which will do the same and more than the qmail-scanner.</p><p>You need to install spamassassin and clamav <link idref=“41”></link></p><p>Create a role account which simscan will run as:</p> 

/usr/sbin/useradd -u 75 -g qmail -c &quot;SimScan&quot; -d /var/qmail/simscan -m -k /dev/null simscan

Untar and configure simscan: 

aptitude install libpcre3-dev

tar xvzf simscan-1.4.0.tar.gz

cd simscan-1.4.0

./configure --enable-clamav=y --enable-custom-smtp-reject=y --enable-spam=y --enable-regex=y --enable-per-domain --enable-spam-hits=9.0 --enable-spamc-args=&quot;-t 60&quot; --enable-attach=y  --enable-received=y

make &amp;&amp; make install-strip

usermod -G qmail clamav

/etc/init.d/clamav-daemon restart

Consider making the temporary scan directory into a ram drive:

Add to <tt>/etc/fstab</tt>: 

none /var/qmail/simscan tmpfs mode=2770,uid=simscan,gid=qmail        0 0

- or - if you're going to leave temp files on disk - check permissions: 

chgrp qmail /var/qmail/simscan
chmod g+ws /var/qmail/simscan

Configure matching rules, this defines the default: 

echo &quot;:clam=yes,spam=yes,spam_hits=9.0,attach=.vbs:.scr:.wsh:.hta:.pif:.lnk:.cpl:.exe:.bat:.com:.bas:.class:.ocx,regex=Date\s\x3a\s:personnel\sto\ssupport\sour\slogistics\sprojects&quot; &gt; /var/qmail/control/simcontrol
/var/qmail/bin/simscanmk
/var/qmail/bin/simscanmk -g
echo &quot;OnUpdateExecute /var/qmail/bin/simscanmk -g&quot; &gt;&gt; /etc/clam/freshclam.conf

Test: 

QMAILQUEUE=/var/qmail/bin/simscan SIMSCAN_DEBUG=2 /var/qmail/bin/qmail-inject [email protected]

<hr/> Simscan post 1.1 from CVS has a patch which prevents SpamAssassin from running when RELAYCLIENT is set (don't scan client's mail).

The qmail-ldap patch as of 20041201 does not set RELAYCLIENT when a client SMTP authenticates as vpopmail apparently does. <p>I make the following patch to qmail-smtpd.c to set RELAYCLIENT so that clients' mail received by SMTP authentication is not tagged by SpamAssassin.</p> 

--- qmail-smtpd.c.orig  2005-06-07 22:37:50.609842453 -0400
+++ qmail-smtpd.c       2005-06-07 22:36:49.173623568 -0400
@@ -852,7 +852,10 @@

   /* check if we are authenticated, if yes enable relaying */
   if (flagauthok &amp;&amp; relayclient == 0)
+  {
     relayclient = &quot;&quot;;
+    if (!env_put(&quot;RELAYCLIENT=&quot;)) die_nomem();
+  }

   /* smtp size check */
   if (databytes &amp;&amp; !sizelimit(arg))
qmail-ldapwithsimscan.txt · Last modified: 2020/02/13 22:55 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki
free spam filter