User Tools

Site Tools


qmail-scanner

qmail-scanner

<toc><ul><li><link topicref=“2”>Using SpamAssassin and ClamAV Anti-Virus</link></li><li><link topicref=“3”>GreyListing</link></li><li><link topicref=“4”>Using SpamAssassin without qmail-scanner</link></li></ul></toc>

Using SpamAssassin and ClamAV Anti-Virus

<list><ul><li>Download qmail-scanner from: <uri strref=“http://qmail-scanner.sourceforge.net/”/></li></ul></list> <list><ul><li>SpamAssassin is written in Perl and uses 3 additional modules:</li></ul></list>

    Razor <uri strref="http://razor.sourceforge.net/"/>
    DCC (Distributed Checksum Clearinghouse) <uri strref="http://www.rhyolite.com/anti-spam/dcc/source/dcc-dccproc.tar.Z"/>

<p> Pyzor <uri strref=“http://pyzor.sourceforge.net/”/></p> <list><ul><li>Razor needs a selection of Perl modules - install using CPAN:</li></ul></list>

perl -MCPAN -e 'install Net::DNS'

echo 'Digest::SHA1
            Digest::MD5
            Digest::HMAC
            Digest::Nilsimsa
            Test::Simple
            Time::HiRes
            URI::Escape' | xargs -n1 -i perl -MCPAN -e 'install {}'

<list><ul><li>from razor-agents-2.xxx:</li></ul></list>

    <tt>perl Makefile.PL &amp;&amp; make &amp;&amp; make test &amp;&amp; make install</tt>
    <tt>razor-client</tt>

<list><ul><li>Install DCC:</li></ul></list>

    <tt>./configure &amp;&amp; make &amp;&amp; make install</tt>

<list><ul><li>Install Pyzor and configure:</li></ul></list>

    <tt>python setup.py build</tt>
    <tt>python setup.py install</tt>

<list><ul><li>Install SA role user and install.</li></ul></list>

/usr/sbin/useradd -u 106 -d /var/qmail/control/spamassassin -c &quot;SpamAssassin&quot; -m -k /dev/null spamd
perl -MCPAN -e 'install Mail::SpamAssassin'

<list><ul><li>Configure SpamAssassin options in <tt>/etc/mail/spamassassin/local.cf</tt>:</li></ul></list>

    See <tt>man Mail::SpamAssassin::Conf</tt>
required_hits 5.0
#skip_rbl_checks 1
rewrite_header Subject *****SPAM*****
#use_terse_report 1
report_safe 1
dns_available yes
add_header all DCC _DCCB_: _DCCR_
add_header all Pyzor _PYZOR_
add_header all Report _REPORT_
ok_languages en
#clear_report_template
#report Redifine report text
#report according to man page _SUMMARY_

lock_method flock
bayes_learn_to_journal 1
pyzor_path /usr/bin/pyzor
dcc_path /usr/local/bin/dccproc

rbl_timeout 8
razor_timeout 4
pyzor_timeout 4
dcc_timeout 4

<list><ul><li>Install a startup script and start SpamAssassin:</li></ul></list>

    <uri strref="http://www.spamassassin.org/dist/spamd/"/>
    Save as <tt>/etc/rc.d/init.d/spamassassin</tt>, chmod 755, and edit the OPTIONS line:

<p> <tt>OPTIONS=&quot;-d -x -u spamd&quot;</tt></p> <list><ul><li>Start/restart spamassassin</li></ul></list>

    (spamd should be running now)

<list><ul><li>Configure/test components</li></ul></list>

          Test network connectivity (firewall may be configured to block needed incoming UDP source port 6277
  • <tt>cdcc info</tt>

<p> * <tt>su - spamd -c &quot;pyzor discover&quot;</tt></p><p> * <tt>su - spamd -c &quot;razor-admin -create&quot;</tt></p><p> * <tt>su - spamd -c &quot;razor-admin -register&quot;</tt> (I had to run this a couple times until it was successful)</p><p> I was doing some spamassassin reporting by procmail inside /var/qmail/alias, so I also needed to do:</p><p> * <tt>su - alias -c &quot;pyzor discover&quot;</tt></p><p> * <tt>su - alias -c &quot;razor-admin -create&quot;</tt></p><p> * <tt>su - alias -c &quot;razor-admin -register&quot;</tt></p> <list><ul><li>Download ClamAV: <uri strref=“http://www.clamav.net/”/></li></ul></list> <list><ul><li>Add a clamav role-account and install:</li></ul></list>

/usr/sbin/groupadd -g 105 clamav
/usr/sbin/useradd -u 105 -g clamav -d /usr/local/share/clamav -m -k /dev/null -c &quot;Clam Antivirus&quot; clamav

./configure &amp;&amp; make &amp;&amp; make install

cd ..
clamscan -r -l scan.txt clamav-0.[tab key]
    ( should find ClamAV-Test-Signature in test/test1 )

<list><ul><li>Run: <tt>freshclam</tt> to update virus signatures, if that's ok - add <tt>freshclam</tt> as a daemon to your startup (rc.local)</li></ul></list>

echo &quot;Starting FreshClam ClamAV daemon&quot;
touch /var/log/clam-update.log
chown clamav /var/log/clam-update.log
su - clamav -c &quot;/usr/local/bin/freshclam -d -c 2 -l /var/log/clam-update.log&quot;

<list><ul><li>Install qmail-scanner:</li></ul></list>

    The latest qmail-ldap patch already includes the QMAILQUEUE patch. Enable by setting LDAPFLAGS=-DALTQUEUE in the Makefile of your qmail-1.03 directory. Be sure to install other required bits according to <uri strref="http://qmail-scanner.sf.net/"/>
/usr/sbin/groupadd -g 107 qscand
/usr/sbin/useradd -u 107 -c &quot;Qmail-Scanner Account&quot; -g qscand  -s /bin/false qscand
./configure --admin ian --domain MrZesty.net --scanners clamscan,verbose_spamassassin --notify &quot;sender,recips,admin&quot; --debug no --install

<list><ul><li>After you've enabled the qmail-queue patch, there are a couple of tidbits you can put into your <tt>/var/qmail/control/qmail-smtpd.rules</tt> file:</li></ul></list>

    If <tt>RELAYCLIENT</tt> is present - SpamAssassin will not be called from qmail-scanner.
    If <tt>RBLSMTPD</tt> is present and may or may not have a &quot;comment&quot; - the comment will be echoed back as a 451 retry-later failure if the sending IP is found in an RBL.

<p> If <tt>RBLSMTPD</tt> is present and has a &quot;-comment&quot; - the comment will be echoed back as a 553 bounce message failure.</p><p> QMAILQUEUE should point to the queue handler to use for connections from those IP's (if not set in <tt>/service/qmail-smtpd/run</tt> above)</p>

# No Qmail-Scanner or RBL check at all for mail from 127.0.0.1
127.0.0.1:allow,RELAYCLIENT=&quot;&quot;,RBLSMTPD=&quot;&quot;
# Use Qmail-Scanner without SpamAssassin, no RBL check on any mail from the local network
# [it ignores SpamAssassin via the presence of the RELAYCLIENT var]
10.:allow,RELAYCLIENT=&quot;&quot;,RBLSMTPD=&quot;&quot;,QMAILQUEUE=&quot;/var/qmail/bin/qmail-scanner-queue.pl&quot;
# Use Qmail-Scanner with SpamAssassin on any mail from the rest of the world
:allow,QMAILQUEUE=&quot;/var/qmail/bin/qmail-scanner-queue.pl&quot;
make -C /var/qmail/control

<list><ul><li>Verify permissions - vi may have forgotten the suid:</li></ul></list>

    <tt>-rwsr-xr-x 1 qscand qscand 80984 2003-09-04 01:28 /var/qmail/bin/qmail-scanner-queue.pl</tt>

<list><ul><li>You will probably want to set up a cron job to update qmail-scanner's info</li></ul></list>

  <tt>0 12 * * * setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z</tt>
    ( -z - gather virus scanner/DAT versions and cleanup old temp files )

<p> As well as one to remove quarantined messages before they fill up /var/spool</p><p> <tt>0 0 * * * find /var/spool/qmailscan/quarantine/new -mtime +10 | xargs -r rm</tt></p>

GreyListing

Using SpamAssassin without qmail-scanner

qmail-scanner.txt · Last modified: 2020/02/13 22:55 (external edit)

free spam filter