<toc><ul><li><link topicref=“2”>Using SpamAssassin and ClamAV Anti-Virus</link></li><li><link topicref=“3”>GreyListing</link></li><li><link topicref=“4”>Using SpamAssassin without qmail-scanner</link></li></ul></toc>
<list><ul><li>Download qmail-scanner from: <uri strref=“http://qmail-scanner.sourceforge.net/”/></li></ul></list> <list><ul><li>SpamAssassin is written in Perl and uses 3 additional modules:</li></ul></list>
Razor <uri strref="http://razor.sourceforge.net/"/>
DCC (Distributed Checksum Clearinghouse) <uri strref="http://www.rhyolite.com/anti-spam/dcc/source/dcc-dccproc.tar.Z"/>
<p> Pyzor <uri strref=“http://pyzor.sourceforge.net/”/></p> <list><ul><li>Razor needs a selection of Perl modules - install using CPAN:</li></ul></list>
perl -MCPAN -e 'install Net::DNS' echo 'Digest::SHA1 Digest::MD5 Digest::HMAC Digest::Nilsimsa Test::Simple Time::HiRes URI::Escape' | xargs -n1 -i perl -MCPAN -e 'install {}'
<list><ul><li>from razor-agents-2.xxx:</li></ul></list>
<tt>perl Makefile.PL && make && make test && make install</tt>
<tt>razor-client</tt>
<list><ul><li>Install DCC:</li></ul></list>
<tt>./configure && make && make install</tt>
<list><ul><li>Install Pyzor and configure:</li></ul></list>
<tt>python setup.py build</tt>
<tt>python setup.py install</tt>
<list><ul><li>Install SA role user and install.</li></ul></list>
/usr/sbin/useradd -u 106 -d /var/qmail/control/spamassassin -c "SpamAssassin" -m -k /dev/null spamd perl -MCPAN -e 'install Mail::SpamAssassin'
<list><ul><li>Configure SpamAssassin options in <tt>/etc/mail/spamassassin/local.cf</tt>:</li></ul></list>
See <tt>man Mail::SpamAssassin::Conf</tt>
required_hits 5.0 #skip_rbl_checks 1 rewrite_header Subject *****SPAM***** #use_terse_report 1 report_safe 1 dns_available yes add_header all DCC _DCCB_: _DCCR_ add_header all Pyzor _PYZOR_ add_header all Report _REPORT_ ok_languages en #clear_report_template #report Redifine report text #report according to man page _SUMMARY_ lock_method flock bayes_learn_to_journal 1 pyzor_path /usr/bin/pyzor dcc_path /usr/local/bin/dccproc rbl_timeout 8 razor_timeout 4 pyzor_timeout 4 dcc_timeout 4
<list><ul><li>Install a startup script and start SpamAssassin:</li></ul></list>
<uri strref="http://www.spamassassin.org/dist/spamd/"/>
Save as <tt>/etc/rc.d/init.d/spamassassin</tt>, chmod 755, and edit the OPTIONS line:
<p> <tt>OPTIONS="-d -x -u spamd"</tt></p> <list><ul><li>Start/restart spamassassin</li></ul></list>
(spamd should be running now)
<list><ul><li>Configure/test components</li></ul></list>
Test network connectivity (firewall may be configured to block needed incoming UDP source port 6277
<p> * <tt>su - spamd -c "pyzor discover"</tt></p><p> * <tt>su - spamd -c "razor-admin -create"</tt></p><p> * <tt>su - spamd -c "razor-admin -register"</tt> (I had to run this a couple times until it was successful)</p><p> I was doing some spamassassin reporting by procmail inside /var/qmail/alias, so I also needed to do:</p><p> * <tt>su - alias -c "pyzor discover"</tt></p><p> * <tt>su - alias -c "razor-admin -create"</tt></p><p> * <tt>su - alias -c "razor-admin -register"</tt></p> <list><ul><li>Download ClamAV: <uri strref=“http://www.clamav.net/”/></li></ul></list> <list><ul><li>Add a clamav role-account and install:</li></ul></list>
/usr/sbin/groupadd -g 105 clamav /usr/sbin/useradd -u 105 -g clamav -d /usr/local/share/clamav -m -k /dev/null -c "Clam Antivirus" clamav ./configure && make && make install cd .. clamscan -r -l scan.txt clamav-0.[tab key]
( should find ClamAV-Test-Signature in test/test1 )
<list><ul><li>Run: <tt>freshclam</tt> to update virus signatures, if that's ok - add <tt>freshclam</tt> as a daemon to your startup (rc.local)</li></ul></list>
echo "Starting FreshClam ClamAV daemon" touch /var/log/clam-update.log chown clamav /var/log/clam-update.log su - clamav -c "/usr/local/bin/freshclam -d -c 2 -l /var/log/clam-update.log"
<list><ul><li>Install qmail-scanner:</li></ul></list>
The latest qmail-ldap patch already includes the QMAILQUEUE patch. Enable by setting LDAPFLAGS=-DALTQUEUE in the Makefile of your qmail-1.03 directory. Be sure to install other required bits according to <uri strref="http://qmail-scanner.sf.net/"/>
/usr/sbin/groupadd -g 107 qscand /usr/sbin/useradd -u 107 -c "Qmail-Scanner Account" -g qscand -s /bin/false qscand ./configure --admin ian --domain MrZesty.net --scanners clamscan,verbose_spamassassin --notify "sender,recips,admin" --debug no --install
<list><ul><li>After you've enabled the qmail-queue patch, there are a couple of tidbits you can put into your <tt>/var/qmail/control/qmail-smtpd.rules</tt> file:</li></ul></list>
If <tt>RELAYCLIENT</tt> is present - SpamAssassin will not be called from qmail-scanner.
If <tt>RBLSMTPD</tt> is present and may or may not have a "comment" - the comment will be echoed back as a 451 retry-later failure if the sending IP is found in an RBL.
<p> If <tt>RBLSMTPD</tt> is present and has a "-comment" - the comment will be echoed back as a 553 bounce message failure.</p><p> QMAILQUEUE should point to the queue handler to use for connections from those IP's (if not set in <tt>/service/qmail-smtpd/run</tt> above)</p>
# No Qmail-Scanner or RBL check at all for mail from 127.0.0.1 127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="" # Use Qmail-Scanner without SpamAssassin, no RBL check on any mail from the local network # [it ignores SpamAssassin via the presence of the RELAYCLIENT var] 10.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" # Use Qmail-Scanner with SpamAssassin on any mail from the rest of the world :allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
make -C /var/qmail/control
<list><ul><li>Verify permissions - vi may have forgotten the suid:</li></ul></list>
<tt>-rwsr-xr-x 1 qscand qscand 80984 2003-09-04 01:28 /var/qmail/bin/qmail-scanner-queue.pl</tt>
<list><ul><li>You will probably want to set up a cron job to update qmail-scanner's info</li></ul></list>
<tt>0 12 * * * setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z</tt>
( -z - gather virus scanner/DAT versions and cleanup old temp files )
<p> As well as one to remove quarantined messages before they fill up /var/spool</p><p> <tt>0 0 * * * find /var/spool/qmailscan/quarantine/new -mtime +10 | xargs -r rm</tt></p>
<uri strref=“http://www.greylite.net/doc/old/install/greylite-qmail.html”/>
<uri strref=“http://www.magma.com.ni/~jorge/spamassassin.html”/>