Nov 20

What  is Postfix,Postfixadmin,Cyrus-SASL,Courier-Authlib,Courier-Imap,Squirellmail,MailScanner,ClamAV,SpamAssassin,MailWatch ?

  • Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), TLS and running in a chroot environment. Postfix is Wietse Venema’s mailer that started life as an alternative to the widely-used Sendmail program.
  • PostfixAdmin is a web based interface to configure and manage a Postfix based email server for many users.
  • Cyrus-SASL is a software that provides different methods and mechanisms of authentication. This software is often used in conjunction with Cyrus IMAP Server and is provided as standalone software
  • Courier Authlib is the Courier authentication library.
  • Courier-IMAP is a fast, scalable, enterprise IMAP server that uses Maildirs. Many E-mail servwice providers use Courier-IMAP to easy handle hundreds of thousands of mail accounts. With its built-in IMAP and POP3 aggregation proxy, Courier-IMAP has practically infinite horizontal scalability
  • SquirrelMail is a standards-based webmail package written in PHP. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers
  • Mailscanner is an open source e-mail security system for use on Unix e-mail gateways and was first released in 2001. It protects against viruses and spam. It is distributed under the GNU General Public License.
  • ClamAV is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways.
  • Spam Assasins is a Perl-based spam filter using text analysis This package contains a script that is designed to be called from a user’s .forward or .procmailrc file, and acts to filter out all junk or spam e-mail. It also contains a daemon and client (written in C) designed for high load servers, reducing loading overhead. It includes automatic white-listing, RBL testing, and header and body testing for common spam contents. With librazor-perl, it also checks messages against an online collaborative database.
  • MailWatch for MailScanner is a web-based front-end to MailScanner written in PHP, MySQL and JpGraph.

I will install this on CentOS 5.2 , please prepare Anything. Download All Software and packages and store it in /usr/local/src

Postfix : http://mirrors.rootservices.net/postfix/official/postfix-2.5.5.tar.gz
Postfix Admin : http://waix.dl.sourceforge.net/sourceforge/postfixadmin/postfixadmin-2.2.1.1.tar.gz
Cyrus-SASL : ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.22.tar.gz
Courier Authlib : http://prdownloads.sourceforge.net/courier/courier-authlib-0.61.0.tar.bz2
Courier-Imap : http://prdownloads.sourceforge.net/courier/courier-imap-4.4.1.tar.bz2
Squirellmail : http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fprdownloads.sourceforge.net%2Fsquirrelmail%2Fsquirrelmail-1.4.16.tar.gz

Downloading all packages :

#cd /usr/local/src

#wget  http://mirrors.rootservices.net/postfix/official/postfix-2.5.5.tar.gz

#wget http://waix.dl.sourceforge.net/sourceforge/postfixadmin/postfixadmin-2.2.1.1.tar.gz

#wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.22.tar.gz

#wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.61.0.tar.bz2

#wget http://prdownloads.sourceforge.net/courier/courier-imap-4.4.1.tar.bz2

#wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fprdownloads.sourceforge.net%2Fsquirrelmail%2Fsquirrelmail-1.4.16.tar.gz

Preparing All Server Dependency Packages

#yum install openldap-devel openldap-servers postgres-devel expect-devel postfix gamin-devel

Installing Apache,PHP,Mysql and rpm-build

#yum install httpd* php* mysql* rpm-build*

Remove All Cyrus-SASL & postfix/sendmail packages

We need to remove sendmail or previous postfix installation, and since we will compile the Cyrus-SASL manually from the sourcecode we need to remove the default Cyrus-SASL component first,

You can checked those package using rpm -qa|grep command

#rpm -qa|grep sendmail #rpm -qa|grep postfix #rpm -qa|grep cyrus

If you see any sendmail , postfix cyrus packages we can safely remove it, you can use rpm -e command

#rpm -e cyrus-sasl.1.x.x.x --nodeps #rpm -e sendmail.x.x.x --nodeps #rpm -e postfix.x.x.x --nodeps

Installation

Installing Cyrus-SASL

#cd /usr/local/src #tar -zxvf cyrus-sasl-2.1.22.tar.gz #cd cyrus-sasl-2.1.22
#export CPPFLAGS="-I/usr/include/mysql"
#export LDFLAGS="-L/usr/lib/mysql -lmysqlclient -lz -lm"
#./configure --enable-anon --enable-plain --enable-login --enable-sql
--disable-krb4 --disable-otp --disable-cram --disable-digest
--with-mysql=/usr/lib/mysql --without-pam --without-saslauthd
--without-pwcheck --prefix=/usr --with-plugindir=/usr/lib/sasl2
#make -j2; make install

Installing Postfix :

Before we install the postfix we need to create postfix and postdrop id first, you can create it using this command:

#useradd postfix

#groupadd postdrop

#usermod -a -G postdrop postfix

now you can see the postfix id number

#id postfix uid=500(postfix) gid=500(postfix) groups=500(postfix),501(postdrop)

Start the installation :

# cd /usr/local/src

# tar -zxvf postfix-2.5.5.tar.gz

# cd postfix-2.5.5

# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_TLS -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib -lssl -lcrypto -lsasl2'

# make install

after some compilation process, you will be prompt for a lot of question, don’t worry just enter it till the end

Okay after you finish installing you need to edit Postfix main.cf :

We need to add few lines below in the end of main.cf,  you have create a postfix user before right you can see the id (id postfix) then   We’re going to punt and make all virtual mail users use the same UID:GID of Postfix. In my case the uid and gid is 500, 500 is postfix group id and user id

#id postfix uid=500(postfix) gid=500(postfix) groups=500(postfix),501(postdrop)

#cd /etc/postfix #vi main.cf

then paste this :

virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_gid_maps = static:500

virtual_mailbox_base = /var/vmail/

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_mailbox_limit = 112400000

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_minimum_uid = 500 virtual_transport = virtual

virtual_uid_maps = static:500

alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf 

#====================SASL========================

broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname, reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient, reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permit

smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "mail.lineabsolute.com" 

smtp_use_tls = yes

smtpd_use_tls = yes

smtp_tls_note_starttls_offer = yes

smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key

smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt

smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem

smtpd_tls_loglevel = 1

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

 

Then we need to create file mysql_virtual_alias_maps.cf

$cd /etc/postfix

$vi mysql_virtual_alias_maps.cf 

user = postfix

password = password123

hosts = localhost

dbname = postfix query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

 

Create file mysql_virtual_domains_maps.cf

$vi mysql_virtual_domains_maps.cf 

user = postfix

password = password123

hosts = localhost

dbname = postfix query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'

 

Create file mysql_virtual_mailbox_maps.cf

 $vi mysql_virtual_mailbox_maps.cf 

user = postfix

password = password123

hosts = localhost

dbname = postfix

query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'

 

Afterwards we create the certificates for TLS :

# mkdir /etc/postfix/ssl

# cd /etc/postfix/ssl/

# openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

# chmod 600 smtpd.key

# openssl req -new -key smtpd.key -out smtpd.csr

# openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

# openssl rsa -in smtpd.key -out smtpd.key.unencrypted

# mv -f smtpd.key.unencrypted smtpd.key

# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

# chmod o= /etc/postfix/ssl/smtpd.key 

Installing Courier Authlib :

# cd /usr/local/src

# rpmbuild -ta courier-authlib-0.61.0.tar.bz2

if  you see this error:

# rpmbuild -ta courier-authlib-0.61.0.tar.bz2 error: Failed build dependencies:         libtool is needed by courier-authlib-0.61.0-1.i386         postgresql-devel is needed by courier-authlib-0.61.0-1.i386         gdbm-devel is needed by courier-authlib-0.61.0-1.i386         pam-devel is needed by courier-authlib-0.61.0-1.i386         gcc-c++ is needed by courier-authlib-0.61.0-1.i386         redhat-rpm-config is needed by courier-authlib-0.61.0-1.i386         /usr/include/ltdl.h is needed by courier-authlib-0.61.0-1.i386

 

you need to install some dependencies first
# yum install libtool postgresql-devel gdbm-devel  pam-devel gcc-c++ redhat-rpm-config libtool-ltdl-devel libtool-ltdl

then run the rpmbuild again

# rpmbuild -ta courier-authlib-0.61.0.tar.bz2

# cd /usr/src/redhat/RPMS/i386/

# rpm -ivh courier-authlib*

Installing Courier-Imap :

you need to be user beside root to build the rpm packet, you need to add the courier user first:
# useradd courier

# su courier

$ mkdir

$HOME/rpm

$ mkdir $HOME/rpm/SOURCES $ mkdir $HOME/rpm/SPECS

$ mkdir $HOME/rpm/BUILD

$ mkdir $HOME/rpm/SRPMS

$ mkdir $HOME/rpm/RPMS

$ mkdir $HOME/rpm/RPMS/i386

$ echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros

$ mkdir $HOME/downloads

$ cd $HOME/downloads

$ cd /usr/local/src

$ sudo mv courier-imap*$HOME/downloads

password:  –> just type enter when you prompt by password
$ rpmbuild -ta courier-imap*

become root user again to compile the courier-imap
$ su

# cd /home/courier/rpm/RPMS/i386

# rpm -ivh courier-imap*

We need to edit the authmysqlrc file :
# cd /etc/authlib/

# mv authmysqlrc authmysqlrc.ori

# vi  /etc/authlib/authmysqlrc

we need to add this line

MYSQL_SERVER localhost

MYSQL_USERNAME postfix

MYSQL_PASSWORD password123

MYSQL_PORT 0

MYSQL_OPT 0

MYSQL_DATABASE postfix

MYSQL_USER_TABLE mailbox

MYSQL_CRYPT_PWFIELD password

MYSQL_CLEAR_PWFIELD password

MYSQL_UID_FIELD '500'

MYSQL_GID_FIELD '500'

MYSQL_LOGIN_FIELD username

MYSQL_HOME_FIELD '/var/vmail/'

MYSQL_NAME_FIELD name

MYSQL_MAILDIR_FIELD maildir

 

Edit authdaemonrc :
# mv authdaemonrc authdaemonrc.ori

# vi authdaemonrc

add this line :
authmodulelist="authmysql authpam"
DEBUG_LOGIN=1

Configuring SMTP-Auth :
# vi /usr/lib/sasl2/smtpd.conf

add this line:
pwcheck_method: authdaemond log_level: 3 mech_list: PLAIN LOGIN authdaemond_path:/var/spool/authdaemon/socket

# chmod o+x /var/spool/authdaemon

Create directory /var/vmail for save postfix user maildir data :
# mkdir /var/vmail
# chown -R postfix:postfix /var/vmail/

Starting Courier-authlib, Courier-Imap and Postfix :
# chkconfig --levels 235 courier-authlib on

# /etc/init.d/courier-authlib start

Starting Courier authentication services (authdaemond) :
# chkconfig --levels 235 courier-imap on

# /etc/init.d/courier-imap start Starting Courier-IMAP server: imap generating-SSL-certificate... imap-ssl pop3 generating-SSL-certificate... pop3-ssl

nb : it will automatically generate cert for imaps and pop3s

# chkconfig --levels 235 postfix on

# postfix start postfix/postfix-script: starting the Postfix mail system

Common error

when you start the postfix later ( # postfix start )  you will get this error

#postfix start

postfix: fatal: /etc/postfix/main.cf, line 687: missing ‘=’ after attribute name: “reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,”

the error was cause on /etc/postfix/main.cf, i use to make the code fit to pages, it should be set to

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient, reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permit

Installing Postfixadmin :
# cd /usr/local/src
# tar -zxvf postfixadmin-2.2.1.1.tar.gz
# mv postfixadmin-2.2.1.1 postfixadmin

move the postfixadmin to your current virtual host domain(usually you the setting was on httpd.conf

# mv postfixadmin /var/www/html

Create Postfixadmin Mysql DB username and password :

i assume you have set your mysql service, root username and password if not you can run

#service mysqld start #mysqladmin -u root pasword rootpassword

go to mysql db as root

# mysql -u root -p mysql> create database postfix; mysql> grant all on postfix.* to postfix@'%' identified by 'password123'; mysql> exit

Configure Postfix config.inc.php :
# cd /var/www/html/postfixadmin
# vi config.inc.php

### modify few lines below ###
$CONF['configured'] = true;
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = '
password123';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';
$CONF['encrypt'] = 'md5crypt';

Setup Postfix Admin from Web URL :
Example : http://192.168.0.1/postfixadmin/setup.php

there will be a script that checked the requirement for the script, there will be a warning such as php-mbstring is not available yet you need to install it first if youwant the script to worked (yum -y install php-mbstring), you suppose to see account creation box in the bottom, you can set your admin account to login. Don’t forget to delete the setup.php after you finished.

 

now you can login to the postfixadmin http://192.168.0.1/postfixadmin/login.php

 now you need to create a virtual domain inside the postfixadmin

you also need to create a new mailbox so we can test the postfix

 Installing Squirellmail Webmail :

# cd /usr/local/src
# tar -zxvf squirrelmail-1.4.16.tar.gz
# mv squirrelmail-1.4.16 webmail
# mv webmail /var/www/html
Configuring Squirellmail :
# cd /var/www/html/webmail
# ./configure
type option 2
type option A
type option 6 for auth type "login"
type option 8 and type courier

type option B
type option 7 for smtp auth "login"
type S to save
type Q to quit

 

Testing out Courier Authdaemon :
# authtest -s smtp test@lineabsolute.com pass123 Authentication succeeded. Authenticated: test@lineabsolute.com (uid 501, gid 501) Home Directory: /var/vmail/ Maildir: test@lineabsolute.com/ Quota: (none) Encrypted Password: $1$b6f3890b$IpwvW9Vh7bBvgbRm8CBw.0 Cleartext Password: pass123
Options: (none)

Testing the postfix smtp:

# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'.
220 adityo.swiftco.com ESMTP "mail.lineabsolute.com"
ehlo localhost
250-adityo.swiftco.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

as you can see the postfix smtp are working and we can see postfix already support Auth with Login and Plain,
Postfix also support STARTTLS which is mean postfix support SSL for smtp. if you cannot see the 250-STARTTLS , please checked the maillog ( tail -f /var/log/maillog) if you get this error

Nov 18 03:40:20 adityo postfix/master[12007]: fatal: bind 0.0.0.0 port 25: Address already in use

it means that there are some other mailsystem on the server that using the port 25, please checked the ssl path on /etc/postfix/main.cf or regenerate the ssl on /etc/postfix/ssl/  if you still cannot see the 250-STARTTLS

Testing the postfix imap:

# telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc.  See COPYING for distribution information.

a login test@lineabsolute.com test123 a OK LOGIN Ok.

Testing the postfix pop3:

# telnet localhost 110 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK Hello there. user test@lineabsolute.com +OK Password required. pass test123 +OK logged in. list +OK POP3 clients that break here, they violate STD53. 1 623      ###---> that was the email id that exist on your inbox 2 864 . quit +OK Bye-bye.
 

Testing Send and Receive email from webmail :

Open your web browser and type this url below
Example : http://192.168.0.1/webmail
Input your email : test@lineabsolute.com
Input your password : test123

Install ClamAV :
# yum -y install clamav clamd unrar

if your yum did not do anything it means that you basic repository did not found any clamav package, you need to add another repository first

# yum -y install yum-priorities # wget http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el

# rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt

# rpm -K rpmforge-release-0.3.6-1.el5.rf.*.rpm # rpm -i rpmforge-release-0.3.6-1.el5.rf.*.rpm

then try it again

# yum -y install clamav clamd unrar

 

Installing MailScanner :

# wget http://www.mailscanner.info/files/4/rpm/MailScanner-4.72.5-1.rpm.tar.gz

# tar zxvf MailScanner-4.72.5-1.rpm.tar.gz

# ./install.sh This will take a while...
#################################################################
SpamAssassin site rules found in /etc/mail/spamassassin
To activate MailScanner run the following commands:
service sendmail stop
chkconfig sendmail off
chkconfig MailScanner on
service MailScanner start
##################################################################

Mailscanner Configuration :
# cd /etc/MailScanner/

# mv MailScanner.conf MailScanner.conf.orig

# cat MailScanner.conf.orig | egrep ^[^#] > MailScanner.conf

# vi /etc/MailScanner/MailScanner.conf

Change some parameters so that they look like this:

Run As User = postfix

Run As Group = postfix

Incoming Queue Dir = /var/spool/postfix/hold

Outgoing Queue Dir = /var/spool/postfix/incoming

MTA = postfix

Incoming Work Group = clamav

Incoming Work Permissions = 0640

Virus Scanners = clamd

Clamd Socket = /tmp/clamd.socket

Clamd Lock File = /var/lock/subsys/clamd

SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

Quarantine User = root

Quarantine Group = apache

Quarantine Permissions = 0660

Quarantine Whole Message = yes

Quarantine Whole Message As Queue Files = no

Detailed Spam Report = yes

Include Scores In SpamAssassin Report = yes

Spam Actions = store

High Scoring Spam Actions = store

Always Looked Up Last = &MailWatchLogging Is Definitely Not Spam = &SQLWhitelist Is Definitely Spam = &SQLBlacklist Filename Rules = %etc-dir%/filename.rules.conf Filetype Rules = %etc-dir%/filetype.rules.conf Dangerous Content Scanning = %rules-dir%/content.scanning.rules.conf

# mkdir /var/spool/MailScanner/spamassassin/

# chown -R postfix:postfix /var/spool/MailScanner/

Install Spamassassin :
The MailScanner manual recommends to install spamassassin from .tar.gz or via perl shell. Some users reported problems with the .rpm-version.
# rpm –qa | grep spamassassin # rpm –e spamassassin* # perl -MCPAN -e shell
Answer “no” when you’re asked if you are ready for manual configuration.
Enter the following within the perl shell:
o conf prerequisites_policy ask install Net::DNS
Answer “no” when you’re asked if you want to enable the online tests.
install Mail::SpamAssassin quit

Postfix Configuration :
# touch /etc/postfix/header_checks
# echo "/^Received:/ HOLD" > /etc/postfix/header_checks
# vi /etc/postfix/main.cf

Add the following line:
header_checks = regexp:/etc/postfix/header_checks
Afterwards stop postfix & sendmail and start ClamAV.
# chkconfig postfix off

# /etc/init.d/postfix stop

# chkconfig sendmail off

# service sendmail stop

# chkconfig clamd on

# /etc/init.d/clamd start

Install Mailwatch :
Needed Package :
# yum -y install php-gd

Get Mailwatch :
Please have a look at http://mailwatch.sourceforge.net to find out which is the latest version.
# cd /usr/local/src/

# wget http://transact.dl.sourceforge.net/sourceforge/mailwatch/mailwatch-1.0.4.tar.gz # tar xvzf mailwatch-1.0.4.tar.gz

Mailwatch Database :
First we create and populate the mailwatch database.
# mysql -p < /usr/local/src/mailwatch-1.0.4/create.sql
Next open a MySQL shell.
# mysql -u root -p
Create the MySQL user for the database.
mysql>GRANT ALL ON mailscanner.* TO mailwatch@localhost IDENTIFIED BY 'pass123'; mysql>FLUSH PRIVILEGES;
mysql>quit;
After that we have to insert the account data from above into some files.
# vi /usr/local/src/mailwatch-1.0.4/MailWatch.pm my($db_user) = 'mailwatch'; my($db_pass) = 'pass123';

# mv /usr/local/src/mailwatch-1.0.4/MailWatch.pm /usr/lib/MailScanner/MailScanner/CustomFunctions/
Afterwards move the needed files for the webinterface to the right place …
# mv /usr/local/src/mailwatch-1.0.4/mailscanner/ /var/www/html/ # mkdir /var/www/html/mailscanner/temp/
… and change the ownership.
# chown -R apache:apache /var/www/html/mailscanner/

# chown root:apache /var/www/html/mailscanner/images/ /var/www/html/mailscanner/images/cache/

# chmod ug+rwx /var/www/html/mailscanner/images/ /var/www/html/mailscanner/images/cache/

# chmod ug+rw /var/www/html/mailscanner/temp/

# vi /var/www/html/mailscanner/conf.php.example define(DB_USER, 'mailwatch'); define(DB_PASS, 'pass123'); define(QUARANTINE_USE_FLAG, true);

# mv /var/www/html/mailscanner/conf.php.example /var/www/html/mailscanner/conf.php
# vi /tmp/mailwatch-1.0.4/SQLBlackWhiteList.pm
my($db_user) = 'mailwatch';
my($db_pass) = 'pass123';

# mv /tmp/mailwatch-1.0.4/SQLBlackWhiteList.pm /usr/lib/MailScanner/MailScanner/CustomFunctions/

Mailwatch Web Administrator
Now open a MySQL shell with the mailwatch MySQL user.
# mysql mailscanner -u mailwatch -p
Create the web admin account.
mysql> INSERT INTO users VALUES ('admin',md5('pass123'),'admin','A','0','0','0','0','0'); mysql>quit;
Notes :
Where “admin” is web user name
Where “pass123” is web password
Mailwatch VHost :
Create a vhost like this in httpd.conf and restart httpd :

<VirtualHost 201.99.196.186:80> 

ServerName mailwatch.lineabsolute.com

ServerAdmin admin@lineabsolute.com

DocumentRoot /var/www/html/mailscanner/ 

php_admin_flag

short_open_tag On

php_admin_flag safe_mode Off

php_admin_flag register_globals Off

php_admin_flag magic_quotes_gpc On

php_admin_flag magic_quotes_runtime Off

php_admin_flag session.auto_start 0

php_admin_flag allow_url_fopen On 

LogLevel warn ErrorLog logs/mailwatch-error_log

CustomLog logs/mailwatch-access_log combined

</VirtualHost>

 

Spamassassin Configuration :
# vi /etc/MailScanner/spam.assassin.prefs.conf
Change:
#bayes_path /etc/MailScanner/bayes/bayes

# bayes_file_mode 0770
To:
bayes_path /var/spool/MailScanner/spamassassin/bayes bayes_file_mode 0660
And modify the directory permissions:
# chown postfix:apache /var/spool/MailScanner/spamassassin/ /var/spool/MailScanner/spamassassin/bayes/

# chmod g+rws /var/spool/MailScanner/spamassassin/ # chmod g+rw /var/spool/MailScanner/spamassassin/bayes_*
Test the spamassassin configuration.
# spamassassin -D -p /etc/MailScanner/spam.assassin.prefs.conf --lint
You should see lines like the following in the output:
dbg: config: using “/etc/MailScanner/spam.assassin.prefs.conf” for user prefs file
dbg: bayes: tie-ing to DB file R/O /var/spool/MailScanner/spamassassin/bayes_toks
dbg: bayes: tie-ing to DB file R/O /var/spool/MailScanner/spamassassin/bayes_seen
dbg: bayes: found bayes db version 3
dbg: config: score set 0 chosen.

GeoIP Bugfix :
In order that the geoip database update in the Mailwatch webinterface will work we have to fix a little bug.
# vi /var/www/html/mailscanner/geoip_update.php
Change:
dbquery(“LOAD DATA INFILE ‘”.$base.’/’.$file2.”‘ INTO TABLE geoip_country FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘”‘”);
To:
dbquery(“LOAD DATA LOCAL INFILE ‘”.$base.’/’.$file2.”‘ INTO TABLE geoip_country FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘”‘”);

Cronjobs :
MailScanner Quarantine :
# vi /etc/cron.daily/clean.quarantine
Make sure that it’s disabled – the corresponding line should look like this:
$disabled = 1;

Mailwatch Quarantine :
# vi /usr/local/src/mailwatch-1.0.4/tools/db_clean.php
Change the first line that it looks like this:
#!/usr/bin/php -q

# cp /usr/local/src/mailwatch-1.0.4/tools/quarantine_maint.php /usr/local/bin/
# cp /usr/local/src/mailwatch-1.0.4/tools/db_clean.php /usr/local/bin/
# chmod +x /usr/local/bin/quarantine_maint.php /usr/local/bin/db_clean.php
# echo "/usr/local/bin/quarantine_maint.php --clean" > /etc/cron.daily/mailwatch_quarantine_maint.sh
# echo "/usr/local/bin/db_clean.php" > /etc/cron.daily/mailwatch_db_clean.sh
# chmod +x /etc/cron.daily/mailwatch*

Mail Queue Watcher :
First copy the mail queue watcher script.
# cp /usr/local/src/mailwatch-1.0.4/mailq.php /usr/local/bin/
Afterwards we create a new cronjob.
# crontab -e
Add the following line:
0-59 * * * * /usr/local/bin/mailq.php

Quarantine Release Fix :
In order that a released email is not checked again (it would be quarantined again) we have to add/modify some rules.

WhiteList SQL Database :
Connect to phpmyadmin (http://your-server/phpmyadmin) and log in as mailwatch. Afterwards select the database “mailscanner” and then the table “whitelist”. Create a new record:
to_address = default
to_domain = default
from_address = 127.0.0.1

MailScanner Rules :
Note that the entries in all lines of the following files have to be separated with tabs!
# cd /etc/MailScanner/
# touch filename.rules.conf filetype.rules.conf filename.rules.allowall.conf filetype.rules.allowall.conf rules/content.scanning.rules.conf
# vi filename.rules.conf

From: 127.0.0.1 /etc/MailScanner/filename.rules.allowall.conf
FromOrTo: default /etc/MailScanner/filename.rules.conf

# vi filetype.rules.conf
From: 127.0.0.1 /etc/MailScanner/filetype.rules.allowall.conf
FromOrTo: default /etc/MailScanner/filetype.rules.conf

# vi filename.rules.allowall.conf
allow .* – –

# vi filetype.rules.allowall.conf
allow .* – –

# vi rules/content.scanning.rules.conf
From: 127.0.0.1 no
FromOrTo: default yes

Now adjust the permissions for the quarantine directory.

# chown -R postfix:apache /var/spool/MailScanner/quarantine/
# chmod g+rws /var/spool/MailScanner/quarantine/

Note: The needed MailScanner settings were already included in earlier step.

Start service :
# chkconfig --level 2345 MailScanner on
# service MailScanner start && tail -f /var/log/maillog

You should see lines like the following in the output:
Nov 13 07:33:21 server1 MailScanner[8594]: Config: calling custom init function SQLBlacklist
Nov 13 07:33:21 server1 MailScanner[8594]: Starting up SQL Blacklist
Nov 13 07:33:21 server1 MailScanner[8594]: Read 0 blacklist entries
Nov 13 07:33:21 server1 MailScanner[8594]: Config: calling custom init function MailWatchLogging
Nov 13 07:33:21 server1 MailScanner[8594]: Started SQL Logging child
Nov 13 07:33:21 server1 MailScanner[8594]: Config: calling custom init function SQLWhitelist
Nov 13 07:33:21 server1 MailScanner[8594]: Starting up SQL Whitelist
Nov 13 07:33:21 server1 MailScanner[8594]: Read 1 whitelist entries

Remaining Configuration :
Keep in mind that the commands to start, stop or restart postfix have changed!
To start MailScanner & Postfix:
# service MailScanner start
To restart MailScanner & Postfix:
# service MailScanner restart
To stop MailScanner & Postfix:
# service MailScanner stop

Mailwatch Webinterface
Now you can access the mailwatch webinterface via http://mailwatch.example.com. or if you still don’t have domain you can use  http://201.99.196.186/mailscanner/ Log in with the username & password that you created already.

First you should update the SpamAssassin rule descriptions and the GeoIP database. You’ll find both options when you click on the “Tools/Links” button.

 

Leave a Reply