What is Postfix,Postfixadmin,Cyrus-SASL,Courier-Authlib,Courier-Imap,Squirellmail,MailScanner,ClamAV,SpamAssassin,MailWatch ?
- Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), TLS and running in a chroot environment. Postfix is Wietse Venema’s mailer that started life as an alternative to the widely-used Sendmail program.
- PostfixAdmin is a web based interface to configure and manage a Postfix based email server for many users.
- Cyrus-SASL is a software that provides different methods and mechanisms of authentication. This software is often used in conjunction with Cyrus IMAP Server and is provided as standalone software
- Courier Authlib is the Courier authentication library.
- Courier-IMAP is a fast, scalable, enterprise IMAP server that uses Maildirs. Many E-mail servwice providers use Courier-IMAP to easy handle hundreds of thousands of mail accounts. With its built-in IMAP and POP3 aggregation proxy, Courier-IMAP has practically infinite horizontal scalability
- SquirrelMail is a standards-based webmail package written in PHP. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript required) for maximum compatibility across browsers
- Mailscanner is an open source e-mail security system for use on Unix e-mail gateways and was first released in 2001. It protects against viruses and spam. It is distributed under the GNU General Public License.
- ClamAV is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways.
- Spam Assasins is a Perl-based spam filter using text analysis This package contains a script that is designed to be called from a user’s .forward or .procmailrc file, and acts to filter out all junk or spam e-mail. It also contains a daemon and client (written in C) designed for high load servers, reducing loading overhead. It includes automatic white-listing, RBL testing, and header and body testing for common spam contents. With librazor-perl, it also checks messages against an online collaborative database.
- MailWatch for MailScanner is a web-based front-end to MailScanner written in PHP, MySQL and JpGraph.
I will install this on CentOS 5.2 , please prepare Anything. Download All Software and packages and store it in /usr/local/src
Postfix : http://mirrors.rootservices.net/postfix/official/postfix-2.5.5.tar.gz
Postfix Admin : http://waix.dl.sourceforge.net/sourceforge/postfixadmin/postfixadmin-2.2.1.1.tar.gz
Cyrus-SASL : ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.22.tar.gz
Courier Authlib : http://prdownloads.sourceforge.net/courier/courier-authlib-0.61.0.tar.bz2
Courier-Imap : http://prdownloads.sourceforge.net/courier/courier-imap-4.4.1.tar.bz2
Squirellmail : http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fprdownloads.sourceforge.net%2Fsquirrelmail%2Fsquirrelmail-1.4.16.tar.gz
Downloading all packages :
#cd /usr/local/src
#wget http://mirrors.rootservices.net/postfix/official/postfix-2.5.5.tar.gz
#wget http://waix.dl.sourceforge.net/sourceforge/postfixadmin/postfixadmin-2.2.1.1.tar.gz
#wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.22.tar.gz
#wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.61.0.tar.bz2
#wget http://prdownloads.sourceforge.net/courier/courier-imap-4.4.1.tar.bz2
#wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fprdownloads.sourceforge.net%2Fsquirrelmail%2Fsquirrelmail-1.4.16.tar.gz
Preparing All Server Dependency Packages
#yum install openldap-devel openldap-servers postgres-devel expect-devel postfix gamin-devel
Installing Apache,PHP,Mysql and rpm-build
#yum install httpd* php* mysql* rpm-build*
Remove All Cyrus-SASL & postfix/sendmail packages
We need to remove sendmail or previous postfix installation, and since we will compile the Cyrus-SASL manually from the sourcecode we need to remove the default Cyrus-SASL component first,
You can checked those package using rpm -qa|grep command
#rpm -qa|grep sendmail #rpm -qa|grep postfix #rpm -qa|grep cyrus
If you see any sendmail , postfix cyrus packages we can safely remove it, you can use rpm -e command
#rpm -e cyrus-sasl.1.x.x.x --nodeps #rpm -e sendmail.x.x.x --nodeps #rpm -e postfix.x.x.x --nodeps
Installation
Installing Cyrus-SASL
#cd /usr/local/src #tar -zxvf cyrus-sasl-2.1.22.tar.gz #cd cyrus-sasl-2.1.22
#export CPPFLAGS="-I/usr/include/mysql"
#export LDFLAGS="-L/usr/lib/mysql -lmysqlclient -lz -lm"
#./configure --enable-anon --enable-plain --enable-login --enable-sql
--disable-krb4 --disable-otp --disable-cram --disable-digest
--with-mysql=/usr/lib/mysql --without-pam --without-saslauthd
--without-pwcheck --prefix=/usr --with-plugindir=/usr/lib/sasl2
#make -j2; make install
Installing Postfix :
Before we install the postfix we need to create postfix and postdrop id first, you can create it using this command:
#useradd postfix
#groupadd postdrop
#usermod -a -G postdrop postfix
now you can see the postfix id number
#id postfix uid=500(postfix) gid=500(postfix) groups=500(postfix),501(postdrop)
Start the installation :
# cd /usr/local/src
# tar -zxvf postfix-2.5.5.tar.gz
# cd postfix-2.5.5
# make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -DUSE_TLS -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib -lssl -lcrypto -lsasl2'
# make install
after some compilation process, you will be prompt for a lot of question, don’t worry just enter it till the end
Okay after you finish installing you need to edit Postfix main.cf :
We need to add few lines below in the end of main.cf, you have create a postfix user before right you can see the id (id postfix) then We’re going to punt and make all virtual mail users use the same UID:GID of Postfix. In my case the uid and gid is 500, 500 is postfix group id and user id
#id postfix uid=500(postfix) gid=500(postfix) groups=500(postfix),501(postdrop)
#cd /etc/postfix #vi main.cf
then paste this :
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:500
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 112400000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 500 virtual_transport = virtual
virtual_uid_maps = static:500
alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
#====================SASL========================
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname, reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient, reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permit
smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "mail.lineabsolute.com"
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Then we need to create file mysql_virtual_alias_maps.cf
$cd /etc/postfix
$vi mysql_virtual_alias_maps.cf
user = postfix
password = password123
hosts = localhost
dbname = postfix query = SELECT goto FROM alias WHERE address='%s' AND active = '1'
Create file mysql_virtual_domains_maps.cf
$vi mysql_virtual_domains_maps.cf
user = postfix
password = password123
hosts = localhost
dbname = postfix query = SELECT domain FROM domain WHERE domain='%s' AND active = '1'
Create file mysql_virtual_mailbox_maps.cf
$vi mysql_virtual_mailbox_maps.cf
user = postfix
password = password123
hosts = localhost
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
Afterwards we create the certificates for TLS :
# mkdir /etc/postfix/ssl
# cd /etc/postfix/ssl/
# openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
# chmod 600 smtpd.key
# openssl req -new -key smtpd.key -out smtpd.csr
# openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
# openssl rsa -in smtpd.key -out smtpd.key.unencrypted
# mv -f smtpd.key.unencrypted smtpd.key
# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
# chmod o= /etc/postfix/ssl/smtpd.key
Installing Courier Authlib :
# cd /usr/local/src
# rpmbuild -ta courier-authlib-0.61.0.tar.bz2
if you see this error:
# rpmbuild -ta courier-authlib-0.61.0.tar.bz2 error: Failed build dependencies: libtool is needed by courier-authlib-0.61.0-1.i386 postgresql-devel is needed by courier-authlib-0.61.0-1.i386 gdbm-devel is needed by courier-authlib-0.61.0-1.i386 pam-devel is needed by courier-authlib-0.61.0-1.i386 gcc-c++ is needed by courier-authlib-0.61.0-1.i386 redhat-rpm-config is needed by courier-authlib-0.61.0-1.i386 /usr/include/ltdl.h is needed by courier-authlib-0.61.0-1.i386
you need to install some dependencies first
# yum install libtool postgresql-devel gdbm-devel pam-devel gcc-c++ redhat-rpm-config libtool-ltdl-devel libtool-ltdl
then run the rpmbuild again
# rpmbuild -ta courier-authlib-0.61.0.tar.bz2
# cd /usr/src/redhat/RPMS/i386/
# rpm -ivh courier-authlib*
Installing Courier-Imap :
you need to be user beside root to build the rpm packet, you need to add the courier user first:
# useradd courier
# su courier
$ mkdir
$HOME/rpm
$ mkdir $HOME/rpm/SOURCES $ mkdir $HOME/rpm/SPECS
$ mkdir $HOME/rpm/BUILD
$ mkdir $HOME/rpm/SRPMS
$ mkdir $HOME/rpm/RPMS
$ mkdir $HOME/rpm/RPMS/i386
$ echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros
$ mkdir $HOME/downloads
$ cd $HOME/downloads
$ cd /usr/local/src
$ sudo mv courier-imap*$HOME/downloads
password: –> just type enter when you prompt by password
$ rpmbuild -ta courier-imap*
become root user again to compile the courier-imap
$ su
# cd /home/courier/rpm/RPMS/i386
# rpm -ivh courier-imap*
We need to edit the authmysqlrc file :
# cd /etc/authlib/
# mv authmysqlrc authmysqlrc.ori
# vi /etc/authlib/authmysqlrc
we need to add this line
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD password123
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD '500'
MYSQL_GID_FIELD '500'
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD '/var/vmail/'
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
Edit authdaemonrc :
# mv authdaemonrc authdaemonrc.ori
# vi authdaemonrc
add this line :
authmodulelist="authmysql authpam"
DEBUG_LOGIN=1
Configuring SMTP-Auth :
# vi /usr/lib/sasl2/smtpd.conf
add this line:
pwcheck_method: authdaemond log_level: 3 mech_list: PLAIN LOGIN authdaemond_path:/var/spool/authdaemon/socket
# chmod o+x /var/spool/authdaemon
Create directory /var/vmail for save postfix user maildir data :
# mkdir /var/vmail
# chown -R postfix:postfix /var/vmail/
Starting Courier-authlib, Courier-Imap and Postfix :
# chkconfig --levels 235 courier-authlib on
# /etc/init.d/courier-authlib start
Starting Courier authentication services (authdaemond) :
# chkconfig --levels 235 courier-imap on
# /etc/init.d/courier-imap start Starting Courier-IMAP server: imap generating-SSL-certificate... imap-ssl pop3 generating-SSL-certificate... pop3-ssl
nb : it will automatically generate cert for imaps and pop3s
# chkconfig --levels 235 postfix on
# postfix start postfix/postfix-script: starting the Postfix mail system
Common error
when you start the postfix later ( # postfix start ) you will get this error
#postfix start
postfix: fatal: /etc/postfix/main.cf, line 687: missing ‘=’ after attribute name: “reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,”
the error was cause on /etc/postfix/main.cf, i use to make the code fit to pages, it should be set to
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient, reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permit
Installing Postfixadmin :
# cd /usr/local/src
# tar -zxvf postfixadmin-2.2.1.1.tar.gz
# mv postfixadmin-2.2.1.1 postfixadmin
move the postfixadmin to your current virtual host domain(usually you the setting was on httpd.conf
# mv postfixadmin /var/www/html
Create Postfixadmin Mysql DB username and password :
i assume you have set your mysql service, root username and password if not you can run
#service mysqld start #mysqladmin -u root pasword rootpassword
go to mysql db as root
# mysql -u root -p mysql> create database postfix; mysql> grant all on postfix.* to postfix@'%' identified by 'password123'; mysql> exit
Configure Postfix config.inc.php :
# cd /var/www/html/postfixadmin
# vi config.inc.php
### modify few lines below ###
$CONF['configured'] = true;
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'password123';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';
$CONF['encrypt'] = 'md5crypt';
Setup Postfix Admin from Web URL :
Example : http://192.168.0.1/postfixadmin/setup.php
there will be a script that checked the requirement for the script, there will be a warning such as php-mbstring is not available yet you need to install it first if youwant the script to worked (yum -y install php-mbstring), you suppose to see account creation box in the bottom, you can set your admin account to login. Don’t forget to delete the setup.php after you finished.
now you can login to the postfixadmin http://192.168.0.1/postfixadmin/login.php
now you need to create a virtual domain inside the postfixadmin
you also need to create a new mailbox so we can test the postfix
Installing Squirellmail Webmail :
# cd /usr/local/src
# tar -zxvf squirrelmail-1.4.16.tar.gz
# mv squirrelmail-1.4.16 webmail
# mv webmail /var/www/html
Configuring Squirellmail :
# cd /var/www/html/webmail
# ./configure
type option 2
type option A
type option 6 for auth type "login"
type option 8 and type courier
type option B
type option 7 for smtp auth "login"
type S to save
type Q to quit
Testing out Courier Authdaemon :
# authtest -s smtp test@lineabsolute.com pass123 Authentication succeeded. Authenticated: test@lineabsolute.com (uid 501, gid 501) Home Directory: /var/vmail/ Maildir: test@lineabsolute.com/ Quota: (none) Encrypted Password: $1$b6f3890b$IpwvW9Vh7bBvgbRm8CBw.0 Cleartext Password: pass123
Options: (none)
Testing the postfix smtp:
# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'.
220 adityo.swiftco.com ESMTP "mail.lineabsolute.com"
ehlo localhost
250-adityo.swiftco.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
as you can see the postfix smtp are working and we can see postfix already support Auth with Login and Plain,
Postfix also support STARTTLS which is mean postfix support SSL for smtp. if you cannot see the 250-STARTTLS , please checked the maillog ( tail -f /var/log/maillog) if you get this error
Nov 18 03:40:20 adityo postfix/master[12007]: fatal: bind 0.0.0.0 port 25: Address already in use
it means that there are some other mailsystem on the server that using the port 25, please checked the ssl path on /etc/postfix/main.cf or regenerate the ssl on /etc/postfix/ssl/ if you still cannot see the 250-STARTTLS
Testing the postfix imap:
# telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
a login test@lineabsolute.com test123 a OK LOGIN Ok.
Testing the postfix pop3:
# telnet localhost 110 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK Hello there. user test@lineabsolute.com +OK Password required. pass test123 +OK logged in. list +OK POP3 clients that break here, they violate STD53. 1 623 ###---> that was the email id that exist on your inbox 2 864 . quit +OK Bye-bye.
Testing Send and Receive email from webmail :
Open your web browser and type this url below
Example : http://192.168.0.1/webmail
Input your email : test@lineabsolute.com
Input your password : test123
.jpg)
Install ClamAV :
# yum -y install clamav clamd unrar
if your yum did not do anything it means that you basic repository did not found any clamav package, you need to add another repository first
# yum -y install yum-priorities # wget http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el
# rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
# rpm -K rpmforge-release-0.3.6-1.el5.rf.*.rpm # rpm -i rpmforge-release-0.3.6-1.el5.rf.*.rpm
then try it again
# yum -y install clamav clamd unrar
Installing MailScanner :
# wget http://www.mailscanner.info/files/4/rpm/MailScanner-4.72.5-1.rpm.tar.gz
# tar zxvf MailScanner-4.72.5-1.rpm.tar.gz
# ./install.sh This will take a while...
#################################################################
SpamAssassin site rules found in /etc/mail/spamassassin
To activate MailScanner run the following commands:
service sendmail stop
chkconfig sendmail off
chkconfig MailScanner on
service MailScanner start
##################################################################
Mailscanner Configuration :
# cd /etc/MailScanner/
# mv MailScanner.conf MailScanner.conf.orig
# cat MailScanner.conf.orig | egrep ^[^#] > MailScanner.conf
# vi /etc/MailScanner/MailScanner.conf
Change some parameters so that they look like this:
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Incoming Work Group = clamav
Incoming Work Permissions = 0640
Virus Scanners = clamd
Clamd Socket = /tmp/clamd.socket
Clamd Lock File = /var/lock/subsys/clamd
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
Quarantine User = root
Quarantine Group = apache
Quarantine Permissions = 0660
Quarantine Whole Message = yes
Quarantine Whole Message As Queue Files = no
Detailed Spam Report = yes
Include Scores In SpamAssassin Report = yes
Spam Actions = store
High Scoring Spam Actions = store
Always Looked Up Last = &MailWatchLogging Is Definitely Not Spam = &SQLWhitelist Is Definitely Spam = &SQLBlacklist Filename Rules = %etc-dir%/filename.rules.conf Filetype Rules = %etc-dir%/filetype.rules.conf Dangerous Content Scanning = %rules-dir%/content.scanning.rules.conf
# mkdir /var/spool/MailScanner/spamassassin/
# chown -R postfix:postfix /var/spool/MailScanner/
Install Spamassassin :
The MailScanner manual recommends to install spamassassin from .tar.gz or via perl shell. Some users reported problems with the .rpm-version.
# rpm –qa | grep spamassassin # rpm –e spamassassin* # perl -MCPAN -e shell
Answer “no” when you’re asked if you are ready for manual configuration.
Enter the following within the perl shell:
o conf prerequisites_policy ask install Net::DNS
Answer “no” when you’re asked if you want to enable the online tests.
install Mail::SpamAssassin quit
Postfix Configuration :
# touch /etc/postfix/header_checks
# echo "/^Received:/ HOLD" > /etc/postfix/header_checks
# vi /etc/postfix/main.cf
Add the following line:
header_checks = regexp:/etc/postfix/header_checks
Afterwards stop postfix & sendmail and start ClamAV.
# chkconfig postfix off
# /etc/init.d/postfix stop
# chkconfig sendmail off
# service sendmail stop
# chkconfig clamd on
# /etc/init.d/clamd start
Install Mailwatch :
Needed Package :
# yum -y install php-gd
Get Mailwatch :
Please have a look at http://mailwatch.sourceforge.net to find out which is the latest version.
# cd /usr/local/src/
# wget http://transact.dl.sourceforge.net/sourceforge/mailwatch/mailwatch-1.0.4.tar.gz # tar xvzf mailwatch-1.0.4.tar.gz
Mailwatch Database :
First we create and populate the mailwatch database.
# mysql -p < /usr/local/src/mailwatch-1.0.4/create.sql
Next open a MySQL shell.
# mysql -u root -p
Create the MySQL user for the database.
mysql>GRANT ALL ON mailscanner.* TO mailwatch@localhost IDENTIFIED BY 'pass123'; mysql>FLUSH PRIVILEGES;
mysql>quit;
After that we have to insert the account data from above into some files.
# vi /usr/local/src/mailwatch-1.0.4/MailWatch.pm my($db_user) = 'mailwatch'; my($db_pass) = 'pass123';
# mv /usr/local/src/mailwatch-1.0.4/MailWatch.pm /usr/lib/MailScanner/MailScanner/CustomFunctions/
Afterwards move the needed files for the webinterface to the right place …
# mv /usr/local/src/mailwatch-1.0.4/mailscanner/ /var/www/html/ # mkdir /var/www/html/mailscanner/temp/
… and change the ownership.
# chown -R apache:apache /var/www/html/mailscanner/
# chown root:apache /var/www/html/mailscanner/images/ /var/www/html/mailscanner/images/cache/
# chmod ug+rwx /var/www/html/mailscanner/images/ /var/www/html/mailscanner/images/cache/
# chmod ug+rw /var/www/html/mailscanner/temp/
# vi /var/www/html/mailscanner/conf.php.example define(DB_USER, 'mailwatch'); define(DB_PASS, 'pass123'); define(QUARANTINE_USE_FLAG, true);
# mv /var/www/html/mailscanner/conf.php.example /var/www/html/mailscanner/conf.php
# vi /tmp/mailwatch-1.0.4/SQLBlackWhiteList.pm
my($db_user) = 'mailwatch';
my($db_pass) = 'pass123';
# mv /tmp/mailwatch-1.0.4/SQLBlackWhiteList.pm /usr/lib/MailScanner/MailScanner/CustomFunctions/
Mailwatch Web Administrator
Now open a MySQL shell with the mailwatch MySQL user.
# mysql mailscanner -u mailwatch -p
Create the web admin account.
mysql> INSERT INTO users VALUES ('admin',md5('pass123'),'admin','A','0','0','0','0','0'); mysql>quit;
Notes :
Where “admin” is web user name
Where “pass123” is web password
Mailwatch VHost :
Create a vhost like this in httpd.conf and restart httpd :
<VirtualHost 201.99.196.186:80>
ServerName mailwatch.lineabsolute.com
ServerAdmin admin@lineabsolute.com
DocumentRoot /var/www/html/mailscanner/
php_admin_flag
short_open_tag On
php_admin_flag safe_mode Off
php_admin_flag register_globals Off
php_admin_flag magic_quotes_gpc On
php_admin_flag magic_quotes_runtime Off
php_admin_flag session.auto_start 0
php_admin_flag allow_url_fopen On
LogLevel warn ErrorLog logs/mailwatch-error_log
CustomLog logs/mailwatch-access_log combined
</VirtualHost>
Spamassassin Configuration :
# vi /etc/MailScanner/spam.assassin.prefs.conf
Change:
#bayes_path /etc/MailScanner/bayes/bayes
# bayes_file_mode 0770
To:
bayes_path /var/spool/MailScanner/spamassassin/bayes bayes_file_mode 0660
And modify the directory permissions:
# chown postfix:apache /var/spool/MailScanner/spamassassin/ /var/spool/MailScanner/spamassassin/bayes/
# chmod g+rws /var/spool/MailScanner/spamassassin/ # chmod g+rw /var/spool/MailScanner/spamassassin/bayes_*
Test the spamassassin configuration.
# spamassassin -D -p /etc/MailScanner/spam.assassin.prefs.conf --lint
You should see lines like the following in the output:
dbg: config: using “/etc/MailScanner/spam.assassin.prefs.conf” for user prefs file
dbg: bayes: tie-ing to DB file R/O /var/spool/MailScanner/spamassassin/bayes_toks
dbg: bayes: tie-ing to DB file R/O /var/spool/MailScanner/spamassassin/bayes_seen
dbg: bayes: found bayes db version 3
dbg: config: score set 0 chosen.
GeoIP Bugfix :
In order that the geoip database update in the Mailwatch webinterface will work we have to fix a little bug.
# vi /var/www/html/mailscanner/geoip_update.php
Change:
dbquery(“LOAD DATA INFILE ‘”.$base.’/’.$file2.”‘ INTO TABLE geoip_country FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘”‘”);
To:
dbquery(“LOAD DATA LOCAL INFILE ‘”.$base.’/’.$file2.”‘ INTO TABLE geoip_country FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘”‘”);
Cronjobs :
MailScanner Quarantine :
# vi /etc/cron.daily/clean.quarantine
Make sure that it’s disabled – the corresponding line should look like this:
$disabled = 1;
Mailwatch Quarantine :
# vi /usr/local/src/mailwatch-1.0.4/tools/db_clean.php
Change the first line that it looks like this:
#!/usr/bin/php -q
# cp /usr/local/src/mailwatch-1.0.4/tools/quarantine_maint.php /usr/local/bin/
# cp /usr/local/src/mailwatch-1.0.4/tools/db_clean.php /usr/local/bin/
# chmod +x /usr/local/bin/quarantine_maint.php /usr/local/bin/db_clean.php
# echo "/usr/local/bin/quarantine_maint.php --clean" > /etc/cron.daily/mailwatch_quarantine_maint.sh
# echo "/usr/local/bin/db_clean.php" > /etc/cron.daily/mailwatch_db_clean.sh
# chmod +x /etc/cron.daily/mailwatch*
Mail Queue Watcher :
First copy the mail queue watcher script.
# cp /usr/local/src/mailwatch-1.0.4/mailq.php /usr/local/bin/
Afterwards we create a new cronjob.
# crontab -e
Add the following line:
0-59 * * * * /usr/local/bin/mailq.php
Quarantine Release Fix :
In order that a released email is not checked again (it would be quarantined again) we have to add/modify some rules.
WhiteList SQL Database :
Connect to phpmyadmin (http://your-server/phpmyadmin) and log in as mailwatch. Afterwards select the database “mailscanner” and then the table “whitelist”. Create a new record:
to_address = default
to_domain = default
from_address = 127.0.0.1
MailScanner Rules :
Note that the entries in all lines of the following files have to be separated with tabs!
# cd /etc/MailScanner/
# touch filename.rules.conf filetype.rules.conf filename.rules.allowall.conf filetype.rules.allowall.conf rules/content.scanning.rules.conf
# vi filename.rules.conf
From: 127.0.0.1 /etc/MailScanner/filename.rules.allowall.conf
FromOrTo: default /etc/MailScanner/filename.rules.conf
# vi filetype.rules.conf
From: 127.0.0.1 /etc/MailScanner/filetype.rules.allowall.conf
FromOrTo: default /etc/MailScanner/filetype.rules.conf
# vi filename.rules.allowall.conf
allow .* – –
# vi filetype.rules.allowall.conf
allow .* – –
# vi rules/content.scanning.rules.conf
From: 127.0.0.1 no
FromOrTo: default yes
Now adjust the permissions for the quarantine directory.
# chown -R postfix:apache /var/spool/MailScanner/quarantine/
# chmod g+rws /var/spool/MailScanner/quarantine/
Note: The needed MailScanner settings were already included in earlier step.
Start service :
# chkconfig --level 2345 MailScanner on
# service MailScanner start && tail -f /var/log/maillog
You should see lines like the following in the output:
Nov 13 07:33:21 server1 MailScanner[8594]: Config: calling custom init function SQLBlacklist
Nov 13 07:33:21 server1 MailScanner[8594]: Starting up SQL Blacklist
Nov 13 07:33:21 server1 MailScanner[8594]: Read 0 blacklist entries
Nov 13 07:33:21 server1 MailScanner[8594]: Config: calling custom init function MailWatchLogging
Nov 13 07:33:21 server1 MailScanner[8594]: Started SQL Logging child
Nov 13 07:33:21 server1 MailScanner[8594]: Config: calling custom init function SQLWhitelist
Nov 13 07:33:21 server1 MailScanner[8594]: Starting up SQL Whitelist
Nov 13 07:33:21 server1 MailScanner[8594]: Read 1 whitelist entries
Remaining Configuration :
Keep in mind that the commands to start, stop or restart postfix have changed!
To start MailScanner & Postfix:
# service MailScanner start
To restart MailScanner & Postfix:
# service MailScanner restart
To stop MailScanner & Postfix:
# service MailScanner stop
Mailwatch Webinterface
Now you can access the mailwatch webinterface via http://mailwatch.example.com. or if you still don’t have domain you can use http://201.99.196.186/mailscanner/ Log in with the username & password that you created already.
First you should update the SpamAssassin rule descriptions and the GeoIP database. You’ll find both options when you click on the “Tools/Links” button.
