How to Setup an Axigen Mail Server with Antivirus and Anti-spam protection

Want to support HowtoForge? Become a subscriber!
 
Submitted by roxanawe (Contact Author) (Forums) on Thu, 2006-08-31 09:59. :: Commercial

How to Setup an Axigen Mail Server with Antivirus and Anti-spam protection 

This how-to illustrates a situation where you need to set up your own mail server (be it your home mail server, or a small office one) with antivirus and anti-spam protection. It actually shows that, if using an integrated service mail server, the procedure is quite simple and shouldn't take more than half an hour.

 In this how-to we'll see how this works when using the following solutions, running on a Fedora Core 4 platform:

The first part of the how-to shows how to install and do the initial set up the mail server.

As the MTA also comes with built-in connectors for ClamAV Antivirus and SpamAssassin Anti-spam, the second part shows you how to install these applications and configure the connectors.

At the end of this process, you will be able to securely send and receive emails through your own mail sever using SMTP, IMAP and POP3, scan them for viruses and filter spam messages. Users will be able to access their mailboxes and retrieve email through POP, IMAP and Webmail.

Mail Server Installation and Initial configuration Process

Let's first go through the mail server Installation and Initial configuration process. These steps walk you through the installation, primary domain setup and explain how to access the Web configuration interface (Webadmin).

  1.  Download / unpack corresponding package

    Get the AXIGEN rpm package from the download website. Save the corresponding package for Fedora Core 4, axigen.i386.rpm.gcc4.tar.gz, on your local machine and unpack the file, by issuing in the same directory as the download file:

     tar xzvf axigen.i386.rpm.gcc4.tar.gz

  2. Install command
    Then, in order to install the RPM package, issue (while logged in as root) the following command, from the same directory as the rpm file:

    rpm -ivh axigen-1.2.2.gcc4-1.i386.rpm


    This will create the entire directory structure needed for the mail server to run. After the installation, no daemons or related application will be started.

  3. Configuration options

    AXIGEN provides several configuration options (configuration file, Command Line Interface), but the most intuitive and comprehensive is Webadmin, the Web configuration interface.

  4. Set the admin password for the Web configuration interface

    The mail server comes with a Web configuration interface, the easiest administration tool. All you need to do in order to access Webadmin is set the admin password (admin user works by default). To do that, run the mail server with

    -A (or --admin-passwd)

    option:

    /opt/axigen/bin/axigen -A <your_password>

  5. Start the mail server

    You can do this using the initscript, by issuing this command:

    /etc/init.d/axigen start

    At first server start, the mail server creates automatically a domain database location, an entity the server uses to store domains. Thus, you?ll be able to directly add your first domain and set your primary domain when first logging on to Webadmin, as it will be stored in this domain database location, created by default.

  6. Initial Configuration

    While the server is started, start your favorite browser and enter the default Webadmin address: http://127.0.0.1:9000/. Login using the "admin" username and the password you have previously set.

    Then, go to the Server tab and enter the name of the domain you have just created in the Primary domain field. 

    Also, make sure that in the Running services area, all the services you would like to use are checked. To be able to access email accounts via Webmail, the Webmail check box needs to be selected.

    To make your changes effective, click the Commit button in the upper left corner and than go to the Commands tab and click the Save config button, as instructed by the message displayed at the top of the screen. By doing this, the server will run with the current configuration, with no need to restart the server.
     

Setting up Antivirus and Antispam Connectors

Now that your server is running and your primary domain is configured, you can connect the antivirus and anti-spam applications.

The setup process below describes how to make ClamAV Antivirus and SpamAssasin Anti-spam application work with the mail server.

Connecting ClamAV

First, here is how to connect ClamAV, the antivirus application.

Download ClamAV (daemon), on the same machine on which the mail server is installed. Follow these steps in order to configure ClamAv for use with the MTA and start the clamd daemon. 

  1. Install clamav-server, using yum (Yellow Dog Updater, Modified):

     

    yum install clamav-server

  2. Copy the sample config file shipped with clamav-server:

    cp /usr/share/doc/clamav-server-*/clamd.conf /etc/clamd.d/axigen.conf

  3. Edit /etc/clamd.d/axigen.conf

    # comment out the Example line

    # Example
    # insert/modify the following lines:
    LogFile /var/log/clamd.axigen
    PidFile /var/run/clamd.axigen/clamd.pid
    LocalSocket /var/run/clamd.axigen/clamd.sock
    User axigen
  4. Create a link to the clamd binary:

    ln -s /usr/sbin/clamd /usr/sbin/clamd.axigen

  5. Create the run directory, where the PID file and clamd socket will be stored, and change its permissions:

    mkdir -p /var/run/clamd.axigen
    chown axigen:axigen /var/run/clamd.axigen

  6. Create and setup the initscript:
  7. cp /usr/share/doc/clamav-server-*/clamd.init
    /etc/init.d/clamd.axigen
    chmod 755 /etc/init.d/clamd.axigen
    /sbin/chkconfig clamd.axigen

  8. Edit /etc/init.d/clamd.axigen and modify the following lines, as specified below:
    # description: The clamd server running for axigen
    CLAMD_SERVICE=axigen
  9. Finally, start the clamd daemon:

    /etc/init.d/clamd.axigen

Configure AXIGEN anti-virus filter at server level using WebAdmin

Add the ClamAV filter. To do this, go through the following steps:

  1. In the Server tab, go to Filters page and then to Socket Filters page. Click on the Add new filter button.
  2. Fill out the fields in the window displayed.

    AXIGEN Mail Server

    The Name field represents the name of the filter. The Address field depends on how clamd is configured. You can use either a TCP or a local socket, and you must enter the address accordingly:

    • for a local socket: local://path_to_local_socket
    • for a TCP socket: inet://ip.ad.dr.ess:port

    The Protocol file field must contain the system full path to the ClamAV AFSL (AXIGEN Filters Scripting Language) file, by default: /var/opt/axigen/filters/clam-av.afsl.

    The Idle timeout field represents the inactivity timeout on connection.

    The Action on match field defines the action to be taken in case the filter matches an email (this can have a value of pass, discard or reject).
    Note: For antivirus and Anti-spam filters, the reject action should not be used, and is known to be a bad practice, as it will cause a significant traffic growth.

    The Max. connections field will set the maximum number of connections to the specified filter.

    Example of configuration:
    name = clamav
    address = local:///var/run/clamav/clamd.sock
    protocolFile = /var/opt/axigen/filters/clam-av.afsl
    idleTimeout = 60
    actionOnMatch = discard
    maxConnections = 10
    
  3. At the end, press the Add button, then the Commit button and, as specified, once again on the Commit button. Go to Commands tab and click Save config to save the new configuration.
  4. Enable this filter for all incoming and outgoing mails:
    • In the Server tab, go to Filters page and then to Active Filters page. Click on the Add new filter button.
    • Fill out the fields in the new window displayed.

      In the Priority field, enter a priority between 0 and 500 (a filter with priority 0 will be applied first and the one with 500, last). Please note that the domain-level filters have the priority limited to range 100-400 and the user-level filters are limited to the 200-300 range. A value of "10" should be fine, leaving you space to apply some other future filter before this one.

      After setting the filter priority, select the socket value from in the Filter type dropdown list and the clamav value from the FilterName list.

      In the Apply on relay dropdown list, select the yes option, to apply the filter on outgoing mails. To make sure you scan both incoming and outgoing mails, you have to create two entries for the same filter, one with this option set to no and another one with the option set to yes.

      In AXIGEN, it is also possible to enable filters at domain and user level, in the corresponding Webadmin tabs. The filters activated at server level, will be automatically applied for all domains and accounts. However, you have the possibility to add additional filters at domain or account level.

Connecting SpamAssassin

The process for Connecting SpamAssassin, is similar, but even less time-consuming as no configurations are necessary after the product installation.

  1. Installation
    Install SpamAssassin using the yum application:

    yum install spamassassin

    No further configurations are necessary.

  2. Configure SpamAssassin at server level, using Webadmin. The connector for SpamAssassin is a socket filter for AXIGEN, so the configuration procedure is the same.
    The difference would be that for SpamAssassin, a TCP socket is more likely to be used.
    The data for SpamAssassin to use in this procedure is:

    Default address: inet://127.0.0.1:783
    Default Protocol File Name: /var/opt/axigen/filters/spamassassin.afsl

    Thus, a typical configuration would involve the following values:
    name = spamassassin
    address = inet://127.0.0.1:783
    protocolFile = /var/opt/axigen/filters/spamassassin.afsl
    idleTimeout = 60
    actionOnMatch = discard
    maxConnections = 10
    Also, when activating the SpamAssassin filter, you need to keep in mind the following:
    • Enter a different priority value for the SpamAssasin filter (if you have chosen 10 for ClamAV, choose a higher value for SpamAssassin in order to apply this filter after ClamAV in the filtering chain)
    • Select the corresponding filter name, spamassassin in the Filter name list

Access AXIGEN Webmail

At this step of the way, your mail server is ready to go, and you can also you can access the AXIGEN Webmail to send and receive test messages.

First create a user account using the Webadmin, Accounts tab (the minimal configurations displayed in the General page of the account will do for now). Then, use the full email address and password to log on to AXIGEN Webmail, at the default address: http://127.0.0.1:8000.

AXIGEN Mail Server Webmail

Now you're really done: you can securely send and receive messages from your home domain and easily make any further configurations, to accommodate your specific network requirements.

As you have seen, installing all mail services from one single executable, and an intuitive Web configuration interface make things a lot easier and a lot less time-consuming.

Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.