Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 22nd November 2006, 07:48
Shamael Anwar Shamael Anwar is offline
Junior Member
 
Join Date: Nov 2006
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default clamav spamassassin with simscan @ debian

The title says it all. Long waiting simscan setup procedure at debian box:

Assumed u v already setup qmail and apllied the qmailqueue patch then go directly to download package section:

If you didnt follow qmailrocks then follow the below procedure:

I get lots of complain from users who didnt apply the qmailqueue patch. So i m including the qmailqueue patch installation here:

cd /usr/local/src

wget http://www.qmailrocks.org/downloads/...ailqueue.patch

cd /path/to/qmail-1.03

patch < /usr/local/src/qmailqueue.patch

qmailctl stop

make && make man && make setup check

qmailctl start

Download requared packages:

wget http://ovh.dl.sourceforge.net/source...-0.88.6.tar.gz

wget http://www.inter7.com/simscan/simscan-1.2.tar.gz

wget http://switch.dl.sourceforge.net/sou...cre-6.3.tar.gz

wget http://www.pldaniels.com/ripmime/ripmime-1.4.0.5.tar.gz

wget http://www.qmailrocks.org/downloads/...n-3.1.0.tar.gz

Install & configure the packages:

tar zxvf clamav-x.xx..tar.gz

cd clamav-x.xx

useradd -s /sbin/nologin -d /tmp clamav

groupadd clamav

useradd -s /sbin/nologin -d /bin/false qscand

groupadd qscand

./configure --prefix=/usr --sysconfdir=/etc

make && make check && make install

mkdir /var/log/clamav /var/lib/clamav

chown -R clamav:clamav /var/log/clamav /var/lib/clamav

Now we'll do a few configuration settings to the /etc/clamd.conf file...

vi /etc/clamd.conf

"Example" - should be commented out.
"LogFile" - should be set to /var/log/clamav/clamd.log
"LogTime" - should be uncommmented.
"LogSyslog" - should be uncommented.
"PidFile" - should be uncommented and set to /var/run/clamav/clamd.pid
"User" - should be set to qscand
"ScanMail" - should be uncommented.

And some settings to the /etc/freshclam.conf file...

vi /etc/freshclam.conf

"Example" - should be commented out.
DatabaseDirectory - should be uncommented and set to /var/lib/clamav

Ok, Clam AV is now installed, but let's go ahead and set it up so that it will auto-update every night with the latest virus definitions! First we will want to set up the proper logging for the updater....

/usr/bin/freshclam -l /var/log/clamav/clam-update.log

If the server is able to get updates, you should see an output similar to this:

ClamAV update process started at Thu Dec 16 16:14:51 2004
Downloading main.cvd[*]
main.cvd updated (version: 28, sigs: 26630, f-level: 3, builder: tomek)
Downloading daily.cvd[*]
daily.cvd updated (version: 633, sigs: 1794, f-level: 3, builder: tkojm)
Database updated (28424 signatures) from database.clamav.net (24.73.112.74).

Woohoo! You're updated with the latest virus definiations from the Clam database!

Now we just set a crontab to run every night, which will run the auto-update procedure! In the example below, I've set mine to run every day at 1:35 AM. The odd run time came reccomended from ClamAV, if you're wondering. Running freshclam at times other than the top of an hour reduces the load on their servers. so feel free to adjust the time to something even more offbeat, like 1:33 AM or something. The guys at ClamAV will thank you.

crontab -e (make sure you run this command as root)

35 1 * * * /usr/bin/freshclam --quiet -l /var/log/clamav/clam-update.log

Now save your new crontab and exit.

Now we need to create an init script for clamd...

wget http://www.qmailrocks.org/downloads/...c/debian_clamd

cp debian_clamd /etc/init.d/clamd

chmod +x /etc/init.d/clamd

mkdir /var/run/clamav

chown -R qscand:qscand /var/run/clamav

And now let's crank up clamd...

/etc/init.d/clamd stop

/etc/init.d/clamd start

If clamd has started successfully, a "ps -aux | grep clamd " command should reveal it...

qscand 11613 0.0 0.5 5972 4984 ? S 07:17 0:00 /usr/sbin/clamd

Once you have clamd successfully operating, let's configure the server so that clamd will start up on boot. Fortunately, Debian has a utility made just for doing this..

update-rc.d clamd start 75 2 3 4 5 .

tar zxvf Mail-SpamAssassin-3.x.x.tar.gz

cd Mail-SpamAssassin-3.x.x

perl Makefile.PL (answer all questions. Use the default answers provided if you are unsure)

make && make install

Ok, Spamassassin is installed. Let's make some tweaks. First, we're going to add a user/group called "spamd" under which Spamassassin will be run...

groupadd spamd

useradd -g spamd -s /bin/false -m -d /home/spamassassin spamd

Next, we set the spam threshold value and rewrite subject variable...

vi /etc/mail/spamassassin/local.cf

Replace the contents of the local.cf file with the following config settings:

rewrite_subject 1
required_hits 5

Save and exit from the file.

And now, let's put a Spamassassin startup script in place...

wget http://www.qmailrocks.org/downloads/...c/debian_spamd

cp debian_spamd /etc/init.d/spamd

chmod +x /etc/init.d/spamd

mkdir /var/run/spamd

chown -R spamd:spamd /var/run/spamd

The init script contains a variable specifying the location of spamd. Let's make sure it's correct. First, find out where spamd resides...

whereis spamd

You should get an answer like /usr/local/bin/spamd or /usr/bin/spamd or something like that. Make a note of where spamd is located.

Now, open the /etc/init/dspamd init script for editing....

vi /etc/init.d/spamd

Make sure that the following variable reflect the correct location of spamd:

DAEMON=/correct/path/to/spamd

And now let's crank up Spamassassin...

/etc/init.d/spamd stop

/etc/init.d/spamd start

If spamd has started successfully, a "ps -aux | grep spam " command should reveal it...

spamd 283 0.0 2.1 21152 19328 ? S 04:33 0:01 /usr/local/bin/spamd -x -u spamd -H /home/spamd -d --pidfile=/var/run/spamd/spamd.pid
spamd 339 0.0 2.1 21152 19328 ? S 04:33 0:00 spamd child
spamd 340 0.0 2.1 21152 19328 ? S 04:33 0:00 spamd child
spamd 341 0.0 2.1 21152 19328 ? S 04:33 0:00 spamd child
spamd 342 0.0 2.1 21152 19328 ? S 04:33 0:00 spamd child
spamd 343 0.0 2.1 21152 19328 ? S 04:33 0:00 spamd child

Once you have spamassin successfully operating, let's configure the server so that spamd will start up on boot. We'll do this just like we did with clamd...

update-rc.d spamd start 75 2 3 4 5 .

tar -xvzf pcre-6.3.tar.gz

cd pcre-6.3

./configure
make && make install

tar zxvf ripmime-1.4.0.5.tar.gz

cd ripmime-1.4.0.5
make && make install

tar zxvf simscan-1.2.tar.gz

cd simscan-1.2

./configure --enable-user=qscand --enable-clamav=y --enable-clamdscan=/usr/bin/clamdscan --enable-custom-smtp-reject=n --enable-per-domain=y --enable-attach=y --enable-spam=y --enable-spam-hits=5.0 --enable-spamc-user=y --enable-dropmsg=y --enable-ripmime=/usr/local/bin/ripmime --enable-clamavdb-path=/var/lib/clamav --enable-sigtool-path=/usr/bin/sigtool --enable-received=y




make && make install-strip
The reason I add user as qscanq bcoz possibly most of us installed calamav and spamassassin following qmailrocks.(remember useradd qscand

vi /var/qmail/control/simcontrol

:clam=yes,spam=yes,attach=.scr:.bat:.com:.pif:.exe :.mp3:.avi:.mpeg:.rar:.wmv

save & exit

ln -s /usr/local/lib/libpcre.so.0 /usr/lib/libpcre.so.0

/var/qmail/bin/simscanmk

/var/qmail/bin/simscanmk -g

Test Simscan:

echo “hi, testing.” > mailtest.txt
env QMAILQUEUE=/var/qmail/bin/simscan SIMSCAN_DEBUG=2 /var/qmail/bin/qmail-inject \
you@yourdomain.com < mailtest.txt

This will print a lot of debugging info, and if everything was ok, the last few lines will look like these:

simscan: cdb looking up version regex
simscan: cdb looking up version attach
simscan: calling clamdscan
simscan: cdb looking up version clamav
simscan: normal clamdscan return code: 0
simscan: done, execing qmail-queue
simscan: qmail-queue exited 0

Activate Simscan:

vi /var/qmail/supervise/qmail-smtpd/run

and add the line
QMAILQUEUE="/var/qmail/bin/simscan"; export QMAILQUEUE
near the top.

And also increase the softlimit to 40000000

save & exit.

qmailctl restart

Hope everything went smooth so far. Wooohooo... way to go.. best of luck.




Shamael

Last edited by Shamael Anwar; 22nd November 2006 at 07:51.
Reply With Quote
Sponsored Links
  #2  
Old 22nd November 2006, 11:24
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
Default

Hi Shamael,

thank you for posting this howto. If you want to publish it on howtoforge and not only in the forum, please have a look here:

http://www.howtoforge.com/add_howto
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 15th December 2006, 21:06
fchevitarese fchevitarese is offline
Junior Member
 
Join Date: Dec 2006
Location: Brazil
Posts: 9
Thanks: 0
Thanked 1 Time in 1 Post
Send a message via MSN to fchevitarese
 
Default

Very good Howto!
Thanks a lot!
Have Fun!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
spamassassin not working - debian 3.1 fulltilt Installation/Configuration 4 13th August 2007 08:55
Postfix + Amavis + SpamAssassin + ClamAV michele HOWTO-Related Questions 4 1st July 2006 15:36
spamassassin and clamav chrno Server Operation 2 30th April 2006 20:32
ClamAV for postfix-courier-mysql (Debian - Sarge) toastmaster HOWTO-Related Questions 2 24th February 2006 20:00
e-mail problem!!! Debian 3.1 maroonworks Installation/Configuration 18 6th December 2005 15:42


All times are GMT +2. The time now is 10:49.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.