The Perfect SpamSnake - Ubuntu Jaunty Jackalope - Page 3

Want to support HowtoForge? Become a subscriber!
 
Submitted by Rocky (Contact Author) (Forums) on Wed, 2009-06-10 18:34. ::

13. Pyzor Configuration

Because pyzor doesn't work with python2.6 very well, the workaround is to install python2.5 alongside it and use it as the default.

Edit /usr/share/python/debian_defaults:

# the default python version
default-version = python2.5

Now modify the /usr/bin/python symlink to point to python2.5 instead to python2.6

mv /usr/bin/python /usr/bin/python26
ln -s /usr/bin/python2.5 /usr/bin/python

Move pyzor:

mv /var/lib/python-support/python2.6/pyzor-* /var/lib/python-support/python2.5/
mv /var/lib/python-support/python2.6/pyzor* /var/lib/python-support/python2.5/pyzor/

We need to change some permissions on pyzor first:

chmod -R a+rX /usr/share/doc/pyzor /usr/bin/pyzor /usr/bin/pyzord
chmod -R a+rX /usr/share/python-support/pyzor

Here we supply the IP address of the Pyzor server to Pyzor. This will create the server's IP address in a servers file therein. Then it will test the connection. If you are behind a firewall, open port 24441/udp in and out to your server. While you're at it also open up 6277/udp for DCC, 2703/tcp for Razor and 783/tcp for SpamAssassin:

pyzor --homedir /var/lib/MailScanner discover
pyzor ping

 

14. Razor Configuration

Create the .razor configuration:

cd
rm /etc/razor/razor-agent.conf
mkdir /var/lib/MailScanner/.razor
razor-admin -home=/var/lib/MailScanner/.razor -create
razor-admin -home=/var/lib/MailScanner/.razor -discover
razor-admin -home=/var/lib/MailScanner/.razor -register
chown -R postfix:www-data /var/lib/MailScanner
chmod -R ug+rwx /var/lib/MailScanner

Make the following changes to /var/lib/MailScanner/.razor/razor-agent.conf:

debuglevel = 0
razorhome = /var/lib/MailScanner/.razor/

 

15. DCC Configuration

Install DCC from .deb source:

wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-server_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-common_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-client_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb

Install the packages:

dpkg -i dcc-common_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
dpkg -i dcc-server_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
dpkg -I dcc-client_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb

We are not running a DCC server, so we don't need to waste time checking ourselves.
Once the installation is done run:

cdcc "delete 127.0.0.1"
cdcc "delete 127.0.0.1 Greylist"

Test our installation with:

cdcc info

You should get 'requests ok' from the servers.

 

16. Configuring MailScanner and ClamAV

We need to make a directory for SpamAssassin in the spool and give postfix permissions to it, if you run sa-learn --force as root, bayes databese that is stored in these directories will change to root:root and spamassassin will error looking at the db. Just keep an eye on the mail.log and you'll remember to change the permissions back. Also disable the MailScanner default configs:

mkdir /var/spool/MailScanner/spamassassin

Backup your MailScanner.conf file:

cp /opt/MailScanner/etc/MailScanner.conf /opt/MailScanner/etc/MailScanner.conf.dist

vi /opt/MailScanner/etc/MailScanner.conf

Change the following parameters in MailScanner.conf:

%org-name% = ORGNAME
%org-long-name% = ORGFULLNAME
%web-site% = ORGWEBSITE
Run As User = postfix
Run As Group = www-data
Incoming Work Group = clamav
Incoming Work Permissions = 0640
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamd
Spam Subject Text = ***SPAM***
Send Notices = no
Spam List = spamcop.net ZEN
Required SpamAssassin Score = 6
High SpamAssassin Score = 10
Spam Actions = deliver
High Scoring Spam Actions = delete
Rebuild Bayes Every = 0
Wait During Bayes Rebuild = no
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
Clamd Socket = /var/run/clamav/clamd.ctl
Clamd Lock File = /var/run/clamav/clamd.pid
Monitors for ClamAV Updates = /var/lib/clamav/*.cld /var/lib/clamav/*.cvd

The first 9 lines are basically required in order for everything to work, the rest are recommended.

 

16.1 header_checks

Let's go ahead and put this in main.cf. header_checks is required because it allows us to hold all incoming email in order for MailScanner to do its thing:

postconf -e "header_checks = regexp:/etc/postfix/header_checks"

Create /etc/postfix/header_checks and add the following:

/^Received:/ HOLD

Postmap it:

postmap /etc/postfix/header_checks

 

16.2 Fix to Disable Permission Checks on MailScanner Directories

Edit /etc/rc2.d/S20mailscanner to look like:

check_dir /var/spool/MailScanner       ${user:-postfix} ${group:-www-data}
#check_dir /var/lib/MailScanner         ${user:-mail} ${group:-mail}
#check_dir /var/run/MailScanner         ${user:-mail} ${group:-mail}
#check_dir /var/lock/subsys/MailScanner       ${user:-postfix} ${group:-www-data} 

In the file /etc/default/mailscanner, make sure this parameter is at 1:

run_mailscanner=1 

 

16.3 Create cron jobs to keep MailScanner updated:

37      5 * * * /opt/MailScanner/bin/update_phishing_sites
07      * * * * /opt/MailScanner/bin/update_bad_phishing_sites
42      * * * * /opt/MailScanner/bin/update_virus_scanners
3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner

 

16.4 Start the system

check_mailscanner
/etc/init.d/postfix start

Check your logs for errors:

tail -f /var/log/mail.log


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by RonKrumland (registered user) on Mon, 2009-08-10 17:29.

Before step 16.4 where you start MailScanner, you will need to set the permissions on the spool folders like this:

chown -R postfix:www-data MailScanner/

Submitted by RonKrumland (registered user) on Mon, 2009-08-10 17:22.

At step 13, it is mentioned that we need to install Python 2.5, but never specifically in the code blocks. In case anyone gets stuck, don't forget to run this before you do step 13:

apt-get install python2.5

Submitted by Anonymous (not registered) on Mon, 2009-08-03 03:04.

Hello

The latest version of mailscanner is only compatable with mailtools 1.77

Which I couldnt find in apt, I had to install it manually following this

http://cpansearch.perl.org/src/MARKOV/MailTools-1.77/README

Submitted by Anonymous (not registered) on Fri, 2009-07-31 04:50.

Hello

Just letting you know that DCC has been removed from all the debian apt sources.

There was a security bug which was causing issues to the dcc wich are unfixable

 see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464161

 

Submitted by Anonymous (not registered) on Thu, 2010-08-05 19:47.

This bug was fixed in dcc 1.3.51 - whereas this article describes installing 1.3.103.

 So... not an issue.