The Perfect SpamSnake - Ubuntu Jeos 10.10 Maverick Meerkat

Want to support HowtoForge? Become a subscriber!
 
Submitted by Rocky (Contact Author) (Forums) on Mon, 2010-11-29 17:23. :: Anti-Spam/Virus | Ubuntu | Postfix

The Perfect SpamSnake - Ubuntu Jeos 10.10

Author: Rocky
Version: 4

Postfix w/Bayesian Filtering and Anti-Backscatter (Relay Recipients via look-ahead), Nginx/Uwsgi, Mysql, Dnsmasq, MailScanner (Spamassassin, ClamAV, Pyzor, Razor, DCC-Client), Baruwa, SPF Checks, FuzzyOcr, Sanesecurity Signatures, Greyfix, KAM, Scamnailer, FireHOL (Iptables Firewall), Relay Recipients Script, Webmin (Optional), Outgoing Disclaimer with alterMIME (Optional)

This tutorial shows how to set up an Ubuntu Jeos based server as a spamfilter in Gateway mode. In the end, you will have a SpamSnake Gateway which will relay clean emails to your MTA. You will also be able to view your incoming queue, train your SpamSnake and carry out a few more advanced operations via Baruwa.

I cannot offer any guarantees that this will work for you, the same way it’s working for me.

I will use the following software:
• Web Server: Nginx v0.8.53/Uwsgi v0.9.6.5
• Database Server: MySQL v5.1.49
• Mail Server: Postfix v2.7.1
• Caching DNS Server: Dnsmasq 2.55
• Filter: MailScanner v4.81.4
• Frontend: Baruwa v1

Credit goes to the guys at HowToForge and the developers of MailScanner, Baruwa, Clamav, Nginx/Uwsgi, Mysql, Postfix, Spamassassin, Razor/Pyzor/DCC and Firehol.

 

BASE INSTALL

1. Install minimum vm option
    Set hostname to server1
2. Default guided partition method
3. Setup user:
    u: administrator
    p: password
    No encryption
4. No auto-updates
5. Install OpenSSH

 

POST INSTALLATION

1. Get root Privileges

Enable the root login by running the following and giving root a password. You can then directly log in as root:

sudo passwd root

 

2. Configure The Network

Because the Ubuntu installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.100):

vi /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
        address 192.168.0.100
        netmask 255.255.255.0
        network 192.168.0.0
        broadcast 192.168.0.255
        gateway 192.168.0.1

Then restart your network:

/etc/init.d/networking restart

vi /etc/hosts

and make it look like this:

127.0.0.1       localhost.localdomain   localhost
192.168.0.100   server1.example.com     server1
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Now run:

echo server1.example.com > /etc/hostname
reboot now

Afterwards, run:

hostname
hostname -f

Both should show server1.example.com now.

 

3. Change The Default Shell

/bin/sh is a symlink to /bin/dash, however we need /bin/bash, not /bin/dash. Therefore we do this:

dpkg-reconfigure dash

Install dash as /bin/sh? <-- No

Install a few packages and requirements that are needed later on:

apt-get install binutils cpp fetchmail flex gcc libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.6-dev libpcre3 libpopt-dev lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++ build-essential telnet wget gawk

 

4. Caching Dnsmasq

apt-get install dnsmasq

vi /etc/dnsmasq.conf

and make Dnsmasq listen on localhost:

listen-address=127.0.0.1

vi /etc/resolv.conf

and append the following to the top of the list:

nameserver 127.0.0.1

 

5. Install Mysql

apt-get install mysql-client mysql-server libdbd-mysql-perl

You will be asked to provide a password for the MySQL root user - this password is valid for the user root@localhost as well as root@server1.example.com, so we don't have to specify a MySQL root password manually later on:

New password for the MySQL "root" user: <-- yourrootsqlpassword
Repeat password for the MySQL "root" user: <-- yourrootsqlpassword


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by reivilob (registered user) on Thu, 2011-03-17 17:23.

your tutorial is very interesting, but i think that it could be more simple for a lot of people to install a solution like  MailCleaner Open Source Edition

Installation CD ISO image and full web admin interface

The result will be quite the same

 Olivier

Submitted by Matt Juaire (not registered) on Thu, 2011-01-20 02:14.
I know the howto has this setup on a virtual server. What did you recommend to give to the system for resources (cpu count, memory, hd size)?
Submitted by Rocky (registered user) on Thu, 2011-01-20 16:29.

This is my current setup:

CPU: 2.8GHZ divided by 3 vms

Ram: 1GB allocated for vm

HDD: 5GB allocated for vm

As you can see, my setup is a vm and I only filter 2 local domains.  Based on your needs, you may need to increase your HDD space for quarantine.  You can install this as a vm or as a stand alone.

Submitted by tokamak (not registered) on Thu, 2010-12-02 02:46.

 i get an script error for the postfix.sh

Zeile 41: Syntaxfehler beim unerwarteten Wort `(' 

LINE 41: Syntaxerror  unknow word  `('

 

 

 

Submitted by Rocky (registered user) on Fri, 2010-12-03 03:06.
Updated.