The Perfect SpamSnake - Ubuntu Jeos 9.10 - Page 2

Want to support HowtoForge? Become a subscriber!
 
Submitted by Rocky (Contact Author) (Forums) on Fri, 2010-04-16 12:21. ::

4. Caching Dnsmasq

apt-get install dnsmasq

Edit /etc/dnsmasq.conf and make Dnsmasq listen on localhost:

listen-address=127.0.0.1

Edit /etc/resolv.conf and append the following to the top of the list:

nameserver 127.0.0.1

 

5. Install Apache2 and Mysql

apt-get install apache2 php5-cli libapache2-mod-php5 mysql-client mysql-server libdbd-mysql-perl php5-gd php5-mysql

 

Install MySql

You will be asked to provide a password for the MySQL root user - this password is valid for the user root@localhost as well as root@server1.example.com, so we don't have to specify a MySQL root password manually later on:

New password for the MySQL "root" user: <-- yourrootsqlpassword
Repeat password for the MySQL "root" user: <-- yourrootsqlpassword

 

Install Apache2

apt-get install apache2 apache2-doc apache2-mpm-prefork apache2-utils apache2-suexec

Next we install PHP5 as an Apache module:

aptitude install libapache2-mod-php5 php5 php5-common php5-curl php5-dev php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-mysql php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl

Next we edit /etc/apache2/mods-available/dir.conf and change the DirectoryIndex line:

<IfModule mod_dir.c>
          #DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
          DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl index.xhtml
</IfModule>

Now we have to enable some Apache modules (rewrite, suexec, include):

a2enmod rewrite
a2enmod suexec
a2enmod include

Restart Apache:

/etc/init.d/apache2 restart

 

Install Postfix:

Install the packages:

apt-get install postfix postfix-mysql postfix-doc procmail

 

Postfix:

You will be asked two questions. Answer as follows:

General type of mail configuration: --> Internet Site
System mail name: --> server1.example.com

Stop Postfix:

postfix stop

We’ll want to edit Postfix with the below:

Edit master.cf:
We need to add two items below the pickup service type. The pickup service "picks up" local mail (local meaning "on this machine") and delivers it. This is a way to bypass content filtering for mail generated by this machine.

It should look like this when you are done:

pickup    fifo  n       -       -       60      1       pickup
         -o content_filter=
         -o receive_override_options=no_header_body_checks

Note: For this step, make sure to replace anything@example.com, example.com and @example.com with real values that matches your setup.

Edit main.cf:

postconf -e "alias_maps = hash:/etc/aliases"
newaliases
postconf -e "myorigin = example.com"
postconf -e "myhostname = server1.example.com"
postconf -e "mynetworks = 127.0.0.0/8, 192.168.0.0/24”
postconf -e "message_size_limit = 10485760"
postconf -e "local_transport = error:No local mail delivery"
postconf -e "mydestination = "
postconf -e "local_recipient_maps = "
postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"

Create /etc/postfix/virtual and add the following:

postmaster postmaster@example.com
abuse abuse@example.com
root root@example.com

Continue:

postmap /etc/postfix/virtual
postconf -e "relay_recipient_maps = hash:/etc/postfix/relay_recipients"

Create /etc/postfix/relay_recipients and add the following:

@example.com OK
@example2.com OK

Continue:

postmap /etc/postfix/relay_recipients
postconf -e "transport_maps = hash:/etc/postfix/transport"

Create /etc/postfix/transport and add the following:

example.com smtp:[192.168.0.x]
example2.com smtp:[192.168.0.x]

Continue:

postmap /etc/postfix/transport
postconf -e "relay_domains = hash:/etc/postfix/relay_domains"

Create /etc/postfix/relay_domains and add the following:

example.com OK
example2.com OK

Continue:

postmap /etc/postfix/relay_domains
postconf -e "smtpd_helo_required = yes"
postconf -e "smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain, permit"
postconf -e "smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit"
postconf -e "smtpd_data_restrictions = reject_unauth_pipelining"

Final look at the Postfix install:

less /etc/postfix/main.cf

Check the contents of the file for errors and repair if needed. Fire up Postfix:

postfix start

Check that Postfix responds:

telnet 127.0.0.1 25

You should see:

220 [yourFQDNhere] ESMTP Postfix (Ubuntu)

 

6. Install Razor, Pyzor, DCC and Clamav

apt-get install razor pyzor clamav-daemon

 

DCC Configuration

Install DCC from .deb source:

cd /tmp
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-common_1.3.113-0ubuntu1~ppa1~karmic1_i386.deb && dpkg -i dcc-common_1.3.113-0ubuntu1~ppa1~karmic1_i386.deb
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-server_1.3.113-0ubuntu1~ppa1~karmic1_i386.deb && dpkg -i dcc-server_1.3.113-0ubuntu1~ppa1~karmic1_i386.deb
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-client_1.3.113-0ubuntu1~ppa1~karmic1_i386.deb && dpkg -i dcc-client_1.3.113-0ubuntu1~ppa1~karmic1_i386.deb

Test our installation with:

cdcc info

You should get 'requests ok' from the servers. Install dependencies:

aptitude install libconvert-tnef-perl libdbd-sqlite3-perl libfilesys-df-perl libmailtools-perl libmime-tools-perl libmime-perl libnet-cidr-perl libsys-syslog-perl libio-stringy-perl libfile-temp-perl libole-storage-lite-perl libarchive-zip-perl libsys-hostname-long-perl libnet-cidr-lite-perl libhtml-parser-perl libdb-file-lock-perl libnet-dns-perl libncurses5-dev libdigest-hmac-perl libdigest-sha1-perl libnet-ip-perl liburi-perl libfile-spec-perl spamassassin libnet-ident-perl libmail-spf-query-perl libmail-dkim-perl dnsutils

Download and install the latest MailScanner:

wget http://www.mailscanner.info/files/4/tar/MailScanner-install-4.78.17-1.tar.gz
tar xvfz MailScanner-install-4.78.17-1.tar.gz && cd MailScanner-install-4.78.17
./install.sh

 

Configuring Pyzor, Razor, MailScanner

Pyzor Configuration

Because pyzor doesn’t work with python2.6 very well, the workaround is to append the following to the first line of /usr/bin/pyzor to make it look like:

#!/usr/bin/python -Wignore::DeprecationWarning

Here we supply the IP address of the Pyzor server to Pyzor. This will create the server's IP address in a servers file therein. Then it will test the connection. If you are behind a firewall, open port 24441/udp in and out to your server. While you're at it also open up 6277/udp for DCC, 2703/tcp for Razor and 783/tcp for SpamAssassin:

mkdir /var/lib/MailScanner
pyzor --homedir=/var/lib/MailScanner discover
pyzor ping

 

Razor Configuration

Create the .razor configuration:

cd && rm /etc/razor/razor-agent.conf
mkdir /var/lib/MailScanner/.razor
razor-admin -home=/var/lib/MailScanner/.razor -create
razor-admin -home=/var/lib/MailScanner/.razor -discover
razor-admin -home=/var/lib/MailScanner/.razor -register
chown -R postfix:www-data /var/lib/MailScanner
chmod -R ug+rwx /var/lib/MailScanner

Make the following changes to /var/lib/MailScanner/.razor/razor-agent.conf:

debuglevel        = 0
razorhome 	  = /var/lib/MailScanner/.razor/

 

MailScanner Configuration

We need to make a directory for SpamAssassin in the spool and give postfix permissions to it, if you run sa-learn --force as root, bayes databese that is stored in these directories will change to root:root and spamassassin will error looking at the db. Just keep an eye on the mail.log and you'll remember to change the permissions back. Also disable the MailScanner default configs:

mkdir /var/spool/MailScanner/spamassassin

Backup your MailScanner.conf file:

cp /opt/MailScanner/etc/MailScanner.conf /opt/MailScanner/etc/MailScanner.conf.dist
vi /opt/MailScanner/etc/MailScanner.conf

Change the following parameters in MailScanner.conf:

%org-name% = ORGNAME
%org-long-name% = ORGFULLNAME
%web-site% = ORGWEBSITE
Run As User = postfix
Run As Group = www-data
Incoming Work Group = clamav
Incoming Work Permissions = 0644
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamd
Monitors for ClamAV Updates = /var/lib/clamav/*.cld /var/lib/clamav/*.cvd
Clamd Socket = /var/run/clamav/clamd.ctl
Clamd Lock File = /var/run/clamav/clamd.pid
Spam Subject Text = ***SPAM***
Send Notices = no
Spam List = spamcop.net ZEN
Spam Actions = deliver store header “X-Spam-Status: Yes”
High Scoring Spam Actions = store delete
Non Spam Actions = deliver store header “X-Spam-Status: No”
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

 

header_checks

Let's go ahead and put this in main.cf. header_checks is required because it allows us to hold all incoming email in order for MailScanner to do its thing:

postconf -e "header_checks = regexp:/etc/postfix/header_checks"

Create /etc/postfix/header_checks and add the following:

/^Received:/ HOLD

Postmap it:

postmap /etc/postfix/header_checks

 

MailScanner Startup Script:

Save the following as /etc/init.d/mailscanner:

#! /bin/sh
### BEGIN INIT INFO
# Provides:          MailScanner daemon
# Required-Start:    $local_fs $remote_fs
# Required-Stop:     $local_fs $remote_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Controls mailscanner instances
# Description:       MailScanner is a queue-based spam/virus filter
### END INIT INFO
# Author: Simon Walter <simon.walter@hp-factory.de>
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/usr/sbin:/usr/bin:/bin:/sbin:/opt/MailScanner/bin
DESC="mail spam/virus scanner"
NAME=MailScanner
PNAME=mailscanner
DAEMON=/opt/MailScanner/bin/$NAME
STARTAS=MailScanner
SCRIPTNAME=/etc/init.d/$PNAME
CONFFILE=/opt/MailScanner/etc/MailScanner.conf
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
run_nice=0
stopped_lockfile=/var/lock/subsys/MailScanner.off
# Read configuration variable file if it is present
[ -r /etc/default/$PNAME ] && . /etc/default/$PNAME
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
# sanity check for permissions
fail()
{
    echo >&2 "$0: $1"
    exit 1
}
check_dir()
{
    if [ ! -d $1 ]; then
        mkdir -p "$1" || \
            fail "directory $1: does not exist and cannot be created"
    fi
    actual="$(stat -c %U $1)"
    if [ "$actual" != "$2" ]; then
        chown -R "$2" "$1" || \
            fail "directory $1: wrong owner (expected $2 but is $actual)"
    fi
    actual="$(stat -c %G $1)"
    if [ "$actual" != "$3" ]; then
        chgrp -R "$3" "$1" || \
            fail "directory $1: wrong group (expected $3 but is $actual)"
    fi
}
user=$(echo $(awk -F= '/^Run As User/ {print $2; exit}' $CONFFILE))
group=$(echo $(awk -F= '/^Run As Group/ {print $2; exit}' $CONFFILE))
check_dir /var/spool/MailScanner       ${user:-postfix} ${group:-www-data}
check_dir /var/lib/MailScanner         ${user:-postfix} ${group:-www-data}
check_dir /var/run/MailScanner         ${user:-postfix} ${group:-www-data}
check_dir /var/lock/subsys	${user:-root}	${group:-root} #Required to Create Folder
check_dir /var/lock/subsys/MailScanner ${user:-postfix} ${group:-www-data}
#
# Function that starts the daemon/service
#
do_start()
{
        # Return
        #   0 if daemon has been started
        #   1 if daemon was already running
        #   2 if daemon could not be started
        start-stop-daemon --start --quiet --startas $STARTAS --name $NAME --test > /dev/null \
                || return 1
        start-stop-daemon --start --quiet --nicelevel $run_nice --chuid postfix:www-data --exec $DAEMON --name $NAME -- $DAEMON_ARGS \
                || return 2
        # Add code here, if necessary, that waits for the process to be ready
        # to handle requests from services started subsequently which depend
        # on this one.  As a last resort, sleep for some time.
  # Set lockfile to inform cronjobs about the running daemon
        RETVAL="$?"
        if [ $RETVAL -eq 0 ]; then
            touch /var/lock/subsys/mailscanner
            rm -f $stopped_lockfile
        fi
if [ $RETVAL -eq 0 ]; then
echo "MailScanner Started"
fi
}
#
# Function that stops the daemon/service
#
do_stop()
{
        # Return
        #   0 if daemon has been stopped
        #   1 if daemon was already stopped
        #   2 if daemon could not be stopped
        #   other if a failure occurred
        start-stop-daemon --stop --retry=TERM/30 --name $NAME
        RETVAL="$?"
        [ "$RETVAL" = 2 ] && return 2
  # Remove lockfile for cronjobs
        if [ $RETVAL -eq 0 ]; then
            rm -f /var/lock/subsys/mailscanner
            touch $stopped_lockfile
        fi
if [ $RETVAL -eq 0 ]; then
echo "MailScanner Stopped"
fi
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
        start-stop-daemon --stop --signal 1 --quiet --name $NAME
        return 0
}
case "$1" in
  start)
        [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
        do_start
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;
  stop)
        [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
        do_stop
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;
  restart|force-reload)
        #
        # If the "reload" option is implemented then remove the
        # 'force-reload' alias
        #
        log_daemon_msg "Restarting $DESC" "$NAME"
        do_stop
        case "$?" in
          0|1)
                do_start
                case "$?" in
                        0) log_end_msg 0 ;;
                        1) log_end_msg 1 ;; # Old process is still running
                        *) log_end_msg 1 ;; # Failed to start
                esac
                ;;
          *)
                # Failed to stop
                log_end_msg 1
                ;;
        esac
        ;;
  *)
        echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
        exit 3
        ;;
esac
exit 0

Create Symlinks for mailscanner script to work:

chmod 755 /etc/init.d/mailscanner
ln -s ../init.d/mailscanner /etc/rc0.d/K20mailscanner
ln -s ../init.d/mailscanner /etc/rc1.d/K20mailscanner
ln -s ../init.d/mailscanner /etc/rc2.d/S20mailscanner
ln -s ../init.d/mailscanner /etc/rc3.d/S20mailscanner
ln -s ../init.d/mailscanner /etc/rc4.d/S20mailscanner
ln -s ../init.d/mailscanner /etc/rc5.d/S20mailscanner
ln -s ../init.d/mailscanner /etc/rc6.d/K20mailscanner

Start the system:

/etc/init.d/mailscanner start
/etc/init.d/postfix start

Check your logs for errors:

tail -f /var/log/mail.log


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by iser0073 (not registered) on Mon, 2010-07-26 13:40.

Thanx for the coolest anti spam solutions I have found!! It is really appreciated.

In the line:

postconf -e "mynetworks = 127.0.0.0/8, 192.168.0.0/24”

 the ” at the end of this line translates to a . when copying and pasting from this guide, would be cool if you could simply replace it with a "

 Kind Regards,
Johan

Submitted by devnull1369 (not registered) on Fri, 2010-08-20 21:54.

DCC has moved.

 

http://ppa.launchpad.net/jonasped/ubuntu/pool/main/d/dcc/dcc-server_1.3.130-0ubuntu1~ppa1~karmic1_i386.deb

http://ppa.launchpad.net/jonasped/ubuntu/pool/main/d/dcc/dcc-common_1.3.130-0ubuntu1~ppa1~karmic1_i386.deb

http://ppa.launchpad.net/jonasped/ubuntu/pool/main/d/dcc/dcc-client_1.3.130-0ubuntu1~ppa1~karmic1_i386.deb