Install a Mail Server with Antivirus and Antispam in 15 Minutes
This article illustrates a situation where you need to set up your own mail server (be it your home mail server, or a small office one). It actually shows that, if using an integrated service mail server, anyone can do the job, all in a matter of minutes.
AXIGEN Mail Server, the solution chosen for this example, can send and receive e-mails securely via "mydomain.com" and is able to retrieve them in a WebMail interface - this means that it includes all mail services needed for a fully functional mail server (SMTP, IMAP, POP3, WebMail, WebAdmin).
To get an idea of the amount of time you can spare by installing such a solution, just think of all the different open source applications you would need to install instead (i.e. an MTA, Squirrelmail for Webmail, QmailAdmin for web configuration, Courier for IMAP and POP3 and many others.)
AXIGEN Mail Server can virtually integrate with any Antivirus/Antispam application and it comes with built-in connectors ClamAV Antivirus and SpamAssassin. The second part of this article shows you how to install these applications and configure these connectors for use with AXIGEN.
Thus, at the end of this process which can take up half an hour at most, you will not only have your mail server up and running, but also virus and spam protection for your incoming and outgoing mail traffic.
AXIGEN runs on several Linux distributions (Gentoo, Redhat/Fedora Core, Slackware, Debian, Ubuntu, Mandrake/Mandriva, SUSE), on BSD versions (FreeBSD, OpenBSD and NetBSD) and on Solaris but for the purpose of this article, let's suppose you are setting up your mail system on a Fedora Core 6 platform. In five easy steps, you will have your server installed, your primary domain running and access to the Web configuration interface (WebAdmin).
1. Download / unpack corresponding package
Download AXIGEN rpm package from the AXIGEN website (packages are available as 30 day evaluation versions). Save the corresponding package for Fedora Core 6 "axigen-2.0.4.i386.rpm.gcc4.tar.gz" on your local machine and unpack the file, by issuing in the same directory as the download file:
tar xzvf axigen-2.0.4.i386.rpm.gcc4.tar.gz
2. Install command
Then, in order to install the RPM package, issue (while logged in as root) the following command, from the same directory as the rpm file:
rpm -ivh axigen-2.0.4.gcc4-1.i386.rpm
This will create the entire directory structure needed for AXIGEN to run. After the installation, no daemons or related application will be started.
3. Configuration options
AXIGEN provides several configuration options (configuration file, Command Line Interface), but the most intuitive and comprehensive one is WebAdmin, the Web configuration interface.
The corresponding WebAdmin service is enabled by default, as well as the other default services: IMAP, Logging, POP3, Processing and SMTP.
4. Initial configuration
The first configuration steps take place using the configuration wizard. You will set the administrator's password, select which services are started and what interfaces will be used. In this stage of the setup you also create the primary domain that your server will use.
The wizard can be run by issuing the following command in the console right after the installation of the package has finished:
NOTE: You have to make sure you do not start the mail server before the initial configuration.
5. Start AXIGEN
You can then start AXIGEN, using its initscript, by issuing this command:
Now that your server is running, you can connect the antivirus and anti-spam applications. By default, AXIGEN comes with connectors for the ClamAV Antivirus and SpamAssasin Antispam application. The setup process below describes how to make these two applications work with AXIGEN. However, note that AXIGEN implements a proprietary filter scripting language that allows you to implement connectors for any third party Antivirus and Antispam applications.
Connecting to ClamAV
A. Install ClamAV (daemon), on the same machine on which AXIGEN Mail Server is installed. Follow these steps in order to configure ClamAv for use with AXIGEN and start the clamd daemon.
1. Install clamav-server, using yum (Yellow Dog Updater, Modified):
yum install clamav-server
2. Copy the sample config file shipped with clamav-server:
cp /usr/share/doc/clamav-server-*/clamd.conf /etc/clamd.d/axigen.conf
3. Edit: /etc/clamd.d/axigen.conf
# comment out the Example line
# insert/modify the following lines:
4. Create a link to the clamd binary:
ln -s /usr/sbin/clamd /usr/sbin/clamd.axigen
5. Create the run directory, where the PID file and clamd socket will be stored, and change its permissions:
mkdir -p /var/run/clamd.axigen chown axigen:axigen /var/run/clamd.axigen
6. Create and setup the initscript:
cp /usr/share/doc/clamav-server-*/clamd.init /etc/init.d/clamd.axigen
chmod 755 /etc/init.d/clamd.axigen /sbin/chkconfig clamd.axigen on
7. Edit: /etc/init.d/clamd.axigen and modify the following lines, as specified below:
# description: The clamd server running for axigen CLAMD_SERVICE=axigen
8. Finally, start the clamd daemon:
B. Configure AXIGEN antivirus filter at server level using WebAdmin
In order to activate the ClamAV filter, go through the following steps:
In the "Server" context, click on the Add new filter button. This will open up and display the Active Filter list. It is empty right now, so we need to add the clamav filter to the list.
In the Priority field, enter a priority between 0 and 500 (a filter with priority 0 will be applied first and the one with 500, last).
Important - the domain-level filters have the priority limited to range 100-400 and the user-level filters are limited to the 200-300 range. A value of "10" should be fine, leaving you space to apply some other future filters before this one.
After setting the filter priority, select the socket value from in the Filter type dropdown list and the clamav value from the Filter Name list.
In the Apply on checklist, select the relay option, to apply the filter on outgoing mails. To make sure you scan both incoming and outgoing mails, you have to create the filter and select both values, local and relay.
In AXIGEN, it is possible to enable filters either at domain or user level, in the corresponding WebAdmin tabs. The filters activated at server level will be automatically applied for all domains and accounts. However, you have the possibility to add additional filters at domain or account level.
Connecting to SpamAssasin
The process for Connecting SpamAssassin is similar and even less time-consuming as no configurations are necessary after the product installation.
C. Install SpamAssassin using the yum application:
yum install spamassassin
No further configurations are necessary.
D. Configure SpamAssassin at server level, using Webadmin
The connector for SpamAssassin is a socket filter for AXIGEN, so the configuration procedure is the same as for ClamAV. The difference would be that for SpamAssassin, a TCP socket is more likely to be used.
Also, when activating the SpamAssassin filter, you need to keep in mind the following:
- Enter a different priority value for the SpamAssasin filter (if you have chosen 10 for ClamAV, choose a higher value for SpamAssassin in order to apply this filter after ClamAV in the filtering chain)
- Select the corresponding filter name, spamassassin in the Filter name list
Access AXIGEN WebMail
At this step of the way, your mail server is ready to go, and you can also you can access the AXIGEN WebMail to send and receive test messages. Then, use the full email address and password to log on to AXIGEN WebMail, at the default address: http://127.0.0.1:8000, or use the address you specified in the initial configuration phase when you ran the setup wizard.
Now you're really done: you can securely send and receive messages from your home domain and easily make any further configurations, to accommodate your specific network requirements. As you have seen, installing all mail services from one single executable and an intuitive Web configuration interface make things a lot easier and a lot less time-consuming.
Liviu Anghel, Chief Security Officer, Gecad Technologies
Ciprian Negrila, Technical Support Engineer, Gecad Technologies