Installing Maia Mailguard On Debian Lenny (Virtual Users/Domains With Postfix/MySQL) - Page 3

10 Configuring Amavisd-new

Maia Mailguard comes with its own amavisd-new configuration and amavisd binary, so we must replace our existing amavisd-new with it.

First stop your current amavisd processes:

/etc/init.d/amavis stop

We copy amavisd-maia to /usr/local/sbin/amavisd-new...

cd /usr/src/maia/1.0/
cp amavisd-maia /usr/local/sbin/amavisd-new
chown root /usr/local/sbin/amavisd-new
chmod 755 /usr/local/sbin/amavisd-new

... and adjust our /etc/init.d/amavis init script as follows:

vi /etc/init.d/amavis

[...]
#DAEMON=/usr/sbin/amavisd-new
DAEMON=/usr/local/sbin/amavisd-new
[...]
#START="--start --quiet --pidfile /var/run/amavis/${NAME}.pid --name ${DAEMONNAME} --startas ${DAEMON}"
#STOP="--stop --quiet --pidfile /var/run/amavis/${NAME}.pid --name ${DAEMONNAME}"
START="--start --quiet --pidfile /var/lib/amavis/${NAME}.pid --name ${DAEMONNAME} --startas ${DAEMON}"
STOP="--stop --quiet --pidfile /var/lib/amavis/${NAME}.pid --name ${DAEMONNAME}"
[...]

Then we copy /usr/src/maia/1.0/amavisd.conf.dist to /etc/amavisd.conf...

cp /usr/src/maia/1.0/amavisd.conf.dist /etc/amavisd.conf

... and edit that file:

vi /etc/amavisd.conf

[...]
$mydomain = 'localhost';
#$mydomain = 'yourdomain.tld'; # a convenient default for other settings

$MYHOME   = '/var/lib/amavis';
#$MYHOME   = '/var/amavisd';   # a convenient default for other settings
[...]
$log_level = 5;
#$log_level = 0;              # verbosity 0..5
[...]
# Database connection string
@lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', 'amavis', 'passwd'] );
[...]
$myhostname = 'server1.example.com';
#$myhostname = 'host.domain.tld';  # must be a fully-qualified domain name!
[...]
$final_virus_destiny      = D_DISCARD;
$final_banned_destiny     = D_DISCARD;
$final_spam_destiny       = D_DISCARD;
$final_bad_header_destiny = D_DISCARD;
[...]
# See https://secure.renaissoft.com/maia/wiki/VirusScannerConfig
# for more virus scanner definitions.
@av_scanners = (

### http://www.clamav.net/
['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
   qr/\bOK$/m, qr/\bFOUND$/m,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
# NOTE: run clamd under the same user as amavisd;  match the socket
# name (LocalSocket) in clamav.conf to the socket name in this entry
# When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"],

);
[...]

Make sure you fill in the correct password for the amavis MySQL user in the @lookup_sql_dsn line. In the ClamAV-clamd stanza, you must change the socket - the correct socket on Debian Lenny is /var/run/clamav/clamd.ctl.

Start amavisd afterwards:

/etc/init.d/amavis start

You should now check /var/lib/amavis/amavis.log for errors - please make sure that the database connection is working.

 

11 Log Into Maia Mailguard

You can now access Maia Mailguard under http://www.example.com/maia/ - this is where you and your users can log in with an existing email address/password:

If you use Maia Mailguard for the first time, you should register yourself as the Maia super-administrator. Go to http://www.example.com/maia/login.php?super=register and log in with your existing email address and password - this will automatically make you the super-administrator of the Maia system:

As super-administrator, you have all the privileges of administrators (e.g. "impersonating" other users, and deleting users), but also the ability to grant administrator privileges to others (and revoke them, if desired).

Should the super-administrator ever wish to give up his privileges, he has to do so by logging in at http://www.example.com/maia/login.php?super=unregister (after a super-administrator "unregisters" himself, the system effectively has no super-administrator, so the next user to login with the ?super=register argument will become the super-administrator).

After your login, you should read the notes on the welcome page:

At the bottom of the welcome page, you can set your protection level (this is only for the account that you used to log in - each user can set his protection level individually). High is recommended:

These are the available protection levels:

Off:

Pass viruses through? Y
Pass spam through? Y
Pass banned files through? Y
Pass mail with invalid headers through? Y
Disable virus scanning? Y
Disable spam checking? Y
Disable banned files checking? Y
Disable invalid header checking? Y
Discard viruses? N
Discard spam? N
Discard banned files? N
Discard invalid mail headers? N
Add a prefix to spam subjects? N
Add spam score headers when score is >= 999
Consider mail spam when score is >= 999
Quarantine or discard spam when score is >= 999

Low:

Pass viruses through? N
Pass spam through? Y
Pass banned files through? Y
Pass mail with invalid headers through? Y
Disable virus scanning? N
Disable spam checking? Y
Disable banned files checking? Y
Disable invalid header checking? Y
Discard viruses? N
Discard spam? N
Discard banned files? N
Discard invalid mail headers? N
Add a prefix to spam subjects? N
Add spam score headers when score is >= 999
Consider mail spam when score is >= 999
Quarantine or discard spam when score is >= 999

Medium:

Pass viruses through? N
Pass spam through? N
Pass banned files through? Y
Pass mail with invalid headers through? Y
Disable virus scanning? N
Disable spam checking? N
Disable banned files checking? Y
Disable invalid header checking? Y
Discard viruses? N
Discard spam? N
Discard banned files? N
Discard invalid mail headers? N
Add a prefix to spam subjects? Y
Add spam score headers when score is >= 5
Consider mail spam when score is >= 999
Quarantine or discard spam when score is >= 999

High:

Pass viruses through? N
Pass spam through? N
Pass banned files through? N
Pass mail with invalid headers through? N
Disable virus scanning? N
Disable spam checking? N
Disable banned files checking? N
Disable invalid header checking? N
Discard viruses? N
Discard spam? N
Discard banned files? N
Discard invalid mail headers? N
Add a prefix to spam subjects? N
Add spam score headers when score is >= 1
Consider mail spam when score is >= 5
Quarantine or discard spam when score is >= 5
Share this page:

6 Comment(s)

Add comment

Comments

From: VinS at: 2010-07-16 08:00:29

You can use
aptitude install  libdbd-pg-perl libdata-uuid-perl
to install  Data::UUID & DBD::Pg
;)

 Vins

From: David Morton at: 2010-07-10 13:22:11

As a developer for Maia Mailguard, I appreciate any the effort put into making a tutorial like this, however, I'm a little confused about the lack of communication with our community shown at the end of this tutorial.

We have an active community on the users mailing list, which you can join here:

https://www.maiamailguard.com/maia/wiki/MaiaMailingLists

It is unfortunate that the author happened to check out the 1.0 branch when he did, as it was one of the strangest states I've ever left that tree in.  I have since committed fixes for the items listed at the end of this tutorial.   A quick note on the mailing list could have had that fixed sooner and allowed the author to skip the work of documenting it!

 @Boudewijn Ector:  I develop Maia on Ubuntu, so it runs quite well on Debian-like systems.  If you have problems, please join the mailing list!   Having said that, we are in the process of packaging it up into an Ubuntu set of packages, so it will get easier when we finish that up. :)

 Lastly, I would like to point out that this tutorial uses screenshots from the "Ocean Blue" theme, which is the theme that has received less love.  The "Desert Sand" theme has a much more polished look to it, and is much preferred.

 

From: Anonymous at: 2010-07-12 12:42:28

If your developing maya for Ubuntu, which is nice, but wouldn't it not be nicer to port it to debian itself and let the ubuntu developers adapt it.

 

From: Boudewijn Ector at: 2010-07-09 23:13:37

Dear Author,


Well done! Maia is great, and debian is great!

Too bad there's no such thing as a debian package. Although I've been using FreeBSD together with Maia for years, I've been trying for some time to get Maia to work on Debian.

 

A minor comment (I might make more during the implementation of maia on my debian system): 

One might try :

svn checkout https://www.maiamailguard.com/svn/branches/1.0

 Instead of including a version number: this will automatically get the newest version in SVN. Minor note: watch out, this might be an unstable version!

From: Keith at: 2010-07-10 17:04:36

The developers of Maia have fixed the PHP errors described in this article so a checkout of the latest 1.x branch will not need to have these corrections applied.

From: Joshua at: 2010-08-11 19:35:01

I keep seeing the Maia Mailguard server (literally, it's in the room down the hall) and I mean to try it for my own personal use, but I haven't really got around to it. We use it at an ISP level and it works extremely well. This guide should hopefully help me get off my rear and install it on some more servers.