Mandriva Directory Server On Debian Etch - Page 4

11 Amavisd

Postfix will pass incomming mails to Amavis. Amavis on the other hand will pass them to Spamassassin an ClamAV. After the mails have been checked they'll be passed back to Postfix. Configure Amavis as follows.

vi /etc/amavis/conf.d/15-content_filter_mode

It should look like this:

use strict;
@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);


vi /etc/amavis/conf.d/50-user

It should look like this:

use strict;


Afterwards add the user clamav to the amavis group and restart amavis & ClamAV.

adduser clamav amavis
/etc/init.d/amavis restart
/etc/init.d/clamav-daemon restart
/etc/init.d/clamav-freshclam restart


12 Spamassassin

In this step you'll enable additional plugins to increase spam detection.

vi /etc/spamassassin/

Add the following content to the file:

# dcc
use_dcc 1
dcc_path /usr/bin/dccproc

use_pyzor 1
pyzor_path /usr/bin/pyzor

use_razor2 1
razor_config /etc/razor/razor-agent.conf

use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1

vi /etc/spamassassin/v310.pre

Uncomment the line for the dcc-plugin. It should look like this:

loadplugin Mail::SpamAssassin::Plugin::DCC
loadplugin Mail::SpamAssassin::Plugin::Pyzor
loadplugin Mail::SpamAssassin::Plugin::Razor2
loadplugin Mail::SpamAssassin::Plugin::SpamCop
loadplugin Mail::SpamAssassin::Plugin::AWL
loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold
loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject
loadplugin Mail::SpamAssassin::Plugin::MIMEHeader
loadplugin Mail::SpamAssassin::Plugin::ReplaceTags


Now configure spamassassin to run as daemon.

vi /etc/default/spamassassin

Set ENABLED=1. It should look like this:

OPTIONS="--create-prefs --max-children 5 --helper-home-dir"
#NICE="--nicelevel 15"


Afterwards start spamassassin and restart amavis.

/etc/init.d/spamassassin start
/etc/init.d/amavis restart


13 BIND Configuration

First copy a customized configuration file into the bind directory.

cp /usr/share/doc/python-mmc-base/contrib/bind/named.conf /etc/bind/

Afterwards we change the slapd starting point that it starts before bind.

update-rc.d -f slapd remove && update-rc.d slapd start 14 2 3 4 5 . stop 86 0 1 6 .

Edit the resolv configuration.

vi /etc/resolv.conf

It should look like this:



14 DHCP Configuration

First copy the customized configuration file into the dhcp3 directory.

cp /usr/share/doc/python-mmc-base/contrib/dhcpd/dhcpd.conf /etc/dhcp3/
vi /etc/dhcp3/dhcpd.conf

Edit the file that it fits to your needs - it should look like this:

ldap-server "localhost";
ldap-port 389;
ldap-username "cn=admin, dc=example, dc=com";
ldap-password "howtoforge";
ldap-base-dn "dc=example, dc=com";
ldap-method dynamic;
ldap-debug-file "/var/log/dhcp-ldap-startup.log";


15 SquidGuard/Squid Configuration

Squid with SquidGuard will be used to disable the accessibility of selected websites.


15.1 Configuration Files

15.1.1 SquidGuard

Copy the example configuration file into the squid directory, create an empty bad-domins-list (otherwise the mmc-proxy-plugin won't load) and edit the configuration file.

cp /usr/share/doc/python-mmc-base/contrib/proxy/squidGuard.conf /etc/squid/
touch /var/lib/squidguard/db/bad.destdomainlist
vi /etc/squid/squidGuard.conf

Change the line for the redirect that it looks like this:



15.1.2 Squid

First rename the configuration file, create a new one without comments (the original configuration file has more than 4000 lines) and edit it.

cd /etc/squid/
mv squid.conf squid.conf.orig
cat squid.conf.orig | egrep "^[^#]" > squid.conf
vi squid.conf

Comment ...

http_access allow localhost

... and add the following lines to the configuration:

redirect_program /usr/bin/squidGuard
acl SSL_ports port 3128
acl our_networks src
http_access allow our_networks

Restart squid

/etc/init.d/squid restart


15.2 Redirect VHost

When users want to visit websites that you have disabled, they'll be redirected to Create the directory for the VHost, put the squidGuard.cgi into it and make it executable.

mkdir /var/www/squidguard/
zcat /usr/share/doc/squidguard/examples/squidGuard.cgi.gz > /var/www/squidguard/squidGuard.cgi
chmod +x /var/www/squidguard/squidGuard.cgi

Afterwards create a VHost for the redirection.

vi /etc/apache2/sites-available/http

Add this configuration:



   ServerAdmin [email protected]
   DocumentRoot /var/www/squidguard/

   AddHandler cgi-script .cgi

   <Directory /var/www/squidguard/>
       AllowOverride None
       Options ExecCGI
       Order allow,deny
       Allow from

   ErrorLog /var/log/apache2/squidguard_error.log
   CustomLog /var/log/apache2/squidguard_access.log combined
   LogLevel warn


Share this page:

0 Comment(s)

Add comment


From: o.meyer