The Perfect SpamSnake - Ubuntu Jaunty Jackalope - Page 3

13. Pyzor Configuration

Because pyzor doesn't work with python2.6 very well, the workaround is to install python2.5 alongside it and use it as the default.

Edit /usr/share/python/debian_defaults:

# the default python version
default-version = python2.5

Now modify the /usr/bin/python symlink to point to python2.5 instead to python2.6

mv /usr/bin/python /usr/bin/python26
ln -s /usr/bin/python2.5 /usr/bin/python

Move pyzor:

mv /var/lib/python-support/python2.6/pyzor-* /var/lib/python-support/python2.5/
mv /var/lib/python-support/python2.6/pyzor* /var/lib/python-support/python2.5/pyzor/

We need to change some permissions on pyzor first:

chmod -R a+rX /usr/share/doc/pyzor /usr/bin/pyzor /usr/bin/pyzord
chmod -R a+rX /usr/share/python-support/pyzor

Here we supply the IP address of the Pyzor server to Pyzor. This will create the server's IP address in a servers file therein. Then it will test the connection. If you are behind a firewall, open port 24441/udp in and out to your server. While you're at it also open up 6277/udp for DCC, 2703/tcp for Razor and 783/tcp for SpamAssassin:

pyzor --homedir /var/lib/MailScanner discover
pyzor ping


14. Razor Configuration

Create the .razor configuration:

rm /etc/razor/razor-agent.conf
mkdir /var/lib/MailScanner/.razor
razor-admin -home=/var/lib/MailScanner/.razor -create
razor-admin -home=/var/lib/MailScanner/.razor -discover
razor-admin -home=/var/lib/MailScanner/.razor -register
chown -R postfix:www-data /var/lib/MailScanner
chmod -R ug+rwx /var/lib/MailScanner

Make the following changes to /var/lib/MailScanner/.razor/razor-agent.conf:

debuglevel = 0
razorhome = /var/lib/MailScanner/.razor/


15. DCC Configuration

Install DCC from .deb source:


Install the packages:

dpkg -i dcc-common_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
dpkg -i dcc-server_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
dpkg -I dcc-client_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb

We are not running a DCC server, so we don't need to waste time checking ourselves.
Once the installation is done run:

cdcc "delete"
cdcc "delete Greylist"

Test our installation with:

cdcc info

You should get 'requests ok' from the servers.


16. Configuring MailScanner and ClamAV

We need to make a directory for SpamAssassin in the spool and give postfix permissions to it, if you run sa-learn --force as root, bayes databese that is stored in these directories will change to root:root and spamassassin will error looking at the db. Just keep an eye on the mail.log and you'll remember to change the permissions back. Also disable the MailScanner default configs:

mkdir /var/spool/MailScanner/spamassassin

Backup your MailScanner.conf file:

cp /opt/MailScanner/etc/MailScanner.conf /opt/MailScanner/etc/MailScanner.conf.dist

vi /opt/MailScanner/etc/MailScanner.conf

Change the following parameters in MailScanner.conf:

%org-name% = ORGNAME
%org-long-name% = ORGFULLNAME
%web-site% = ORGWEBSITE
Run As User = postfix
Run As Group = www-data
Incoming Work Group = clamav
Incoming Work Permissions = 0640
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamd
Spam Subject Text = ***SPAM***
Send Notices = no
Spam List = ZEN
Required SpamAssassin Score = 6
High SpamAssassin Score = 10
Spam Actions = deliver
High Scoring Spam Actions = delete
Rebuild Bayes Every = 0
Wait During Bayes Rebuild = no
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
Clamd Socket = /var/run/clamav/clamd.ctl
Clamd Lock File = /var/run/clamav/
Monitors for ClamAV Updates = /var/lib/clamav/*.cld /var/lib/clamav/*.cvd

The first 9 lines are basically required in order for everything to work, the rest are recommended.


16.1 header_checks

Let's go ahead and put this in header_checks is required because it allows us to hold all incoming email in order for MailScanner to do its thing:

postconf -e "header_checks = regexp:/etc/postfix/header_checks"

Create /etc/postfix/header_checks and add the following:

/^Received:/ HOLD

Postmap it:

postmap /etc/postfix/header_checks


16.2 Fix to Disable Permission Checks on MailScanner Directories

Edit /etc/rc2.d/S20mailscanner to look like:

check_dir /var/spool/MailScanner       ${user:-postfix} ${group:-www-data}
#check_dir /var/lib/MailScanner         ${user:-mail} ${group:-mail}
#check_dir /var/run/MailScanner         ${user:-mail} ${group:-mail}
#check_dir /var/lock/subsys/MailScanner       ${user:-postfix} ${group:-www-data} 

In the file /etc/default/mailscanner, make sure this parameter is at 1:



16.3 Create cron jobs to keep MailScanner updated:

37      5 * * * /opt/MailScanner/bin/update_phishing_sites
07      * * * * /opt/MailScanner/bin/update_bad_phishing_sites
42      * * * * /opt/MailScanner/bin/update_virus_scanners
3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner


16.4 Start the system

/etc/init.d/postfix start

Check your logs for errors:

tail -f /var/log/mail.log

Share this page:

5 Comment(s)

Add comment


From: Anonymous


Just letting you know that DCC has been removed from all the debian apt sources.

There was a security bug which was causing issues to the dcc wich are unfixable



From: Anonymous

This bug was fixed in dcc 1.3.51 - whereas this article describes installing 1.3.103.

 So... not an issue.

From: Anonymous


The latest version of mailscanner is only compatable with mailtools 1.77

Which I couldnt find in apt, I had to install it manually following this


Before step 16.4 where you start MailScanner, you will need to set the permissions on the spool folders like this:

chown -R postfix:www-data MailScanner/


At step 13, it is mentioned that we need to install Python 2.5, but never specifically in the code blocks. In case anyone gets stuck, don't forget to run this before you do step 13:

apt-get install python2.5