The Perfect SpamSnake - Ubuntu Jaunty Jackalope - Page 3

13. Pyzor Configuration

Because pyzor doesn't work with python2.6 very well, the workaround is to install python2.5 alongside it and use it as the default.

Edit /usr/share/python/debian_defaults:

# the default python version
default-version = python2.5

Now modify the /usr/bin/python symlink to point to python2.5 instead to python2.6

mv /usr/bin/python /usr/bin/python26 
ln -s /usr/bin/python2.5 /usr/bin/python

Move pyzor:

mv /var/lib/python-support/python2.6/pyzor-* /var/lib/python-support/python2.5/
mv /var/lib/python-support/python2.6/pyzor* /var/lib/python-support/python2.5/pyzor/

We need to change some permissions on pyzor first:

chmod -R a+rX /usr/share/doc/pyzor /usr/bin/pyzor /usr/bin/pyzord 
chmod -R a+rX /usr/share/python-support/pyzor

Here we supply the IP address of the Pyzor server to Pyzor. This will create the server's IP address in a servers file therein. Then it will test the connection. If you are behind a firewall, open port 24441/udp in and out to your server. While you're at it also open up 6277/udp for DCC, 2703/tcp for Razor and 783/tcp for SpamAssassin:

pyzor --homedir /var/lib/MailScanner discover 
pyzor ping

 

14. Razor Configuration

Create the .razor configuration:

cd 
rm /etc/razor/razor-agent.conf
mkdir /var/lib/MailScanner/.razor
razor-admin -home=/var/lib/MailScanner/.razor -create
razor-admin -home=/var/lib/MailScanner/.razor -discover
razor-admin -home=/var/lib/MailScanner/.razor -register
chown -R postfix:www-data /var/lib/MailScanner
chmod -R ug+rwx /var/lib/MailScanner

Make the following changes to /var/lib/MailScanner/.razor/razor-agent.conf:

debuglevel = 0
razorhome = /var/lib/MailScanner/.razor/

 

15. DCC Configuration

Install DCC from .deb source:

wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-server_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-common_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
wget http://ppa.launchpad.net/jonasped/ppa/ubuntu/pool/main/d/dcc/dcc-client_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb

Install the packages:

dpkg -i dcc-common_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
dpkg -i dcc-server_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb
dpkg -I dcc-client_1.3.103-0ubuntu1~ppa2~jaunty1_i386.deb

We are not running a DCC server, so we don't need to waste time checking ourselves.
Once the installation is done run:

cdcc "delete 127.0.0.1" 
cdcc "delete 127.0.0.1 Greylist"

Test our installation with:

cdcc info

You should get 'requests ok' from the servers.

 

16. Configuring MailScanner and ClamAV

We need to make a directory for SpamAssassin in the spool and give postfix permissions to it, if you run sa-learn --force as root, bayes databese that is stored in these directories will change to root:root and spamassassin will error looking at the db. Just keep an eye on the mail.log and you'll remember to change the permissions back. Also disable the MailScanner default configs:

mkdir /var/spool/MailScanner/spamassassin

Backup your MailScanner.conf file:

cp /opt/MailScanner/etc/MailScanner.conf /opt/MailScanner/etc/MailScanner.conf.dist
vi /opt/MailScanner/etc/MailScanner.conf

Change the following parameters in MailScanner.conf:

%org-name% = ORGNAME
%org-long-name% = ORGFULLNAME
%web-site% = ORGWEBSITE
Run As User = postfix
Run As Group = www-data
Incoming Work Group = clamav
Incoming Work Permissions = 0640
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamd
Spam Subject Text = ***SPAM***
Send Notices = no
Spam List = spamcop.net ZEN
Required SpamAssassin Score = 6
High SpamAssassin Score = 10
Spam Actions = deliver
High Scoring Spam Actions = delete
Rebuild Bayes Every = 0
Wait During Bayes Rebuild = no
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
Clamd Socket = /var/run/clamav/clamd.ctl
Clamd Lock File = /var/run/clamav/clamd.pid
Monitors for ClamAV Updates = /var/lib/clamav/*.cld /var/lib/clamav/*.cvd

The first 9 lines are basically required in order for everything to work, the rest are recommended.

 

16.1 header_checks

Let's go ahead and put this in main.cf. header_checks is required because it allows us to hold all incoming email in order for MailScanner to do its thing:

postconf -e "header_checks = regexp:/etc/postfix/header_checks"

Create /etc/postfix/header_checks and add the following:

/^Received:/ HOLD

Postmap it:

postmap /etc/postfix/header_checks

 

16.2 Fix to Disable Permission Checks on MailScanner Directories

Edit /etc/rc2.d/S20mailscanner to look like:

check_dir /var/spool/MailScanner       ${user:-postfix} ${group:-www-data}
#check_dir /var/lib/MailScanner         ${user:-mail} ${group:-mail}
#check_dir /var/run/MailScanner         ${user:-mail} ${group:-mail}
#check_dir /var/lock/subsys/MailScanner       ${user:-postfix} ${group:-www-data} 

In the file /etc/default/mailscanner, make sure this parameter is at 1:

run_mailscanner=1 

 

16.3 Create cron jobs to keep MailScanner updated:

37      5 * * * /opt/MailScanner/bin/update_phishing_sites
07      * * * * /opt/MailScanner/bin/update_bad_phishing_sites
42      * * * * /opt/MailScanner/bin/update_virus_scanners
3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner

 

16.4 Start the system

check_mailscanner 
/etc/init.d/postfix start

Check your logs for errors:

tail -f /var/log/mail.log
Share this page:

5 Comment(s)