The Perfect SpamSnake - Ubuntu Jaunty Jackalope - Page 5
On this page
- 17.11 Set permissions to bring it all together
- 17.12 Reboot the system
- 17.13 Test the MailWatch interface
- 17.14 Update the SpamAssassin Rules table
- 17.15 Update the GeoIP database
- 17.16 Fix to allow wildcards in Whitelist/Blacklist
- 17.17 Fix for Message Operations Not Finding Messages
- 17.18 Releasing Spam Messages
- 17.19 Fix to Allow Multiple Releases of Messages in Message Operations
- 17.20 Patch to fix autocommit error when stopping MailScanner
- 18. Install and Configure SPF
17.11 Set permissions to bring it all together
chown -R postfix:www-data /var/spool/MailScanner
chown -R postfix:www-data /var/lib/MailScanner
chown -R postfix:www-data /var/spool/postfix/hold
chmod -R ug+rwx /var/spool/postfix/hold
chmod -R u+rwx,g+rx /var/spool/MailScanner/quarantine
Finally make sure you restart MailScanner:
killall mailscanner
check_mailscanner
Test out the setup:
spamassassin -x -D -p /opt/MailScanner/etc/spam.assassin.prefs.conf --lint
Check for lines like:
debug: bayes: Database connection established
debug: bayes: found bayes db version 3
debug: bayes: Using userid: 2
You should see lines come up with DCC, Pyzor and Razor that say loading plugin and hopefully no errors.
Finishing up this part we need to add cron jobs that will clean/update, you probably saw the message about this after the MailScanner install script finished.
First edit conf.php and set 'QUARANTINE_DAYS_TO_KEEP' in conf.php and change the following line in /usr/src/mailwatch-1.0.4/tools/db_clean to:
#!/usr/bin/php -q require('/var/www/mailscanner/functions.php');
Install quarantine clean up script:
cp /usr/src/mailwatch-1.0.4/tools/quarantine_maint.php /usr/bin/quarantine_maint.php
cp /usr/src/mailwatch-1.0.4/tools/db_clean.php /usr/bin/db_clean.php
chmod +x /usr/bin/quarantine_maint.php
chmod +x /usr/bin/db_clean.php
Run
crontab -e
and add the following:
15 10 * * 2 /usr/bin/quarantine_maint.php --clean &> /dev/null 58 23 * * * /usr/bin/db_clean.php &> /dev/null
Disable the mailscanner installed cron script /etc/cron.daily/clean.quarantine (note: do this only if the clean.quarantine script exists).
$disabled = 1;
17.12 Reboot the system
reboot
Check your mail.log (tail –f /var/log/mail.log) and you should see the following:
Jun 13 12:18:23 hoshi MailScanner[26388]: MailScanner E-Mail Virus Scanner version 4.20-3 starting...
Jun 13 12:18:24 hoshi MailScanner[26388]: Config: calling custom init function MailWatchLogging
Jun 13 12:18:24 hoshi MailScanner[26388]: Initialising database connection
Jun 13 12:18:24 hoshi MailScanner[26388]: Finished initialising database connection
Congratulations - you now have MailScanner logging to MySQL.
17.13 Test the MailWatch interface
Point your browser to http://<hostname>/mailscanner/ - you should be prompted for a username and password - enter the details of the MailWatch web user that you created earlier, and you should see a list of the last 50 messages processed by MailScanner.
If you're not able to see the mails, then you may have to set the following persmissions:
chgrp -R www-data /var/spool/MailScanner
You may have to create the following to prevent an error in a lint test:
mkdir /var/www/.spamassassin
17.14 Update the SpamAssassin Rules table
MailWatch keeps a list of all the SpamAssassin rules and descriptions which are displayed on the 'Message Detail' page - to show the descriptions, you need to run the updater every time you add new rules or upgrade SpamAssassin. Click on the 'Tools/Links' menu and select 'Update SpamAssassin Rule Descriptions' and click 'Run Now'.
17.15 Update the GeoIP database
Change this line in /var/www/mailscanner/geoip_update.php to look like:
dbquery("LOAD DATA LOCAL INFILE
*Note: Make sure that allow_url_fopen = On is set in your php.ini.
Click on the 'Tools/Links' menu and select 'Update GeoIP database' and click 'Run Now'.
17.16 Fix to allow wildcards in Whitelist/Blacklist
Add the following to the bottom of the return 1 section in your /opt/MailScanner/lib/MailScanner/CustomFunctions/SQLBlackWhiteList.pm:
return 1 if $BlackWhite->{$to}{'*@'.$fromdomain}; return 1 if $BlackWhite->{$to}{'*@*.'.$fromdomain}; return 1 if $BlackWhite->{$todomain}{'*@'.$fromdomain}; return 1 if $BlackWhite->{$todomain}{'*@*.'.$fromdomain}; return 1 if $BlackWhite->{'default'}{'*@'.$fromdomain}; return 1 if $BlackWhite->{'default'}{'*@*.'.$fromdomain};
17.17 Fix for Message Operations Not Finding Messages
Change the following in /var/www/mailscanner/do_message_ops.php file:
$id = $Regs[1];
to
$id = str_replace("_", ".",$Regs[1]);
17.18 Releasing Spam Messages
To allow MailWatch to release Spam messages without them being processed again, add 127.0.0.1 as a whitelist item in MailWatch/List interface. Make sure to restart MailScanner after configuring these options. Below is what my entry looks like.
127.0.0.1 | default | Delete |
17.19 Fix to Allow Multiple Releases of Messages in Message Operations
Edit /var/www/mailscanner/do_message_ops.php and make the following changes:
case 'F': $type='forget'; break; case 'R': $type='release'; break; default: continue; break;
Then, find the following section and change it to look like this:
$itemnum = array($num); if ($type == 'release'){ if($quarantined = quarantine_list_items($id,RPC_ONLY)) { $to = $quarantined[0]['to']; } echo "<tr><td><a href=\"detail.php?id=$id\">$id</a></td><td>$type</td><td>" . quarantine_release($quarantined, $itemnum, $to, RPC_ONLY) . "</td></tr>\n"; } else { echo "<tr><td><a href=\"detail.php?id=$id\">$id</a></td><td>$type</td><td>" . quarantine_learn($items, $itemnum, $type, RPC_ONLY) . "</td></tr>\n"; } } echo "</TABLE>\n"; } } } } echo " </TD>\n";
Next we edit the /var/www/mailscanner/functions.php file and change:
$fieldname[$f] = "Ops<br>S H F";
to
$fieldname[$f] = "Ops<br>S H F R";
Next change:
array_unshift($row, "<INPUT NAME=\"OPT-REPLACEME\" TYPE=RADIO VALUE=\"S\"> <INPUT NAME=\"OPT-REPLACEME\" TYPE=RADIO VALUE=\"H\"> <INPUT NAME=\"OPT-REPLACEME\" TYPE=RADIO VALUE=\"F\">");
To:
array_unshift($row, "<INPUT NAME=\"OPT-REPLACEME\" TYPE=RADIO VALUE=\"S\"> <INPUT NAME=\"OPT-REPLACEME\" TYPE=RADIO VALUE=\"H\"> <INPUT NAME=\"OPT-REPLACEME\" TYPE=RADIO VALUE=\"F\"> <INPUT NAME=\"OPT-REPLACEME\" TYPE=RADIO VALUE=\"R\"> ");
Next find the block with the javascript function to handle radio buttons. Add a third value like so:
echo "function SetRadios(p) {\n"; echo " var val;\n"; echo " if (p == 'S') {\n"; echo " val = 0;\n"; echo " } else if (p == 'H') {\n"; echo " val = 1;\n"; echo " } else if (p == 'F') {\n"; echo " val = 2;\n"; echo " } else if (p == 'R') {\n"; echo " val = 3;\n"; echo " } else if (p == 'C') {\n"; echo " ClearRadios();\n";
Now, add the text for the radios:
echo " <a href=\"javascript:SetRadios('S')\">S</a>"; echo " <a href=\"javascript:SetRadios('H')\">H</a>"; echo " <a href=\"javascript:SetRadios('F')\">F</a>"; echo " <a href=\"javascript:SetRadios('R')\">R</a>";
Finally, change:
echo "<P><b>S</b> = Spam <b>H</b> = Ham <b>F</b> = Forget\n";
to:
echo "<P><b>S</b> = Spam <b>H</b> = Ham <b>F</b> = Forget <b>R</b> = Release\n";
17.20 Patch to fix autocommit error when stopping MailScanner
Edit line 80 of MailWatch.pm to look like this:
$dbh = DBI->connect("DBI:mysql:database=$db_name;host=$db_host", $db_user, $db_pass, {PrintError => 0, AutoCommit => 0});
*Note: This turns off autocommit when it connects so the commit line when it closes does not throw an error.
18. Install and Configure SPF
The postfix-policyd-spf-perl package depends on the Mail::SPF and the NetAddr::IP Perl modules.
We need to download postfix-policyd-spf-perl from http://www.openspf.org/Software to the /usr/src/ directory and install it to the /usr/lib/postfix/ directory like this:
cd /usr/src
wget http://www.openspf.org/blobs/postfix-policyd-spf-perl-2.005.tar.gz
tar xvfz postfix-policyd-spf-perl-2.005.tar.gz
cd postfix-policyd-spf-perl-2.005
cp postfix-policyd-spf-perl /usr/lib/postfix/policyd-spf-perl
Then we edit /etc/postfix/master.cf and add the following stanza at the end:
policy unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/lib/postfix/policyd-spf-perl
(The leading spaces before user=nobody are important so that Postfix knows that this line belongs to the previous one!)
Then open /etc/postfix/main.cf and search for the smtpd_recipient_restrictions directive. You should have reject_unauth_destination in that directive, and right after reject_unauth_destination you add check_policy_service unix:private/policy like this:
[...] smtpd_recipient_restrictions = [...] reject_unauth_destination check_policy_service unix:private/policy [...]
It is important that you specify check_policy_service AFTER reject_unauth_destination or else your system can become an open relay!
Then restart Postfix:
/etc/init.d/postfix restart
That's it already.