The Perfect SpamSnake - Ubuntu Jeos 12.04 LTS Precise Pangolin - Page 3

8. Baruwa

Make sure links are correct for MailScanner:

ln -s /opt/MailScanner/etc /etc/MailScanner
ln -s /opt/MailScanner/lib/MailScanner/CustomFunctions /etc/MailScanner

Install and configure Rabbitmq-Server:


and add the following:

deb testing main

Update sources and install key:

apt-key add rabbitmq-signing-key-public.asc
apt-get update

Install rabbitmq-server:

apt-get install rabbitmq-server -y

Add the database credentials:

rabbitmqctl add_user baruwa password
rabbitmqctl add_vhost baruwa
rabbitmqctl set_permissions -p baruwa baruwa ".*" ".*" ".*"
rabbitmqctl delete_user guest

Restart rabbitmq-server:

/etc/init.d/rabbitmq-server restart

Add sources for Baruwa 1.1.2-4 and install dependencies:

wget -O - | apt-key add -

vi /etc/apt/sources.list

and add the following:

 deb precise main

Install Dependencies:

apt-get update
apt-get install python-django-celery python-importlib -y

Download and install Baruwa1.1.2-4sn:

mkdir /usr/src/baruwa1124 && cd /usr/src/baruwa1124
wget && mv 0B9cN15Q3pKnwLW1WNG9rN0dQNzg baruwa_1.1.2-4sn_all.deb
wget && mv 0B9cN15Q3pKnwMHFUMFhWMW4ycU0 baruwa-doc_1.1.2-4sn_all.deb
gdebi baruwa_1.1.2-4sn_all.deb
gdebi baruwa-doc_1.1.2-4sn_all.deb

You'll be prompted with the following, answer according to your setup:

Webserver to configure manually
Virtual Host name
Choose whether to configure mysql automatically
My Host
Database administrator name/password
Baruwa username/password/dbname
RabbitMQ host/username/password
Admin user/password/email for Baruwa Web

Fix the symlinks for

rm –r /usr/share/pyshared/baruwa/ && ln –s /etc/baruwa/ /usr/share/pyshared/baruwa/

vi /etc/baruwa/

and fix the baruwa database configuration:

    'default': {
        # Add 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3'
        # or 'oracle'.
        'ENGINE': 'django.db.backends.mysql',
        # Or path to database file if using sqlite3.
        'NAME': 'baruwa',
        # Not used with sqlite3.
        'USER': 'baruwa',
        # Not used with sqlite3.
        'PASSWORD': 'password',
        # Set to empty string for localhost. Not used with sqlite3.
        'HOST': '',
        # Set to empty string for default. Not used with sqlite3.
        'PORT': '',
QUARANTINE_REPORT_HOSTURL = 'http://baruwa-alpha.local'

Populate the database:

# baruwa-admin syncdb --noinput
# for name in $(echo "accounts messages lists reports status fixups config"); do
baruwa-admin migrate $name;

vi /etc/MailScanner/MailScanner.conf

change the following:

Run As Group = celeryd
Quarantine User = celeryd
Quarantine Group = celeryd
Always Looked Up Last = &BaruwaSQL
Is Definitely Not Spam = &BaruwaWhitelist
Is Definitely Spam = &BaruwaBlacklist
Required SpamAssassin Score = &BaruwaLowScore
High SpamAssassin Score = &BaruwaHighScore

vi /etc/MailScanner/conf.d/baruwa.conf

and update the following:

Quarantine User = celeryd #(Or what ever your `Run As User` is set to)
DB DSN = DBI:mysql:database=baruwa;host=localhost;port=3306 #set to valid DSN
DB Username = baruwa # your DB username
DB Password = password # your DB password

vi /etc/init.d/mailscanner

and update it changing the following:

check_dir /var/spool/MailScanner ${user:-postfix} ${group:-celeryd}
check_dir /var/lib/MailScanner ${user:-postfix} ${group:-celeryd}
check_dir /var/run/MailScanner ${user:-postfix} ${group:-celeryd}
check_dir /var/lock/subsys/MailScanner ${user:-postfix} ${group:-celeryd}
start-stop-daemon --start --quiet --startas $STARTAS  --pidfile "$PIDFILE" --test > /dev/null \
start-stop-daemon --start --quiet --nicelevel $run_nice --chuid postfix:celeryd --exec $DAEMON  --pidfile "$PIDFILE" -- $DAEMON_ARGS \
start-stop-daemon --stop --retry=TERM/30 --pidfile "$PIDFILE"
start-stop-daemon --stop --signal 1 --quiet --pidfile "$PIDFILE"

Add celeryd user to clamav group:

usermod -a -G celeryd clamav

Change the group ownership of the quarantine folder and content:

chgrp -R celeryd /var/spool/MailScanner/quarantine

If you’re going to use signatures, initialize it by running:

baruwa-admin initconfig

Otherwise, disable the options in /etc/MailScanner/conf.d/baruwa.conf:

#Inline HTML Signature = htmlsigs.customize
#Inline Text Signature = textsigs.customize
#Signature Image Filename = sigimgfiles.customize
#Signature Image Filename = sigimgs.customize

Finally, run to create the Baruwa super user:

baruwa-admin createsuperuser

Reboot your system and enjoy Baruwa 112-4sn.


9. Nginx with Uwsgi

Install nginx and uwsgi:

apt-get install nginx-full uwsgi uwsgi-plugin-python -y

vi /etc/uwsgi/apps-available/baruwa.ini

with the following content:

workers = 2
chdir = /usr/share/pyshared/baruwa
env = DJANGO_SETTINGS_MODULE=baruwa.settings
module = django.core.handlers.wsgi:WSGIHandler()

vi /etc/nginx/sites-available/baruwa.conf

with the following content:

server {
listen 80;
root /usr/share/pyshared/baruwa;
autoindex on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location /static {
    root /usr/share/pyshared/baruwa/static/;
    # static resources
    location ~* ^.+\.(html|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$
      expires 30d;
location / {
    uwsgi_pass unix:///var/run/uwsgi/app/baruwa/socket;
    include uwsgi_params;

*Note: Make sure to change to a FQDN that matches your setup.

Create symlinks:

ln -s /etc/nginx/sites-available/baruwa.conf /etc/nginx/sites-enabled/baruwa.conf
ln -s /etc/uwsgi/apps-available/baruwa.ini /etc/uwsgi/apps-enabled/baruwa.ini
rm -r /etc/nginx/sites-enabled/default
cp /usr/share/doc/uwsgi-extra/nginx/uwsgi_params /etc/nginx/uwsgi_params

Restart both nginx and uwsgi:

/etc/init.d/nginx restart && /etc/init.d/uwsgi restart

Remove the default virtual host and copy over uwsgi_params:

rm -r /etc/nginx/sites-enabled/default
cp /usr/share/doc/uwsgi-extra/nginx/uwsgi_params /etc/nginx/uwsgi_params
ln -s /etc/nginx/sites-available/baruwa.conf /etc/nginx/sites-enabled/baruwa.conf
ln -s /etc/uwsgi/apps-available/baruwa.ini /etc/uwsgi/apps-enabled/baruwa.ini

Restart services:

/etc/init.d/uwsgi restart && /etc/init.d/nginx restart

Create a symlink to

ln -s /usr/share/pyshared/baruwa/ /usr/bin/
chmod +x /usr/bin/

Add cron jobs:

@daily cleanquarantine &> /dev/null  #Clean quarantine
@daily sendquarantinereports &> /dev/null  #Send quarantine reports
@monthly  dbclean &> /dev/null  #Clean maillog
@weekly updatesarules &> /dev/null  #Update spamassassin rules
@daily sendpdfreports &> /dev/null #Send PDF Reports

Start up MailScanner:

/etc/init.d/mailscanner start

*Note: Point your browser to http://hostname used login with admin user and password and start working. You can now use the interface to add users and process messages, etc.

Setup Instructions for Baruwa

Log into Baruwa as admin --> Settings --> Accounts --> Create Account

Once you've created the user account, you'll get two new tabs on that page, Profile Settings and Associated Addresses.

Fill out Profile Settings choosing Domain Admin and set a low score of 6 and a high score of 9 and check scan email.

Click the + sign under Associated Addresses and enter a domains for which the user is the admin of eg. will show up under Associated Addresses.

Click on and you'll be taken into Domain Information, where you'll be able to setup SMTP delivery information. Go ahead and add the receiving smtp server, or the ip of the receiving smtp server. Select enable and if you use a non-standard port, set it, otherwise use 25. Once you've done that, you can click on the test button next to the pencil, to see if your receiving server will accept the connection.

Now, you can log out as admin, and log in as the user you just setup and mails should start flowing.

The relay_recipients, relay_domains and transports settings in /etc/postfix/ will use the entries you've provided in Baruwa. Therefore, no hash file is required.  The associated queries in the mysql cf files will pull the result in the proper format and feed it to postfix for use.

However, if you'd like to use a hash for any of your config files, use the following as an example of how to setup /etc/postfix/

relay_recipient_maps = hash:/etc/postfix/relay_recipients

Of course, you would have to create the hash file(s), populate it and postmap it for postfix to use.

*Note: If you do end up using hash for relay_recipients for specific domains, you'll have to remove that domain from /etc/postfix/access.  All other domain users can still be verified using look_ahead

Also, if you need to do mx lookups, you'll have to edit /etc/postfix/ query to look like:

concat('smtp:', mail_hosts.address, ':', port) 'transport'

The [ and ] were removed to allow MX lookups.

Enjoy Baruwa!


10. Install and Configure SPF


apt-get install postfix-policyd-spf-python -y

vi /etc/postfix/

and add the following stanza at the end:

policy-spf  unix  -       n       n       -       -       spawn      
	user=nobody argv=/usr/bin/policyd-spf  

*Note:  (The leading spaces before user=nobody are important so that Postfix knows that this line belongs to the previous one!)

*Note: We already added the entry for using the postfix setup script.

Then restart Postfix:

/etc/init.d/postfix restart

That's it already.


11. Install and Configure FuzzyOcr

FuzzyOCR has some prerequisites like ocrad and gocr that we can install like this:

apt-get install fuzzyocr netpbm gifsicle libungif-bin gocr ocrad libstring-approx-perl libmldbm-sync-perl libdigest-md5-perl libdbd-mysql-perl imagemagick tesseract-ocr -y
wget && tar xvfz fuzzyocr-3.6.0.tar.gz && cd FuzzyOcr-3.6.0/

vi /etc/spamassassin/

and uncomment the following lines:

focr_global_wordlist /etc/spamassassin/FuzzyOcr.words
focr_preprocessor_file /etc/spamassassin/FuzzyOcr.preps
focr_scanset_file /etc/spamassassin/FuzzyOcr.scansets
focr_enable_image_hashing 3
focr_digest_db /etc/spamassassin/FuzzyOcr.hashdb
focr_db_hash /etc/spamassassin/FuzzyOcr.db
focr_db_safe /etc/spamassassin/
focr_bin_helper convert, tesseract

Comment out the path:

#focr_path_bin /usr/local/netpbm/bin:/usr/local/bin:/usr/bin

Enable the following lines:

focr_mysql_db FuzzyOcr
focr_mysql_hash Hash
focr_mysql_safe Safe
focr_mysql_user fuzzyocr
focr_mysql_pass fuzzyocr
focr_mysql_host localhost
focr_mysql_port 3306
focr_mysql_socket /var/run/mysqld/mysqld.sock

We will be storing the image hashes in a mysql database to improve on performance such that images that we have already scanned do not get scanned again as OCR is a resource intense activity.

Create MySQL Database:

The sql script creates the database for fuzzyocr:

mysql -p <  FuzzyOcr.mysql

Set up FuzzyOcr Database Cleaner:

vi /usr/sbin/fuzzy-cleanmysql

with the following content:

#Script to clean out mysql tables of data. Default is to leave data in Safe for 1 day and Hash for 10 days.
use Getopt::Long;
use DBI;
use MLDBM qw(DB_File Storable);
my %Files = (
    db_hash => '/var/lib/fuzzyocr/FuzzyOcr.db',
    db_safe => '/var/lib/fuzzyocr/',
use DBI;
$database = "FuzzyOcr";
$hostname = "localhost";
$socket = "/var/run/mysqld/mysqld.sock";
$port = "3306";
$username = "fuzzyocr";
$password = 'password';
# defaults
my $cfgfile = "/etc/spamassassin/";
my %App;
my %age;
$age{'age'} = 10*24;  # 10 days
$age{'hash'} = $age{'age'};
$age{'safe'} = 0;
my $help = 0;
my $verbose = 0;
GetOptions( \%age,
    'config=s' => \$cfgfile,
    'help' => \$help,
    'verbose' => \$verbose,
if ($help) {
    print "Usage: fuzzy-cleanmysql [Options]\n";
    print "\n";
    print "Available options:\n";
    print "--age=i      Global age in hours to keep in db\n";
    print "--config=s   Specify location of\n";
    print "             Default: /etc/spamassassin/\n";
    print "--hash=i     Number of hours old to keep in Hash db\n";
    print "--safe=i     Number of hours old to keep in Safe db\n";
    print "--verbose    Show more informations\n";
    print "\n";
    exit 1;
# Convert hours to seconds
$age{'age'} *= 60 * 60;
$age{'hash'} *= 60 * 60;
$age{'safe'} *= 60 * 60;
$age{'safe'} = $age{'safe'} ? $age{'safe'} : $age{'age'};
# Read custom paths from
my $app_path = q(/usr/local/netpbm/bin:/usr/local/bin:/usr/bin);
open CONFIG, "< $cfgfile" or warn "Can't read configuration file, using defaults...\n";
while () {
    if ($_ =~ m/^focr_bin_(\w+) (.+)/) {
        $App{$1} = $2;
        printf "Found custom path \"$2\" for application \"$1\"\n" if $verbose;
    if ($_ =~ m/^focr_path_bin (.+)/) {
        $app_path = $1;
        printf "Found new path: \"$1\"\n" if $verbose;
    if ($_ =~ m/^focr_enable_image_hashing (\d)/) {
        $App{hashing_type} = $1;
        printf "Found DB Hashing\n" if ($verbose and $1 == 2);
        printf "Found MySQL Hashing\n" if ($verbose and $1 == 3);
    if ($_ =~ m/^focr_mysql_(\w+) (.+)/) {
        $MySQL{$1} = $2;
        printf "Found MySQL option $1 => '$2'\n" if $verbose;
    if ($_ =~ m/^focr_threshold_max_hash (.+)/) {
        $App{max_hash} = $1;
        printf "Updated Thresold{max_hash} = $1\n" if $verbose;
close CONFIG;
# make shure we have this threshold set
$App{max_hash} = 5 unless defined $App{max_hash};
# search path for bin_util unless already specified in configuration file
foreach my $app (@bin_utils) {
    next if defined $App{$app};
    foreach my $d (split(':',$app_path)) {
        if (-x "$d/$app") {
            $App{$app} = "$d/$app";
sub get_ddb {
    my %dopts = ( AutoCommit => 1 );
    my $dsn = "DBI:mysql:database=$database";
    if (defined $socket) {
        $dsn .= ";mysql_socket=$socket";
    } else {
        $dsn .= ";host=$hostname";
        $dns .= ";port=$port" unless $port == 3306;
    printf "Connecting to: $dsn\n" if $verbose;
    return DBI->connect($dsn, $username, $password,\%dopts) or die("Could not connect!");
if ($App{hashing_type} == 3) {
 my $ddb = get_ddb();
  if ($ddb) {
    my $sql;
    foreach my $ff (sort keys %Files) {
      $ff =~ s/db_//;
      $sqlbase = "FROM $MySQL{$ff} WHERE $MySQL{$ff}.\`check\` < ?";
      my $timestamp = time;
      $timestamp = $timestamp - $age{$ff};
      $sql = "DELETE $sqlbase";
      if ( $verbose ) {
        printf "Delete from Table $MySQL{$ff}\n";
        print "$sql,  $timestamp\n";
        print "Timestamp is ", scalar(localtime($timestamp)), "\n";
        print "That's $age{$ff} seconds earlier than now.\n";
        print "\n";

Make it executable:

chmod +x /usr/sbin/fuzzy-cleanmysql

Add it to cron:

@weekly /usr/sbin/fuzzy-cleanmysql &> /dev/null  #FuzzyOcr DB cleaner

We can feed each of these emails to SpamAssassin now to see if FuzzyOCR is linked correctly into SpamAssassin.

spamassassin --debug FuzzyOcr < /usr/src/FuzzyOcr-3.6.0/samples/ocr-gif.eml > /dev/null

You should now see a lot of output, the end should look like this:

[10025] dbg: FuzzyOcr:
[10025] dbg: FuzzyOcr: Friday Augurt 4, 4:01 pm ET
[10025] dbg: FuzzyOcr: LAS VEGAS, NEVADA--(MARKET WIRE)--Aug 4, 2006 -- auantum Energy, lnc. (OTC
[10025] dbg: FuzzyOcr: BB:aEGY.oB-_-
[10025] dbg: FuzzyOcr: auantum Energy, lnc. is pleased to announce that it has applied to have its shares listed for
[10025] dbg: FuzzyOcr: trading on the Frankfurt Stock Exchange. The company has retained the services ofBaltic
[10025] dbg: FuzzyOcr: lnvestment Group of Hamburg, Germany to assist with the application.
[10025] dbg: FuzzyOcr:
[10025] dbg: FuzzyOcr: _ qEGY,OB "


12. Filtering PDF, XLS and Phishing Spam with ClamAV (Sanesecurity Signatures)

There is currently a lot of spam where the spam "information" is attached as .pdf or .xls files, sometimes also hidden inside a .zip file. While these spam mails are not easy to catch with e.g. SpamAssassin or a Bayes filter, the ClamAV virus scanner can catch them easily when it is fed with the correct signatures as ClamAV is built to scan mail attachments.

Create a folder for sanesecurity and download and give the script the proper permission:

apt-get install curl rsync -y
mkdir /usr/src/sanesecurity && cd /usr/src/sanesecurity
tar -zxf clamav-unofficial-sigs-3.7.1.tar.gz && cd clamav-unofficial-sigs-3.7.1
mv /usr/sbin
mv clamav-unofficial-sigs.conf /etc/
chmod +x /usr/sbin/

vi /etc/clamav-unofficial-sigs.conf

and change the following variables to match your installation:

reload_opt="kill -USR2 `cat $clamd_pid`" #Signals PID to reload dbs

Now we run the update script to check if the download works:

Add it to cron:

00 04 * * * /usr/sbin/ -c /etc/clamav-unofficial-sigs.conf &> /dev/null


13. Greylisting with Greyfix

Greyfix is a tiny greylisting daemon that works extremely well and is easy on resources.


cd /usr/src && wget
tar -xf greyfix-0.3.9.tar.gz && cd greyfix-0.3.9
./configure --localstatedir=/var
make install

vi /etc/postfix/

and add the following:

greyfix    unix  -        n       n       -        -       spawn
   user=nobody  argv=/usr/local/sbin/greyfix   --greylist-delay 60  -/ 24

*Note: We already added the entry for using the postfix setup script.

Share this page:

43 Comment(s)

Add comment


From: Marco at: 2013-03-01 17:38:32

don't you need to add spf to  I got errors on policy-spf_time_limit until i added

policy-spf    unix  -     n     n     -     -   spawn

user=nobody argv=/usr/bin/policyd-spf

to /etc/postfix/


From: at: 2013-03-19 20:26:59

spf is added to later in the tutorial, however the line in the script to setup has an error. It says:

postconf -e "spf_policy = check_policy_service unix:private/policy" 

it should be:

postconf -e "spf_policy = check_policy_service unix:private/policy-spf"

 also the line about rbl policy is commented out with #, which postfix didn't like when I ran the script.  I just added it manually when i set up rbl.

From: Anonymous at: 2013-09-18 03:20:37

In the edit for postfix, the next line says:

 vi /usr/src/ 

which makes no sense whatsoever ??

 Also, the username and password for mysql are not referenced elsewhere - I assume the user should be root, and the associated password?


From: at: 2014-01-24 16:15:31

You are creating a script to edit, so the command "vi /usr/src/" creates an empty file then you add the text indicated to the file.  Make sure to change the red text to match your setup.

 There is no need for your mysql password here.  You are simply adding the settings to postfix.  Make sure you remember the password you select for the baruwa db.  You will need to make sure it matches the password you set when you create that db.

From: at: 2013-11-25 21:58:53

I have been trying to set this up, and having problems. Even opened a thread up in forums:, however no reply so far.

 Is there anyone who can help to complete the setup ?

From: at: 2014-01-24 16:06:38

Rocky changed jobs so isn't as available as he once was.  What problems are you having?

From: at: 2014-02-09 19:38:27


Since i didn't get a notice on a reply, I didn't notice your post even. I had posted by issue on the forums ->, to which Rocky did reply. I can understand his unavailability. Is there an updated guide which i can use ?

I wish to do inbound as well as outbound spam filtering, separate ofcourse.


From: JR at: 2012-12-21 20:40:34

In addition to the instructions provided here, it was also necessary to create the MailScanner incoming directory:

mkdir /var/spool/MailScanner/incoming
chown postfix:www-data /var/spool/MailScanner/incoming

Mailscanner started just fine after this...  



From: Anonymous at: 2013-03-18 19:09:08

dcc package dcc-common_1.3.130-0ubuntu1~ppa2~quantal1 as well as client seems to be unavailable.  I installed with 1.3.144-0ubuntu1~ppa1~precise1 which seems to be working fine. So to install dcc try this:

 wget$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb && dpkg -i dcc-common_1.3.144-0ubuntu1~ppa1~precise1_$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb
wget$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb && dpkg -i dcc-client_1.3.144-0ubuntu1~ppa1~precise1_$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb

NB I didn't run this by Rocky...  but it is working fine for me.



From: Andy at: 2013-04-08 02:56:55

Another question on this...  Is there any particular reason to install the "quantal" version on "precise", and why are we doing it this way instead of adding the ppa and installing it via apt?  Not criticising, just asking the question, because I'm sure Rocky has a good reason, and I want to know :)



From: newbie at: 2013-04-15 04:17:06


DCC still failed to start based on your sources;

I got this unavailable error:

root@unknown:/tmp#  wget$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb && dpkg -i dcc-common_1.3.144-0ubuntu1~ppa1~precise1_$(uname -m | sed -e 's/x86_64/amd64/' -e 's/i686/i386/').deb
--2013-04-15 12:06:21--
Resolving (
Connecting to (||:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2013-04-15 12:06:21 ERROR 404: Not Found.

Please help , many thanks:)

From: at: 2013-09-27 15:52:34

ya they changed the file name again.  In this case you just need to change the instances of ppa1 in the name to ppa2.  You can always go to to see which version of the files are currently available.

From: jamesloker at: 2013-07-16 15:21:48

If you receive this error when running the spamassassin test run the command:

#sa-learn --sync

Then try the spamassassin test again 

From: Anonymous at: 2013-11-22 21:05:50

you might need to run this  

 apt-get install libssl-dev 

 before you can install Crypt::OpenSSL::RSA

From: at: 2014-01-24 16:35:13

I had the same issue.  I also had to install libmysqlclient-dev before I could install DBD::mysql

From: at: 2014-02-14 07:16:25

Create the following to prevent an error in a lint test:

mkdir /var/www/.spamassassin

But not have /var/www now.



From: at: 2014-03-10 15:26:24

For this part don't forget to run  

apt-get install libmysqlclient-dev


From: Real at: 2012-12-19 15:10:55

Same probléme with the FTP auth 

 But very good How to, more details, nice!

From: Dan at: 2012-12-19 05:09:16      


The above (or any variant) is not public.  If it is your ftp, please set it to anonymous ftp or provide another way to download the file.  Thanks for all the effort to put this together.

From: JhonKa at: 2012-12-27 23:30:08


 I followed all your instructions to a T and i'm having an error when I start up nginx I get this error

 /etc/init.d/uwsgi restart && /etc/init.d/nginx restart

* Restarting app server(s) uwsgi [ OK ] 

Restarting nginx: nginx: [emerg] unexpected end of file, expecting ";" or "}" in /etc/nginx/sites-enabled/baruwa.conf:7
nginx: configuration file /etc/nginx/nginx.conf test failed

I even used your SN packages from your google docs account.  Could you help point me in the right direction?

From: at: 2012-12-28 08:40:20

What is on line 7 of /etc/nginx/sites-enabled/baruwa.conf

From: at: 2012-12-28 15:50:47

You can ignore this!  I found out that the baruwa.ini and .conf were switched in the uwsgi and nginx files.

From: at: 2012-12-28 19:41:11

Fixed, nginx and uwsgi config files were mixed up.

From: Doug Thomas at: 2013-01-06 21:34:49

Can't use an undefined value as an ARRAY reference at /opt/MailScanner/lib/MailScanner/ line 2588, <DATA> line 500.

Is anyone else getting this error? 

From: at: 2013-04-09 09:48:39

 I do.


Did you find the solution?

From: Andy at: 2013-06-06 00:52:19

I have this too. My guess is it's something in the MailScanner.conf, but line 500 is just a comment, and if you grep out all the comments there's less than 500 lines.  I'm still looking into it, but if anyone could shed light it would be appreciated :)

From: Andy at: 2013-06-06 01:25:37

I found this occurred because I hadn't commented out the following lines:

#Inline HTML Signature = htmlsigs.customize
#Inline Text Signature = textsigs.customize
#Signature Image Filename = sigimgfiles.customize
#Signature Image Filename = sigimgs.customize

as described above, AND I hadn't set up signatures properly (I'm not really sure how to do this at this stage).  So I commented out the lines, ran /opt/MailScanner/bin/MailScanner --lint, and things seem to be working a lot better.

Hope that helps someone.


From: SHL at: 2013-01-27 16:08:17


 I believe i've followed to guide but my SpamSnake isn't working when rbl_policy and spf_policy is added here: smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_unauth_destination, whitelist_policy, grey_policy, permit

I'm getting these errors:

postfix/smtpd[6073]: warning: connect to private/policy: No such file or directory

warning: unknown smtpd restriction: "rbl_policy"

Could someone point me in the right direction? :) 

From: monopati at: 2013-03-24 18:10:07

I get 

 # baruwa-admin migrate
Unknown command: 'migrate'
Type 'baruwa-admin help' for usage.


 # baruwa-admin createsuperuser
Unknown command: 'createsuperuser'
Type 'baruwa-admin help' for usage.

Is there any replacement for these commands?


From: kup at: 2013-04-23 07:25:25

Rocky, thank you for this great howto. Please let us know, how to migrate Baruwa frontend to next version (2.0), if you have some way to do it.

Many thanks!

From: at: 2013-08-06 17:39:07

There is no direct upgrade path to 2.0.  Also, 2.0 only currently supports Exim for an MTA.   I did get it working rather poorly with Postfix on a test server, but I wouldn't put it into production.  I would wait until Postfix is supported.

From: kec at: 2013-04-23 07:34:22

For the first Rocky, I have to say - thank you for this great guide. I also want to ask you, if you have a way, how to migrate Baruwa frontend to next version (2.0)?

From: kup at: 2013-04-23 10:30:21

Just one hint for those who want to see Baruwa translated:

#apt-get install gettext
#baruwa-admin compilemessages

Event. edit main language of Baruwa:

#vi /etc/baruwa/




From: Mikacom at: 2013-11-21 21:20:10

Populating the database has changed to

#baruwa-admin migrate djcelery

From: Anonymous at: 2013-04-19 09:49:15

Nice guide, some minor problems at start but works perfect now !
Thanks alot ! ! !


From: Anonymous at: 2013-05-20 15:22:41


do not plan on virtual images to be issued?


From: e3fi389 at: 2013-05-27 11:02:40

Little (but interest!) error in script, correct line 68:

  attrs  => ["proxyAddresses"],


From: at: 2014-05-04 06:50:09


Great tutorial.

in the, i was getting an error message regarding postman and postfix. There are 2 ways around it.

1) Put and getadsmtp in the /usr/sbin directory and update the cron accordingly using crontab -e
2) in the change the following lines:
postmap /etc/postfix/relay_recipients
postfix reload

/usr/sbin/postmap /etc/postfix/relay_recipients
/usr/sbin/postfix reload

From: Kevin Traas at: 2014-06-12 19:01:00

* Line 141:  replace '' with ''.
* Line 257:  replace the (invalid) less-than character.

From: Anonymous at: 2014-06-12 19:05:46

The suggested cron change to run update_scamnailer on a daily basis has the wrong path, and is a bit ambiguous.  

 Instead, add the following to /etc/crontab

 53      3 * * * /opt/MailScanner/bin/update_scamnailer

From: kecup at: 2014-11-03 15:45:08

Thanks for great howto, but let me ask you, do you plan an update of this all? I mean upversion this howto to Ubuntu 14.04? Thank you.

From: Michael at: 2015-02-24 21:32:36

just having a small issue with the setup. im new to linux but am trying to learn. so the question i have might be extremely basic but im not sure.


im getting the following error when trying to start maillscanner via /etc/init.d/mailscanner start

Can't use an undefined value as an ARRAY reference at /opt/MailScanner/lib/MailScanner/ line 2588, <DATA> line 500.

so i commented out the following in the file /etc/MailScanner/conf.d/baruwa.conf

#Inline HTML Signature = htmlsigs.customize#Inline Text Signature = textsigs.customize#Signature Image Filename = sigimgfiles.customize#Signature Image Filename = sigimgs.customize

and it appears that everything is working fine. until i click the connect button in baruwa interface to test if the connection to the exchange server is valid.


it takes me to http://localhost/settings/hosts/2/test/

and says page unavailable

sorry the requested page is unavailable due to a server malfunction.


anyone got any ideas

From: Alexandro at: 2015-03-18 15:14:06

as of 2015 installation just have to fix (like said) most of wget instructions to use up2date releases of downloaded softwares, but that's a mino issue, big problem seem that djcelery need to be migrated with command:

$baruwa-admin migrate djcelery

after the the baruwa sync procedure, otherwise it wouldn't create djcelery related tables in baruwa db (preventing message preview/train/delete, smtp test connection, and few other things via web interface) beside that.. damn great guide <3