Virtual Users And Domains With Postfix, Courier And MySQL (CentOS 5.1) - Page 4

12 Install Razor, Pyzor And DCC And Configure SpamAssassin

Razor, Pyzor and DCC are spamfilters that use a collaborative filtering network. To install Razor, run

yum install perl-Razor-Agent razor-agents

Pyzor isn't available in the CentOS 5.1 repositories, but we can install the Pyzor package for RHEL 5 instead:

rpm -ivh ftp://ftp.pbone.net/mirror/download.fedora.redhat.com/pub/fedora/epel/5/i386/pyzor-0.4.0-11.el5.noarch.rpm

(You can use the RPM search at http://rpm.pbone.net/ to find the current version if the above link doesn't work anymore.)

Then initialize both services:

chmod -R a+rX /usr/share/doc/pyzor-0.4.0 /usr/bin/pyzor /usr/bin/pyzord
chmod -R a+rX /usr/lib/python2.4/site-packages/pyzor
mkdir /var/spool/amavisd
chown amavis:amavis /var/spool/amavisd
su -m amavis -c 'pyzor --homedir /var/spool/amavisd discover'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -create'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -register'

Then we install DCC as follows:

cd /tmp
wget http://www.dcc-servers.net/dcc/source/dcc-dccproc.tar.Z
tar xzvf dcc-dccproc.tar.Z
cd dcc-dccproc-1.3.76
./configure --with-uid=amavis
make
make install
chown -R amavis:amavis /var/dcc
ln -s /var/dcc/libexec/dccifd /usr/local/bin/dccifd

Now we have to tell SpamAssassin to use these three programs. Edit /etc/mail/spamassassin/local.cf so that it looks like this:

vi /etc/mail/spamassassin/local.cf

# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)

# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.

#required_hits 5
#report_safe 0
#rewrite_header Subject [SPAM]

# dcc
use_dcc 1
dcc_path /usr/local/bin/dccproc

#pyzor
use_pyzor 1
pyzor_path /usr/bin/pyzor

#razor
use_razor2 1
razor_config /var/spool/amavisd/razor-agent.conf

#bayes
use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1

Then we must enable the DCC plugin in SpamAssassin. Open /etc/mail/spamassassin/v310.pre and uncomment the loadplugin Mail::SpamAssassin::Plugin::DCC line:

vi /etc/mail/spamassassin/v310.pre

# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# This file was installed during the installation of SpamAssassin 3.1.0,
# and contains plugin loading commands for the new plugins added in that
# release.  It will not be overwritten during future SpamAssassin installs,
# so you can modify it to enable some disabled-by-default plugins below,
# if you so wish.
#
# There are now multiple files read to enable plugins in the
# /etc/mail/spamassassin directory; previously only one, "init.pre" was
# read.  Now both "init.pre", "v310.pre", and any other files ending in
# ".pre" will be read.  As future releases are made, new plugins will be
# added to new files, named according to the release they're added in.
###########################################################################

# DCC - perform DCC message checks.
#
# DCC is disabled here because it is not open source.  See the DCC
# license for more details.
#
loadplugin Mail::SpamAssassin::Plugin::DCC

# Pyzor - perform Pyzor message checks.
#
loadplugin Mail::SpamAssassin::Plugin::Pyzor

# Razor2 - perform Razor2 message checks.
#
loadplugin Mail::SpamAssassin::Plugin::Razor2

# SpamCop - perform SpamCop message reporting
#
loadplugin Mail::SpamAssassin::Plugin::SpamCop

# AntiVirus - some simple anti-virus checks, this is not a replacement
# for an anti-virus filter like Clam AntiVirus
#
#loadplugin Mail::SpamAssassin::Plugin::AntiVirus

# AWL - do auto-whitelist checks
#
loadplugin Mail::SpamAssassin::Plugin::AWL

# AutoLearnThreshold - threshold-based discriminator for Bayes auto-learning
#
loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold

# TextCat - language guesser
#
#loadplugin Mail::SpamAssassin::Plugin::TextCat

# AccessDB - lookup from-addresses in access database
#
#loadplugin Mail::SpamAssassin::Plugin::AccessDB

# WhitelistSubject - Whitelist/Blacklist certain subject regular expressions
#
loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject

###########################################################################
# experimental plugins

# DomainKeys - perform DomainKeys verification
#
# External modules required for use, see INSTALL for more information.
# Note that this may be redundant if you also plan to use the DKIM plugin.
#
#loadplugin Mail::SpamAssassin::Plugin::DomainKeys

# MIMEHeader - apply regexp rules against MIME headers in the message
#
loadplugin Mail::SpamAssassin::Plugin::MIMEHeader

# ReplaceTags
#
loadplugin Mail::SpamAssassin::Plugin::ReplaceTags

You can check your SpamAssassin configuration by executing:

spamassassin --lint

It shouldn't show any errors.

Run

/etc/init.d/amavisd restart

afterwards.

Now I want to insert some custom rulesets that can be found on the internet into SpamAssassin. I have tested those rulesets, and they make spam filtering a lot more effective. Create the file /usr/local/sbin/sa_rules_update.sh:

vi /usr/local/sbin/sa_rules_update.sh

#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/71_sare_redirect_pre3.0.0.cf -O 71_sare_redirect_pre3.0.0.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf -O 70_sare_bayes_poison_nxm.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html.cf -O 70_sare_html.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html4.cf -O 70_sare_html4.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html_x30.cf -O 70_sare_html_x30.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header0.cf -O 70_sare_header0.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header3.cf -O 70_sare_header3.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header_x30.cf -O 70_sare_header_x30.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_specific.cf -O 70_sare_specific.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_adult.cf -O 70_sare_adult.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/72_sare_bml_post25x.cf -O 72_sare_bml_post25x.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_sare_fraud_post25x.cf -O 99_sare_fraud_post25x.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_spoof.cf -O 70_sare_spoof.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_random.cf -O 70_sare_random.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_oem.cf -O 70_sare_oem.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj0.cf -O 70_sare_genlsubj0.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj3.cf -O 70_sare_genlsubj3.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj_x30.cf -O 70_sare_genlsubj_x30.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_unsub.cf -O 70_sare_unsub.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_uri.cf -O 70_sare_uri.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf -O bogus-virus-warnings.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.yackley.org/sa-rules/evilnumbers.cf -O evilnumbers.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.stearns.org/sa-blacklist/random.current.cf -O random.current.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_body.cf -O 88_FVGT_body.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_rawbody.cf -O 88_FVGT_rawbody.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_subject.cf -O 88_FVGT_subject.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_headers.cf -O 88_FVGT_headers.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_uri.cf -O 88_FVGT_uri.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_DomainDigits.cf -O 99_FVGT_DomainDigits.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf -O 99_FVGT_Tripwire.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_meta.cf -O 99_FVGT_meta.cf &> /dev/null

cd /etc/mail/spamassassin/ &> /dev/null && /usr/bin/wget http://www.nospamtoday.com/download/mime_validate.cf -O mime_validate.cf &> /dev/null

/etc/init.d/amavisd restart &> /dev/null

exit 0

Make the script executable:

chmod 755 /usr/local/sbin/sa_rules_update.sh

Then run that script once, it will fetch those rulesets and insert them into SpamAssassin:

/usr/local/sbin/sa_rules_update.sh

We create a cron job so that those rulesets will be updated regularly. Run

crontab -e

to open the cron job editor. Create following cron job:

23 4 */2 * * /usr/local/sbin/sa_rules_update.sh &> /dev/null

This will update the rulesets every second day at 4.23h.

 

13 Quota Exceedance Notifications

If you want to get notifications about all the email accounts that are over quota, then do this:

cd /usr/local/sbin/
wget http://puuhis.net/vhcs/quota.txt
mv quota.txt quota_notify
chmod 755 quota_notify

Open /usr/local/sbin/quota_notify and edit the variables at the top. Further down in the file (towards the end) there are two lines where you should add a % sign:

vi /usr/local/sbin/quota_notify

[...]
my $POSTFIX_CF = "/etc/postfix/main.cf";
my $MAILPROG = "/usr/sbin/sendmail -t";
my $WARNPERCENT = 80;
my @POSTMASTERS = ('postmaster@yourdomain.tld');
my $CONAME = 'My Company';
my $COADDR = 'postmaster@yourdomain.tld';
my $SUADDR = 'postmaster@yourdomain.tld';
my $MAIL_REPORT = 1;
my $MAIL_WARNING = 1;
[...]
           print "Subject: WARNING: Your mailbox is $lusers{$luser}% full.\n";
[...]
           print "Your mailbox: $luser is $lusers{$luser}% full.\n\n";
[...]

Run

crontab -e

to create a cron job for that script:

0 0 * * * /usr/local/sbin/quota_notify &> /dev/null
Share this page:

19 Comment(s)

Add comment

Comments

From: at: 2008-04-20 14:14:05

I have created new RPMs for courier IMAP. They are avaliable here
version 4.3.1

From: at: 2008-05-29 18:31:14

Hello.
I use this tutorial.
It is excellent.
But I need to let users to change they password so I make this simple php script.
http://phpart.biz/index.php?module=chpasswd
I hope will be useful for someone.

Best regards,
Doru Barit

From: Anonymous at: 2008-10-14 18:21:53

Is it possible to use proftpd instaed of vsftpd?

From: Elfofdark at: 2009-09-08 08:02:02

I can't access http://ipd/phpmyadmin, it gives to me 404 not found. Maybe because i don't have anything in /var/www/html ?

 I did everything you said up every step with no error but i can't understand what did i miss. Please help me!

From: Daniel at: 2010-11-25 10:43:18

Look at this!

 

http://blog.kdn2.info/2010/11/postfx-postfixadmin-dovecot-roundcube-centos/

From: Anonymous at: 2008-11-14 20:09:01

How do you create user mailboxes? with maildirmake? or just sending an email to you new mailbox? I followed this guide too but i dunno how to create mailboxes in /home/vmail.

Any suggestion?

From: Arfie at: 2009-10-23 10:00:52

Hai doiu,

I have a problem with my squirrelmail.

When i want to change my password, i get error like this:

  ERROR:Connection refused (111)

And when i go to :

http://phpart.biz/index.php?module=chpasswd

to get module chpasswd, this site is down.

would you mind if you give me that module to fix my problem?

Thank you very much 

 

From: Anonymous at: 2009-09-08 08:47:32

Hello,

 

i have this setup running for 1 year now, lately it started marking mails as spam that are not.

I tried putting  "whitelist_from" into /etc/mail/spammassin/local.cf,

but the mails are still marked as spam.

So I have to put the whitelist somewhere else in this setup?

From: at: 2008-04-06 14:05:34

This is a great mail setup, and I recommend it highly to anyone looking for a good, robust, easy to manage solution for providing different clients (i.e. domains) with mail.  I have used Fedora Core 5 version, and now the CentOS 5 versions.  I couldnt be happier, except....

In it's current form, if one user authenticates and sends an email via this server to another user on the same box (either same domain or different domain), it is likely they will be flagged as spam under one of the dynamic IP lookup rules - actually they are likely to be flagged under a number of rules, and will most likely exceed the spam level. 

The solution to this is to add another postfix setting in main.cf:

smtpd_sasl_authenticated_header = yes

This has TOTALLY solved this BIG problem for me.  Refer to http://wiki.apache.org/spamassassin/DynablockIssues form more information - about half way down the page.

Falco - I recommend you incorporate this into the actual instructions above, and any other guide you are doing with Postfix 2.3+ and SpamAssassin 3.1.4+ .  Thanks for the guides - keep them coming.

From: at: 2008-04-01 13:23:58

To save others from scratching their heads for so long like i did:

The maildrop rpm included for download in this tutorial is not compiled with mysql support! If you wish to use maildrop with the setup described here you will need to build your own maildrop rpm according to the instructions here:

http://www.howtoforge.com/installing-courier-imap-courier-authlib-maildrop-fedora-redhat-centos

Chris 

From: at: 2008-04-06 14:29:55

This is a really good setup, but if you add greylisting it cuts down substantially more spam.

There is lots of doc around about greylisting, so make your own mind up about the best tool and method, but http://wiki.centos.org/HowTos/postgrey is really easy to follow and gets you going in minutes.

Highly Recommended as an addition to this howto...

From: at: 2008-07-14 21:00:41

Great article, and the best one I have found so far. 
However,I think that something is missing from the current tutorial (information about setting up maildir). I was getting some directory issues when i telneted on port 143. Then I realized that had to do a maildirmake on /home/vmail/[domain]/user to create the mailbox , then after that it worked just fine. My question now is : will i have to do that for every user? I thought there was a routine that would automatically create the directory after i add a user to the database.

Thanks again for this Article.

From: at: 2008-07-18 14:33:40

The following script in /etc/maildroprc will create the users maildir mailboxes automatically and it will also automatically filter anything marked as SPAM to the users' .Junk/ mail folder.

#SHELL="/bin/sh"
VERBOSE=5

# commands and variables for making the mail directories
maildirmake=/usr/lib/courier-imap/bin/maildirmake
mkdir=/bin/mkdir
rmdir=/bin/rmdir
MAILDIR=$DEFAULT

# make the user's mail directory if it doesn't exist
`test -e $MAILDIR`
if ($RETURNCODE != 0)
{
 `$mkdir -p $MAILDIR`
 `$rmdir $MAILDIR`
 `$maildirmake $MAILDIR`
}

# make the .Junk folder if it doesn't exist
JUNK_FOLDER=.Junk
_JUNK_DEST=$MAILDIR/$JUNK_FOLDER/
`test -d $_JUNK_DEST`
if ($RETURNCODE != 0 )
{
 `$maildirmake $_JUNK_DEST`
 #auto subscribe. the following works for courier-imap
 `echo INBOX.Junk >> $MAILDIR/courierimapsubscribed`
}

if (/^X-Spam-Flag:.*YES/)
{
    exception {
        to $DEFAULT/.Junk/
    }
}

From: tccom at: 2008-09-15 15:02:27

great tutorial Falko,

 this post is to remember all that if you want to use maildrop as local delivery system, the following line must be inserted into "transport" table of our mysql database 'mail':

<domain>,maildrop:

 and then you can customize maildrop with /etc/maildroprc

 

bye

From: Anonymous at: 2008-10-14 20:28:20

Hi all.

I'd like to know if this kind of configuration can work with roundcube webclient. If yes, is there any guide or how to marge this configuration with roundcube?

 My problem is that i cant find any link between postfix and roundcube's database. Any advice? Where can i start to work on?

Many thx

P.S.: wonderful guide :)

From: Britto at: 2008-10-20 12:54:20

Yes.

Roundcube is just a webclient  and you should be able to integrate with roundcube.That is nothing to do with this guide and I could be able to do that .

Everything goes well as per this tutorial other than this version of postfix duplicates the mail for multi recipient inboxes. 

 --

Britto

 

 

 

 

 

From: Anonymous at: 2008-10-27 13:02:19

Can someone give us some hits how to integrate Roundcube with this setup? Where is the link between the 2 databases?

From: Eugene Frakt at: 2009-08-27 04:09:12

You don't have to link the databases to use Roundcube.  It connects to the mailbox with standard imap, so all you have to do is input the imap settings in the Roundcube config.

From: Anonymous at: 2009-03-18 06:46:54

Hello. I installed postfix & courier as this HOWTO describes. I also installed Horde/IMP and configured it to use courier at localhost as an IMAP server. I added domains & users to the MySQL table, however, I kept getting authentication errors when logging into Horde. In /var/log/maillog, there were error messages like:

Mar 17 23:33:53 hostname imapd: chdir example.com/webmaster/: No such file or directory

(I've changed the hostname and domain name in the example above, but otherwise that is a cut-and-paste from my log file).

Turns out, the solution was that the directory it's looking for in /home/vhosts isn't created until after the account receives it's first email. It wasn't until after I'd sent a test message (via smtp a.k.a. port 25) to webmaster@example.com that IMAP logins were sucessful.

Hope this saves somebody some grief.