Virtual Users With Postfix, PostfixAdmin, Courier, Mailscanner, ClamAV On CentOS - Page 8
Mailscanner
MailScanner is an open-source E-mail program to secure against spam and viruses.
I prefer it above amavisd, because it has clamav and spamassin support built in and it’s easier to configure and to maintain.
Before beginning with the installation of Mailscanner, make sure your Postfix version is all working. Stop Postfix using the command:
/etc/init.d/postfix stop
Make sure you have the chroot jail set up in /var/spool/postfix. You should be able to see etc, usr and lib directories inside /var/spool/postfix). If you haven't got the chroot jail setup already, then look in the examples directory of the Postfix documentation and you will find a script in there to set up it up for your operating system. If you can't find that, then see the "Problems or Errors" section further down this page.
sh postfix-chroot.sh enable
warning: SASL authentication failure: cannot connect to Courier authdaemond: No such file or directory Move saslauthd's socket dir inside Postfix's chroot and create a link to keep everybody happy:
mkdir /var/spool/postfix/usr/var
mkdir /var/spool/postfix/usr/var/spool
mv /usr/var/spool/authdaemon/ /var/spool/postfix/usr/var/spool/authdaemon
ln -s /var/spool/postfix/usr/var/spool/authdaemon/ /usr/var/spool/authdaemon
Restart Postfix and start saslauthd:
/etc/init.d/postfix restart
/etc/init.d/saslauthd start
At this point, things change from the setup for other MTAs as we can make it run with just one copy of Postfix, and let Postfix do the "split MTA" setup for us. In the Postfix configuration file /etc/postfix/main.cf add this line:
vi /etc/postfix/main.cf
header_checks = regexp:/etc/postfix/header_checks
In the file /etc/postfix/header_checks add this line:
vi /etc/postfix/header_check
/^Received:/ HOLD
The effect of this is to tell Postfix to move all messages to the HOLD queue.
In your MailScanner.conf file (probably in /etc/MailScanner or /opt/MailScanner/etc), there are five settings you need to change. They are all really near the top of the file. The settings are:
vi /etc/MailScanner/MailScanner.conf
Run As User = postfix Run As Group = postfix Incoming Queue Dir = /var/spool/postfix/hold Outgoing Queue Dir = /var/spool/postfix/incoming MTA = postfix
You will need to ensure that the user postfix can write to /var/spool/MailScanner/incoming and /var/spool/MailScanner/quarantine:
chown postfix.postfix /var/spool/MailScanner/incoming chown postfix.postfix /var/spool/MailScanner/quarantine
If you upgrade your copy of MailScanner, unfortunately these directories will be changed back to being owned by root, so you will have to do those two commands again.
/etc/rc.d/init.d/MailScanner start
That’s it for mailscanner, you can config to your personal needs by edditing the /etc/Mailscanner/MailScanner.conf.
Perl ClamAV and Spamassassin Module
The easiest way to install ClamAV and Spamassassin is to download the latest Perl ClamAV – Spamassassin install script for mail scanner from http://www.mailscanner.info/downloads.html (http://www.mailscanner.info/files/4/install-Clam-0.88.7-SA-3.1.7.tar.gz):
wget http://www.mailscanner.info/files/4/install-Clam-0.88.7-SA-3.1.7.tar.gz
tar -xvzf install-Clam-0.88.7-SA-3.1.7.tar.gz
cd install-Clam-0.88.7-SA-3.1.7
sh install.sh
/etc/rc.d/init.d/MailScanner start
And you are all set and good to go for fighting spam and virus mails.
Razor Agent
Download latest razor-agents-sdk and razor-agents.
wget http://surfnet.dl.sourceforge.net/sourceforge/razor/razor-agents-sdk-2.07.tar.bz2
wget http://surfnet.dl.sourceforge.net/sourceforge/razor/razor-agents-2.82.tar.bz2
Unzip and untar the packages:
bunzip2 razor-agents-sdk-2.07.tar.bz2
bunzip2 razor-agents-2.82.tar.bz2
tar -xf razor-agents-sdk-2.07.tar
tar -xf razor-agents-2.82.tar
Build the razor sdk:
cd razor-agents-sdk-2.07.tar
perl Makefile.PL
make
make test
make install
Build the razor agent:
cd razor-agents-2.82
perl Makefile.PL
make
make test
make install
Rules du jour
Download latest Rules du jour package and unpack:
wget http://www.fsl.com/support/Rules_Du_Jour.tar.gz
tar -xzf Rules_Du_Jour.tar.gz
cd rules_du_jour/
sh install.sh