How To Install In Clamav On Qmail

  • Uploaded by: Sharjeel Sayed
  • 0
  • 0
  • November 2019
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View How To Install In Clamav On Qmail as PDF for free.

More details

  • Words: 2,493
  • Pages: 16
Installing Spamassassin and Clamav on Qmail References:http://qmailrocks.org/clamspam_rh.htm # Install the following Perl Modules using Cpan Digest::SHA1 Digest::HMAC Net::DNS Time::HiRes HTML::Tagset HTML::Parser Pod::Usage Parse::Syslog Statistics::Distributions yum install yum install yum install #Installing

perl-suidperl unzip gmp-devel ClamAv ( http://www.clamav.net/ )

yum install clamav-devel /usr/sbin/useradd -c "Qmail-Scanner Account" -s /bin/false qscand #Installing Clamav Manually /usr/sbin/useradd -c "Qmail-Scanner Account" -s /bin/false qscand cd /tmp wget http://freshmeat.net/redir/clamav/29355/url_tgz/clamav-0.90.tar.gz tar zxvf clamav-0.90.tar.gz cd clamav-0.90 ./configure --with-user=qscand --with-group=qscand make make install vi /usr/local/etc/clamd.conf "Example" - should already be commented out. However, if it is not, make sure that it is commented out (#) "LogFile" - should be set to /var/log/clamd.log "User" - should be set to qscand "PidFile" - should be set to /var/run/clamd.pid LogTime 1 FixStaleSocket 1 ScanMail 1 LogSyslog 1 cd /var/run/ touch clamd.pid chown qscand clamd.pid

cp -a /tmp/clamav-0.90/contrib/init/RedHat/clamd /etc/init.d/ chown root.root /etc/rc.d/init.d/clamd /sbin/chkconfig clamd on vi /usr/local/etc/freshclam.conf #Make the necessary changes in the conf file touch /var/log/freshclam.log cd /var/log/ chown qscand.root freshclam.log chown qscand.root clamd.log cd /usr/local/share/ #chown clamav.qscand clamav (no clamav user) chown qscand.qscand clamav /usr/local/bin/freshclam crontab -e 00 00 * * * /usr/local/bin/freshclam cd /etc/logrotate.d/ vi clamd # # Rotate Clam AV daemon log file # /var/log/clamd.log { missingok create 640 root qscand postrotate /bin/kill -HUP `cat /var/run/clamd.pid 2> /dev/null` 2> /dev/null || true endscript } chown root.root clamd chmod 644 clamd /etc/rc.d/init.d/clamd start #Installing SpamAssassin #Using cpan install the following Perl Module install Mail::SpamAssassin yum install spamassassin /usr/sbin/groupadd spamd

/usr/sbin/useradd -g spamd -s /home/spamd spamd vi /etc/sysconfig/spamassassin If the above file exists, replace its contents with the following line. If the file does not exist, create it and add the following line: SPAMDOPTIONS="-x -u spamd -H /home/spamd -d" vi /etc/mail/spamassassin/local.cf Add the following line... required_hits 5 /etc/rc.d/init.d/spamassassin start /sbin/chkconfig spamassassin on # If you encounter the following errors in /var/log/maillog ########### Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run __ENV_AND_HDR_FROM_MATCH SpamAssassin test, skipping:__(Can't locate object method "check_for_matching_env_and_hdr_from" via package "Mail::SpamAssassin::PerMsgStatus" at /usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341, line 193._) Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run USER_IN_DEF_SPF_WL SpamAssassin test, skipping:__(Can't locate object method "check_for_def_spf_whitelist_from" via package "Mail::SpamAssassin::PerMsgStatus" at /usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341, line 193._) Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run USER_IN_SPF_WHITELIST SpamAssassin test, skipping:__(Can't locate object method "check_for_spf_whitelist_from" via package "Mail::SpamAssassin::PerMsgStatus" at /usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341, line 193._) ########## # then do the following cp -a /etc/mail/spamassassin/init.pre /etc/mail/spamassassin/init.pre.orig vi /etc/mail/spamassassin/init.pre # Comment out this line #loadplugin Mail::SpamAssassin::Plugin::SPF # Update spammassain every night by setting up a cronjob /usr/lib/cpan install LWP::UserAgent yum install gnupg # Please check the update by running /usr/bin/sa-update manually to ensure no

errors are encountered crontab -e 00 1 * * * /usr/bin/sa-update && /sbin/service spamassassin restart ps aux | grep spamd #You should the following info concerning spamassassin. The PID might differ on your system, but you get the idea. #spamd 3734 0.2 2.0 24992 20808 ? S 14:21 0:01 /usr/bin/spamd -x -u spamd -H /home/spamd -d setup #One in the setup menu, scroll down and select the "system services" option. From the system services menu, scroll down to "clamd". #Installing Qmail Scanner (http://qmail-scanner.sourceforge.net/) and Qmail analog ( http://www.qms-analog.teel.ws/ ) cd /tmp wget http://kent.dl.sourceforge.net/sourceforge/qms-analog/qms-analog-0.4.4.tar.gz tar zxvf qms-analog-0.4.4.tar.gz cd qms-analog-0.4.4 make all cd /tmp wget http://kent.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner2.01.tgz tar zxvf qmail-scanner-2.01.tgz # Download the Qmail-Scanner-2.01st (st patch) patch from http://toribio.apollinare.org/qmail-scanner/ cd /tmp wget http://toribio.apollinare.org/qmail-scanner/download/q-s-2.01st20070204.patch.gz gunzip q-s-2.01st-20070204.patch.gz cp -a q-s-2.01st-20070204.patch /tmp/qmail-scanner-2.01 cd /tmp/qmail-scanner-2.01 patch -p1 < q-s-2.01st-20070204.patch #Install PCRE from http://www.pcre.org/ cd /tmp

wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-6.7.tar.gz tar zxvf pcre-6.7.tar.gz cd pcre-6.7 ./configure make make check make install #Install Maildrop from http://www.courier-mta.org/maildrop/ cd /tmp wget http://kent.dl.sourceforge.net/sourceforge/courier/maildrop-2.0.2.tar.bz2 tar jxvf maildrop-2.0.2.tar.bz2 cd maildrop-2.0.2 ./configure make make install-strip cd /tmp/qmail-scanner-2.01 vi qms-config #!/bin/sh if [ "$1" != "install" ]; then INSTALL= else INSTALL="--install" fi ./configure --domain yourdomain.com \ --admin postmaster \ --local-domains "yourdomain.com,yourotherdomain.com" \ --add-dscr-hdrs yes \ --dscr-hdrs-text "X-Antivirus-MYDOMAIN" \ --ignore-eol-check yes \ --sa-quarantine 0 \ --sa-delete 0 \ --sa-reject no \ --sa-subject ":SPAM:" \ --sa-delta 0 \ --sa-alt yes \ --sa-debug no \ --notify precips,admin \ "$INSTALL" # Test your installation by running the following chmod 700 qms-config ./qms-config # If no errors are reported then run ./qms-config install setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z

setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g #A successful database build should produce the following output: #perlscanner: generate new DB file from /var/spool/qscan/quarantine-events.txt #perlscanner: total of 35 entries. chown -R qscand:qscand /var/spool/qscan/ vi /var/qmail/supervise/qmail-smtpd/run #To instruct Qmail to use Qmail-Scanner as the alternative queuing mechanism, we add the following line to the SMTP "run" script right under the first line (#!/bin/sh): QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" ; export QMAILQUEUE #..and we change the "softlimit" in that same script... #change softlimit to 40000000 #Note: It is absolutely vital that you change the "Softlimit" setting in this script. If you don't, qmail may fail to deliver mail!!! qmailctl stop qmailctl start qmailctl stat cd /tmp/qmail-scanner-2.01/contrib/ chmod 755 test_installation.sh ./test_installation.sh -doit #A successful test should produce the following output. 2 messages should be quarantined by Clam Antivirus in /var/spool/quarantine/new and 2 messages should be set to whatever mailbox you specified in the Qmail-scanner configuration script. Don't worry if you don't get virus notification emails. The normal notification emails that get sent out upon virus detection usually don't work during the test. #setting QMAILQUEUE to /var/qmail/bin/qmail-scanner-queue.pl for this test... Sending standard test message - no viruses... done! Sending eicar test virus - should be caught by perlscanner module... done! Sending eicar test virus with altered filename - should only be caught by commercial anti-virus modules (if you have any)... Sending bad spam message for anti-spam testing - In case you are using

SpamAssassin... Done! Finished test. Now go and check Email for [email protected] If you get 2 messages in your inbox and you see 2 messages in the quarantine folder, it's time to crack open a cold one! You've successfully installed all 3 packages! Woohoo! #Maintainance Setup #Reference: http://qmailrocks.org/maintain.php #Configure the following commands to be run everyday. crontab -e 00 4 * * * rm -rf /var/spool/qscan/quarantine/viruses/new/* # Setup Logrotate for qmail-queue.log cd /etc/logrotate.d vi qscan ### /var/spool/qscan/qmail-queue.log { missingok notifempty copytruncate } ### chown root.root qscan chmod 644 qscan # Please ensure the permissions of the file /etc/logrotate.d/qscan is same as the other files in the /etc/logrotate.d directory # Setting up Spam folder with automatic spam message filtering and redirection to Spam Imap folder Reference: http://opensourceheaven.net/?page_id=98 cd /home/vpopmail/domains/yourdomain.com/ vi mailfilter Copy and paste the contents of the script ( http://www.tnpi.biz/internet/mail/toaster/etc/mailfilter-domain )into the window. ############# SHELL="/bin/sh" import EXT import HOST VPOP="| /usr/local/vpopmail/bin/vdelivermail '' bounce-no-mailbox" VHOME=`/usr/local/vpopmail/bin/vuserinfo -d $EXT@$HOST` ## # title: mailfilter-domain # author: Matt Simerson # version 2.0

# # # # # # # # # ##

http://www.tnpi.biz/internet/mail/toaster/etc/mailfilter-domain Usage: Install this file in ~vpopmail/domains/example.com/mailfilter Create a .qmail-default file with the following: "| /usr/local/bin/maildrop mailfilter" After your satisifed that this is working properly, comment out all the lines that start with "log"

logfile "/var/log/mail/maildrop.log" log "==== BEGIN maildrop processing for $EXT@$HOST ===" if ( $VHOME eq "" ) { LOG " ERROR: VHOME isn't set, falling back to vdelivermail" LOG "=== EXIT === " to "$VPOP" } ## # Comment out this section if you run SpamAssassin via qmailscanner # Spamassassin is slow enough, no point in doubling your expense # # Note that if you want to pass a message larger than 250k to spamd # and have it processed, you'll need to also set spamc -s. See the # spamc man page for more details. ## if ( $SIZE < 256000 ) # Filter if message is less than 250k { log " running message through spamc" exception { xfilter '/usr/local/bin/spamc -u "$EXT@$HOST"' } } ## # Include any rules set up for the user - this gives the # administrator a way to override the domain's mailfilter file # # this is also the "suggested" way to set individual values # for maildrop such as quota. ## `test -r $VHOME/.mailfilter` if( $RETURNCODE == 0 ) { log " including $VHOME/.mailfilter" exception { include $VHOME/.mailfilter } } ## # create the maildirsize file if it doesn't already exist

# (could also be done via "deliverquota [email protected] 10MS,1000C) ## `test -e $VHOME/Maildir/maildirsize` if( $RETURNCODE == 1) { log " creating $VHOME/Maildir/maildirsize for quotas" `/usr/local/vpopmail/bin/vuserinfo -Q $EXT@$HOST`

}

`test -s "$VHOME/Maildir/maildirsize"` if ( $RETURNCODE == 0 ) { `/usr/sbin/chown vpopmail:vchkpw $VHOME/Maildir/maildirsize` `/bin/chmod 640 $VHOME/Maildir/maildirsize` }

## # Set MAILDIRQUOTA. If this isn't set, maildrop and deliverquota # will not enforce quotas for message delivery. # # I find this much easier than creating yet another config file # to store this in. This way, any time the quota is changed in # vpopmail, it'll get noticed by maildrop immediately. ## MAILDIRQUOTA=`/usr/bin/head -n1 $VHOME/Maildir/maildirsize` ## # The message should be tagged, so let's bag it. ## if ( /^X-Spam-Status: *Yes/) { `test -d $VHOME/Maildir/.Spam` # make sure .Spam folder exists if( $RETURNCODE == 1 ) { log " creating $VHOME/Maildir/.Spam " `maildirmake -f Spam $VHOME/Maildir` `/usr/local/sbin/subscribeIMAP.sh Spam $VHOME` } log " SPAM: attempting quota delivery to $VHOME/Maildir/.Spam" exception { xfilter "/usr/local/bin/deliverquota $VHOME/Maildir/.Spam" } if( $RETURNCODE == 77) { log " QUOTA FAILURE: bouncesaying '$EXT@$HOST is over quota'" to "|/var/qmail/bin/bouncesaying '$EXT@$HOST is over quota'" } log "=== END === exit

success"

} log " ##

message is clean"

# Include any other rules that the user might have from # sqwebmail or other compatible program ## `test -r $VHOME/Maildir/.mailfilter` if( $RETURNCODE == 0 ) { log " including $VHOME/Maildir/.mailfilter" exception { include $VHOME/Maildir/.mailfilter } } exception { log " quota enabled delivery to $VHOME/Maildir" xfilter "/usr/local/bin/deliverquota $VHOME/Maildir" } ## # check to make sure the message was delivered # returncode 77 means that out maildir was overquota - bounce mail ## if( $RETURNCODE == 77) { log " BOUNCED: bouncesaying '$EXT@$HOST is over quota'" to "|/var/qmail/bin/bouncesaying '$EXT@$HOST is over quota'" } log "=== END === success" ####### Modify logfile "/var/log/mail/maildrop.log" # to logfile "/var/log/qmail/maildrop.log" # Change these lines: VPOP="| /usr/local/vpopmail/bin/vdelivermail '' bounce-no-mailbox" VHOME=`/usr/local/vpopmail/bin/vuserinfo -d $EXT@$HOST` # to this: VPOP="| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox" VHOME=`/home/vpopmail/bin/vuserinfo -d $EXT@$HOST` # Save and close, then we'll create this log file: touch /var/log/qmail/maildrop.log chown vpopmail:vchkpw /var/log/qmail/maildrop.log chmod 774 /var/log/qmail/maildrop.log cd /home/vpopmail/domains/yourdomain.com/

chown vpopmail:vchkpw mailfilter chmod 600 mailfilter vi .qmail-default # Comment out your existing line and add this one (all on one line) | /usr/local/bin/maildrop /home/vpopmail/domains/yourdomain.com/mailfilter chown vpopmail:vchkpw .qmail-default chown qmaill:vchkpw /var/log/qmail vi /usr/local/sbin/subscribeIMAP.sh # Paste this script ###### #!/bin/sh # # This subscribes the folder passed as $1 to courier imap # so that Maildir reading apps (Sqwebmail, Courier-IMAP) and # IMAP clients (squirrelmail, Mailman, etc) will recognize the # extra mail folder. # Matt Simerson - 12 June 2003 LIST="$2/Maildir/courierimapsubscribed" if [ -f "$LIST" ]; then # if the file exists, check it for the new folder TEST=`cat "$LIST" | grep "INBOX.$1"` # if it is not there, add it if [ "$TEST" = "" ]; then echo "INBOX.$1" >> $LIST fi else # the file does not exist so we define the full list # and then create the file. FULL="INBOX\nINBOX.Sent\nINBOX.Trash\nINBOX.Drafts\nINBOX.$1" echo -e $FULL > $LIST /bin/chown vpopmail:vchkpw $LIST /bin/chmod 644 $LIST fi ####### chmod 755 /usr/local/sbin/subscribeIMAP.sh qmailctl stop qmailctl start qmailctl stat In case of issues check these log files tail -f /var/log/qmail/qmail-smtpd/current tail -f /var/log/qmail/qmail-send/current # Setup Log rotation for maildrop.log file as follows cd /etc/logrotate.d/

vi maildrop ### /var/log/qmail/maildrop.log { missingok notifempty copytruncate } ### chown root.root maildrop chmod 644 maildrop # DCC Razor Pyzor and RBL setup # Install DCC mkdir /downloads/spam cd /downloads/spam # Download DCC from http://www.rhyolite.com/anti-spam/dcc/ wget http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Z tar zxfv dcc.tar.Z cd dcc-1.3.45/ ./configure make install cd /downloads/spam # Install Pyzor Download Pyzor from http://pyzor.sourceforge.net cd /downloads/spam wget http://nchc.dl.sourceforge.net/sourceforge/pyzor/pyzor-0.4.0.tar.bz2 tar xjvf pyzor-0.4.0.tar.bz2 cd pyzor-0.4.0 python setup.py build python setup.py install pyzor discover cd /downloads/spam # Setup cronjob to update pyzor servers automatically 00 1 * * * /usr/bin/pyzor discover # Install Razor # Install the following perl modules perl perl perl perl perl perl perl perl

-MCPAN -MCPAN -MCPAN -MCPAN -MCPAN -MCPAN -MCPAN -MCPAN

-e -e -e -e -e -e -e -e

"install "install "install "install "install "install "install "install

Time::HiRes" Digest::SHA1" MIME::Base64" Test::Simple" Test::Harness" Getopt::Long" File::Copy" URI::Escape"

# Download Razor from http://razor.sourceforge.net/ cd /downloads/spam wget http://jaist.dl.sourceforge.net/sourceforge/razor/razor-agents-2.82.tar.bz2 tar xjvf razor-agents-2.82.tar.bz2 cd razor-agents-2.82

perl Makefile.PL make test make install razor-admin -create cd /root/.razor chown spamd.spamd razor-agent.conf chmod 764 razor-agent.conf razor-admin -register [email protected] cp -a /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.orig #Generate a local.cf file from http://www.yrex.com/spam/spamconfig.php.Use the http://opensourceheaven.net/local.cf.txt file as reference. vi /etc/mail/spamassassin/local.cf # Paste the contents of the generated local.cf file here dcc_home /var/dcc dcc_path /usr/local/bin/dccproc dcc_dccifd_path /var/dcc/libexec/dccifd pyzor_path /usr/bin/pyzor score PYZOR_CHECK 1 ######## sa-learn --sync /etc/rc.d/init.d/spamassassin restart # Run the following command to check if spamassassin configuration is correct spamassassin -D --lint # Enabling Surbl in spamassassin perl -MCPAN -e "install Net::DNS::Resolver" updatedb && locate v310.pre #If this file is already in /etc/mail/spamassassin, then you are ready for the next bit. If the file is somewhere else on your system, copy it to /etc/mail/spamassassin/. vi /etc/mail/spamassassin/v310.pre Add these lines at the end: # SURBL DNS Blacklisting loadplugin Mail::SpamAssassin::Plugin::URIDNSBL qmailctl stop qmailctl start /etc/init.d/spamd restart #To test if the changes are working, send yourself a message (from a different email address) with http://surbl-org-permanent-test-point.com in the message body. If all is well message should be tagged as spam.

#Enable RBL checking vi /var/qmail/supervise/qmail-smtpd/run # Edit the lines as shown below /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g ................ \ rblsmtpd \ -r zen.spamhaus.org \ -r bl.spamcop.net \ -r relays.ordb.org \ /var/qmail/bin/qmail-smtpd server.yourdomain.com \ qmailctl stop qmailctl start qmailctl stat # Installing fuzzyocr to block image spam References: http://www.goodcleanemail.com/kb.php?ToDo=view&questId=90&catId=2 http://fuzzyocr.own-hero.net/wiki/Downloads # Installing dependecnies yum install ImageMagick yum install netpbm yum install netpbm-progs yum install netpbm-devel yum install libungif # On Fedora Core 6 libungif is known as giflib yum install libungif-progs # On Fedora Core install giflib-utils instead of libungif-progs cpan install String::Approx # Installing GOCR # Download gocr from http://jocr.sourceforge.net cd /tmp wget http://prdownloads.sourceforge.net/jocr/gocr-0.43.tar.gz tar zxvf gocr-0.43.tar.gz cd gocr-0.43 ./configure --with-netpbm=/usr/lib/ make make install #

Installing Fuzzyocr

Dwonload Fuzzyocr from http://fuzzyocr.own-hero.net/wiki/Downloads cd /tmp wget http://users.own-hero.net/~decoder/fuzzyocr/fuzzyocr-2.3b.tar.gz tar zxvf fuzzyocr-2.3b.tar.gz cd /tmp/FuzzyOcr-2.3b

vi FuzzyOcr.cf # Make necessary changes on the lines as shown below ######### focr_logfile /var/log/FuzzyOcr.log # Set this to 1 if you are running a version < 3.1.4. # This will disable a function used in conjunction with animated gifs that isn't available in earlier versions (Default value: 0.0) #focr_pre314 0.0 focr_pre314 1 focr_enable_image_hashing 1 focr_digest_db /etc/mail/spamassassin/FuzzyOcr.hashdb focr_base_score 2 ########### vi FuzzyOcr.pm # Change the log file location as shown below # Add this line below any existing use statements at start of the file use Mail::SpamAssassin::Timeout; ###### our $logfile

= "/var/log/FuzzyOcr.log";

###### cd /var/log touch FuzzyOcr.log chown spamd.spamd FuzzyOcr.log chmod 755 FuzzyOcr.log cp -a FuzzyOcr.cf /etc/mail/spamassassin/ cp -a FuzzyOcr.words.sample /etc/mail/spamassassin/ cp -a FuzzyOcr.pm /etc/mail/spamassassin/ cd /etc/mail/spamassassin/ mv FuzzyOcr.words.sample FuzzyOcr.words chown root.root FuzzyOcr.* touch focr_digest_db chmod o+w focr_digest_db vi v310.pre # Add these lines #### # FuzzyOcr Image Spam Filter loadplugin FuzzyOcr FuzzyOcr.pm ##### cd /var/log/qmail

chown spamd.spamd FuzzyOcr.log chmod 600 FuzzyOcr.log # Run the following command to check if spamassassin configuration is correct spamassassin -D --lint /etc/rc.d/init.d/spamassassin restart # Testing /tmp/FuzzyOcr-2.3b/samples spamassassin -t < animated-gif.eml spamassassin -t < corrupted-gif.eml spamassassin -t < jpeg.eml spamassassin -t < png.eml

Related Documents

How To Install Num2text
November 2019 39
How To Install
November 2019 35
How To Install Lifebars
October 2019 40
How To Install
November 2019 33

More Documents from ""