# Install the following Perl Modules using Cpan
Digest::SHA1
Digest::HMAC
Net::DNS
Time::HiRes
HTML::Tagset
HTML::Parser
Pod::Usage
Parse::Syslog
Statistics::Distributions
yum install perl-suidperl
yum install unzip
yum install gmp-devel
#Installing ClamAv ( http://www.clamav.net/ )
yum install clamav-devel
/usr/sbin/useradd -c "Qmail-Scanner Account" -s /bin/false qscand
#Installing Clamav Manually
/usr/sbin/useradd -c "Qmail-Scanner Account" -s /bin/false qscand
cd /tmp
wget http://freshmeat.net/redir/clamav/29355/url_tgz/clamav-0.90.tar.gz
tar zxvf clamav-0.90.tar.gz
cd clamav-0.90
./configure --with-user=qscand --with-group=qscand
make
make install
vi /usr/local/etc/clamd.conf
"Example" - should already be commented out. However, if it is not, make sure that it is commented out (#)
"LogFile" - should be set to /var/log/clamd.log
"User" - should be set to qscand
"PidFile" - should be set to /var/run/clamd.pid
LogTime 1
FixStaleSocket 1
ScanMail 1
LogSyslog 1
cd /var/run/
touch clamd.pid
chown qscand clamd.pid
cp -a /tmp/clamav-0.90/contrib/init/RedHat/clamd /etc/init.d/
chown root.root /etc/rc.d/init.d/clamd
/sbin/chkconfig clamd on
vi /usr/local/etc/freshclam.conf
#Make the necessary changes in the conf file
touch /var/log/freshclam.log
cd /var/log/
chown qscand.root freshclam.log
chown qscand.root clamd.log
cd /usr/local/share/
#chown clamav.qscand clamav (no clamav user)
chown qscand.qscand clamav
/usr/local/bin/freshclam
crontab -e
00 00 * * * /usr/local/bin/freshclam
cd /etc/logrotate.d/
vi clamd
#
# Rotate Clam AV daemon log file
#
/var/log/clamd.log {
missingok
create 640 root qscand
postrotate
/bin/kill -HUP `cat /var/run/clamd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
chown root.root clamd
chmod 644 clamd
/etc/rc.d/init.d/clamd start
#Installing SpamAssassin
#Using cpan install the following Perl Module
install Mail::SpamAssassin
yum install spamassassin
/usr/sbin/groupadd spamd
/usr/sbin/useradd -g spamd -s /home/spamd spamd
vi /etc/sysconfig/spamassassin
If the above file exists, replace its contents with the following line. If the file does not exist, create it and add the following line:
SPAMDOPTIONS="-x -u spamd -H /home/spamd -d"
vi /etc/mail/spamassassin/local.cf
Add the following line...
required_hits 5
/etc/rc.d/init.d/spamassassin start
/sbin/chkconfig spamassassin on
# If you encounter the following errors in /var/log/maillog
###########
Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run __ENV_AND_HDR_FROM_MATCH SpamAssassin test, skipping:__(Can't locate object method "check_for_matching_env_and_hdr_from" via package "Mail::SpamAssassin::PerMsgStatus" at /usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341,
Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run USER_IN_DEF_SPF_WL SpamAssassin test, skipping:__(Can't locate object method "check_for_def_spf_whitelist_from" via package "Mail::SpamAssassin::PerMsgStatus" at /usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341,
Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run USER_IN_SPF_WHITELIST SpamAssassin test, skipping:__(Can't locate object method "check_for_spf_whitelist_from" via package "Mail::SpamAssassin::PerMsgStatus" at /usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341,
##########
# then do the following
cp -a /etc/mail/spamassassin/init.pre /etc/mail/spamassassin/init.pre.orig
vi /etc/mail/spamassassin/init.pre
# Comment out this line
#loadplugin Mail::SpamAssassin::Plugin::SPF
# Update spammassain every night by setting up a cronjob
/usr/lib/cpan
install LWP::UserAgent
yum install gnupg
# Please check the update by running /usr/bin/sa-update manually to ensure no errors are encountered
crontab -e
00 1 * * * /usr/bin/sa-update && /sbin/service spamassassin restart
ps aux | grep spamd
#You should the following info concerning spamassassin. The PID might differ on your system, but you get the idea.
#spamd 3734 0.2 2.0 24992 20808 ? S 14:21 0:01 /usr/bin/spamd -x -u spamd -H /home/spamd -d
setup
#One in the setup menu, scroll down and select the "system services" option. From the system services menu, scroll down to "clamd".
#Installing Qmail Scanner (http://qmail-scanner.sourceforge.net/) and Qmail analog ( http://www.qms-analog.teel.ws/ )
cd /tmp
wget http://kent.dl.sourceforge.net/sourceforge/qms-analog/qms-analog-0.4.4.tar.gz
tar zxvf qms-analog-0.4.4.tar.gz
cd qms-analog-0.4.4
make all
cd /tmp
wget http://kent.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner-2.01.tgz
tar zxvf qmail-scanner-2.01.tgz
# Download the Qmail-Scanner-2.01st (st patch) patch from http://toribio.apollinare.org/qmail-scanner/
cd /tmp
wget http://toribio.apollinare.org/qmail-scanner/download/q-s-2.01st-20070204.patch.gz
gunzip q-s-2.01st-20070204.patch.gz
cp -a q-s-2.01st-20070204.patch /tmp/qmail-scanner-2.01
cd /tmp/qmail-scanner-2.01
patch -p1 < install=" else" install="--install" qmailqueue="/var/qmail/bin/qmail-scanner-queue.pl" page_id="98" shell="/bin/sh" vpop="| /usr/local/vpopmail/bin/vdelivermail '' bounce-no-mailbox" vhome="`/usr/local/vpopmail/bin/vuserinfo" host ="="="" exit ="="="" returncode ="="" returncode ="="" returncode ="="" maildirquota="`/usr/bin/head" returncode ="="" returncode ="="" end ="="="" returncode ="="" returncode ="="" end ="="="" vpop="| /usr/local/vpopmail/bin/vdelivermail '' bounce-no-mailbox" vhome="`/usr/local/vpopmail/bin/vuserinfo" vpop="| /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox" vhome="`/home/vpopmail/bin/vuserinfo" list="$2/Maildir/courierimapsubscribed" test="`cat">> $LIST
fi
else
# the file does not exist so we define the full list
# and then create the file.
FULL="INBOX\nINBOX.Sent\nINBOX.Trash\nINBOX.Drafts\nINBOX.$1"
echo -e $FULL > $LIST
/bin/chown vpopmail:vchkpw $LIST
/bin/chmod 644 $LIST
fi
#######
chmod 755 /usr/local/sbin/subscribeIMAP.sh
qmailctl stop
qmailctl start
qmailctl stat
In case of issues check these log files
tail -f /var/log/qmail/qmail-smtpd/current
tail -f /var/log/qmail/qmail-send/current
# Setup Log rotation for maildrop.log file as follows
cd /etc/logrotate.d/
vi maildrop
###
/var/log/qmail/maildrop.log {
missingok
notifempty
copytruncate
}
###
chown root.root maildrop
chmod 644 maildrop
# DCC Razor Pyzor and RBL setup
# Install DCC
mkdir /downloads/spam
cd /downloads/spam
# Download DCC from http://www.rhyolite.com/anti-spam/dcc/
wget http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Z
tar zxfv dcc.tar.Z
cd dcc-1.3.45/
./configure
make install
cd /downloads/spam
# Install Pyzor
Download Pyzor from http://pyzor.sourceforge.net
cd /downloads/spam
wget http://nchc.dl.sourceforge.net/sourceforge/pyzor/pyzor-0.4.0.tar.bz2
tar xjvf pyzor-0.4.0.tar.bz2
cd pyzor-0.4.0
python setup.py build
python setup.py install
pyzor discover
cd /downloads/spam
# Setup cronjob to update pyzor servers automatically
00 1 * * * /usr/bin/pyzor discover
# Install Razor
# Install the following perl modules
perl -MCPAN -e "install Time::HiRes"
perl -MCPAN -e "install Digest::SHA1"
perl -MCPAN -e "install MIME::Base64"
perl -MCPAN -e "install Test::Simple"
perl -MCPAN -e "install Test::Harness"
perl -MCPAN -e "install Getopt::Long"
perl -MCPAN -e "install File::Copy"
perl -MCPAN -e "install URI::Escape"
# Download Razor from http://razor.sourceforge.net/
cd /downloads/spam
wget http://jaist.dl.sourceforge.net/sourceforge/razor/razor-agents-2.82.tar.bz2
tar xjvf razor-agents-2.82.tar.bz2
cd razor-agents-2.82
perl Makefile.PL
make test
make install
razor-admin -create
cd /root/.razor
chown spamd.spamd razor-agent.conf
chmod 764 razor-agent.conf
razor-admin -register -user=postmaster@yourdomain.com
cp -a /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.orig
#Generate a local.cf file from http://www.yrex.com/spam/spamconfig.php.Use the http://opensourceheaven.net/local.cf.txt file as reference.
vi /etc/mail/spamassassin/local.cf
# Paste the contents of the generated local.cf file here
dcc_home /var/dcc
dcc_path /usr/local/bin/dccproc
dcc_dccifd_path /var/dcc/libexec/dccifd
pyzor_path /usr/bin/pyzor
score PYZOR_CHECK 1
########
sa-learn --sync
/etc/rc.d/init.d/spamassassin restart
# Run the following command to check if spamassassin configuration is correct
spamassassin -D --lint
# Enabling Surbl in spamassassin
perl -MCPAN -e "install Net::DNS::Resolver"
updatedb && locate v310.pre
#If this file is already in /etc/mail/spamassassin, then you are ready for the next bit. If the file is somewhere else on your system, copy it to /etc/mail/spamassassin/.
vi /etc/mail/spamassassin/v310.pre
Add these lines at the end:
# SURBL DNS Blacklisting
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
qmailctl stop
qmailctl start
/etc/init.d/spamd restart
#To test if the changes are working, send yourself a message (from a different email address) with http://surbl-org-permanent-test-point.com in the message body. If all is well message should be tagged as spam.
#Enable RBL checking
vi /var/qmail/supervise/qmail-smtpd/run
# Edit the lines as shown below
/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g ................ \
rblsmtpd \
-r zen.spamhaus.org \
-r bl.spamcop.net \
-r relays.ordb.org \
/var/qmail/bin/qmail-smtpd server.yourdomain.com \
qmailctl stop
qmailctl start
qmailctl stat
# Installing fuzzyocr to block image spam
References:
http://www.goodcleanemail.com/kb.php?ToDo=view&questId=90&catId=2
http://fuzzyocr.own-hero.net/wiki/Downloads
# Installing dependecnies
yum install ImageMagick
yum install netpbm
yum install netpbm-progs
yum install netpbm-devel
yum install libungif
# On Fedora Core 6 libungif is known as giflib
yum install libungif-progs
# On Fedora Core install giflib-utils instead of libungif-progs
cpan
install String::Approx
# Installing GOCR
# Download gocr from http://jocr.sourceforge.net
cd /tmp
wget http://prdownloads.sourceforge.net/jocr/gocr-0.43.tar.gz
tar zxvf gocr-0.43.tar.gz
cd gocr-0.43
./configure --with-netpbm=/usr/lib/
make
make install
# Installing Fuzzyocr
Dwonload Fuzzyocr from http://fuzzyocr.own-hero.net/wiki/Downloads
cd /tmp
wget http://users.own-hero.net/~decoder/fuzzyocr/fuzzyocr-2.3b.tar.gz
tar zxvf fuzzyocr-2.3b.tar.gz
cd /tmp/FuzzyOcr-2.3b
vi FuzzyOcr.cf
# Make necessary changes on the lines as shown below
#########
focr_logfile /var/log/FuzzyOcr.log
# Set this to 1 if you are running a version < 3.1.4.
# This will disable a function used in conjunction with animated gifs that isn't available in earlier versions (Default value: 0.0)
#focr_pre314 0.0
focr_pre314 1
focr_enable_image_hashing 1
focr_digest_db /etc/mail/spamassassin/FuzzyOcr.hashdb
focr_base_score 2
###########
vi FuzzyOcr.pm
# Change the log file location as shown below
# Add this line below any existing use statements at start of the file
use Mail::SpamAssassin::Timeout;
######
our $logfile = "/var/log/FuzzyOcr.log";
######
cd /var/log
touch FuzzyOcr.log
chown spamd.spamd FuzzyOcr.log
chmod 755 FuzzyOcr.log
cp -a FuzzyOcr.cf /etc/mail/spamassassin/
cp -a FuzzyOcr.words.sample /etc/mail/spamassassin/
cp -a FuzzyOcr.pm /etc/mail/spamassassin/
cd /etc/mail/spamassassin/
mv FuzzyOcr.words.sample FuzzyOcr.words
chown root.root FuzzyOcr.*
touch focr_digest_db
chmod o+w focr_digest_db
vi v310.pre
# Add these lines
####
# FuzzyOcr Image Spam Filter
loadplugin FuzzyOcr FuzzyOcr.pm
#####
cd /var/log/qmail
chown spamd.spamd FuzzyOcr.log
chmod 600 FuzzyOcr.log
# Run the following command to check if spamassassin configuration is correct
spamassassin -D --lint
/etc/rc.d/init.d/spamassassin restart
# Testing
/tmp/FuzzyOcr-2.3b/samples
spamassassin -t < animated-gif.eml
spamassassin -t < corrupted-gif.eml
spamassassin -t < jpeg.eml
spamassassin -t <>
