This guide is meant to build a spam and virus scanner to be put in place with an existing mail setup. All mail to the domain will come through this server, and then be relayed for normal delivery, with spam forwarded to spam@yourdomain.com. This has been tested in front of Domino.
This doc is a collaboration from James and Derek at PCA (thanks guys), various docs at fedoranews.org, Ugo Bellavance, and my own experiences.
First things first, you need these software packages to continue:
Fedora Core 1
MailScanner
Webmin
Sendmail (should install with OS)
SpamAssassin - do not install from Fedora, get the source tarball
DCC
Pyzor
Razor
Clam-AV
Fedora Core 1 Install
In the FC1 install, select ONLY Sendmail and Sendmail-cf under Mail Server, Development Tools, and Kernel Development. Nothing else is needed from Fedora.
Run yum update as soon as you're done booting up This will ensure a fully up-to-date system to work with.
Before you begin, make sure you have the following packages installed:
Perl
Sendmail
wget
unzip
gcc
patch
rpm-build Webmin w/ SSL Install -
Before you install webmin, install Net:SSLeay with:
rpm -ivh perl-Net-SSLeay-x.xx-x.rhfc1.dag.i386.rpm
with the package specifically for FC1 put together by Dag Wieers.
Once the install is complete, download webmin and install it with: rpm -ivh webmin-x.xxx-x.noarch.rpm
Open up a web browser, and point to https://your-box:10000.
Once you're logged into webmin, you can click on the system tab,
and go to bootup/shutdown and turn off any unnecessary services, and stop them from starting up.
Install MailScanner -
http://www.sng.ecs.soton.ac.uk/mailscanner/downloads.shtml
There have been some posted problems with man2prod errors, to avoid this type:
LANG=C
Unpack the tar file with:
tar xvzf MailScanner-x.xx-x.tar.gz
cd MailScanner-x.xx-x
./install.sh (You may need to run ./Update-MakeMaker.sh)
Create Sendmail-cf
Open up your favorite text editor and edit /etc/mail/sendmail.mc, and comment out the following lines by placing dnl in front of them:
dnl DAEMON_OPTIONS('Port=smtp,Adr=127.0.0.1, Name=MTA')
dnl FEATURE('accept_unresolvable_domains') dnl
Close and save. Now recreate the sendmail.cf at a command prompt with:
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Install SpamAssassin -
http://www.spamassassin.org/downloads.html
Get the following four rpms:
spamassassin-x.xx-x.i386.rpm
perl-Mail-SpamAssassin-x.xx-x.i386.rpm
spamassassin-tools-x.xx-x.i386.rpm
perl-Digest-SHA1-x.xx-x.i386.rpm
Install all of these. That is it for now.
Install DCC -
http://www.dcc-servers.net/dcc/source/dcc-dccd.tar.Z
Extract the package with tar zxvf dcc-dccd.tar.Z, cd into the directory, and to install type:
./configure; make install
SpamAssassin will automagically pick up DCC and use it.
Install Pyzor -
http://pyzor.sourceforge.net
You will need the package python-devel for Pyzor
Extract the package with tar zxvf pyzor-0.4.0.tar.gz, cd into the directory, and to install type:
python setup.py build
python setup.py install
Pyzor will automagically be picked up by SpamAssassin as well.
Install Razor -
http://razor.sourceforge.net
Download the razor-agents, and the razor-agents-sdk tarballs, along with Net::DNS and Time::HiRes perl modules.
Extract the razor-agents-sdk first with:
tar zxvf razor-agents-sdk-2.03.tar.gz
tar zxvf razor-agents-2.40.tar.gz
cd into the agents-sdk directory first, and type:
perl Makefile.PL
make
make test
make install
When you're done with both packages, type in: razor-client, which creates the needed symlinks.
Razor will automagically be picked up by SpamAssassin.
Make this a shell script, and chmod 744 it. I put it in /etc/cron.daily
#!/bin/sh
pyzor discover
razor-admin -discover
/var/dcc/libexec/updatedcc
Install Clam-AV -
http://www.clamav.net
First, create the clamav user and group.
groupadd clamav
useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav
Download clam-av, and extract it with:
tar zxvf clamav-x.xx.tar.gz
cd into the directory, and run:
./configure
make
make check
make install
MailScanner will update your Clam-AV defs for you.
Configure MailScanner
Modify the following in /etc/MailScanner/MailScanner.conf
MTA = sendmail
Use SpamAssassin = yes
Delivery Method = queue
Spam Actions = forward spam@yourdomain.com
High Scoring Spam Actions = forward spam@yourdomain.com
Virus Scanners = clamav
Comment out the following lines in /etc/MailScanner/spam.lists.conf
#MAPS-RBL blackholes.mail-abuse.org
#MAPS-DUL dialups.mail-abuse.org
#MAPS-RSS relays.mail-abuse.org
#MAPS-RBL+ rbl-plus.mail-abuse.org
*Note - make sure you make an account spam@yourdomain.com
Configure Sendmail
From Webmin, click on Servers, click on Sendmail Configuration.
Go to Domain Routing (mailertable) and manually edit /etc/mail/mailertable and add the following line:
yourdomain.com esmtp:normalmailserver.xxx.com
normalmailserver.xxx.com is the full hostname of the mail server that spam server will forward all mail to.
Make sure to separate with the tab key and save the settings.
Next, Click on Relay domains and add yourdomain.com
http://fedoranews.org/contributors/andrew_bassett/mailscanner
