This will give you the capability to scan e-mails for spam, viruses and phishing using a variety of open source programs before they arrive to your e-mail server.
From Sekipedia
Jump to: navigation, search
* Install CentOS 5.1 barebones (customizing the install with nothing checked.)
* Update the system
yum update
* Install Additional packages
yum install ntp
yum install vixie-cron crontabs
* Download and install Webmin
cd /opt
wget http://prdownloads.sourceforge.net/webadmin/webmin-1.430-1.noarch.rpm
yum install perl-Net-SSLeay
rpm -ivh webmin-1.430-1.noarch.rpm
* Disabled unneeded services
service iptables stop
service ip6tables stop
service netfs stop
chkconfig iptables off
chkconfig ip6tables off
chkconfig netfs off
* Install Postfix
yum install postfix
* Configure Postfix
myhostname = titan.corp.com
mydomain = localhost
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, $mydomain
mynetwork_style = class
* Configure Postfix to forward email
relay_domains = lab.net
This tells Postfix which domains it should relay mail. All mail destined for this domain (and only this domain) will be forwarded to its remote SMTP server. You can put multiple domains here, just separate them with a comma or whitespace.
Add line to end of main.cf
transport_maps = hash:/etc/postfix/transport
mailbox_size_limit = 20480000
mailbox_size_limit = 20480000
This tells Postfix what method to use to resolve the destination address for relayed mail:
Add line to end of “/etc/postfix/transport”
lab.net smtp:[192.168.2.225]
This command specifically maps the domain “lab.net” to the IP address 192.168.2.225 and tells Postfix to use SMTP as the transport. All mail destined for lab.net which is relayed through this Spam Gateway will be forwarded via SMTP to 192.168.2.225.
Then run command:
postmap /etc/postfix/transport
This command builds the hash table/file which Posfix will use to forward mail. If you don’t do this, it wont work.
Finally add this line to main.cf
append_at_myorigin = no
These lines will make sure your Spam Gateway does not add any of its own header domain info to the mail as it passes thru.
* Test Again
Stop and start postfix to make sure all changes take.
service postfix stop
service postfix start
I know this is redundant, but you really should test your system again before installing MailScanner. Make sure that mail gets passed through the system without problem. If you do encounter a problem, it will be a lot easier to fix it now than after you’ve installed MailScanner, SpamAssassin and ClamAV.
At this point incoming e-mail should go through the Mail Relay and be forwarded to the internal E-mail server.
* Install DAG’s GPG key
rpm –import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
* Verify the package you have downloaded
rpm -K rpmforge-release-0.3.6-1.el5.rf.*.rpm
Security warning: The rpmforge-release package imports GPG keys into your RPM database. As long as you have verified the package and trust Dag then it should be safe.
* Download and Install the package
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -ivh rpmforge-release-0.3.6-1.el5.rf.*.rpm
This will add a yum repository config file and import the appropriate GPG keys. At this point, you can set the priority of the RPMForge repository, and also of the CentOS repositories if you have not done so yet.
* Test with this command:
yum check-update
* Update the system
yum update
* Install perl modules and dependencies for MailScanner
yum install –enablerepo=rpmforge perl-Archive-Zip perl-Convert-BinHex perl-Convert-TNEF perl-DBD-SQLite perl-Filesys-Df perl-HTML-Parser
yum install –enablerepo=rpmforge perl-IO-stringy perl-MIME-tools perl-Net-CIDR perl-Sys-Hostname-Long perl-OLE-Storage_Lite
yum install tnef
* Download and Install MailScanner
wget http://www.mailscanner.info/files/4/rpm/MailScanner-4.71.10-1.rpm.tar.gz
tar -zxvf MailScanner-4.71.10-1.rpm.tar.gz
cd MailScanner-4.71.10-1
rpm -ivh mailscanner-4.71.10-1.noarch.rpm
chkconfig postfix off
service postfix stop
chkconfig MailScanner on
* Configure MailScanner Settings
Updates to postfix’s main.cf by adding this line:
header_checks = regexp:/etc/postfix/header_checks
In the file /etc/postfix/header_checks add this line:
/^Received:/ HOLD
Here are the edits to Mailscanner – place / update in /etc/MailScanner/MailScanner.conf
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Optional edits to MailScanner
Change %org-name%
Change %org-long-name%
Change %web-site%
Here’s some file permissions changes you’ll need to make:
chown postfix.postfix /var/spool/MailScanner/incoming
chown postfix.postfix /var/spool/MailScanner/quarantine
service MailScanner start
Its a good idea to test the server now. Send a message to the remote server and see if it goes through. It should, and then you can move to installing SpamAssassin.
* Install perl modules for SpamAssassin
yum install perl-Digest-SHA1 perl-Net-DNS perl-Archive-Tar perl-IO-Zlib
yum install –enablerepo=rpmforge perl-Encode-Detect perl-Mail-SPF perl-IP-Country perl-Mail-DKIM perl-Net-Ident
* Update the system
yum update
* Install and Configure SpamAssassin
yum install spamassassin
You don’t need to edit any of the SpamAssassin conf files because all of the configuration is done through MailScanner.
In /etc/MailScanner/MailScanner.conf we will make these changes:
Change this line:
Use SpamAssassin = no
to:
Use SpamAssassin = yes
Update the SpamAssassin User State Dir setting:
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
and then run commands:
mkdir /var/spool/MailScanner/spamassassin
chown postfix.postfix /var/spool/MailScanner/spamassassin
Restart MailScanner to make changes stick.
service MailScanner restart
* SELinux exception for Clamav
setsebool -P clamd_disable_trans=1 or disable SELinux while Clamav is installed.
* Install ClamAV
yum install clamav clamav-db –enablerepo=rpmforge
* Configure ClamAV and MailScanner Settings
In /etc/freshclam.conf make the following edits:
Add ‘#’ in front of the word ‘Example’
Do the same in /etc/freshclam.conf
Now you need to update ClamAV’s virus signature files
[root@smtp]# freshclam
ClamAV update process started at Fri Sep 19 12:45:42 2008
main.cld is up to date (version: 48, sigs: 399264, f-level: 35, builder: sven)
daily.cvd is up to date (version: 8287, sigs: 29596, f-level: 35, builder: arnaud)
Update MailScanner’s configuration file to use ClamAV
‘Virus Scanners = clamav’
In MailScanner.conf, check the setting of ‘Monitors for ClamAV Updates’ to ensure it matches the location of your ClamAV virus database files.
This should be “/var/clamav/*.cld /var/clamav/*.cvd”.
* Installing Postgrey
yum install postgrey
* Configuring Postgrey
Edit /etc/postfix/main.cf and add the following to smtpd_recipient_restrictions.
permit_mynetworks,
reject_unauth_destination,
reject_unlisted_recipient,
check_policy_service unix:postgrey/socket
check_policy_service unix:postgrey/socket performs the greylisting while adding reject_unlisted_recipient before it enables Postfix to immediately reject unknown recipients instead of having clients go through the greylisting process before being informed that the recipient does not exist.
To disable greylisting for certain IP addresses or hostnames, add the IP address, hostname or regular expression to match hostnames into the file /etc/postfix/postgrey_whitelist_clients.local.
Hostnames are identified by performing a reverse DNS on the client’s IP address.
For sample entries, view the file /etc/postfix/postgrey_whitelist_clients.
* Update the system
Make one last final update to make sure your system is updated.
yum update
[ad]
