It has taken a series of articles to get Sendmail installed and working with authentication, inline encryption, and some inline DNSBL capabilities. In this article, I'll see if I can get MailScanner, SpamAssassin and a virus scanner up and running with Sendmail.
Sunday, July 19. 2009
Debian Lenny with Sendmail, Dovecot, MailScanner, SpamAssassin: Part 4
Before starting into that though, I have a couple of links to other sites which have good information for tuning the sendmail.mc file:
Back to the install. Starting with SpamAssassin, which looks like the last version is 3.2.5 from June of 2008, which is a Perl based utility, it can be downloaded from CPAN by starting the command line with 'perl -MCPAN -eshell':
install Bundle::CPAN install Term::ReadLine install MIME::QuotedPrint install YAML install YAML::Syck install MIME::Base64 install Time::HiRes install Digest::SHA1 install Net::DNS install Mail::SPF install IP::Country install Net::Ident install Mail::DomainKeys install Mail::DKIM install DBI install LWP::UserAgent install HTTP::Date install Encode::Detect install Mail::SpamAssassin
The pre-requisites build nicely, but the main Mail::SpamAssassin unit does not test well because it tries to start a daemon, which doesn't appear to do so. To find the reason will take some digging, but in the meantime, a force install may or may not be required. It probably is irrelevant anyway as MailScanner does not use spamd.
For a virus scanner, I've used f-prot in the past, and I'll try it again for this install. Others have used ClamAV, and I may add it as a secondary scanner. (Note, the file downloaded is a 64bit version). The last bit of the install script will ask if the daemon should be installed in crontab.... select no as MailScanner will it start it manually. Nor should Sendmail be configured to run the scanner.
cd /usr/src/ wget http://files.f-prot.com/files/unix-trial/fp-Linux-x86_64-ws.tar.gz cd /opt tar -zxvf /usr/src/fp-Linux-x86_64-ws.tar.gz cd f-prot ./install-f-prot.pl fpscan /etc/passwd
Create a test file and put the EICAR virus into it. Run 'fpscan test' to ensure it finds the virus.
For MailScanner, the following Perl modules are required:
install Sys::Syslog install Net::CIDR install IO::Stringy install Mail::Util install File::Spec install HTML::Tagset install HTML::Parser install MIME::Tools install File::Temp install Convert::TNEF install Compress::Zlib install Archive::Zip install Check::ISA
Next steps:
cd /usr/src wget http://www.mailscanner.info/files/4/tar/MailScanner-install-4.77.10-1.tar.gz tar -zxvf MailScanner-install-4.77.10-1.tar.gz cd MailScanner-install-4.77.10 ./install.sh
A few changes, like the domain name, may need to be changed in the /opt/MailScanner/etc/MailScanner.conf file.
Add the following with 'crontab -e' (the minute offsets may be randomized):
37 5 * * * /opt/MailScanner/bin/update_phishing_sites 07 * * * * /opt/MailScanner/bin/update_bad_phishing_sites 58 23 * * * /opt/MailScanner/bin/clean.quarantine #42 * * * * /opt/MailScanner/bin/update_virus_scanners #3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner
In /etc/mail/sendmail.conf MailScanner install notes recommend changing 'DAEMON_PARMS="";' to:
DAEMON_PARMS="-ODeliveryMode=d -OQueueDirectory=/var/spool/mqueue.in";
Instead, use:
DAEMON_PARMS="-ODeliveryMode=background -OQueueDirectory=/var/spool/mqueue.in";
By default, Sendmail will use a Delivery Mode of Background, which operates by forking itself and processing the message. With a MailScanner Delivery Mode of Deferred, no DNS or DB lookups are performed. QueueOnly mode will actually perform DNS lookups, which is what I need for handling the SpamHaus enhdnsbl Features, but serializes all inbound connections. Queue mode sounds like the most straight forward option for working with MailScanner but may not be just right. I think that Background will work better, as it will fork and handle simultaneous connections. However, on further testing, I find that Sendmail delivers mail with Background mode, and queues it for Sendmail with QueueOnly mode, so QueueOnly mode it is.
Rerun /usr/sbin/sendmailconfig, then '/etc/init.d/sendmail restart' to get the mta agent and queue runner running as separate processes.
Add a 'crontab -e' entry to ensure MailScanner is always running:
0,20,40 * * * * [ -x /opt/MailScanner/bin/check_mailscanner ] && /opt/MailScanner/bin/check_mailscanner >/dev/null 2>&1
Edit the /opt/MailScanner/etc/MailScanner.conf file:
- Set 'Virus Scanning' to yes
- Set 'Virus Scanners' to f-port-6
Test the virus scanner with '/opt/MailScanner/lib/f-prot-6-wrapper /opt/f-prot eicar.virus'.
Restart MailScanner.