QMail+Vpopmail+MySQL+MailScanner+ClamAV+SpamAssassin+extra

Update [18 Mar 2009]: I am sharing this document on as is basis, so if someone else , somewhere on the internet is doing the same, may be it can be of some help. Please note that MailScanner with Qmail was a sort of experiment. I don’t remember now, whether I was successful or not.This is more of a log of what all I tried. This has sharp edges. Should be used with care.

Scope / Intension:

All over the internet there are excellent guides on QMail+QmailScanner+ClamAV+SpamAssassin . But I could not find any for Qmail+MailScanner. I found this article (http://www.v1ce.net/maildocs/MailScanner-Qmail.html) , (http://64.233.183.104/search?q=cache:KVtD0OF77qgJ:www.v1ce.net/maildocs/MailScanner-Qmail.pdf+qmail%2Bmailscanner+howto&hl=en&ct=clnk&cd=3&gl=pk&lr=lang_en&client=firefox-a) of using MailScanner with Qmail. The document / guide is of 2004. And it says that you must have a running Qmail installation first. So I decided to follow my ever favorite (www.qmailrocks.org) as guide. However, many on the internet complaint that this guide is old and is also delivering old versions of the software with it. So I decided to kill two bird with one stone. i.e. I will install all the latest versions of the software used in QMR guide. And when I will reach step 14 in QMR guide, I will try to install MailScanner and then install ClamAV and SpamAssassin. I will also install mailwatch and qmailmrtg + other utilities normally declared as optional. I will also setup Razor, DCC and Pyzor with SpamAssassin. Will also implement RBL blocking and GreyListing + Tarpting, etc.

Help from:

http://www.qmailrocks.org
http://www.qmail.org/top.html
http://www.lifewithqmail.org/lwq.html
http://www.v1ce.net/maildocs/MailScanner-Qmail.html
http://qms.ausics.net/

http://64.233.183.104/search?q=cache:KVtD0OF77qgJ:www.v1ce.net/maildocs/MailScanner-Qmail.pdf+qmail%2Bmailscanner+howto&hl=en&ct=clnk&cd=3&gl=pk&lr=lang\_en&client=firefox-a

Software Prerequisites:

1. httpd
2. php + php-imap and php-mysql
3. perl
4. gcc
5. mysql-server
6. openssl + openssl-devel
7. wget
8. patch & patchutils
9. perl-libwww-perl

Perl Modules:

📝Note: You will need to have outgoing FTP enabled in your firewall, for the following to work. As all modules are fetched via ftp protocol.

perl -MCPAN -e “install Time::HiRes”
perl -MCPAN -e “install Bundle::CPAN” # I have done this to upgrage CPAN module of perl. # This will take too much time and bandwidth. You don’t really need to do this step.

Ports to be opened:

25/TCP Incoming - SMTP
25/TCP Outgoung - SMTP
110/TCP Incoming - POP3
143/TCP Incoming - IMAP
53/UDP Outgoing - (only if you want to run a local caching DNS service to speed up things)
80/TCP Incoming - HTTP
443/TCP Incoming - HTTPS
995/TCP Incoming - POP3 SSL
993/TCP Incoming - IMAP SSL
783/TCP ???????? - SpamAssassin
Razor?
Pyzor?
DCC ?
DCC 6277 UDP
Pyzor 24441 TCP/UDP
Razor 2703 TCP

Create the necessary users and directories:

📝Note: (Not mentioned in QMR guide). In case you are going to setup multiple machines as Qmail servers in a cluster formation, you will need to create the users and groups with the “same” UIDs and GIDs . This will ensure correct functionality of the Qmail system when the mail directories are mounted on a central NFS mount, or over an ISCSI based IPSAN, etc.

mkdir -p /var/qmail  
mkdir -p /usr/src/qmail  
  
groupadd -g 700 nofiles  
useradd -u 701 -g nofiles -d /var/qmail/alias -s /sbin/nologin -p '\*' alias  
useradd -u 702 -g nofiles -d /var/qmail -s /sbin/nologin -p '\*' qmaild  
useradd -u 703 -g nofiles -d /var/qmail -s /sbin/nologin -p '\*' qmaill  
useradd -u 704 -g nofiles -d /var/qmail -s /sbin/nologin -p '\*' qmailp  
groupadd -g 701 qmail  
useradd -u 705 -g qmail -d /var/qmail -s /sbin/nologin -p '\*' qmailq  
useradd -u 706 -g qmail -d /var/qmail -s /sbin/nologin -p '\*' qmailr  
useradd -u 707 -g qmail -d /var/qmail -s /sbin/nologin -p '\*' qmails  
groupadd -g 702 vchkpw  
useradd -u 708 -g vchkpw -d /home/vpopmail -s /sbin/nologin -p '\*' vpopmail  
  
mkdir -p /package  
chmod 1755 /package  
  
mkdir -p /var/log/qmail/qmail-send  
mkdir -p /var/log/qmail/qmail-smtpd  
mkdir -p /var/log/qmail/qmail-pop3d  
  
chown -R qmaill:root /var/log/qmail  
  
chmod -R 750 /var/log/qmail  
  
mkdir -p /var/qmail/supervise/qmail-smtpd/log  
mkdir -p /var/qmail/supervise/qmail-send/log  
mkdir -p /var/qmail/supervise/qmail-pop3d/log  
  
chmod +t /var/qmail/supervise/qmail-smtpd  
chmod +t /var/qmail/supervise/qmail-send  
chmod +t /var/qmail/supervise/qmail-pop3d  

**From :-**

📝Note: The qmail bin directory must reside on a filesystem that allows the use of executable and setuid() files. Some OS distributions automatically mount /var with the nosuid or noexec options enabled. On such systems, either these options should be disabled or /var/qmail/bin should reside on another filesystem without these options enabled. The Create directories section describes how to use symbolic links to accomplish the latter. If /var is mounted nosuid, you’ll probably see the following error message in the qmail-send logs:

delivery : deferral: Sorry,_message_has_wrong_owner._(#4.3.5)

###################################################################

For ease of management, all software will be downloaded in /downloads/qmailrocks directory, so lets create that as well.

mkdir -p /downloads/qmailrocks

Download the qmailrocks.tar.gz from www.qmailrocks.org in /downloads and untar it at the same location. This will create /downloads/qmailrocks and will have all the QMR files in it. This will help as a source of comparison of various software versions.

Current stable release: 2.2.1 - 4/19/2006

tar zxvf /downloads/qmailrocks/qmail-1.03.tar.gz
tar zxvf /downloads/qmailrocks/ucspi-tcp-0.88.tar.gz
tar zxvf /downloads/qmailrocks/daemontools-0.76.tar.gz

####################################################
The QMR package contains qmail-1.03, whereas Qmail homepage and life with Qmail both suggests to use (and provides), netqmail-1.05.

From the Un-official Qmail homepage (www.qmail.org) :-
-—————————————-
Charles Cazabon, Dave Sill, Henning Brauer, Peter Samuel, and Russell Nelson have put together a netqmail-1.05 distribution of qmail. It is comprised of qmail-1.03 plus the recommended patches (http://www.qmail.org/top.html#patches) , some documentation, and a shell script which prepares the files for compilation.

http://www.qmail.org/top.html#patches tells us:-

Recommended patches * The definitions of errno in qmail (and tcpserver) do not work with the newest glibc (2.3.1). Debian and redhat are updating to this glibc. Executables compiled with older glibc’s (2.3) abort on startup, and recompilation with 2.3.1 is not possible. Mate Wierdl has patches for all of djb’s software. Erwin Hoffmann points out that a one-line sed script will fix most of DJB’s software. Look in the Tips section.
* Erik Sjölund pointed out this bug in qmail-local.
* qmail ought to recognize 0.0.0.0 as a local IP address. This patch from Scott Gifford implements that change.
* David Phillips noticed that sendmail’s -f option sets a default From: header, and so should qmail’s emulation.
* Bruce Guenter has written a patch which causes any program that would run qmail-queue to look for an environment variable QMAILQUEUE. If it is present, it is used in place of the string “bin/qmail-queue” when running qmail-queue. This could be used, for example, to add a program into the qmail-smtpd->qmail-queue pipeline that could do filtering, rewrite broken headers, etc.

###############################################################

Let’s download the original Qmail-1.03 package from Official Qmail Homepage (http://cr.yp.to/qmail.html)

mkdir -p /downloads/qmailnew

cd /downloads/qmailnew

wget http://cr.yp.to/software/qmail-1.03.tar.gz

Download the ucspi-tcp tools:
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz

Let’s download daemon-tools as well:
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz

So far these two packages are same as QMR. So you can either use the new ones I just downloaded or the ones that came with QMR pacakge. Lets unzip them:

cd /usr/src/qmail
tar xzf /downloads/qmailrocks/qmail-1.03.tar.gz
tar xzf /downloads/qmailrocks/ucspi-tcp-0.88.tar.gz

cd /package
tar xzf /downloads/qmailrocks/daemontools-0.76.tar.gz

Set up conf-split and conf-spawn:

echo 211 > /usr/src/qmail/qmail-1.03/conf-split
echo 255 > /usr/src/qmail/qmail-1.03/conf-spawn

Time to apply various patches to Qmail-1.03:
-——————————————-
Get latest combined patch (version 7.02) by jms1 from http://qmail.jms1.net/patches/combined-details.shtml

cd /downloads/qmailnew
wget http://qmail.jms1.net/patches/qmail-1.03-jms1.7.02.patch

This patch already contains the FORCE_TLS patch, so no need to further patch the qmail for forcetls (as it is done in the QMR guide).

Note that this combined patch does not contain patch for tarpitting!

#####################################

Tarpitting with qmail-smtpd

What’s tarpitting? It’s the practice of inserting a small sleep in an SMTP session for each RCPT TO after some set number of RCPT TOs. The idea is to thwart spammers who would hand your SMTP server a single message with a long list of RCPT TOs. If a spammer were to attempt to use your server to relay a message with, say, 10,000 recipients, and you inserted a five-second delay for each recipient after the fiftieth, the spammer would be “tarpitted,” and would most likely assume that his connection had stalled and give up.

The subject originally came up in a discussion on the qmail mailing list of ways to run an open relay safely (I didn’t suggest it, and I don’t do that kind of thing), but it could also be useful in keeping your own dial-up customers from using you as a spam relay.

I’ve made a simple patch to qmail-smtpd to allow it to do tarpitting. There are two control files involved: control/tarpitcount and control/tarpitdelay. tarpitcount is the number of RCPT TOs you accept before you start tarpitting, and tarpitdelay is the number of seconds of delay to introduce after each subsequent RCPT TO. tarpitcount defaults to 0 (which means no tarpitting), and tarpitdelay defaults to 5. You can override both tarpitcount and tarpitdelay by setting TARPITCOUNT and TARPITDELAY in qmail-smtpd’s environment (with tcpserver). If you used the earlier version of this patch, note that this version no longer uses the NOTARPIT environment variable; set TARPITCOUNT to 0 to achieve the same effect.

The patch can be found here: http://www.palomine.net/qmail/tarpit.patch.

########################################

The tarpit patch is also included in Nasim’s patch tarball. I will download it and only use the tarpit patch from it.

Lets download this patch too.

cd /downloads/qmailnew

wget http://megaz.arbuz.com/download/qmail_patches.tar.gz

Or you can download only the specific tarpit patch:
wget http://www.palomine.net/qmail/tarpit.patch

Lets do the actual patching.

cd /usr/src/qmail/qmail-1.03/

patch < /downloads/qmailnew/qmail-1.03-jms1.7.02.patch

Applying the Tarpit patch FAILED:-

[root@qmail qmail-1.03]# patch < /downloads/qmailnew/tarpit.patch
patching file qmail-smtpd.c
Hunk #1 FAILED at 96.
Hunk #2 succeeded at 346 with fuzz 2 (offset 234 lines).
Hunk #3 succeeded at 498 with fuzz 1 (offset 266 lines).
Hunk #4 FAILED at 523.
Hunk #5 succeeded at 728 (offset 454 lines).
2 out of 5 hunks FAILED – saving rejects to file qmail-smtpd.c.rej
[root@qmail qmail-1.03]#

When I applied the Tarpit patch FIRST, I got errors while applying the jms bigpatch later on:-

[root@qmail qmail-1.03]# patch < /downloads/qmailnew/tarpit.patch
patching file qmail-smtpd.c
[root@qmail qmail-1.03]#

[root@qmail qmail-1.03]# patch < /downloads/qmailnew/qmail-1.03-jms1.7.02.patch
. . .
. . .
patching file qmail-smtpd.8
patching file qmail-smtpd.c
Hunk #6 FAILED at 245.
Hunk #7 succeeded at 410 (offset 11 lines).
Hunk #9 succeeded at 706 with fuzz 1 (offset 11 lines).
Hunk #10 succeeded at 727 (offset 1 line).
Hunk #11 FAILED at 774.
Hunk #12 succeeded at 1002 (offset 13 lines).
Hunk #13 succeeded at 1076 (offset 1 line).
Hunk #14 succeeded at 1121 (offset 13 lines).
Hunk #15 succeeded at 1166 (offset 1 line).
Hunk #16 succeeded at 1204 (offset 13 lines).
2 out of 16 hunks FAILED – saving rejects to file qmail-smtpd.c.rej
patching file qmail-start.c
patching file qmail-todo.c
patching file qmail.c
. . .
. . .

I am letting go of the Tarpit patch at the moment. Restored the clean Qmail-1.03 source and applied the jms big patch only:-

rm -fr /usr/src/qmail/qmail-1.03
cd /usr/src/qmail/
tar xzf /downloads/qmailnew/qmail-1.03.tar.gz cd /usr/src/qmail/qmail-1.03/
patch < /downloads/qmailnew/qmail-1.03-jms1.7.02.patch

Now we build Qmail…

cd /usr/src/qmail/qmail-1.03

make man && make setup check

#####################################################################################################
Important From: http://www.antagonism.org/qmr-faq.shtml

7.11 What is the difference between the locals and rcpthosts files in /var/qmail/control?

The locals file contains domains which reside locally on the machine. This means accounts listed in locals should have shell accounts on the machine. If you use vpopmail, your locals file should be empty but exist. This problem is prevalent in many qmailrocks installs as the instruction set wrongly instructs users to configure qmail using the "config-fast" shell script. Unless the user desires email accounts for his shell accounts the is not the correct method. The following commands correct this error.  
  
If /var/qmail/control/locals exists, run the first command. If not, you may skip to the second command.  
# rm /var/qmail/control/locals  
# touch /var/qmail/control/locals  
# chmod 644 /var/qmail/control/locals  
# chown root.root /var/qmail/control/locals  
  
The rcpthosts file contains the domains for which qmail-smtpd will accept email. The rcpthosts file should contain the domain names only. Do not put in email addresses, hostnames or IP addresses into this file.   ######################################################################################################  

# From the QMR guide:
# ./config-fast mail.mydomain.com

[root@qmail qmail-1.03]# ./config-fast qmail.isb.ots.com
Your fully qualified host name is qmail.isb.ots.com.
Putting qmail.isb.ots.com into control/me…
Putting isb.ots.com into control/defaultdomain…
Putting ots.com into control/plusdomain…
Putting qmail.isb.ots.com into control/locals…
Putting qmail.isb.ots.com into control/rcpthosts…
Now qmail will refuse to accept SMTP messages except to qmail.isb.ots.com.
Make sure to change rcpthosts if you add hosts to locals or virtualdomains!
[root@qmail qmail-1.03]#

Let’s verify the /var/qmail/control/locals file:

[root@qmail qmail-1.03]# cat /var/qmail/control/locals
qmail.isb.ots.com
[root@qmail qmail-1.03]#

According to the note above, this file must be empty. So let’s make it empty:

rm -f /var/qmail/control/locals
touch /var/qmail/control/locals
chmod 644 /var/qmail/control/locals
chown root.root /var/qmail/control/locals

-——————- End of day —————

Tarpit (again):-
As you can see above, after applying jms patch, once I applied the tarpit patch, 3 hunks failed while doing so. So I will use the manual patching method as defined in (http://www.focb.co.nz/qmail/)

cd /usr/src/qmail/qmail-1.03/

Note: Three hunks fail on this patch - manual patching is required as follows
edit qmail-smtp.c

vi qmail-smtpd.c

Search for

int flagbarf; /* defined if seenmail */
stralloc mailfrom = {0};
stralloc rcptto = {0};

and then add

int rcptcount;

after these lines, then search for

if (!stralloc_copys(&rcptto,””)) die_nomem();
if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();
if (!stralloc_0(&mailfrom)) die_nomem();

and then add

rcptcount = 0;

after these lines, then search for

if (!stralloc_cats(&rcptto,”T”)) die_nomem();
if (!stralloc_cats(&rcptto,addr.s)) die_nomem();
if (!stralloc_0(&rcptto)) die_nomem();

and add

if (tarpitcount && ++rcptcount >= tarpitcount) while (sleep(tarpitdelay));

after it. Thats it. Patched manually.

Time to compile. Remember we are in /usr/src/qmail/qmail-1.03

make man && make setup check

[root@qmail qmail-1.03]# make man && make setup check
make: Nothing to be done for `man’.
./compile qmail-smtpd.c
qmail-smtpd.c: In function ‘smtp_rcpt’:
qmail-smtpd.c:986: error: ‘tarpitcount’ undeclared (first use in this function)
qmail-smtpd.c:986: error: (Each undeclared identifier is reported only once
qmail-smtpd.c:986: error: for each function it appears in.)
qmail-smtpd.c:986: error: ‘tarpitdelay’ undeclared (first use in this function)
qmail-smtpd.c: In function ‘main’:
qmail-smtpd.c:1628: warning: assignment makes pointer from integer without a cast
qmail-smtpd.c:1629: warning: comparison between pointer and integer
qmail-smtpd.c:1565: warning: return type of ‘main’ is not ‘int’
make: *** [qmail-smtpd.o] Error 1
[root@qmail qmail-1.03]# find qmail-smtp.c
find: qmail-smtp.c: No such file or directory
[root@qmail qmail-1.03]#

OOOOOOOOPPPsss.

May be I need to do it the following way:

1) delete qmail-1.03 directory
2) untar fresh qmail-1.03
3) apply jms patch.
4) apply tarpit patch
5) when hunks fail during tarpit patch, only then I manually edit the qmail-smtpd.c file. The errors during compilation step above are obviously indicating that certain code / functions at least should have been entered / injected / patched in the qmail-smtpd.c file during tarpit patch.

So lets do it again.

rm -fr /usr/src/qmail/qmail-1.03
cd /usr/src/qmail/
tar xzf /downloads/qmailnew/qmail-1.03.tar.gz cd /usr/src/qmail/qmail-1.03/
patch < /downloads/qmailnew/qmail-1.03-jms1.7.02.patch

[root@qmail qmail-1.03]# patch < /downloads/qmailnew/tarpit.patch
patching file qmail-smtpd.c
Hunk #1 FAILED at 96.
Hunk #2 succeeded at 346 with fuzz 2 (offset 234 lines).
Hunk #3 succeeded at 498 with fuzz 1 (offset 266 lines).
Hunk #4 FAILED at 523.
Hunk #5 succeeded at 728 (offset 454 lines).
2 out of 5 hunks FAILED – saving rejects to file qmail-smtpd.c.rej
[root@qmail qmail-1.03]#

Let’s do the manual editing again:

cd /usr/src/qmail/qmail-1.03/

Note: Three hunks fail on this patch - manual patching is required as follows
edit qmail-smtp.c

vi qmail-smtpd.c

Search for

int flagbarf; /* defined if seenmail */
stralloc mailfrom = {0};
stralloc rcptto = {0};

and then add

int rcptcount;

after these lines, then search for

if (!stralloc_copys(&rcptto,””)) die_nomem();
if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();
if (!stralloc_0(&mailfrom)) die_nomem();

and then add

rcptcount = 0;

after these lines, then search for

if (!stralloc_cats(&rcptto,”T”)) die_nomem();
if (!stralloc_cats(&rcptto,addr.s)) die_nomem();
if (!stralloc_0(&rcptto)) die_nomem();

and add

if (tarpitcount && ++rcptcount >= tarpitcount) while (sleep(tarpitdelay));

after it.

Now also examine the qmail-smtpd.c.rej file, which was created during the tarpit patch process.

[root@qmail qmail-1.03]# cat qmail-smtpd.c.rej
***************
*** 96,101 ****
int bmfok = 0;
stralloc bmf = {0};
struct constmap mapbmf;

void setup()
{
-– 96,103 —-
int bmfok = 0;
stralloc bmf = {0};
struct constmap mapbmf;
+ int tarpitcount = 0;
+ int tarpitdelay = 5;

void setup()
{
***************
*** 511,516 ****
if (!stralloc_copys(&rcptto,””)) die_nomem();
if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();
if (!stralloc_0(&mailfrom)) die_nomem();
out(“250 ok\\r\\n”);
}
void smtp_rcpt(arg) char *arg; {
-– 523,529 —-
if (!stralloc_copys(&rcptto,””)) die_nomem();
if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();
if (!stralloc_0(&mailfrom)) die_nomem();

  • rcptcount = 0;
    out(“250 ok\\r\\n”);
    }
    void smtp_rcpt(arg) char *arg; {
    [root@qmail qmail-1.03]#

I manually checked the qmail-smtpd.c file for declaration of the variables tarpitcount and tarpit delay. Their declaration did not exist! Though they were being used at number of places throughout the code.
In the reject file shown above, notice the (+) sign with two lines, both variable declarations of these two variables. I suspect they could not be defined where they should have been. So I will manually add these two declaration lines and see if it works.

I have added these line as:

void setup()
{
char *x;
unsigned long u;

ifdef TLS

char *tlsciphers;

endif

int tarpitcount = 0;
int tarpitdelay = 5;
[rest of the code …]

Let’s try compiling it again.

./compile qmail-smtpd.c
qmail-smtpd.c: In function ‘smtp_rcpt’:
qmail-smtpd.c:997: error: ‘tarpitcount’ undeclared (first use in this function)
qmail-smtpd.c:997: error: (Each undeclared identifier is reported only once
qmail-smtpd.c:997: error: for each function it appears in.)
qmail-smtpd.c:997: error: ‘tarpitdelay’ undeclared (first use in this function)
qmail-smtpd.c: In function ‘main’:
qmail-smtpd.c:1639: warning: assignment makes pointer from integer without a cast
qmail-smtpd.c:1640: warning: comparison between pointer and integer
qmail-smtpd.c:1576: warning: return type of ‘main’ is not ‘int’
make: *** [qmail-smtpd.o] Error 1
[root@qmail qmail-1.03]#

I still got errors, so I have also copied the two variable declaration lines as:

void smtp_rcpt(arg) char *arg; {
int tarpitcount = 0;
int tarpitdelay = 5;

Let’s compile again.

make man && make setup check

. . .
. . .
./load qmail-todo control.o constmap.o trigger.o fmtqfn.o now.o \\
readsubdir.o case.a ndelay.a getln.a sig.a open.a stralloc.a \\
alloc.a substdio.a error.a str.a fs.a auto_qmail.o auto_split.o
./install
./instcheck
[root@qmail qmail-1.03]#

This time it has compiled fine.

But I am not happy with this “work around”. Declaring it in the same function where it is being used later on and initializing their values to 0 and 5 respectively, will never enable the function to get the values from the control/tarpit* files. So I have moved these two lines up to global declaration area on the top of the file. Like this:

unsigned int require_auth = 0;
char pid_buf[FMT_ULONG];
stralloc title = {0};
int log_mail = 0;
int log_rcpt = 0;

int tarpitcount = 0;
int tarpitdelay = 5;

I have also removed the declaration from the “void setup” section.

I will try compiling again. If this time it compiles, I will go with it.

[root@qmail qmail-1.03]# make clean
rm -f `cat TARGETS`

[root@qmail qmail-1.03]# make man && make setup check

. . .
. . .
./load qmail-todo control.o constmap.o trigger.o fmtqfn.o now.o \\
readsubdir.o case.a ndelay.a getln.a sig.a open.a stralloc.a \\
alloc.a substdio.a error.a str.a fs.a auto_qmail.o auto_split.o
./install
./instcheck
[root@qmail qmail-1.03]#

This time, it has compiled fine too. Alhumdulillah.

Let’s move on.

[root@qmail qmail-1.03]# ./config-fast qmail.isb.ots.com
Your fully qualified host name is qmail.isb.ots.com.
Putting qmail.isb.ots.com into control/me…
Putting isb.ots.com into control/defaultdomain…
Putting ots.com into control/plusdomain…
Putting qmail.isb.ots.com into control/locals…
Putting qmail.isb.ots.com into control/rcpthosts…
Now qmail will refuse to accept SMTP messages except to qmail.isb.ots.com.
Make sure to change rcpthosts if you add hosts to locals or virtualdomains!
[root@qmail qmail-1.03]#

Reference to the note we saw earlier:

#####################################################################################################
Important From: http://www.antagonism.org/qmr-faq.shtml

7.11 What is the difference between the locals and rcpthosts files in /var/qmail/control?

The locals file contains domains which reside locally on the machine. This means accounts listed in locals should have shell accounts on the machine. If you use vpopmail, your locals file should be empty but exist. This problem is prevalent in many qmailrocks installs as the instruction set wrongly instructs users to configure qmail using the "config-fast" shell script. Unless the user desires email accounts for his shell accounts the is not the correct method. The following commands correct this error.  
  
If /var/qmail/control/locals exists, run the first command. If not, you may skip to the second command.  
# rm /var/qmail/control/locals  
# touch /var/qmail/control/locals  
# chmod 644 /var/qmail/control/locals  
# chown root.root /var/qmail/control/locals  
  
The rcpthosts file contains the domains for which qmail-smtpd will accept email. The rcpthosts file should contain the domain names only. Do not put in email addresses, hostnames or IP addresses into this file.   ######################################################################################################  

Let’s verify the /var/qmail/control/locals file:

[root@qmail qmail-1.03]# cat /var/qmail/control/locals
qmail.isb.ots.com
[root@qmail qmail-1.03]#

According to the note above, this file must be empty. So let’s make it empty:

rm -f /var/qmail/control/locals
touch /var/qmail/control/locals
chmod 644 /var/qmail/control/locals
chown root.root /var/qmail/control/locals

Lets move on and generate the certificate (QMR guide).

make cert

chown -R vpopmail:qmail /var/qmail/control/clientcert.pem /var/qmail/control/servercert.pem

Now we build ucspi-tcp…

cd /usr/src/qmail/ucspi-tcp-0.88/

-——————————————- End of Day ———————–

Before we build ucspi, we need to patch it for errno. This patch is included in the QMR package and also mentioned at www.lifewithqmail.org/lwq.html .

cd /usr/src/qmail/ucspi-tcp-0.88/
patch < /downloads/qmailrocks/patches/ucspi-tcp-0.88.errno.patch

make && make setup check

Now we build the daemontools….

Daemon tools also need to be patched for errno. This patch is included in the QMR package and also mentioned at http://www.lifewithqmail.org/lwq.html#install-daemontools .

cd /package/admin/daemontools-0.76/src
patch < /downloads/qmailrocks/patches/daemontools-0.76.errno.patch
cd /package/admin/daemontools-0.76

./package/install

. . .
. . .
grep sysdep hasshsgr.h » sysdeps
Copying commands into ./command…
Creating symlink daemontools -> daemontools-0.76…
Making command links in /command…
Making compatibility links in /usr/local/bin…
Creating /service…
Adding svscanboot to inittab…
init should start svscan now.
[root@qmail daemontools-0.76]#

You should have svscan process running now:

[root@qmail daemontools-0.76]# ps aux | grep svscan
root 5447 0.0 0.5 2412 1080 ? Ss 11:12 0:00 /bin/sh /command/svscanboot
root 5449 0.0 0.1 1652 340 ? S 11:12 0:00 svscan /service
root 5456 0.0 0.3 3880 664 pts/0 R+ 11:14 0:00 grep svscan
[root@qmail daemontools-0.76]#

The package install process, above, adds the following line in /etc/inittab:
. . .
SV:123456:respawn:/command/svscanboot

EZMLM:
-—–
The QMR package provides ezmlm-0.53-idx-0.41.tar.gz . The actual / raw version of this software is at http://cr.yp.to/ezmlm.html . However an extended version is at http://www.ezmlm.org/ . At the time of this writing, The most recent stable version of ezmlm-idx is 5.1.1, and is available at the link: http://www.ezmlm.org/archive/5.1.1/ . (Even the most recent version in the older stable series is 0.444, which is “newer” than what QMR package provides.) .

There is a twist. the documentation from the 5.1.1 INSTALL file tells us to download the actual 0.53 (non-idx) version from http://cr.yp.to /ezmlm.html . Untar both 0.53 and 5.1.1 versions in two separate directories. Then copy / move evereything from 5.1.1 to 0.53 directory. Then patch the 0.53 code with the idx.patch file provided in 5.1.1. Configure various failes. And complile the 0.53 directory.

Lets downlaod both.

cd /downloads/qmailnew

wget http://cr.yp.to/software/ezmlm-0.53.tar.gz
wget http://www.ezmlm.org/archive/5.1.1/ezmlm-idx-5.1.1.tar.gz

tar xzf ezmlm-0.53.tar.gz
tar xzf ezmlm-idx-5.1.1.tar.gz

cp -r /downloads/qmailnew/ezmlm-idx-5.1.1/* /downloads/qmailnew/ezmlm-0.53 –reply=yes

cd /downloads/qmailnew/ezmlm-0.53

patch < idx.patch

Configure various config files:

vi conf-etc
/usr/local/etc/ezmlm

vi conf-bin
/usr/local/bin/ezmlm

vi conf-qmail
/var/qmail

Edit the conf-sub, and change the storage from standard file location to mysql.

vi conf-sub
mysql

Choose a subscription database support. Available supports are:
* std (Default) filesystem
* mysql MySQL database
* pgsql Postgres database

You will need the mysql-devel package to be installed on the system before compiling this software.

vi sub_mysql/conf-sqlcc

-I/usr/include/mysql

Time to compile.

make clean
make
make man
make setup

You may want to create a ezmlm MySQL Database at this point.

mysql -u root -p
create database ezmlm;
GRANT select,insert,update,delete,create,drop ON ezmlm.* TO ezmlmuser@localhost IDENTIFIED BY ‘redhat’;

AUTORESPONDER:
-————-

autorespond-2.0.5.tar.gz is provided by the QMR package. This is the latest version on the net too. So let’s follow it.

cd /downloads/qmailrocks

tar zxvf autorespond-2.0.5.tar.gz

cd autorespond-2.0.5

make && make install

-—————————— End of Day ——————————-

VPOPMAIL with MySQL support:
-—————————-

vpopmail-5.4.13.tar.gz is supplied with QMR package. Whereas version 5.4.22 is available on inter7’s sourceforge page:
http://sourceforge.net/project/showfiles.php?group_id=85937

Lets download this new version:

cd /downloads/qmailnew
wget http://optusnet.dl.sourceforge.net/sourceforge/vpopmail/vpopmail-5.4.22.tar.gz

tar xzf vpopmail-5.4.22.tar.gz
cd /downloads/qmailnew/vpopmail-5.4.22

Let’s do the preparation first. We already have created a user vpopmail and vchkpw earlier.

mkdir ~vpopmail/etc

chown vpopmail:vchkpw ~vpopmail/etc

echo “localhost 0 vpopmailuser redhat vpopmail” > ~vpopmail/etc/vpopmail.mysql

Create vpopmail Database:

mysql -u root -p

CREATE DATABASE vpopmail;

GRANT select,insert,update,delete,create,drop ON vpopmail.* TO vpopmailuser@localhost IDENTIFIED BY ‘redhat’;

cd /downloads/qmailnew/vpopmail-5.4.22

[QMRGuide= ./configure –enable-logging=p –enable-auth-module=mysql –disable-passwd –enable-clear-passwd \\
--disable-many-domains –enable-auth-logging –enable-sql-logging –enable-valias –disable-mysql-limits]

./configure –enable-logging=p –enable-auth-module=mysql –disable-clear-passwd –disable-many-domains \\
–enable-sql-logging –enable-mysql-replication –enable-valias –enable-roaming-users \\
–enable-spamassassin –enable-mysql-limits . . .
. . .
config.status: creating config.h
config.status: executing depfiles commands

       vpopmail 5.4.21  
        Current settings   \---------------------------------------  

vpopmail directory = /home/vpopmail
domains directory = /home/vpopmail/domains
uid = 708
gid = 702
roaming users = ON –enable-roaming-users
tcpserver file = /home/vpopmail/etc/tcp.smtp
open_smtp file = /home/vpopmail/etc/open-smtp
rebuild tcpserver file = ON –enable-rebuild-tcpserver-file (default)
password learning = OFF –disable-learn-passwords (default)
md5 passwords = ON –enable-md5-passwords (default)
file locking = ON –enable-file-locking (default)
vdelivermail fsync = OFF –disable-file-sync (default)
make seekable = ON –enable-make-seekable (default)
clear passwd = OFF –disable-clear-passwd
user dir hashing = ON –enable-users-big-dir (default)
address extensions = OFF –disable-qmail-ext (default)
ip alias = OFF –disable-ip-alias-domains (default)
onchange script = OFF –disable-onchange-script (default)
auth module = mysql –enable-auth-module=mysql
mysql replication = ON –enable-mysql-replication
sql logging = ON –enable-sql-logging
mysql limits = ON –enable-mysql-limits
SQL valias table = ON –enable-valias
auth inc = -I/usr/include/mysql
auth lib = -L/usr/lib/mysql -lmysqlclient -lz -lm
system passwords = OFF –disable-passwd (default)
pop syslog = show failed attempts with clear text password –enable-logging=p
auth logging = ON –enable-auth-logging (default)
one domain per SQL table = –disable-many-domains
spamassassin = ON –enable-spamassassin
maildrop = OFF –disable-maildrop (default)

[root@qmail vpopmail-5.4.22]#

make && make install-strip

VQADMIN:
-——-

QMR package provides vqadmin-2.3.6.tar.gz . The homepage of vqadmin ( http://www.inter7.com/vqadmin/ ) provides us vqadmin-2.3.7.tar.gz . Lets use that.

cd /downloads/qmailnew/

wget http://www.inter7.com/vqadmin/vqadmin-2.3.7.tar.gz

tar xzf vqadmin-2.3.7.tar.gz

cd /downloads/qmailnew/vqadmin-2.3.7

./configure –enable-cgibindir=/var/www/cgi-bin –enable-htmldir=/var/www/html

make && make install-strip

Edit the Apache config file and add the following :

<Directory “/var/www/cgi-bin/vqadmin”>
deny from all
Options ExecCGI
AllowOverride AuthConfig
Order deny,allow
</Directory>

vi /var/www/cgi-bin/vqadmin/.htaccess

AuthType Basic
AuthUserFile /etc/httpd/conf/vqadmin.passwd
AuthName vQadmin
require valid-user
satisfy any

chown apache /var/www/cgi-bin/vqadmin/.htaccess

chmod 640 /var/www/cgi-bin/vqadmin/.htaccess # The QMR guide suggests 644 , which is too lax I think.

htpasswd -bc /etc/httpd/conf/vqadmin.passwd admin redhat

chown apache /etc/httpd/conf/vqadmin.passwd # This step is not in QMR.

chmod 640 /etc/httpd/conf/vqadmin.passwd

service httpd restart

Open the following link in web browser:
http://qmail.isb.ots.com/cgi-bin/vqadmin/vqadmin.cgi

Add a domain “isb.ots.com” in vqadmin .

Created Domain
Domain postmaster added (password: redhat)

MAIL DROP
-———

Ideally according to myself, this step should have come before vpopmail. Also, from the maildrop homepage:

http://www.courier-mta.org/maildrop/

maildrop is the mail filter/mail delivery agent that’s used by the Courier Mail Server. You do not need to download maildrop from here if you already have Courier installed. This is a standalone build of the maildrop mail filter that can be used with other mail servers.

Based on this text, I don’t think that I need maildrop. Still, lets install it.

QMR provides maildrop-1.6.3.tar.gz . Where as the latest is: maildrop-2.0.4.tar.bz2

cd /downloads/qmailnew

wget http://prdownloads.sourceforge.net/courier/maildrop-2.0.4.tar.bz2

tar xjf maildrop-2.0.4.tar.bz2

cd maildrop-2.0.4

./configure –prefix=/usr/local –exec-prefix=/usr/local –enable-maildrop-uid=root –enable-maildrop-gid=vchkpw –enable-maildirquota

make && make install-strip && make install-man

QMAILADMIN:
-———-
QMR provides qmailadmin-1.2.9.tar.gz . This is the latest on Inter 7 . And since it is already provided with QMR package, we will use it from there.

cd /downloads/qmailrocks

tar zxvf qmailadmin-1.2.9.tar.gz

cd qmailadmin-1.2.9

./configure –enable-cgibindir=/var/www/cgi-bin –enable-htmldir=/var/www/html

make && make install-strip
make all-am
make[1]: Entering directory `/downloads/qmailrocks/qmailadmin-1.2.9’
source=’qmailadmin.c’ object=’qmailadmin.o’ libtool=no \\
depfile=’.deps/qmailadmin.Po’ tmpdepfile=’.deps/qmailadmin.TPo’ \\
depmode=gcc3 /bin/sh ./depcomp \\
gcc -I. -I/home/vpopmail/include -I. -I. -I. -g -O2 -Wall -c `test -f ‘qmailadmin.c’ || echo ‘./’`qmailadmin.c
In file included from qmailadmin.c:48:
qmailadmin.h:39:1: warning: “MAX_BUFF” redefined
In file included from qmailadmin.c:35:
/home/vpopmail/include/vpopmail.h:36:1: warning: this is the location of the previous definition
In file included from qmailadmin.c:48:
qmailadmin.h:63: error: conflicting types for ‘readuserquota’
/home/vpopmail/include/vpopmail.h:219: error: previous declaration of ‘readuserquota’ was here
make[1]: *** [qmailadmin.o] Error 1
make[1]: Leaving directory `/downloads/qmailrocks/qmailadmin-1.2.9’
make: *** [all] Error 2
[root@qmail qmailadmin-1.2.9]#

Is this because of the –enable-mysql-limits I setup in vpopmail?

cd /downloads/qmailnew/vpopmail-5.4.22

[QMRGuide= ./configure –enable-logging=p –enable-auth-module=mysql –disable-passwd –enable-clear-passwd \\
--disable-many-domains –enable-auth-logging –enable-sql-logging –enable-valias –disable-mysql-limits]

./configure –enable-logging=p –enable-auth-module=mysql –disable-clear-passwd –disable-many-domains \\
–enable-sql-logging –enable-mysql-replication –enable-valias –enable-roaming-users \\
–enable-spamassassin –disable-mysql-limits

make && make install-strip

cd /downloads/qmailrocks

tar zxvf qmailadmin-1.2.9.tar.gz

cd qmailadmin-1.2.9

./configure –enable-cgibindir=/var/www/cgi-bin –enable-htmldir=/var/www/html

make && make install-strip

No. The error still came.

Changed GCC from GCC4 to GCC34.

mv /usr/bin/gcc /usr/bin/gcc4
ln -s /usr/bin/gcc34 /usr/bin/gcc

Try vpopmail again and then vqadmin again.

[root@qmail qmailadmin-1.2.9]# make && make install-strip
make all-am
make[1]: Entering directory `/downloads/qmailrocks/qmailadmin-1.2.9’
source=’qmailadmin.c’ object=’qmailadmin.o’ libtool=no \\
depfile=’.deps/qmailadmin.Po’ tmpdepfile=’.deps/qmailadmin.TPo’ \\
depmode=gcc3 /bin/sh ./depcomp \\
gcc -I. -I/home/vpopmail/include -I. -I. -I. -g -O2 -Wall -c `test -f ‘qmailadmin.c’ || echo ‘./’`qmailadmin.c
In file included from qmailadmin.c:48:
qmailadmin.h:39:1: warning: “MAX_BUFF” redefined
In file included from qmailadmin.c:35:
/home/vpopmail/include/vpopmail.h:36:1: warning: this is the location of the previous definition
In file included from qmailadmin.c:48:
qmailadmin.h:63: error: conflicting types for ‘readuserquota’
/home/vpopmail/include/vpopmail.h:219: error: previous declaration of ‘readuserquota’ was here
qmailadmin.h:63: error: conflicting types for ‘readuserquota’
/home/vpopmail/include/vpopmail.h:219: error: previous declaration of ‘readuserquota’ was here
make[1]: *** [qmailadmin.o] Error 1
make[1]: Leaving directory `/downloads/qmailrocks/qmailadmin-1.2.9’
make: *** [all] Error 2
[root@qmail qmailadmin-1.2.9]#

Nope. So changed the gcc back to original GCC4.

ACcording to this link:
http://www.mail-archive.com/vchkpw@inter7.com/msg25192.html

There is a problem of vpopmail-5.4.22 with qmailadmin.

Let’s download qmailadmin-devel-1.2.11

cd /downloads/qmailnew

wget wget http://optusnet.dl.sourceforge.net/sourceforge/qmailadmin/qmailadmin-1.2.11.tar.gz

tar xzf qmailadmin-1.2.11.tar.gz
cd qmailadmin-1.2.11

./configure –enable-cgibindir=/var/www/cgi-bin –enable-htmldir=/var/www/html

[root@qmail qmailadmin-1.2.11]# make && make install-strip
make all-am
make[1]: Entering directory `/downloads/qmailnew/qmailadmin-1.2.11’
source=’qmailadmin.c’ object=’qmailadmin.o’ libtool=no \\
depfile=’.deps/qmailadmin.Po’ tmpdepfile=’.deps/qmailadmin.TPo’ \\
depmode=gcc3 /bin/sh ./depcomp \\
gcc -I. -I/home/vpopmail/include -I. -I. -I. -g -O2 -Wall -c `test -f ‘qmailadmin.c’ || echo ‘./’`qmailadmin.c
In file included from qmailadmin.c:48:
qmailadmin.h:66: error: conflicting types for ‘readuserquota’
/home/vpopmail/include/vpopmail.h:219: error: previous declaration of ‘readuserquota’ was here
make[1]: *** [qmailadmin.o] Error 1
make[1]: Leaving directory `/downloads/qmailnew/qmailadmin-1.2.11’
make: *** [all] Error 2
[root@qmail qmailadmin-1.2.11]#

Same error. May be I should downgrade to vpopmail-5.4.21 ?.

Lets try the new version vpopmail-5.4.23 .

All steps performed as performed above. And the result is Great:-

Compiled Vpopmail-5.4.23 . Then compiled Qmailadmin-1.2.11. Done. Alhumdulillah.

cp ./lang/?? /usr/local/share/qmailadmin/lang
cp ./lang/??-?? /usr/local/share/qmailadmin/lang
chmod 755 /usr/local/share/qmailadmin/lang
chmod 644 /usr/local/share/qmailadmin/lang/*
/bin/sh ./mkinstalldirs /var/www/html/images/qmailadmin
mkdir /var/www/html/images/qmailadmin
cp ./images/*.png /var/www/html/images/qmailadmin
make[2]: Leaving directory `/downloads/qmailnew/qmailadmin-1.2.11’
make[1]: Leaving directory `/downloads/qmailnew/qmailadmin-1.2.11’
[root@qmail qmailadmin-1.2.11]#

Try loggin on to the http://qmail.isb.ots.com/cgi-bin/qmailadmin and add a few users.

Email Account kamran@isb.ots.com (Muhammad Kamran Azeem) added successfully

FINALIZING QMAIL:
-—————-

The QMR guide suggests to run the following script:
/downloads/qmailrocks/scripts/finalize/linux/finalize_linux.script

This script can be viewed online at:
http://www.qmailrocks.org/downloads/scripts/finalize/linux/finalize_linux.script

I will use the actual content of the script to get the tasks done manully.

# First Copy all supervise scripts to their proper locations.:

cp /downloads/qmailrocks/scripts/finalize/linux/pop3d_run /var/qmail/supervise/qmail-pop3d/run
cp /downloads/qmailrocks/scripts/finalize/linux/pop3d_log /var/qmail/supervise/qmail-pop3d/log/run
cp /downloads/qmailrocks/scripts/finalize/linux/smtpd_run /var/qmail/supervise/qmail-smtpd/run
cp /downloads/qmailrocks/scripts/finalize/linux/smtpd_log /var/qmail/supervise/qmail-smtpd/log/run
cp /downloads/qmailrocks/scripts/finalize/linux/send_run /var/qmail/supervise/qmail-send/run
cp /downloads/qmailrocks/scripts/finalize/linux/send_log /var/qmail/supervise/qmail-send/log/run

# Next: Copy rc and qmailctl scripts to proper locations:

cp /downloads/qmailrocks/scripts/finalize/rc /var/qmail/
cp /downloads/qmailrocks/scripts/finalize/qmailctl /var/qmail/bin/

# Setup needed permisions:

chmod 755 /var/qmail/rc /var/qmail/bin/qmailctl
chmod 751 /var/qmail/supervise/qmail-pop3d/run
chmod 751 /var/qmail/supervise/qmail-pop3d/log/run
chmod 751 /var/qmail/supervise/qmail-smtpd/run
chmod 751 /var/qmail/supervise/qmail-smtpd/log/run
chmod 751 /var/qmail/supervise/qmail-send/run
chmod 751 /var/qmail/supervise/qmail-send/log/run

# Setup default values to various control files:

echo ./Maildir > /var/qmail/control/defaultdelivery
echo 255 > /var/qmail/control/concurrencyremote
chmod 644 /var/qmail/control/concurrencyremote
echo 30 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming

# Create symbolic links:

ln -s /var/qmail/bin/qmailctl /usr/bin
ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-pop3d /service

Next edit the run scripts and adjust a few values:

vi /var/qmail/supervise/qmail-pop3d/run

Find “mail.example.com” and change it to your server’s hostname. For example: qmail.isb.ots.com.

vi /var/qmail/supervise/qmail-smtpd/run

Find “mail.example.com” and change it to your server’s hostname. For example: qmail.isb.ots.com

Next:

qmailctl stop

echo ‘127.:allow,RELAYCLIENT=””’ » /etc/tcp.smtp

qmailctl cdb

Now we create the common system aliases. These aliases are going to tell Qmail what to do with common server-generated mails.

echo postmaster@isb.ots.com > /var/qmail/alias/.qmail-root
echo postmaster@isb.ots.com > /var/qmail/alias/.qmail-postmaster
echo postmaster@isb.ots.com > /var/qmail/alias/.qmail-mailer-daemon
ln -s /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-anonymous
chmod 644 /var/qmail/alias/.qmail*

REMOVE SENDMAIL, POSTFIX , EXIM from System:
-——————————————-

If you have not removed these pakages before, you can do it now.

rpm -e sendmail sendmail-cf postfix exim –nodeps

Create artificial sendmail path:

ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail

START QMAIL:
-———–
The QMR guide asks to run the following script:

/downloads/qmailrocks/scripts/util/qmr_inst_check

The script is long and there is no advantage running it command by command/ manually. When you run the script, it will check for some key required files and folders and will also check permissions and owership settings on many key items. It a needed file does not exist or if the ownership/permissions settings are wrong on a key file, it will tell you and then make a suggestion as to how to correct the error. This script does NOT check the CONTENT or SYNTAX of your scripts, but only for the scripts’ existence and their ownership/permissions settings. If you’ve screwed up the syntax of on the run scripts, this tool will not detect it.

Lets run it:

[root@qmail ~]# /downloads/qmailrocks/scripts/util/qmr_inst_check
Congratulations, your Qmailrocks.org Qmail installation looks good!
[root@qmail ~]#

Start Qmail:

qmailctl stop
qmailctl start

Then:

qmailctl stat

[root@qmail ~]# qmailctl stat
/service/qmail-send: up (pid 25302) 2 seconds
/service/qmail-send/log: up (pid 25308) 2 seconds
/service/qmail-smtpd: up (pid 25311) 2 seconds
/service/qmail-smtpd/log: up (pid 25316) 2 seconds
/service/qmail-pop3d: up (pid 25319) 2 seconds
/service/qmail-pop3d/log: up (pid 25321) 2 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0
[root@qmail ~]#

-————————- End of day —————————–

Telnet checks passed.

COURIER IMAP + COURIERPASSD
-————————–

Courier-imap is the preferred IMAP server to install because it has built in support the vchkpw mail user setup that Vpopmail utilizes. In short, Courier IMAP works with Vpopmail and virtual domains. In addition to installing Courier-imap, we’re going to install Courierpassd. Courierpassd is a utility that allows users to change their mailbox passwords remotely.

We are going to use latest releases from http://www.courier-mta.org/download.php .

QMR provides courier-authlib-0.55.tar.bz2 . Latest is courier-authlib-0.59.3.tar.bz2 .
Also QMR package provides courier-imap-4.0.2.tar.bz2 . Whereas the latest is courier-imap-4.1.3.tar.bz2 .
Also QMR provides courierpassd-1.1.0-RC1 , whereas latest is courierpassd-1.1.2.tar.gz .

cd /downloads/qmailnew

wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.59.3.tar.bz2
wget http://prdownloads.sourceforge.net/courier/courier-imap-4.1.3.tar.bz2
wget http://www.arda.homeunix.net/store/courierpassd-1.1.2.tar.gz

tar xjf courier-authlib-0.59.3.tar.bz2
tar xjf courier-imap-4.1.3.tar.bz2
tar xzf courierpassd-1.1.2.tar.gz

cd /downloads/qmailnew/courier-authlib-0.59.3

./configure –prefix=/usr/local –exec-prefix=/usr/local –with-authvchkpw –without-authldap –without-authmysql –disable-root-check –with-ssl –with-authchangepwdir=/usr/local/libexec/authlib –with-redhat

During make, I get the following errors:-

make

. . .
. . .
Compiling preauthcustom.c
Linking libauthcustom.la
Compiling authvchkpw.c
authvchkpw.c: In function ‘auth_vchkpw’:
authvchkpw.c:86: warning: implicit declaration of function ‘auth_vchkpw_login’
authvchkpw.c: At top level:
authvchkpw.c:103: error: static declaration of ‘auth_vchkpw_login’ follows non-static declaration
authvchkpw.c:86: error: previous implicit declaration of ‘auth_vchkpw_login’ was here
authvchkpw.c: In function ‘auth_vchkpw_changepass’:
authvchkpw.c:184: warning: passing argument 1 of ‘parse_email’ discards qualifiers from pointer target type
make[2]: *** [authvchkpw.lo] Error 1
make[2]: Leaving directory `/downloads/qmailnew/courier-authlib-0.59.3’
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/downloads/qmailnew/courier-authlib-0.59.3’
make: *** [all] Error 2
[root@qmail courier-authlib-0.59.3]#

Downloaded a patch from : http://shupp.org/patches/vpopmail_courier_cram-1.diff

See if it works.

make clean

cd /downloads/qmailnew

wget http://shupp.org/patches/vpopmail_courier_cram-1.diff

cd /downloads/qmailnew/courier-authlib-0.59.3

patch < /download/qmailnew/vpopmail_courier_cram-1.diff

[root@qmail courier-authlib-0.59.3]# patch < /downloads/qmailnew/vpopmail_courier_cram-1.diff
patching file authvchkpw.c
Hunk #1 succeeded at 24 with fuzz 2 (offset 1 line).
Hunk #2 FAILED at 58.
Hunk #3 FAILED at 110.
2 out of 3 hunks FAILED – saving rejects to file authvchkpw.c.rej
patching file preauthvchkpw.c
Reversed (or previously applied) patch detected! Assume -R? [n] n
Apply anyway? [n] n
Skipping patch.
1 out of 1 hunk ignored – saving rejects to file preauthvchkpw.c.rej
[root@qmail courier-authlib-0.59.3]#

This did not work too.

Shall I download the older version? Well, a newer version (courier-authlib-0.60.0) has arrived. Lets check that.

cd /downloads/qmailnew

wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.60.0.tar.bz2

tar xjf courier-authlib-0.60.0.tar.bz2
cd courier-authlib-0.60.0

./configure –prefix=/usr/local –exec-prefix=/usr/local –with-authvchkpw –without-authldap –without-authmysql –disable-root-check –with-ssl –with-authchangepwdir=/usr/local/libexec/authlib –with-redhat

make

This fails too.

Too bad.

From the link: http://www.mail-archive.com/vchkpw@inter7.com/msg25043.html , I landed on the following french site:
http://christian.caleca.free.fr/qmail/courier-imap.htm

Let’s go back to the 0.59.3 fresh source, and apply the following patch.

Save the following code as patch.diff:
#############################################################################################
-– courier-authlib-0.59.3/authvchkpw.c 2007-04-22 20:53:30.000000000 +0200
+++ courier-authlib-0.59.3b/authvchkpw.c 2007-04-25 17:53:58.908980669 +0200
@@ -55,16 +55,19 @@
return (*i->callback_func)(a, i->callback_arg);
}

#if HAVE_HMACLIB

#include “libhmac/hmac.h”
#include “cramlib.h”

+static int auth_vchkpw_login(const char *service, char *authdata,

  • int (*callback_func)(struct authinfo *, void *), void *callback_arg);

static int auth_vchkpw_cram(const char *service,
const char *authtype, char *authdata,
int (*callback_func)(struct authinfo *, void *),
void *callback_arg)
{
struct cram_callback_info cci;

##############################################################################################

[root@qmail courier-authlib-0.59.3]# patch < ../patch.diff
patching file authvchkpw.c
Hunk #1 succeeded at 55 with fuzz 1.
[root@qmail courier-authlib-0.59.3]#

./configure –prefix=/usr/local –exec-prefix=/usr/local –with-authvchkpw –without-authldap –without-authmysql –disable-root-check –with-ssl –with-authchangepwdir=/usr/local/libexec/authlib –with-redhat

make

Make completed successfully !

make check

make install-strip && make install-configure

vi /etc/rc.local
. . .
/usr/local/sbin/authdaemond start

Compile Courier IMAP:-

cd /downloads/qmailnew/courier-imap-4.1.3
chown kamran:wheel /downloads/qmailnew/courier-imap-4.1.3 -R

su kamran

./configure –prefix=/usr/local –exec-prefix=/usr/local –with-authvchkpw –without-authldap –without-authmysql –disable-root-check –with-ssl –with-authchangepwdir=/usr/local/libexec/authlib –with-redhat

make && make check

exit # exit from su

make install-strip && make install-configure

Now let’s create an SSL certificate for the IMAP-SSL server…

/usr/local/sbin/mkimapdcert

vi /usr/local/etc/imapd.cnf
change email address to postmaster@isb.ots.com.

vi /usr/local/etc/imapd

Make sure that the following configuration exists: IMAPDSTART=YES

vi /usr/local/etc/imapd-ssl

Make sure that the following configuration exists: IMAPDSSLSTART=YES

Make sure that the following configuration exists: TLS_CERTFILE=/usr/local/share/imapd.pem

Save and exit the file.

vi /usr/local/etc/authlib/authdaemonrc
Around like 27, you should see the “authmodulelist” setting. Make sure that “authvchkpw” is the only module listed. Like so:

authmodulelist=”authvchkpw”

Save and exit the file.

Now we create the startup scripts…

cp /usr/local/libexec/imapd.rc /etc/rc.d/init.d/imap

cp /usr/local/libexec/imapd-ssl.rc /etc/rc.d/init.d/imaps

/usr/local/sbin/authdaemond stop
/usr/local/sbin/authdaemond start

/etc/rc.d/init.d/imap stop
/etc/rc.d/init.d/imaps stop

/etc/rc.d/init.d/imap start
/etc/rc.d/init.d/imaps start

Also add these to /etc/rc.local

If you run “nmap localhost”, you should see both 143 and 993 now open and listening.

[root@qmail courier-imap-4.1.3]# nmap localhost

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-10-01 12:35 PKT
Interesting ports on qmail.isb.ots.com (127.0.0.1):
Not shown: 1669 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
143/tcp open imap
443/tcp open https
783/tcp open spamassassin
870/tcp open unknown
993/tcp open imaps
3306/tcp open mysql

telnet localhost 143

[root@qmail courier-imap-4.1.3]# telnet localhost 143
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
a login postmaster@isb.ots.com redhat
a OK LOGIN Ok.
a logout
* BYE Courier-IMAP server shutting down
a OK LOGOUT completed
Connection closed by foreign host.
[root@qmail courier-imap-4.1.3]#

Install Courierpassd

cd /downloads/qmailnew/courierpassd-1.1.2

./configure

make && make install

Make sure we have xinetd installed :

rpm -q xinetd
xinetd-2.3.14-10.el5

vi /etc/xinetd.d/courierpassd

service courierpassd
{
port = 106
socket_type = stream
protocol = tcp
user = root
server = /usr/local/sbin/courierpassd
server_args = -s imap
wait = no
only_from = 127.0.0.1
instances = 4
disable = no
}

Then:
echo “courierpassd 106/tcp” » /etc/services

service xinetd restart

Try changing the password now:

telnet localhost 106

[root@qmail courierpassd-1.1.2]# telnet localhost 106
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
200 courierpassd v1.1.2 hello, who are you?
user postmaster@isb.ots.com
200 Your password please.
pass redhat
200 Your new password please.
newpass tiger
200 Password changed, thank-you.
quit
200 Bye.
Connection closed by foreign host.
[root@qmail courierpassd-1.1.2]#

SQUIRRELMAIL:

Download the latest stable version from www.squirrelmail.org .

cd /downloads/qmailnew

wget http://jaist.dl.sourceforge.net/sourceforge/squirrelmail/squirrelmail-1.4.11.tar.bz2

cd /var/www/

tar xjf squirrelmail-1.4.11.tar.bz2

ln -s /var/www/squirrelmail-1.4.11 /var/www/webmail

chown apache:apache /var/www/squirrelmail-1.4.11 -R # perms dont get changed if use /var/www/webmail in chown command

cd /var/www/webmail/config

./conf.pl

Server Settings

General
-——

  1. Domain : isb.ots.com
  2. Invert Time : false
  3. Sendmail or SMTP : SMTP

A. Update IMAP Settings : localhost:143 (other)
B. Update SMTP Settings : localhost:25

IMAP Settings
-————-

  1. IMAP Server : localhost
  2. IMAP Port : 143
  3. Authentication type : login
  4. Secure IMAP (TLS) : false
  5. Server software : other
  6. Delimiter : detect

SMTP Settings
-————

  1. SMTP Server : localhost
  2. SMTP Port : 25
  3. POP before SMTP : false
  4. SMTP Authentication : none
  5. Secure SMTP (TLS) : false
  6. Header encryption key :

General Options

  1. Data Directory : /var/www/webmail/data/
  2. Attachment Directory : /var/www/webmail/attach/

mkdir /var/www/webmail/attach

chown apache:apache /var/www/squirrelmail-1.4.11 -R

Get the squirrelmail change_passwd plugin:

cd /downloads/qmailnew

wget http://www.squirrelmail.org/countdl.php?fileurl=http%3A%2F%2Fwww.squirrelmail.org%2Fplugins%2Fchange_pass-2.7a-1.4.x.tar.gz

cd /var/www/webmail/plugins/

tar xzf /downloads/qmailnew/change_pass-2.7a-1.4.x.tar.gz

Run the conf.pl program again. And add this plugin to Installed plugins.

Plugins
Installed Plugins
1. abook_take
2. administrator
3. change_pass
4. calendar
5. delete_move_next
6. filters
7. fortune
8. info
9. listcommands
10. mail_fetch
11. message_details
12. newmail
13. sent_subfolders
14. spamcop
15. squirrelspell
16. translate

Available Plugins:
17. bug_report
18. demo
19. test

vi /etc/httpd/conf.d/squirrelmail.conf
Alias /webmail /var/www/webmail

service httpd restart

Log on to http://qmail.isb.ots.com/webmail

CLAMAV:
-——

Also the QMR package provides: clamav-0.87-1. Whereas latest is: 0.91-2 .

From the CrashHat site : http://crash.fce.vutbr.cz/crash-hat/centos/5/clamav/

, the latest is 0.91-1

-———————————– End of Day ——————————-

cd /downloads/qmailnew

wget http://crash.fce.vutbr.cz/crash-hat/centos/5/clamav/clamav-0.91.1-1.i386.rpm
wget http://crash.fce.vutbr.cz/crash-hat/centos/5/clamav/clamav-db-0.91.1-1.i386.rpm
wget http://crash.fce.vutbr.cz/crash-hat/centos/5/clamav/clamav-server-0.91.1-1.i386.rpm

rpm -ivh clamav-db
rpm -ivh clamav-server
rpm -ivh clamav

Time to add a user and group “qscand”.

groupadd -g 710 qscand
useradd -u 710 -g 710 -c “Qmail Scanner Account” -s /sbin/false qscand

Configure clamav and freshclam to run as user qscand. Also set up ownership of related directories, accordingly.

vi /etc/clamd.conf

LogFile /var/log/clamav/clamd.log
LogFileMaxSize 10M
LogTime yes
LogSyslog yes
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /tmp
DatabaseDirectory /var/lib/clamav
LocalSocket /var/run/clamav/clamd.sock
FixStaleSocket yes
MaxConnectionQueueLength 30
MaxThreads 50
ReadTimeout 300
User qscand
AllowSupplementaryGroups yes
DetectBrokenExecutables yes
ArchiveMaxCompressionRatio 300
ArchiveBlockEncrypted yes
ArchiveBlockMax yes

vi /etc/freshclam.conf

DatabaseDirectory /var/lib/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog yes
PidFile /var/run/clamav/freshclam.pid
DatabaseOwner qscand
AllowSupplementaryGroups yes
DNSDatabaseInfo current.cvd.clamav.net
DatabaseMirror db.pk.clamav.net
DatabaseMirror database.clamav.net
Checks 24
NotifyClamd /etc/clamd.conf

Change ownership of various directories, accordingly. We also need to setup logrotate.

chown qscand:qscand /var/lib/clamav -R
chown qscand:qscand /var/run/clamav -R
chown qscand:qscand /var/log/clamav -R

Update the logrotate config files:

vi /etc/logrotate.d/clamd

#

# Rotate Clam AV daemon log file

#

/var/log/clamav/clamd.log {
missingok
nocompress
create 640 qscand qscand
postrotate
/bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2> /dev/null || true
endscript
}

vi /etc/logrotate.d/freshclam

#

# Rotate FreshClam daemon log file

#

/var/log/clamav/freshclam.log {
missingok
nocompress
create 640 qscand qscand
postrotate
/bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2> /dev/null || true
endscript
}

Start clamd service:

service clamd start
service freshclam start

chkconfig –level 35 clamd on
chkconfig –level 35 freshclam on

SPAMASSASSIN:
-————

rpm -ivh /media/nfs/CentOS/perl-suidperl-5.8.8-10.i386.rpm

perl -MCPAN -e “install Parse::Syslog”

perl -MCPAN -e “install Statistics::Distributions”

perl -MCPAN -e “install Pod::Usage”
. . .
Fetching with LWP:
http://www.perl.org/CPAN/authors/id/M/MA/MAREKR/Pod-Parser-1.35.tar.gz

QMR package provides spamassassin-3.0.2-1 . Whereas CENTOS 5 provides: spamassassin-3.1.7-4

[root@qmail config]# rpm -qa | grep spam
spamassassin-3.1.7-4.el5
[root@qmail config]#

QMR guide asks us to install perl-Mail-SpamAssassin-3.0.2-1.i386.rpm. BUT, That one is outdated (3.0.2-1). Let’s install the newset (3.2.3), directly from CPAN. This will take some time:

perl -MCPAN -e “install Mail::SpamAssassin”

-————— End of Day ———————

MUST run the following script (as NON-ROOT user) to verify if all needed perl modules are installed or not.

[kamran@qmail ~]$ /downloads/qmailrocks/scripts/util/check_perlmods.script

QMR check_perlmods v1.1

Checking for the existence of needed perl modules…

checking for Time::HiRes…
/usr/lib/perl5/5.8.8/i386-linux-thread-multi/Time/HiRes.pm

checking for Net::DNS…
/usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Net/DNS.pm

checking for Digest::SHA1…
/usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Digest/SHA1.pm

checking for Digest::HMAC…
/usr/lib/perl5/vendor_perl/5.8.8/Digest/HMAC.pm

checking for HTML::Tagset…
/usr/lib/perl5/vendor_perl/5.8.8/HTML/Tagset.pm

checking for HTML::Parser…
/usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/HTML/Parser.pm

checking for Mail::SpamAssassin…
/usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin.pm

checking for Pod::Usage…
/usr/lib/perl5/5.8.8/Pod/Usage.pm

checking for Parse::Syslog…
/usr/lib/perl5/site_perl/5.8.8/Parse/Syslog.pm

checking for Statistics::Distributions…
/usr/lib/perl5/site_perl/5.8.8/Statistics/Distributions.pm

Check Complete.

-———————————-

Basically this script is simple. No rocket science in it. It’s essesnce is in the command “perldoc -l xxxx::yyyy”:

So if you don’t want to run the script, here is what you can run manually:

perldoc -l Time::HiRes
perldoc -l Net::DNS
perldoc -l Digest::SHA1
perldoc -l Digest::HMAC
perldoc -l HTML::Tagset
perldoc -l HTML::Parser
perldoc -l Mail::SpamAssassin
perldoc -l Pod::Usage
perldoc -l Parse::Syslog
perldoc -l Statistics::Distributions

If you see “No documentation found for xxxx::yyyy”, that means that perl module is not installed.

Let’s add user for SpamAssassin :

groupadd -g 711 spamd
useradd -u 711 -g 711 spamd

vi /etc/sysconfig/spamassassin

# Options to spamd
# SPAMDOPTIONS=”-d -c -m5 -H”
SPAMDOPTIONS=”-x -u spamd -H /home/spamd -d”

vi /etc/mail/spamassassin/local.cf
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]

service spamassassin restart
chkconfig –level 35 spamassassin on

ps aux grep spam

root 29307 2.7 15.7 34448 29820 ? Ss 09:48 0:01 /usr/bin/spamd -x -u spamd -H /home/spamd -d -r /var/run/spamd.pid
spamd 29309 0.0 15.0 34448 28564 ? S 09:48 0:00 spamd child
spamd 29310 0.0 15.0 34448 28480 ? S 09:48 0:00 spamd child

Let’s perform a “spamassassin -D –lint” test.

I see from the output that the following required mudules are not installed.

spamassassin -D –lint
. . .
[29439] dbg: diag: module not installed: Mail::SPF (‘require’ failed)
[29439] dbg: diag: module not installed: Mail::SPF::Query (‘require’ failed)
[29439] dbg: diag: module not installed: IP::Country::Fast (‘require’ failed)
[29439] dbg: diag: module not installed: Razor2::Client::Agent (‘require’ failed)
[29439] dbg: diag: module not installed: Net::Ident (‘require’ failed)
[29439] dbg: diag: module not installed: Mail::DomainKeys (‘require’ failed)
[29439] dbg: diag: module not installed: Mail::DKIM (‘require’ failed)
[29439] dbg: diag: module not installed: Encode::Detect (‘require’ failed)
. . .

Lets install these modules before we move on to installing DCC, Razor , Pyzor.

perl -MCPAN -e “install Mail::SPF”
perl -MCPAN -e “install Mail::SPF::Query”
perl -MCPAN -e “install IP::Country::Fast” perl -MCPAN -e “install Net::Ident”
perl -MCPAN -e “install Mail::DomainKeys”
perl -MCPAN -e “install Mail::DKIM”

[root@qmail ~]# perl -MCPAN -e “install Razor2::Client::Agent”

CPAN: File::HomeDir loaded ok (v0.66)
CPAN: Storable loaded ok (v2.15)
Going to read /root/.cpan/Metadata
Database was generated on Thu, 04 Oct 2007 02:36:56 GMT
Warning: Cannot install Razor2::Client::Agent, don’t know what it is.
Try the command

i /Razor2::Client::Agent/  

############################
From : http://mail-archives.apache.org/mod_mbox/spamassassin-users/200512.mbox/%3c474C0737-CFB8-4B95-9F62-99D61AA6106A@bulckens.com%3e

http://razor.sourceforge.net/
Razor2::Client::Agent is not on Cpan. Install it manually.
Start with razor-agents-sdk, which installs dependencies…
#############################################

Encode::Detect won’t install:-

[root@qmail ~]# perl -MCPAN -e “install Encode::Detect”
CPAN: File::HomeDir loaded ok (v0.66)
CPAN: Storable loaded ok (v2.15)
Going to read /root/.cpan/Metadata
Database was generated on Thu, 04 Oct 2007 02:36:56 GMT
Running install for module ‘Encode::Detect’
Running make for J/JG/JGMYERS/Encode-Detect-1.00.tar.gz
CPAN: LWP::UserAgent loaded ok (v2.033)
CPAN: Time::HiRes loaded ok (v1.9707)
Fetching with LWP:
http://www.perl.org/CPAN/authors/id/J/JG/JGMYERS/Encode-Detect-1.00.tar.gz
. . .
. . .
Test returned status 255 (wstat 65280, 0xff00)
Failed Test Stat Wstat Total Fail List of Failed
-——————————————————————————
t/encoding.t 255 65280 ?? ?? ??
Failed 1/2 test scripts. 0/7 subtests failed.
Files=2, Tests=7, 0 wallclock secs ( 0.18 cusr + 0.04 csys = 0.22 CPU)
Failed 1/2 test programs. 0/7 subtests failed.
make: *** [test] Error 255
JGMYERS/Encode-Detect-1.00.tar.gz
/usr/bin/make test – NOT OK
Running make install
make test had returned bad status, won’t install without force

-—————

perl -MCPAN -e “install Encode”

From www.cpan.org :
Encode::Detect - An Encode::Encoding subclass that detects the encoding of data

So lets try installing Encode::Encoding first:

[root@qmail ~]# perl -MCPAN -e “install Encode::Encoding”
CPAN: File::HomeDir loaded ok (v0.66)
CPAN: Storable loaded ok (v2.15)
Going to read /root/.cpan/Metadata
Database was generated on Thu, 04 Oct 2007 23:36:46 GMT
Encode::Encoding is up to date (2.05).

Lets try:

perl -MCPAN -e “install Encode::Detect::Detector”

Running make install
make test had returned bad status, won’t install without force

OK. Let’s try force.

perl -MCPAN -e “force install Encode::Detect”

No. Doesn’t work. Leaving it at the moment. Trying manual method:

cd /downloads/qmailnew
wget http://search.cpan.org/CPAN/authors/id/J/JG/JGMYERS/Encode-Detect-1.00.tar.gz
tar xzf Encode-Detect-1.00.tar.gz
cd Encode-Detect-1.00

[root@qmail Encode-Detect-1.00]# perl Makefile.PL
# running Build.PL
/usr/bin/perl Build.PL
Checking whether your kit is complete…
Looks good

Checking prerequisites…
Looks good

Creating new ‘Build’ script for ‘Encode-Detect’ version ‘1.00’

-————————–

make && make install

Alhumdulillah, Done.

Check “spamassassin -D –lint”

No modules found as ‘required’ (failed) , except Razor, which will be installed in the next step.

DCC, Razor, Pyzor:
-—————–

Lets Install DCC, Razor and Pyzor before moving on.

Installing DCC:
-————–
From: http://opensourceheaven.net/?page_id=98

cd /downloads/qmailnew
wget http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Zk
tar xzf dcc.tar.Z

cd dcc-1.3.61/

./configure
make
make install

Installing Pyzor:
-—————–

Pyzor is a system of distributed servers that is very similar to Razor. We use it here in order to fine tune our server’s spam-fighting abilities. It uses UDP Port 24441 to communicate with its server(s). Pyzor requires Python v2.2.1 and above.

cd /downloads/qmailnew
wget http://kent.dl.sourceforge.net/sourceforge/pyzor/pyzor-0.4.0.tar.bz2
tar xjf pyzor-0.4.0.tar.bz2
cd pyzor-0.4.0
python setup.py build
python setup.py install

Installing Razor:
-—————-
Vipul’s Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures.

Homepage: http://razor.sourceforge.net/download/

Razor requires a little more configuration. You will need to install these perl modules, if you don’t have them already:

All of the following required modules are available at CPAN (These modules are included in razor-agents-sdk):

perl -MCPAN -e "install Time::HiRes"  # RPM in CENTOS Distro  
perl -MCPAN -e "install Digest::SHA1"  # RPM in CENTOS Distro  
perl -MCPAN -e "install MIME::Base64"  
perl -MCPAN -e "install Test::Simple"  
perl -MCPAN -e "install Test::Harness"  
perl -MCPAN -e "install Getopt::Long"  
perl -MCPAN -e "install URI::Escape" # RPM in CENTOS Distro  

Since I have installed these Modules manually. I don’t need razor-sdk.

cd /downloads/qmailnew
wget http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/r/ra/razor/razor-agents-2.84.tar.bz2
tar xjf razor-agents-2.84.tar.bz2
cd razor-agents-2.84
perl Makefile.PL
make
make test
make install

All three anti-spam components are now installed. Lets configure them one by one.

DCC:
-—

vi /var/dcc/dcc_conf
. . .
DCCIFD_ENABLE=on
DCCUID=root
. . .

cp /var/dcc/libexec/rcDCC /etc/init.d/dcc
chmod 755 /etc/init.d/dcc

vi /etc/init.d/dcc

DCC_HOMEDIR=/var/dcc
DCC_LIBEXEC=/var/dcc/libexec # in case dcc_conf has disappeared

Then:

chkconfig –level 35 dcc on
service dcc start

Check if the processes are running:

[root@qmail razor-agents-2.84]# ps aux | grep dcc
root 5216 0.0 0.1 2644 280 ? Ss 12:06 0:00 /var/dcc/libexec/dccifd -tCMN,5, -llog -wwhiteclnt -Uuserdirs -SHELO -Smail_host -SSender -SList-ID
root 5217 1.2 5.7 33068 10944 ? Sl 12:06 0:00 /var/dcc/libexec/dccifd -tCMN,5, -llog -wwhiteclnt -Uuserdirs -SHELO -Smail_host -SSender -SList-ID

DCC Configured.

Razor:
-—–
razor-admin -d -home=/etc/razor -create
razor-admin -d -home=/etc/razor -register

Razor configured.

Configure /etc/mail/spamassassin/local.cf as:

Now your local.cf file should look like:

vi /etc/mail/spamassassin/local.cf
# How many hits before a message is considered spam.
required_score 5.0

# Change the subject of suspected spam
rewrite_header subject *****SPAM*****

# Encapsulate spam in an attachment (0=no, 1=yes, 2=safe)
report_safe 1

# Enable the Bayes system
use_bayes 1

# Enable Bayes auto-learning
bayes_auto_learn 1

# Enable or disable network checks
# RBL Checks are skipped as I want to use rblsmtpd directly with Qmail
skip_rbl_checks 1
use_razor2 1
use_dcc 1
use_pyzor 1

# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - english
ok_languages en

# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales en

score PYZOR_CHECK 1

razor_config /etc/razor/razor-agent.conf
dcc_home /var/dcc
dcc_path /usr/local/bin/dccproc
dcc_dccifd_path /var/dcc/dccifd

Restart SpamAssassin service:

[root@qmail razor-agents-2.84]# service spamassassin restart
Stopping spamd: [ OK ]
Starting spamd: [5264] info: config: failed to parse line, skipping, in “/etc/mail/spamassassin/local.cf”: use_dcc 1
[5264] info: config: failed to parse, now a plugin, skipping, in “/etc/mail/spamassassin/local.cf”: ok_languages en
[5264] info: config: failed to parse line, skipping, in “/etc/mail/spamassassin/local.cf”: dcc_home /var/dcc
[5264] info: config: failed to parse line, skipping, in “/etc/mail/spamassassin/local.cf”: dcc_path /usr/local/bin/dccproc
[5264] info: config: failed to parse line, skipping, in “/etc/mail/spamassassin/local.cf”: dcc_dccifd_path /var/dcc/dccifd
[ OK ]
[root@qmail razor-agents-2.84]#

vi /etc/mail/spamassassin/v310.pre
. . .
loadplugin Mail::SpamAssassin::Plugin::DCC

vi /etc/mail/spamassassin/v312.pre
loadplugin Mail::SpamAssassin::Plugin::DKIM
. . .

vi /etc/mail/spamassassin/init.pre
. . .
loadplugin Mail::SpamAssassin::Plugin::RelayCountry
. . .

Then, remove “ok_languages en” from the local.cf file.

And:
perl -MCPAN -e “install Crypt::OpenSSL::Bignum”

[root@qmail razor-agents-2.84]# service spamassassin restart
Stopping spamd: [ OK ]
Starting spamd: [ OK ]
[root@qmail razor-agents-2.84]#

spamassassin -D –lint

sa-learn –sync

TARPIT, GREYLISTING and RBLSMTPD:
-——————————–

Tarpit patch was already implemented in qmail during compilation. Greylist software can be downloaded.

cd /downloads/qmailnew
wget http://oss.albawaba.com/files/cqgreylist-0.2.tar.gz
tar xzf cqgreylist-0.2.tar.gz
cd cqgreylist-0.2
mkdir /var/qmail/cqgreylist
chown vpopmail /var/qmail/cqgreylist

vi cqgreylist.c
. . .

/*
* Change anything you want here
*/
/* RFC 2821 specifies the timeout for recieving a command to at least 5 mins */

define TIMEOUT 300

/* specify the greylisting time in which to not accept mail from a sender */

define GREY_SECONDS 60

char* hostname = “qmail.isb.ots.com”;
char* message = “You are greylisted for 60 seconds. Try sending again…”;
char* base_directory = “/var/qmail/cqgreylist/”;
/*
* End of user editable parameters
*/

make
cp cqgreylist /var/qmail/bin/

crontab -e

. . .
23 * * * * /usr/bin/find /var/qmail/cqgreylist -mtime 1 -type f -exec rm -f {} \\;

Edit the run script for qmail-smtpd:-

vi /var/qmail/supervise/qmail-smtpd/run

Text before editing:
. . .
exec /usr/local/bin/softlimit -m 30000000 \\
/usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD” \\
-u “$QMAILDUID” -g “$NOFILESGID” 0 smtp \\
/var/qmail/bin/qmail-smtpd qmail.isb.ots.com \\
/home/vpopmail/bin/vchkpw /usr/bin/true 2>&1

Text after editing:
-——————
. . .
exec /usr/local/bin/softlimit -m 30000000 \\
/usr/local/bin/tcpserver -v -R -l “$LOCAL” -x /etc/tcp.smtp.cdb -c “$MAXSMTPD” \\
-u “$QMAILDUID” -g “$NOFILESGID” 0 smtp \\
rblsmtpd \\
-r sbl.spamhaus.org \\
-r zen.spamhaus.org \\
-r bl.spamcop.net \\
-r list.dsbl.org \\
/var/qmail/bin/cqgreylist \\
/var/qmail/bin/qmail-smtpd qmail.isb.ots.com \\
/home/vpopmail/bin/vchkpw /usr/bin/true 2>&1

This line in /etc/tcp.smtp is enough for server functionality as a mail server.

cat /etc/tcp.smtp
127.:allow,RELAYCLIENT=””

Restart Qmail service:

qmailctl stop
qmailctl start

-————————– Clam AV and SpamAssassin installed. ———————-

Now the actual thing. MailScanner. (Not QmailScanner).

I am following the directions from: http://www.v1ce.net/maildocs/MailScanner-Qmail.html . And: http://qms.ausics.net/

According to the document :
“This document supposes that your Qmail instalation directory is /var/qmail/ and that you have at last one working antivirus also (ClamAV for my system).”

So we already have that.

Download MailScanner

Download the latest version of MailScanner. Support for Qmail start with version 4.27.7 if you have an older version, you don’t have the MailScanner::Qmail.pm and MailScanner::QMDiskStore Perl modules needed to work correctly with Qmail. Actually, there’s only a beta support for the Qmail MTA.

MailScanner home page is : http://www.mailscanner.info/

Look for Stable version. Current latest stable version is : MailScanner-4.64.3-2
Each of the packages is a compressed tar file. Download it, unpack it (with “tar xzvf .tar.gz") and run the "install.sh" script in it.

cd /downloads/qmailnew/
wget http://www.mailscanner.info/files/4/rpm/MailScanner-4.64.3-2.rpm.tar.gz # this one will install in normal RPM layout.
OR
wget wget http://www.mailscanner.info/files/4/tar/MailScanner-install-4.64.3-2.tar.gz # this one will isntall in /opt

tar xzf MailScanner-4.64.3-2.rpm.tar.gz

cd /downloads/qmailnew/MailScanner-4.64.3-2

Run the ./install.sh script.

./install.sh

. . .
. . .
. . .

Now to install MailScanner itself.

NOTE: If you get lots of errors here, run the install.sh script
NOTE: again with the command “./install.sh nodeps”

Preparing… ########################################### [100%]
1:mailscanner ########################################### [100%]
Good, SpamAssassin site rules found in /etc/mail/spamassassin
error reading information on service sendmail: No such file or directory

To activate MailScanner run the following commands:

service sendmail stop
chkconfig sendmail off
chkconfig MailScanner on
service MailScanner start

For technical support, please read the MAQ at www.mailscanner.biz/maq/
and buy the book at www.mailscanner.info/store

-———————————————————
Please buy the MailScanner book from www.mailscanner.info!
It is a very useful administration guide and introduction
to MailScanner. All the proceeds go directly to making
MailScanner a better supported package than it is today.

[root@qmail MailScanner-4.64.3-2]#

The next step : Install special qmail-queue

In the docs/qmail subdirectory of the distribution you can find a zip file named qmail-queue.zip.

However, I could not find any such file or directory in the MailScanner.RPM.tar.gz file I downloaded. Not even in the MailScanner-install-4.64.3-2.tar.gz package. !!!!!!!

Searching on the internet revealed that this site:
http://wiki.mailscanner.info/doku.php?id=documentation:instructions_for_integrating_mailscanner_with_qmail

,has some link which takes you to this link:

http://qms.ausics.net/

According to the site:
This guide is provided because MailScanner was written for Sendmail, and although author Julian Field offers support for likes of Exim, and others support Postfix modules, he does not provide any support for Qmail. Qmail needs source modification which is not the case for other MTAs.

Firstly download MailScanner (if you use RH/CentOS,SuSE,Fedora etc, I still recommend the source version over the RPM) and my qmail-ms packages.
Qmail-ms is in addition to your normal Qmail sources, which must remain completely separate. Qmail-ms is qmail-1.03 with a hand full of sources patched so MailScanner and Qmail can work together, it generates only two files that we need for this to work.
The instructions for most of this, including path examples are based on source install which places MailScanner under /opt, if you use RPM just change paths to suite, or rpm -e MailScanner and install the source version.

Play it safe, backup all sources and your /var/qmail/bin contents so you don’t accidentally overwrite your real Qmail sources, and if something goes wrong you can put back your original binaries.

My point: I made so much effort to patch the qmail-1.03 with my desired patches. Will this all go waste?

The following downloads are available at http://qms.ausics.net/ :

Downloads:
MailScanner Linux/BSD/Solaris Source and RedHat/Fedora RPM.
qmail-ms Provides 2 programs we need to use MailScanner.
qmail-modern Just another patched up version of netqmail.

################################################################################
I have put the following question on this website too:

Realname: Kamran Azeem

Subject: What about my already patched qmail installation ?

Request: Hi, I know your time is expensive. I have followed www.qmailrocks.org guide, and have installed upgraded versions of all of software pieces along the way (vpopmail, qmailadmin, clamav, spamassassin, DCC, Razor, Pyzor, etc). I also patched Qmail-1.03 with latest patches from jms1 . Eg. Grey Listing, Tarpitting, etc etc. It is quite robust and hardened installation. If I use your version of Qmail-ms or Qmail-modern, then what about the patches I have already applied? Will I be able to apply those patches to your qmail-ms or qmail-modern? Please advice or point in the right direction. Regards, Kamran www.wbitt.com

Your Message ValidID Number is f5ue1esejd
######################################################################################

Lets backup /var/qmail to a safe place, so if things go wrong, we can restore them.

tar czf /downloads/var.qmail.backup.tar.gz /var/qmail

OK. Let’s download qmail-ms and qmail-modern, both and have a look in them:

cd /downloads/qmailnew

wget http://qms.ausics.net/qmail-ms.tar.gz
wget http://qms.ausics.net/qmail-modern.tar.gz

tar xzf qmail-modern.tar.gz
tar zxf qmail-ms.tar.gz

Stop currently running copy of qmail:

qmailctl stop

cd /downloads/qmailnew/qmail-ms

# The README file (00_READMENOW.TXT), which comes with qmail-ms is a MUST read.

Run the ./msconf program:

[root@qmail qmail-ms]# ./msconf
Your perl binary we found and will use is /usr/bin/perl
We found and will configure /etc/MailScanner/MailScanner.conf
CPAN: File::HomeDir loaded ok (v0.66)
CPAN: Storable loaded ok (v2.15)
Going to read /root/.cpan/Metadata
Database was generated on Thu, 04 Oct 2007 23:36:46 GMT
CPAN: LWP::UserAgent loaded ok (v2.033)
CPAN: Time::HiRes loaded ok (v1.9707)
Fetching with LWP:
http://www.perl.org/CPAN/authors/01mailrc.txt.gz
CPAN: YAML loaded ok (v0.65) . . .
. . .

Installing /usr/share/man/man3/Mail::Audit::Vacation.3pm
Installing /usr/share/man/man3/Mail::Audit::Util::Tempdir.3pm
Installing /usr/share/man/man3/Mail::Audit::KillDups.3pm
Writing /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi/auto/Mail/Audit/.packlist
Appending installation info to /usr/lib/perl5/5.8.8/i386-linux-thread-multi/perllocal.pod
RJBS/Mail-Audit-2.221.tar.gz
/usr/bin/make install – OK
if any errors on perl mods occured, manually install them
We have now configured /etc/MailScanner/MailScanner.conf for use with qmail
Make sure Run as User/Group is set to Qmail in MailScanner.conf
I urge you to edit other settings especially your ORG name as well as any
other settings you wish to change, I recommend you also check the filename
and types files in MailScanner/etc as by default they are very restrictive
Now continue by running make and make setup

vi /etc/MailScanner/MailScanner.conf

%org-name% = isb.ots.com
%org-long-name% = Local Qmail Test Server at OTS-ISB.
%web-site% = www.isb.ots.com
%etc-dir% = /etc/MailScanner
%report-dir% = /etc/MailScanner/reports/en
%rules-dir% = /etc/MailScanner/rules
%mcp-dir% = /etc/MailScanner/mcp
Max Children = 5
Run As User = qmailq
Run As Group = qmail
Queue Scan Interval = 6
Incoming Queue Dir = /var/qmail/queue.in/mess
Outgoing Queue Dir = /var/qmail/queue/mess
Incoming Work Dir = /var/spool/MailScanner/incoming
Quarantine Dir = /var/spool/MailScanner/quarantine
PID file = /var/run/MailScanner.pid
Restart Every = 7200
MTA = Qmail
Sendmail = /var/qmail/bin/qmail-inject.mailscanner
Sendmail2 = /var/qmail/bin/qmail-inject.mailscanner
Incoming Work User =
Incoming Work Group = qscand
Incoming Work Permissions = 0660
Quarantine User =
Quarantine Group = qscand
Quarantine Permissions = 0600
Max Unscanned Bytes Per Scan = 100m
Max Unsafe Bytes Per Scan = 50m
Max Unscanned Messages Per Scan = 30
Max Unsafe Messages Per Scan = 30
Max Normal Queue Size = 800
Scan Messages = yes
Reject Message = no
Maximum Attachments Per Message = 200
Expand TNEF = yes
Use TNEF Contents = replace
Deliver Unparsable TNEF = no
TNEF Expander = /usr/bin/tnef –maxsize=100000000
TNEF Timeout = 120
File Command = /usr/bin/file
File Timeout = 20
Gunzip Command = /bin/gunzip
Gunzip Timeout = 50
Unrar Command = /usr/bin/unrar
Unrar Timeout = 50
Find UU-Encoded Files = no
Maximum Message Size = %rules-dir%/max.message.size.rules
Maximum Attachment Size = -1
Minimum Attachment Size = -1
Maximum Archive Depth = 2
Find Archives By Content = yes
Zip Attachments = no
Attachments Zip Filename = MessageAttachments.zip
Attachments Min Total Size To Zip = 100k
Attachment Extensions Not To Zip = .zip .rar .gz .tgz .jpg .jpeg .mpg .mpe .mpeg .mp3 .rpm .htm .html .eml
Virus Scanning = yes
Virus Scanners = clamd
Virus Scanner Timeout = 300
Deliver Disinfected Files = no
Silent Viruses = HTML-IFrame All-Viruses
Still Deliver Silent Viruses = no
Non-Forging Viruses = Joke/ OF97/ WM97/ W97M/ eicar
Block Encrypted Messages = no
Block Unencrypted Messages = no
Allow Password-Protected Archives = no
Check Filenames In Password-Protected Archives = yes
Allowed Sophos Error Messages =
Sophos IDE Dir = /opt/sophos-av/lib/sav
Sophos Lib Dir = /opt/sophos-av/lib
Monitors For Sophos Updates = /opt/sophos-av/lib/sav/*.ide
Monitors for ClamAV Updates = /usr/local/share/clamav/*.inc/* /var/lib/clamav/*.cvd
ClamAVmodule Maximum Recursion Level = 8
ClamAVmodule Maximum Files = 1000
ClamAVmodule Maximum Compression Ratio = 250
Clamd Port = 3310
Clamd Socket = /var/run/clamav/clamd.sock
Clamd Lock File = /var/lock/subsys/clamd
Clamd Use Threads = no
ClamAV Full Message Scan = yes
Dangerous Content Scanning = yes
Allow Partial Messages = no
Allow External Message Bodies = no
Find Phishing Fraud = yes
Also Find Numeric Phishing = yes
Use Stricter Phishing Net = yes
Highlight Phishing Fraud = yes
Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf
Phishing Bad Sites File = %etc-dir%/phishing.bad.sites.conf
Country Sub-Domains List = %etc-dir%/country.domains.conf
Allow IFrame Tags = disarm
Allow Form Tags = disarm
Allow Script Tags = disarm
Allow WebBugs = disarm
Ignored Web Bug Filenames = spacer pixel.gif pixel.png gap
Known Web Bug Servers = msgtag.com
Web Bug Replacement = http://www.sng.ecs.soton.ac.uk/mailscanner/images/1x1spacer.gif
Allow Object Codebase Tags = disarm
Convert Dangerous HTML To Text = no
Convert HTML To Text = no
Allow Filenames =
Deny Filenames =
Filename Rules = %etc-dir%/filename.rules.conf
Allow Filetypes =
Deny Filetypes =
Filetype Rules = %etc-dir%/filetype.rules.conf
Quarantine Infections = yes
Quarantine Silent Viruses = no
Quarantine Modified Body = no
Quarantine Whole Message = no
Quarantine Whole Messages As Queue Files = no
Keep Spam And MCP Archive Clean = no
Language Strings = %report-dir%/languages.conf
Rejection Report = %report-dir%/rejection.report.txt
Deleted Bad Content Message Report = %report-dir%/deleted.content.message.txt
Deleted Bad Filename Message Report = %report-dir%/deleted.filename.message.txt
Deleted Virus Message Report = %report-dir%/deleted.virus.message.txt
Deleted Size Message Report = %report-dir%/deleted.size.message.txt
Stored Bad Content Message Report = %report-dir%/stored.content.message.txt
Stored Bad Filename Message Report = %report-dir%/stored.filename.message.txt
Stored Virus Message Report = %report-dir%/stored.virus.message.txt
Stored Size Message Report = %report-dir%/stored.size.message.txt
Disinfected Report = %report-dir%/disinfected.report.txt
Inline HTML Signature = %report-dir%/inline.sig.html
Inline Text Signature = %report-dir%/inline.sig.txt
Signature Image Filename = %report-dir%/sig.jpg
Signature Image Filename = signature.jpg
Inline HTML Warning = %report-dir%/inline.warning.html
Inline Text Warning = %report-dir%/inline.warning.txt
Sender Content Report = %report-dir%/sender.content.report.txt
Sender Error Report = %report-dir%/sender.error.report.txt
Sender Bad Filename Report = %report-dir%/sender.filename.report.txt
Sender Virus Report = %report-dir%/sender.virus.report.txt
Sender Size Report = %report-dir%/sender.size.report.txt
Hide Incoming Work Dir = yes
Include Scanner Name In Reports = yes
Mail Header = X-%org-name%-MailScanner:
Spam Header = X-%org-name%-MailScanner-SpamCheck:
Spam Score Header = X-%org-name%-MailScanner-SpamScore:
Information Header = X-%org-name%-MailScanner-Information:
Add Envelope From Header = yes
Add Envelope To Header = no
Envelope From Header = X-%org-name%-MailScanner-From:
Envelope To Header = X-%org-name%-MailScanner-To:
Spam Score Character = s
SpamScore Number Instead Of Stars = no
Minimum Stars If On Spam List = 0
Clean Header Value = Found to be clean
Infected Header Value = Found to be infected
Disinfected Header Value = Disinfected
Information Header Value = Please contact the ISP for more information
Detailed Spam Report = yes
Include Scores In SpamAssassin Report = yes
Always Include SpamAssassin Report = no
Multiple Headers = append
Hostname = the %org-name% ($HOSTNAME) MailScanner
Sign Messages Already Processed = no
Sign Clean Messages = yes
Attach Image To Signature = no
Attach Image To HTML Message Only = yes
Mark Infected Messages = yes
Mark Unscanned Messages = yes
Unscanned Header Value = Not scanned: please contact your Internet E-Mail Service Provider for details
Remove These Headers = X-Mozilla-Status: X-Mozilla-Status2:
Deliver Cleaned Messages = yes
Notify Senders = yes
Notify Senders Of Viruses = no
Notify Senders Of Blocked Filenames Or Filetypes = yes
Notify Senders Of Blocked Size Attachments = no
Notify Senders Of Other Blocked Content = yes
Never Notify Senders Of Precedence = list bulk
Scanned Subject Text = {Scanned}
Virus Modify Subject = start
Virus Subject Text = {Virus?}
Filename Modify Subject = start
Filename Subject Text = {Filename?}
Content Modify Subject = start
Content Subject Text = {Dangerous Content?}
Size Modify Subject = start
Size Subject Text = {Size}
Disarmed Modify Subject = start
Disarmed Subject Text = {Disarmed}
Phishing Modify Subject = no
Phishing Subject Text = {Fraud?}
Spam Modify Subject = start
Spam Subject Text = {Spam?}
High Scoring Spam Modify Subject = start
High Scoring Spam Subject Text = {Spam?}
Warning Is Attachment = yes
Attachment Warning Filename = %org-name%-Attachment-Warning.txt
Attachment Encoding Charset = ISO-8859-1
Archive Mail =
Send Notices = yes
Notices Include Full Headers = yes
Hide Incoming Work Dir in Notices = no
Notice Signature = – \\nMailScanner\\nEmail Virus Scanner\\nwww.mailscanner.info
Notices From = MailScanner
Notices To = postmaster
Local Postmaster = postmaster
Spam List Definitions = %etc-dir%/spam.lists.conf
Virus Scanner Definitions = %etc-dir%/virus.scanners.conf
Spam Checks = yes
Spam Domain List =
Spam Lists To Be Spam = 1
Spam Lists To Reach High Score = 3
Spam List Timeout = 10
Max Spam List Timeouts = 7
Spam List Timeouts History = 10
Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules
Is Definitely Spam = no
Definite Spam Is High Scoring = no
Ignore Spam Whitelist If Recipients Exceed = 20
Max Spam Check Size = 200k
Use Watermarking = no
Add Watermark = yes
Check Watermarks With No Sender = yes
Treat Invalid Watermarks With No Sender as Spam = nothing
Check Watermarks To Skip Spam Checks = yes
Watermark Secret = %org-name%-Secret
Watermark Lifetime = 604800
Watermark Header = X-%org-name%-MailScanner-Watermark:
Use SpamAssassin = yes
Max SpamAssassin Size = 200k
Required SpamAssassin Score = 6
High SpamAssassin Score = 10
SpamAssassin Auto Whitelist = yes
SpamAssassin Timeout = 75
Max SpamAssassin Timeouts = 10
SpamAssassin Timeouts History = 30
Check SpamAssassin If On Spam List = yes
Include Binary Attachments In SpamAssassin = no
Spam Score = yes
Cache SpamAssassin Results = yes
SpamAssassin Cache Database File = /var/spool/MailScanner/incoming/SpamAssassin.cache.db
Rebuild Bayes Every = 0
Wait During Bayes Rebuild = no
Use Custom Spam Scanner = no
Max Custom Spam Scanner Size = 20k
Custom Spam Scanner Timeout = 20
Max Custom Spam Scanner Timeouts = 10
Custom Spam Scanner Timeout History = 20
Spam Actions = deliver header “X-Spam-Status: Yes”
High Scoring Spam Actions = deliver header “X-Spam-Status: Yes”
Non Spam Actions = deliver header “X-Spam-Status: No”
SpamAssassin Rule Actions =
Sender Spam Report = %report-dir%/sender.spam.report.txt
Sender Spam List Report = %report-dir%/sender.spam.rbl.report.txt
Sender SpamAssassin Report = %report-dir%/sender.spam.sa.report.txt
Inline Spam Warning = %report-dir%/inline.spam.warning.txt
Recipient Spam Report = %report-dir%/recipient.spam.report.txt
Enable Spam Bounce = %rules-dir%/bounce.rules
Bounce Spam As Attachment = no
Syslog Facility = mail
Log Speed = no
Log Spam = no
Log Non Spam = no
Log Permitted Filenames = no
Log Permitted Filetypes = no
Log Silent Viruses = no
Log Dangerous HTML Tags = no
SpamAssassin Temporary Dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp
SpamAssassin User State Dir = /var/spool/MailScanner/spamass
SpamAssassin Install Prefix =
SpamAssassin Site Rules Dir = /etc/mail/spamassassin
SpamAssassin Local Rules Dir =
SpamAssassin Default Rules Dir =
MCP Checks = no
First Check = spam
MCP Required SpamAssassin Score = 1
MCP High SpamAssassin Score = 10
MCP Error Score = 1
MCP Header = X-%org-name%-MailScanner-MCPCheck:
Non MCP Actions = deliver
MCP Actions = deliver
High Scoring MCP Actions = deliver
Bounce MCP As Attachment = no
MCP Modify Subject = start
MCP Subject Text = {MCP?}
High Scoring MCP Modify Subject = start
High Scoring MCP Subject Text = {MCP?}
Is Definitely MCP = no
Is Definitely Not MCP = no
Definite MCP Is High Scoring = no
Always Include MCP Report = no
Detailed MCP Report = yes
Include Scores In MCP Report = no
Log MCP = no
MCP Max SpamAssassin Timeouts = 20
MCP Max SpamAssassin Size = 100k
MCP SpamAssassin Timeout = 10
MCP SpamAssassin Prefs File = %mcp-dir%/mcp.spam.assassin.prefs.conf
MCP SpamAssassin User State Dir = /var/spool/MailScanner/spamass
MCP SpamAssassin Local Rules Dir = %mcp-dir%
MCP SpamAssassin Default Rules Dir = %mcp-dir%
MCP SpamAssassin Install Prefix = %mcp-dir%
Recipient MCP Report = %report-dir%/recipient.mcp.report.txt
Sender MCP Report = %report-dir%/sender.mcp.report.txt
Use Default Rules With Multiple Recipients = no
Spam Score Number Format = %d
MailScanner Version Number = 4.64.3
SpamAssassin Cache Timings = 1800,300,10800,172800,600
Debug = no
Debug SpamAssassin = no
Run In Foreground = no
Always Looked Up Last = no
Always Looked Up Last After Batch = no
Deliver In Background = yes
Delivery Method = batch
Split Exim Spool = no
Lockfile Dir = /tmp
Custom Functions Dir = /usr/lib/MailScanner/MailScanner/CustomFunctions
Lock Type =
Minimum Code Status = supported

We need to make the user “qmailq” a member of group qscand.

usermod -G qscand qmailq

Next, we run the “make” and “make setup” commands

make

make setup

This step gives some problems. As it calls wrong path for chown. And it assumes that the MailScanner is installed in /opt.

[root@qmail qmail-ms]# make setup
./makedirs
./makedirs: line 8: /usr/bin/chown: No such file or directory
./makedirs: line 12: /usr/bin/chown: No such file or directory
./makedirs: line 13: /usr/bin/chown: No such file or directory
./makedirs: line 14: /usr/bin/chmod: No such file or directory
./makedirs: line 15: /usr/bin/chmod: No such file or directory
./makedirs: line 17: /usr/bin/chown: No such file or directory
./makedirs: line 19: cd: /opt/MailScanner/bin/cron: No such file or directory
cp: cannot stat `check_MailScanner.cron’: No such file or directory
cp: cannot stat `update_virus_scanners.cron’: No such file or directory
cp: cannot stat `clean.SA.cache.cron’: No such file or directory
cp: cannot stat `clean.quarantine.cron’: No such file or directory
cp: cannot stat `sa-update.cron’: No such file or directory
cp: cannot stat `update_phishing_sites.cron’: No such file or directory

We are now going to run MailScanner –lint if there are any errors
please correct them

./makedirs: line 30: /opt/MailScanner/bin/MailScanner: No such file or directory

echo “Done… You should now start Qmail and watch for errors”
Done… You should now start Qmail and watch for errors
[root@qmail qmail-ms]# whereis chown
chown: /bin/chown /usr/share/man/man1p/chown.1p.gz /usr/share/man/man2/chown.2.gz /usr/share/man/man1/chown.1.gz /usr/share/man/man3p/chown.3p.gz
[root@qmail qmail-ms]#

I would edit the script (makedirs) called from “make setup” and modify as per my setup.

The chown command is in /bin/chown, instead of /usr/bin/chown . There are two options. Either to correct the path in the bash script file (makedirs) or make a symbolic link of /bin/chown in /usr/bin/ .

And the location of cron files is:

[root@qmail qmail-ms]# rpm -ql mailscanner | grep cron
/etc/cron.daily/clean.quarantine
/etc/cron.daily/update_phishing_sites
/etc/cron.daily/update_spamassassin
/etc/cron.hourly/check_MailScanner
/etc/cron.hourly/update_bad_phishing_sites
/etc/cron.hourly/update_virus_scanners
[root@qmail qmail-ms]#

MailScanner binaries are in:

[root@qmail qmail-ms]# rpm -ql mailscanner | grep bin
/usr/sbin/MailScanner
/usr/sbin/Sophos.install
/usr/sbin/analyse_SpamAssassin_cache
/usr/sbin/analyze_SpamAssassin_cache
/usr/sbin/check_MailScanner
/usr/sbin/check_mailscanner
/usr/sbin/d2mbox
/usr/sbin/df2mbox
/usr/sbin/update_bad_phishing_sites
/usr/sbin/update_phishing_sites
/usr/sbin/update_spamassassin
/usr/sbin/update_virus_scanners
/usr/sbin/upgrade_MailScanner_conf
/usr/sbin/upgrade_languages_conf
[root@qmail qmail-ms]#

So now I will make a backup copy of makedirs :

cp makedirs makedirs.orig

And edit the file:

vi /downloads/qmailnew/qmail-ms/makedirs

Run the command again:

[root@qmail qmail-ms]# make setup
./makedirs
mkdir: cannot create directory `/var/qmail/queue.in/mess/0’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/1’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/2’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/3’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/4’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/5’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/6’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/7’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/8’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/9’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/10’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/11’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/12’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/13’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/14’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/15’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/16’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/17’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/18’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/19’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/20’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/21’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/22’: File exists
mkdir: cannot create directory `/var/qmail/queue.in/mess/23’: File exists

We are now going to run MailScanner –lint if there are any errors
please correct them

Checking version numbers…
Version number in MailScanner.conf (4.64.3) is correct.

Your setting “Mail Header” contains illegal characters.
This is most likely caused by your “%org-name%” setting
which must not contain and “.” or “_” characters as
these are known to cause problems with some mail systems.

ERROR: The “envelope_sender_header” in your spam.assassin.prefs.conf
ERROR: is not correct, it should match X-isb.ots.com-MailScanner-From

Checking for SpamAssassin errors (if you use it)…
SpamAssassin temp dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp
pyzor: check failed: internal error
SpamAssassin reported no errors.
MailScanner.conf says “Virus Scanners = clamd”
Found these virus scanners installed: clamd
===========================================================================
ERROR::Permissions Problem. Clamd was denied access to /var/spool/MailScanner/incoming/18376
===========================================================================

If any of your virus scanners (clamd)
are not listed there, you should check that they are installed correctly
and that MailScanner is finding them correctly via its virus.scanners.conf.

echo “Done… You should now start Qmail and watch for errors”
Done… You should now start Qmail and watch for errors
[root@qmail qmail-ms]#

Checked permissions:

[root@qmail qmail-ms]# ls -l /var/spool/MailScanner/incoming/
total 32
drwx—— 2 qmailq qmail 4096 Oct 9 09:35 18281
drwx—— 2 qmailq qmail 4096 Oct 9 09:35 18282
drwx—— 2 qmailq qmail 4096 Oct 9 09:36 18285
drwx—— 2 qmailq qmail 4096 Oct 9 09:36 18287
drwx—— 2 qmailq qmail 4096 Oct 9 09:36 18290
-rw——- 1 qmailq qmail 5120 Oct 8 12:01 SpamAssassin.cache.db
drwx—— 2 qmailq qmail 4096 Oct 9 09:50 SpamAssassin-Temp
[root@qmail qmail-ms]#

I don’t understand this behavior ——^^^

Updated “%org-name% = otsisb” in MailScanner.conf .

Run the MailScanner –lint again.

MailScanner –lint

ERROR: The “envelope_sender_header” in your spam.assassin.prefs.conf
ERROR: is not correct, it should match X-otsisb-MailScanner-From

Lets edit this file “spam.assassin.prefs.conf” and update envelope_sender_header .

vi /etc/MailScanner/spam.assassin.prefs.conf

envelope_sender_header X-otsisb-MailScanner-From

Edit the /etc/rc.local to add the following. While using RPM based MailScanner installations, you should remove the reference to /opt/MailScanner from this file:

/usr/sbin/check_mailscanner

Run the MailScanner –lint again:

[root@qmail qmail-ms]# MailScanner –lint
Checking version numbers…
Version number in MailScanner.conf (4.64.3) is correct.

Your envelope_sender_header in spam.assassin.prefs.conf is correct.

Checking for SpamAssassin errors (if you use it)…
SpamAssassin temp dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp
pyzor: check failed: internal error
SpamAssassin reported no errors.
MailScanner.conf says “Virus Scanners = clamd”
Found these virus scanners installed: clamd
===========================================================================
ERROR::Permissions Problem. Clamd was denied access to /var/spool/MailScanner/incoming/19100
===========================================================================

If any of your virus scanners (clamd)
are not listed there, you should check that they are installed correctly
and that MailScanner is finding them correctly via its virus.scanners.conf.
[root@qmail qmail-ms]#

Checking, the spamd process and its user:

[root@qmail qmail-ms]# ps aux | grep spam
root 2594 0.0 1.3 43104 2628 ? Ss Oct08 0:02 /usr/bin/spamd -x -u spamd -H /home/spamd -d -r /var/run/spamd.pid
spamd 2885 0.0 0.7 43104 1404 ? S Oct08 0:00 spamd child
spamd 2886 0.0 0.7 43104 1352 ? S Oct08 0:00 spamd child
[root@qmail qmail-ms]#

[root@qmail qmail-ms]# ls -l /var/spool/MailScanner/incoming/
total 32
drwx—— 2 qmailq qmail 4096 Oct 9 09:35 18281
drwx—— 2 qmailq qmail 4096 Oct 9 09:35 18282
drwx—— 2 qmailq qmail 4096 Oct 9 09:36 18285
drwx—— 2 qmailq qmail 4096 Oct 9 09:36 18287
drwx—— 2 qmailq qmail 4096 Oct 9 09:36 18290
-rw——- 1 qmailq qmail 5120 Oct 8 12:01 SpamAssassin.cache.db
drwx—— 2 qmailq qmail 4096 Oct 9 10:00 SpamAssassin-Temp
[root@qmail qmail-ms]#

This means that the /var/spool/MailScanner/incoming/SpamAssassin-Temp directory must have the ownership of spamd. OR. the user spamd must be made a member of qmail group. And the permissions be setup accordingly. However, Since I see “SpamAssassin reported no errors.” . I am not going to mess with it at the moment.

It is more important to deal with the following error:
ERROR::Permissions Problem. Clamd was denied access to /var/spool/MailScanner/incoming/19100

Updated the “Incoming Work Permissions” from 0600 to “0660” in /etc/MailScanner/MailScanner.conf

[root@qmail qmail-ms]# MailScanner –lint
Checking version numbers…
Version number in MailScanner.conf (4.64.3) is correct.

Your envelope_sender_header in spam.assassin.prefs.conf is correct.

Checking for SpamAssassin errors (if you use it)…
SpamAssassin temp dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp
pyzor: check failed: internal error
SpamAssassin reported no errors.
MailScanner.conf says “Virus Scanners = clamd”
Found these virus scanners installed: clamd
===========================================================================
===========================================================================
Virus Scanner test reports:
Clamd said “eicar.com was infected: Eicar-Test-Signature FOUND”

If any of your virus scanners (clamd)
are not listed there, you should check that they are installed correctly
and that MailScanner is finding them correctly via its virus.scanners.conf.
[root@qmail qmail-ms]#

Let’s check various log files and setup things correctly:

[root@qmail ~]# tail -f /var/log/maillog
Oct 9 11:15:41 qmail update.virus.scanners: Running autoupdate for clamav
Oct 9 11:15:41 qmail ClamAV-autoupdate[18973]: ClamAV updater /usr/local/bin/freshclam cannot be run

This file “update.virus.scanners” has incorrect path specified for freshclam.

Also:

vi /etc/MailScanner/virus.scanners.conf

clamav /usr/lib/MailScanner/clamav-wrapper /usr/local

clamd /bin/false /usr/local

clamavmodule /bin/false /tmp

clamav /usr/lib/MailScanner/clamav-wrapper /usr
clamd /bin/false /usr
clamavmodule /bin/false /tmp

After correction, I run the script (/etc/cron.hourly/update_virus_scanners) manually, and got the following results in /var/log/maillog:

Oct 9 13:06:16 qmail update.virus.scanners: Found clamav installed
Oct 9 13:06:16 qmail update.virus.scanners: Running autoupdate for clamav
Oct 9 13:06:17 qmail ClamAV-autoupdate[20160]: ClamAV did not need updating
Oct 9 13:06:17 qmail update.virus.scanners: Found generic installed
Oct 9 13:06:17 qmail update.virus.scanners: Running autoupdate for generic
Oct 9 13:09:01 qmail update.virus.scanners: Found clamav installed
Oct 9 13:09:01 qmail update.virus.scanners: Running autoupdate for clamav
Oct 9 13:09:01 qmail ClamAV-autoupdate[20301]: ClamAV did not need updating
Oct 9 13:09:01 qmail update.virus.scanners: Found generic installed
Oct 9 13:09:01 qmail update.virus.scanners: Running autoupdate for generic

Lets run the check_mail_scanner script again, and see if we get any problems:

[root@qmail MailScanner]# /usr/sbin/check_mailscanner
MailScanner running with pid 18281 18282 18285 18287 18290 30389

Lets start qmail now.

qmailctl start

[root@qmail ~]# qmailctl start
Starting qmail…

Starting qmail-send
Starting qmail-smtpd
Starting qmail-pop3d

[root@qmail ~]# qmailctl stat
/service/qmail-send: up (pid 20453) 3 seconds
/service/qmail-send/log: up (pid 20460) 3 seconds
/service/qmail-smtpd: up (pid 20454) 3 seconds
/service/qmail-smtpd/log: up (pid 20455) 3 seconds
/service/qmail-pop3d: up (pid 20463) 3 seconds
/service/qmail-pop3d/log: up (pid 20461) 3 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0
[root@qmail ~]#

Alhumdulillah.

Set up mailscanner to start at boot time. (Do we need to switch off qmail startup at boot time?) .

chkconfig –level 35 MailScanner on

MAILWATCH:
-———
Lets install (MailScanner) MailWatch as well.

Mail watch’s home page is : http://mailwatch.sourceforge.net/doku.php

According to the homepage, you must have a working MailScanner set-up and have running copies of:

MySQL, Apache, PHP with MySQL and GD support

And for MailScanner to be able to use a database, you need:

Perl, DBD, DBD-MySQL

Since we have come this far, we already have all of them, except php-gd.

yum install php-gd

Download the mailwatch package:
cd /downloads/qmailnew
wget http://nchc.dl.sourceforge.net/sourceforge/mailwatch/mailwatch-1.0.4.tar.gz
tar xzf mailwatch-1.0.4.tar.gz
cd /downloads/qmailnew/mailwatch-1.0.4

mysql -u root < create.sql

Check if the database has been created. And also grant permissions / create a user:

[root@qmail mailwatch-1.0.4]# mysql -u root

mysql> show databases;
+——————–+
| Database |
+——————–+
| information_schema |
| ezmlm |
| mailscanner |
| mysql |
| test |
| vpopmail |
+——————–+
6 rows in set (0.06 sec)

mysql> GRANT ALL ON mailscanner.* TO mailwatch@localhost IDENTIFIED BY ‘redhat’;

mysql> flush privileges;

mysql> quit;

Set-up MailScanner for SQL logging:

Edit MailWatch.pm:

Edit MailWatch.pm and change the $db_user and $db_pass values accordingly.
vi /downloads/qmailnew/mailwatch-1.0.4/MailWatch.pm

# Modify this as necessary for your configuration
my($db_name) = ‘mailscanner’;
my($db_host) = ‘localhost’;
my($db_user) = ‘mailwatch’;
my($db_pass) = ‘redhat’;

And now move MailWatch.pm to /usr/lib/MailScanner/MailScanner/CustomFunctions (this could be /opt/MailScanner/lib/MailScanner/MailScanner/CustomFunctions on non-RPM systems).

cp /downloads/qmailnew/mailwatch-1.0.4/MailWatch.pm /usr/lib/MailScanner/MailScanner/CustomFunctions/

Create a MailWatch web user

# mysql -u mailwatch -D mailscanner -p
Enter password: ******
mysql> INSERT INTO users VALUES (‘mailwatchweb’,md5(‘redhat’),’mailwatch web user’,’A’,’0’,’0’,’0’,’0’,’0’);
mysql> commit;
mysql> quit;

Install & Configure MailWatch

From within the unpacked mailwatch directory move the directory called ‘mailscanner’ to the web server’s root. I will rather copy / move it in /var/www and configure an Apache alias.

cp -r mailscanner /var/www/

chown apache:apache /var/www/mailscanner -R

vi /etc/httpd/conf.d/mailscanner.conf

Alias /mailscanner /var/www/mailscanner

Restart web service:

service httpd restart

Create conf.php by copying conf.php.example and edit the values to suit, you will need to set DB_USER and DB_PASS to the MySQL user and password that you created earlier.

cd /var/www/mailscanner/

cp conf.php.example conf.php

vi /var/www/mailscanner/conf.php

// Database settings
define(DB_TYPE, ‘mysql’);
define(DB_USER, ‘mailwatch’);
define(DB_PASS, ‘redhat’);
define(DB_HOST, ‘localhost’);
define(DB_NAME, ‘mailscanner’);
define(DB_DSN, DB_TYPE.’://’.DB_USER.”:”.DB_PASS.”@”.DB_HOST.”/”.DB_NAME);

// Paths
define(MAILWATCH_HOME, ‘/var/www/mailscanner’);

// Quarantine settings

// The quarantine flag is only available on MailScanner >=4.43
// it will dramtically improved the speed of quarantine operations
// but requires that you use the quarantine_manager.php in place of
// the clean.quarantine script provided with MailScanner.
define(QUARANTINE_USE_FLAG, true);

According to the site:
Note that MailWatch 1.0 can use the quarantine more effectively when used with MailScanner version 4.43 or later as Julian added some code to keep track of messages quarantined by using a flag in the maillog table. This means that MailWatch 1.0 is *much* faster when you have a large quarantine directory. The new quarantine report requires the use of the new functionality - so you must upgrade if you want to run this.

The new quarantine flag is not used by default - if you have MailScanner verions 4.43 or later, you can activate the new functionality by setting QUARANTINE_USE_FLAG to true in conf.php - if you do this, you must disable the clean.quarantine script supplied by MailScanner and use the new quarantine_maint.php script in the tools directory instead.

To disable the clean.quarantine script edit /etc/cron.daily/clean.quarantine:

vi /etc/cron.daily/clean.quarantine
$disabled = 1;

Lets copy the tools directory from the mailwatch source directory as well to the /var/www/mailscanner directory as we will be using it frequently:

cp -r /downloads/qmailnew/mailwatch-1.0.4/tools /var/www/mailscanner/
chown apache:apache /var/www/mailscanner -R

Lets execute:

/var/www/mailscanner/tools/quarantine_maint.php –clean

[root@qmail mailscanner]# /var/www/mailscanner/tools/quarantine_maint.php –clean

Warning: require(/var/www/html/mailscanner/functions.php): failed to open stream: No such file or directory in /var/www/mailscanner/tools/quarantine_maint.php on line 26

Fatal error: require(): Failed opening required ‘/var/www/html/mailscanner/functions.php’ (include_path=’.:/usr/share/pear’) in /var/www/mailscanner/tools/quarantine_maint.php on line 26
[root@qmail mailscanner]#

This means I have to edit /var/www/mailscanner/tools/quarantine_maint.php, and setup correct path for document root.

vi /var/www/mailscanner/tools/quarantine_maint.php
require(‘/var/www/mailscanner/functions.php’);

Execute again and this time it works correctly:
/var/www/mailscanner/tools/quarantine_maint.php –clean

This should then be run daily from cron: you can do this by running:

echo “/var/www/mailscanner/tools/quarantine_maint.php –clean” > /etc/cron.daily/mailwatch_quarantine_maint.sh
chmod +x /etc/cron.daily/mailwatch_quarantine_maint.sh

To keep the MySQL database clean from old records, you should run tools/db_clean.php daily (as a cron job). Be sure the first line is

!/usr/bin/php -q

instead of

!/usr/bin/php -qn

So lets edit and at the same time correct the path to functions.php file.

vi /var/www/mailscanner/tools/db_clean.php

!/usr/bin/php -q


require(‘/var/www/mailscanner/functions.php’);
….

Set-up MailScanner :
-——————-

Stop MailScanner

# service MailScanner stop

service MailScanner stop
Shutting down MailScanner daemons:
MailScanner: [ OK ]
incoming qmail: [FAILED]
Invalid MTA in /etc/sysconfig/MailScanner

     outgoing qmail:                                   \[FAILED\]   Invalid MTA in /etc/sysconfig/MailScanner  

[root@qmail mailscanner]#

Next edit /etc/MailScanner/MailScanner.conf - you need to make sure that the following options are set:

vi /etc/MailScanner/MailScanner.conf

# Quarantine User = root
# The default setting for Quarantine User is null. I have not changed it based on the description in the config file itself.
Quarantine User =
# Quarantine Group = apache
# Quarantine Group (according to the site, this should be the same group as your web server).
# However, the desciption says something else. Here is what it says:

# If you want to create the quarantine/archive so the files are owned
# by a user other than the “Run As User” setting at the top of this file,
# you can change that here.
# Note: If the “Run As User” is not “root” then you cannot change the

user but may still be able to change the group, if the

“Run As User” is a member of both of the groups “Run As Group”

and “Quarantine Group”

# Quarantine User =
# Quarantine Group = qscand
# Since my “Run As User = qmailq”, I will make apache a member of qscand as well.
# Note that I have already setup qscand as secondary group for qmailq.

Quarantine Permissions = 0660
Quarantine Whole Message = yes
Quarantine Whole Message As Queue Files = no
Detailed Spam Report = yes
Include Scores In SpamAssassin Report = yes
Always Looked Up Last = &MailWatchLogging
Spam Actions = store deliver header “X-Spam-Status: Yes”
High Scoring Spam Actions = store deliver header “X-Spam-Status: Yes”

Now, lets make apache a member of qscand.
usermod -G qscand apache

Spam Actions and High Scoring Spam Actions should also have ‘store’ as one of the keywords if you want to quarantine those items for bayes learning or viewing from within MailWatch.

Integrate SQL Blacklist/Whitelist (optional)

If you would like to manage the MailScanner whitelist and blacklist from within the MailWatch web interface perform the following steps.

1. Edit the MySQL connection values within the CreateList subroutine of SQLBlackWhiteList.pm to match the values you entered previous into MailWatch.pm. Both files should contain the same values. (Look for the following lines in SQLBlackWhiteList.pm and enter your own data.)

my($db\_user) = '<username>';  
my($db\_pass) = '<password>';  

vi /downloads/qmailnew/mailwatch-1.0.4/SQLBlackWhiteList.pm
sub CreateList {
my($type, $BlackWhite) = @_;
my($dbh, $sth, $sql, $to_address, $from_address, $count);
my($db_name) = ‘mailscanner’;
my($db_host) = ‘localhost’;
my($db_user) = ‘mailwatch’;
my($db_pass) = ‘redhat’;

2. Copy SQLBlackWhiteList.pm to /usr/lib/MailScanner/MailScanner/CustomFunctions/

cp /downloads/qmailnew/mailwatch-1.0.4/SQLBlackWhiteList.pm /usr/lib/MailScanner/MailScanner/CustomFunctions/
chown apache:apache /var/www/mailscanner -R

3. Edit MailScanner.conf and set:

Is Definitely Not Spam = &SQLWhitelist
Is Definitely Spam = &SQLBlacklist

vi /etc/MailScanner/MailScanner.conf

Is Definitely Not Spam = &SQLWhitelist
Is Definitely Spam = &SQLBlacklist

Move the Bayesian Databases and set-up permissions (skip this if you don’t use bayes)

Edit /etc/MailScanner/spam.assassin.prefs.conf and set:

vi /etc/MailScanner/spam.assassin.prefs.conf

use_bayes 1
bayes_path /etc/MailScanner/bayes/bayes
bayes_file_mode 0660
bayes_auto_learn 1

# This MUST be customized for each site :(

# Change X-YOURDOMAIN-COM to match your %org-name% as
# set in MailScanner.conf

bayes_ignore_header otsisb-MailScanner
bayes_ignore_header otsisb-MailScanner-SpamCheck
bayes_ignore_header otsisb-MailScanner-SpamScore
bayes_ignore_header otsisb-MailScanner-Information

Next, create the ‘new’ bayes directory, make the directory owned by the same group as the web server user and make the directory setgid:

mkdir /etc/MailScanner/bayes
chown root:apache /etc/MailScanner/bayes
chmod g+rws /etc/MailScanner/bayes

Copy the existing bayes databases and set the permissions:

cp /root/.spamassassin/bayes_* /etc/MailScanner/bayes
chown root:apache /etc/MailScanner/bayes/bayes_*
chmod g+rw /etc/MailScanner/bayes/bayes_*

Now, test SpamAssassin to make sure that it is using the new databases correctly:

spamassassin -D -p /etc/MailScanner/spam.assassin.prefs.conf –lint

You should see something like:

debug: using "/etc/MailScanner/spam.assassin.prefs.conf" for user prefs file  
debug: bayes: 28821 tie-ing to DB file R/O /etc/MailScanner/bayes/bayes\_toks  
debug: bayes: 28821 tie-ing to DB file R/O /etc/MailScanner/bayes/bayes\_seen  
debug: bayes: found bayes db version 2  
debug: Score set 3 chosen.  

Start MailScanner up again.

service MailScanner start

Starting MailScanner daemons:
incoming qmail: [FAILED]
Invalid MTA in /etc/sysconfig/MailScanner
outgoing qmail: [FAILED]
Invalid MTA in /etc/sysconfig/MailScanner
MailScanner: [ OK ]

Why these Invalid MTA error messages?

Lets look in the /var/log/maillog for any errors:

tail -f /var/log/maillog

Oct 10 12:02:36 qmail MailScanner[28334]: MailScanner E-Mail Virus Scanner version 4.64.3 starting…
Oct 10 12:02:37 qmail MailScanner[28334]: Read 794 hostnames from the phishing whitelist
Oct 10 12:02:37 qmail MailScanner[28334]: Read 2813 hostnames from the phishing blacklist
Oct 10 12:02:37 qmail MailScanner[28334]: Config: calling custom init function SQLBlacklist
Oct 10 12:02:37 qmail MailScanner[28334]: Starting up SQL Blacklist
Oct 10 12:02:38 qmail MailScanner[28334]: Read 0 blacklist entries
Oct 10 12:02:38 qmail MailScanner[28334]: Config: calling custom init function MailWatchLogging
Oct 10 12:02:38 qmail MailScanner[28334]: Started SQL Logging child
Oct 10 12:02:38 qmail MailScanner[28334]: Config: calling custom init function SQLWhitelist
Oct 10 12:02:38 qmail MailScanner[28334]: Starting up SQL Whitelist
Oct 10 12:02:38 qmail MailScanner[28334]: Read 0 whitelist entries
Oct 10 12:02:38 qmail MailScanner[28334]: SpamAssassin temporary working directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp
Oct 10 12:02:39 qmail MailScanner[28334]: Using SpamAssassin results cache
Oct 10 12:02:39 qmail MailScanner[28334]: Connected to SpamAssassin cache database
Oct 10 12:02:39 qmail MailScanner[28334]: Enabling SpamAssassin auto-whitelist functionality…
Oct 10 12:02:41 qmail MailScanner[28342]: MailScanner E-Mail Virus Scanner version 4.64.3 starting…
Oct 10 12:02:41 qmail MailScanner[28342]: Read 794 hostnames from the phishing whitelist
Oct 10 12:02:42 qmail MailScanner[28342]: Read 2813 hostnames from the phishing blacklist
Oct 10 12:02:42 qmail MailScanner[28342]: Config: calling custom init function SQLBlacklist
Oct 10 12:02:42 qmail MailScanner[28342]: Starting up SQL Blacklist
Oct 10 12:02:42 qmail MailScanner[28342]: Read 0 blacklist entries
Oct 10 12:02:42 qmail MailScanner[28342]: Config: calling custom init function MailWatchLogging
Oct 10 12:02:42 qmail MailScanner[28342]: Started SQL Logging child
Oct 10 12:02:42 qmail MailScanner[28342]: Config: calling custom init function SQLWhitelist
Oct 10 12:02:42 qmail MailScanner[28342]: Starting up SQL Whitelist
Oct 10 12:02:42 qmail MailScanner[28342]: Read 0 whitelist entries
Oct 10 12:02:42 qmail MailScanner[28342]: SpamAssassin temporary working directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp
Oct 10 12:02:59 qmail dccifd[2315]: no working DCC servers dcc1.dcc-servers.net dcc2.dcc-servers.net dcc3.dcc-servers.net … at 209.169.14.29 64.124.52.23
Oct 10 12:02:59 qmail MailScanner[28359]: Using SpamAssassin results cache
Oct 10 12:02:59 qmail MailScanner[28359]: Connected to SpamAssassin cache database
Oct 10 12:03:00 qmail MailScanner[28359]: Enabling SpamAssassin auto-whitelist functionality…
Oct 10 12:03:00 qmail MailScanner[28334]: Using locktype = flock
Oct 10 12:03:01 qmail MailScanner[28334]: New Batch: Scanning 2 messages, 7673 bytes
Oct 10 12:03:03 qmail dccifd[2315]: continue not asking DCC 252 seconds after failure
Oct 10 12:03:08 qmail MailScanner[28342]: Using locktype = flock
Oct 10 12:03:09 qmail dccifd[2315]: continue not asking DCC 246 seconds after failure
Oct 10 12:03:10 qmail MailScanner[28347]: Using locktype = flock
Oct 10 12:03:12 qmail dccifd[2315]: continue not asking DCC 243 seconds after failure
Oct 10 12:03:12 qmail dccifd[2315]: continue not asking DCC 243 seconds after failure
Oct 10 12:03:12 qmail MailScanner[28352]: Using locktype = flock
Oct 10 12:03:21 qmail dccifd[2315]: continue not asking DCC 234 seconds after failure
Oct 10 12:03:21 qmail MailScanner[28359]: Using locktype = flock
Oct 10 12:03:22 qmail dccifd[2315]: continue not asking DCC 233 seconds after failure
Oct 10 12:03:24 qmail MailScanner[28334]: Virus and Content Scanning: Starting
Oct 10 12:03:28 qmail MailScanner[28334]: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./843380.header/Unable to open file or directory ERROR :: /var/spool/MailScanner/incoming/28334
Oct 10 12:03:28 qmail MailScanner[28334]: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./843382.header/Unable to open file or directory ERROR :: /var/spool/MailScanner/incoming/28334
Oct 10 12:03:29 qmail MailScanner[28334]: Virus Scanning: Clamd found 2 infections
Oct 10 12:03:29 qmail MailScanner[28334]: Virus Scanning: Found 2 viruses
Oct 10 12:03:29 qmail MailScanner[28334]: Uninfected: Delivered 2 messages
Oct 10 12:03:30 qmail MailScanner[28334]: Logging message 843382 to SQL
Oct 10 12:03:30 qmail MailScanner[28334]: Logging message 843380 to SQL
Oct 10 12:03:31 qmail MailScanner[28339]: 843382: Logged to MailWatch SQL
Oct 10 12:03:31 qmail MailScanner[28339]: 843380: Logged to MailWatch SQL

Test the MailWatch interface

Point your browser to http:///mailscanner/ - you should be prompted for a username and password - enter the details of the MailWatch web user that you created earlier, and you should see a list of the last 50 messages processed by MailScanner.

http://qmail.isb.ots.com/mailscanner

user: mailwatchweb
pass: redhat

OK web page is visible. Alhumdulillah.

Update the SpamAssassin Rules table

MailWatch keeps a list of all the SpamAssassin rules and descriptions which are displayed on the ‘Message Detail’ page - to show the descriptions, you need to run the updater every time you add new rules or upgrade SpamAssassin. Click on the ‘Tools/Links’ menu and select ‘Update SpamAssassin Rule Descriptions’ and click ‘Run Now’.

Update the GeoIP database

Make Sure you have allow_url_fopen = On in your php.ini set.

mkdir /var/www/mailscanner/temp  
chown apache:apache /var/www/mailscanner/temp  
chmod gu+wr /var/www/mailscanner/temp  

Click on the ‘Tools/Links’ menu and select ‘Update GeoIP database’ and click ‘Run Now’.

Downloading file, please wait….
Error executing query:

Access denied for user ‘mailwatch’@’localhost’ (using password: YES)

SQL:

LOAD DATA INFILE ‘/var/www/mailscanner/temp/GeoIPCountryWhois.csv’ INTO TABLE geoip_country FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘”’

I tried this manually as well, as user mailwatch but it gave error:

[root@qmail mailscanner]# mysql -D mailscanner -u mailwatch -p
Enter password:

mysql> LOAD DATA INFILE ‘/var/www/mailscanner/temp/GeoIPCountryWhois.csv’ INTO TABLE geoip_country FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘”’;
ERROR 1045 (28000): Access denied for user ‘mailwatch’@’localhost’ (using password: YES)
mysql>

The following may be the cause:

[root@qmail mailscanner]# mysql -u root -D mysql

mysql> select host, user, password, file_priv from user where user = ‘mailwatch’;
+———–+———–+——————+———–+
| host | user | password | file_priv |
+———–+———–+——————+———–+
| localhost | mailwatch | 27c30f0241a5b69f | N |
| % | mailwatch | | N |
+———–+———–+——————+———–+
2 rows in set (0.00 sec)

mysql>

So lets update the file_priv for user mailwatch:

mysql> update user set file_priv=’Y’ where user=’mailwatch’;
Query OK, 2 rows affected (0.01 sec)
Rows matched: 2 Changed: 2 Warnings: 0

mysql> commit;
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;

mysql> select host, user,file_priv from user;
+——————-+————–+———–+
| host | user | file_priv |
+——————-+————–+———–+
| localhost | root | Y |
| qmail.isb.ots.com | root | Y |
| qmail.isb.ots.com | | N |
| localhost | | N |
| localhost | ezmlmuser | N |
| localhost | vpopmailuser | N |
| localhost | mailwatch | Y |
| % | mailwatch | Y |
+——————-+————–+———–+
8 rows in set (0.00 sec)

mysql> quit

Lets try to load data again through SQL:

[root@qmail mailscanner]# mysql -D mailscanner -u mailwatch -p

mysql> LOAD DATA INFILE ‘/var/www/mailscanner/temp/GeoIPCountryWhois.csv’ INTO TABLE geoip_country FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘”’;
Query OK, 96459 rows affected (1.92 sec)
Records: 96459 Deleted: 0 Skipped: 0 Warnings: 0

mysql>

Web page did not work again. However, I tried restarted mysqld service and all became ok.

Downloading file, please wait….
Download complete … 96459 rows imported.

Setup the Mail Queue watcher (optional) :
-—————————————
You can get MailWatch to watch and display your sendmail or exim queue directories - all you need to do is copy mailq.php (from the root of the mailwatch tarball - not from the mailscanner directory - they are different!) to /usr/local/bin and set-up a cron-job to run it.

Edit mailq.php first to change the require line to point to the location of functions.php, then:

vi /downloads/qmailnew/mailwatch-1.0.4/mailq.php
require “/var/www/mailscanner/functions.php”;

cp /downloads/qmailnew/mailwatch-1.0.4/mailq.php /usr/local/bin

crontab -e
*/5 * * * * /usr/local/bin/mailq.php

Note: mailq.php re-creates all entries on each run, so for busy sites you will probably want to change this to run every 5 minutes or greater.

Use the Incoming and Outgoing links in the queues section on top of the page.

Setup the Sendmail Relay Log watcher (optional)

The name sounds stupid, but may be it works for all MTAs ?

You can get MailWatch to watch your sendmail logs and store all message relay information which is then displayed on the ‘Message Detail’ page which helps debugging and makes it easy for a Helpdesk to actually see where a message was delivered to by the MTA and what the response back was (e.g. the remote queue id etc.).

vi /downloads/qmailnew/mailwatch-1.0.4/tools/sendmail_relay.php
require(“/var/www/mailscanner/functions.php”);

cp /downloads/qmailnew/mailwatch-1.0.4/tools/sendmail_relay.php /usr/local/bin

nohup /usr/local/bin/sendmail_relay.php 2>&1 > /dev/null &