Adeptus-Mechanicus

Main
Codex
Librarium Whitehat
Advisories
Blog Pics
"Inveniam viam aut faciam" : I will either find a way, or I shall make one


POSTFIX - MORE ANTI-SPAM AND ANTI-VIRUSES

I figured I would go a little further with setting up postfix to stop spam and viruses, as it is something that all our email users will appreciate. For this setup I will be using only open-source software (only the best), specifically spamassassin and clam, with amavis to glue it all together. So this paper will be more of a how to get all this up and running.

What we need to start?
As mentioned, you will need a linux server running postfix 2.2 or higher (use postconf mail_version to see your version. If you need to upgrade go to http://www.postfix.org/), and also the software mentioned below..
ClamAV
For those of you who do not know, ClamAV is an open source anti-virus program which can run on multiple platforms but which was built for linux. Ands it's free! Once you have downloaded the software you will need to extract it, and then (you may need to update curl)...
By default, the installation process installs to /usr/local/. We need to edit the two configuration files found in /usr/local/etc/ as follows..
Next we need to setup a init startup script for clam. You can use the below example...

#!/bin/bash
#
# clamav:    This script controls the clamd
#
# chkconfig: 2345 79 31
# description: clamav
# processname: clamav
# pidfile: /var/run/clam.pid
# Source function library.
. /etc/rc.d/init.d/functions
prog="/usr/local/sbin/clamd"
prog_base="ClamD"
prog_config_file="/usr/local/etc/clamd.conf"
## Check that networking is up.
RETVAL=0

# See how we were called.
case "$1" in
  start)
    echo -n "Starting $prog_base:"
    $prog -c $prog_config_file  >> /var/log/clamd.log &
    RETVAL=$?
    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/${prog_base}
    success
    echo
    ;;
  stop)
    echo -n "Shutting down $prog_base:"
    #Force the kill...
    kill `ps -A | grep clamd | cut -c1-6` &> /dev/null
    RETVAL=$?
    #Sleep for a second or two.
    /bin/sleep 3s
    #Kill the stale socket.
    rm -f /tmp/clamd > /dev/null
    if [ $RETVAL -eq 0 ] ; then
        success
            #echo "${prog_base} stopped"
            rm -f /var/lock/subsys/${prog_base}
        echo
    else
        echo
    fi
    ;;
  status)
    status ${prog_base}
    RETVAL=$?
    ;;
  restart)
    $0 stop
    $0 start
    RETVAL=$?
    ;;
  reload)
    #action $"Reloading ${prog_base}:" ${prog} -c ${prog_config_file} reload
    $0 restart
    RETVAL=$?
    ;;
  *)
    echo "Usage: $0 {start|stop|status|restart|reload}"
    exit 1
esac
exit $RETVAL

And the final two steps..
Amavisd-New
Amavis functions as the conduit which postfix uses to gain access to the spamassasin and clamav functionality. But it is definitely not limited to just those programs, browse through the configuration file and you'll see just how much it can do. Once you have extracted amavis, there is none of the customary make commands, but you do have to satisfy some perl dependencies..
perl -MCPAN -e shell
    install Archive::Tar  
    install Archive::Zip  
    install Compress::Zlib
    install Convert::TNEF 
    install Convert::UUlib
    install MIME::Base64  
    install MIME::Parser  
    install Mail::Internet
    install Net::Server   
    install Net::SMTP     
    install Digest::MD5   
    install IO::Stringy   
    install Time::HiRes   
    install Unix::Syslog  
    install BerkeleyDB    
    install Mail::ClamAV
    Install Digest::MD5
    install IO::Wrap
    install IO::Stringy
    install Unix::Syslog
    install Mail::Field
    install Mail::Address
    install Mail::Header
    install Mail::Internet
    install MIME::Words
    install MIME::Head
    install MIME::Body
    install MIME::Entity
    install MIME::Parser
    install MIME::Decoder
    install MIME::Decoder::Base64
    install MIME::Decoder::Binary
    install MIME::Decoder::QuotedPrint
    install MIME::Decoder::NBit
    install MIME::Decoder::UU
    install MIME::Decoder::Gzip64
    install Net::Server
    install Net::Server::PreForkSimple

After all of that there are still a couple of steps...
Spamassassin
This is a brilliant piece of software to do anti-spam. It does blacklist, phrase check, bayesian filters, and much more. To install it we need a couple of perl modules..
perl -MCPAN -e shell
    install ExtUtils::MakeMaker
    install File::Spec
    install Pod::Usage
    install HTML::Parser
    install Sys::Syslog
    install DB_File
    install Net::DNS
    install Mail::Audit
    install Digest::SHA1
    install Archive::Tar
    install Archive::Zip
    install Compress::Zlib
    install Convert::TNEF
    install Convert::UUlib
    install MIME::Base64
    install MIME::Tools
    install Net::Server
    install IO::Stringy
    install Time::HiRes
    install Mail::SPF::Query
    install IP::Country
    install Net::Ident
    install IO::Socket::INET6
    install IO::Socket::SSL
    install DBI

Once all of that is done, then you can..
    install Mail::SpamAssassin

This will install the configuration files to /etc/mail/spamassassin and the rules to /usr/share/spamassassin. Now that we have gotten this far, lets finish with the following steps..
Getting Postfix to use it all
So far, so good. The first thing to do is to test the amavis installation..
If you pick up any hassles you will need to sort them out before carrying on. But if all is fine, lets setup Postfix..
Lastly, we have the final two steps..
Further Tweaking
A couple of common changes you make want to make include..
Final Words
There you go. I know it was a bit of work (easy though), but trust me you and your email users will not regret it. Even though this setup uses many of the packages default settings -which do a very good job nonetheless, there is still a truckload of customizing and tweaking you can do to make it function the way you want to. As always, learn and have fun.