Friday, January 8, 2010

Installing Mailscanner ClamAv and Spamassassin

Category: SkyHi @ Friday, January 08, 2010

Installing Mailscanner ClamAv and Spamassassin

Intro

In this article we will see how to install a basic system to avoid your system to spread spam, virus and any type of crap to your users.

Since it is what we use, the machine which we are speaking about is a CentOS 4.0 with BlueQuartz control panel, to be honest, the one provided by Nuonce.net.

The installation procedure has been tested several times on different servers, and everything went OK.

The software we installed is MailScanner 4.56 , Spamassassin version 3.1.7 on Perl 5.8.5,  ClamAV 0.90RC1.1

First steps

Well, let's go on!

To be nice we will download the packages in a brand new directory, let's call it "installation_dir" so that you will always be able to track down the installation process.

Log in to your machine and become root with su command.

Then type the following:

cd
mkdir installation_dir
cd installation_dir

MailScanner

Locate the MailScanner package, go to MailScanner site and grab the stable release.

wget http://%%%SOMEPATH%%%%%/MailScanner-4.56.8-1.rpm.tar.gz

Then untar it and install the software with the install script provided with the package:

tar -xzvf MailScanner-4.53.8-1.rpm.tar.gz
cd MailScanner-4.53.8-1
./install.sh

Everything should be ok, let's make some changes to the init scripts:

cd /etc/init.d/
mv sendmail sendmail.orig
ln -s MailScanner sendmail
./sendmail.orig stop
./sendmail start

If you run

tail -f /var/log/maillog

you should see some mailscanner-related lines of logs

ClamAv

This is the antivirus part of the job. Locate the last package of clamav from the official site, then:

yum install gmp-devel
cd /root/installation_dir/
wget http://##SOMEPATH###/clamav-0.90RC1.1.tar.gz
tar -xzvf clamav-0.90RC1.1.tar.gz
cd clamav-0.90RC1.1
/usr/sbin/groupadd clamav
/usr/sbin/useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
./configure --disable-zlib-vcheck
make
make install

To test if everything is ok type

clamscan /root/installation_dir/

You  should see something like this:

/root/installation_dir/clamav-0.90RC1.1.tar.gz: ClamAV-Test-File FOUND
/root/installation_dir/MailScanner-4.56.8-1.rpm.tar.gz: OK

Now we configure the signature download process:

pico /usr/local/etc/freshclam.conf

Here locate the UpdateLogFile directive and uncomment it out. It must look like:

UpdateLogFile /var/log/freshclam.log

Now we create the freshclam.log file, setting the right permissions

touch /var/log/freshclam.log
chown clamav /var/log/freshclam.log
chmod 660 /var/log/freshclam.log

By now it is possible to run

freshclam

SpamAssassin

To install SpamAssassin there are two ways:

1) install it by compiling the tar.gz you can obtain on the official site
2) install it using CPAN

Actually we prefer the second way.. is very easy!

Let's log to CPAN by typing:

perl -MCPAN -e shell

If it's the first type you run CPAN the system will ask you a lot of informations... Follow the instructions on screen.  When you get the CPAN prompt ( cpan> ) type:

install Digest::SHA1
install Net::DNS
install Mail::SPF::Query
install IP::Country
install Net::Ident
install IO::Socket::INET6
install IO::Socket::SSL
install Time::HiRes
install Archive::Tar
install IO::Zlib

And finally....

install Mail::SpamAssassin
quit

Then restart sendmail:

/etc/init.d/sendmail restart

Vipul's Razor

Now that we have SpamAssassin installed, we can provide to it some additional software, suc as Vipul's Razor. Locate the two tars and download them into the installation dir:

cd /root/installation_dir/
wget http://##SOMEPATH###/razor-agents-sdk-2.07.tar.bz2
wget http://##SOMEPATH###/razor-agents-2.82.tar.bz2

Then uncompress and install:

tar -jxvf razor-agents-sdk-2.07.tar.bz2
tar -jxvf razor-agents-2.82.tar.bz2
cd razor-agents-sdk-2.07
perl Makefile.PL
make
make test
make install
cd ../razor-agents-2.82
perl Makefile.PL
make
make test
make install

Now that Razor is installed we must run three utilities to make it working:

razor-admin -home=/etc/mail/spamassassin/.razor -create
razor-admin -home=/etc/mail/spamassassin/.razor -discover
razor-admin -home=/etc/mail/spamassassin/.razor -register

Pyzor

To install Pyzor locate the tar with the latest version and download it:

cd /root/installation_dir/
wget http://##SOMEPATH###/pyzor-0.4.0.tar.bz2

then uncompress it and proceed to install:

tar -jxvf pyzor-0.4.0.tar.bz2
cd pyzor-0.4.0
python setup.py build
python setup.py install
python -c 'import gdbm' && echo 'gdbm found'

run the next command to complete pyzor installation

pyzor --homedir /etc/mail/spamassassin discover

DCC

This is the last step, locate DCC and download it:

cd /root/installation_dir/
wget http://##SOMEPATH###//dcc.tar.Z

uncompress it, compile and install it:

tar -xzvf dcc.tar.Z
cd dcc-1.3.42/
./configure
make
make install

We must now edit the following enabling DCC:

pico /etc/mail/spamassassin/v310.pre

Locate the line

#loadplugin Mail::SpamAssassin::Plugin::DCC

and uncomment it

loadplugin Mail::SpamAssassin::Plugin::DCC

Save the file and that's done

How to test the installation

To test SpamAssassin installation you can copy a complete message into a file on the server:

pico /etc/mail/spamassassin/testmsg

Here place a whole message. Test the installation by typing the following:

spamassassin -t -D -p /etc/MailScanner/spam.assassin.prefs.conf < /etc/mail/spamassassin/testmsg


Reference: http://labs.erweb.it/pub/installing_spamassassin.php