How To Install in Clamav On Qmail
How To Install in Clamav On Qmail
How To Install in Clamav On Qmail
References:http://qmailrocks.org/clamspam_rh.htm
Digest::SHA1
Digest::HMAC
Net::DNS
Time::HiRes
HTML::Tagset
HTML::Parser
Pod::Usage
Parse::Syslog
Statistics::Distributions
cd /tmp
wget http://freshmeat.net/redir/clamav/29355/url_tgz/clamav-0.90.tar.gz
tar zxvf clamav-0.90.tar.gz
cd clamav-0.90
vi /usr/local/etc/clamd.conf
"Example" - should already be commented out. However, if it is not, make sure that
it is commented out (#)
"LogFile" - should be set to /var/log/clamd.log
"User" - should be set to qscand
"PidFile" - should be set to /var/run/clamd.pid
LogTime 1
FixStaleSocket 1
ScanMail 1
LogSyslog 1
cd /var/run/
touch clamd.pid
chown qscand clamd.pid
cp -a /tmp/clamav-0.90/contrib/init/RedHat/clamd /etc/init.d/
/sbin/chkconfig clamd on
vi /usr/local/etc/freshclam.conf
touch /var/log/freshclam.log
cd /var/log/
crontab -e
00 00 * * * /usr/local/bin/freshclam
cd /etc/logrotate.d/
vi clamd
#
# Rotate Clam AV daemon log file
#
/var/log/clamd.log {
missingok
create 640 root qscand
postrotate
/bin/kill -HUP `cat /var/run/clamd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
/etc/rc.d/init.d/clamd start
#Installing SpamAssassin
install Mail::SpamAssassin
/usr/sbin/groupadd spamd
/usr/sbin/useradd -g spamd -s /home/spamd spamd
vi /etc/sysconfig/spamassassin
If the above file exists, replace its contents with the following line. If the
file does not exist, create it and add the following line:
vi /etc/mail/spamassassin/local.cf
required_hits 5
/etc/rc.d/init.d/spamassassin start
/sbin/chkconfig spamassassin on
###########
Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run __ENV_AND_HDR_FROM_MATCH
SpamAssassin test, skipping:__(Can't locate object method
"check_for_matching_env_and_hdr_from" via package
"Mail::SpamAssassin::PerMsgStatus" at
/usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341,
<GEN281> line 193._)
Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run USER_IN_DEF_SPF_WL
SpamAssassin test, skipping:__(Can't locate object method
"check_for_def_spf_whitelist_from" via package "Mail::SpamAssassin::PerMsgStatus"
at /usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341,
<GEN281> line 193._)
Jan 14 03:59:49 66-226-73-100 spamd[27442]: Failed to run USER_IN_SPF_WHITELIST
SpamAssassin test, skipping:__(Can't locate object method
"check_for_spf_whitelist_from" via package "Mail::SpamAssassin::PerMsgStatus" at
/usr/lib/perl5/vendor_perl/5.8.6/Mail/SpamAssassin/PerMsgStatus.pm line 2341,
<GEN281> line 193._)
##########
cp -a /etc/mail/spamassassin/init.pre /etc/mail/spamassassin/init.pre.orig
vi /etc/mail/spamassassin/init.pre
# Comment out this line
#loadplugin Mail::SpamAssassin::Plugin::SPF
/usr/lib/cpan
install LWP::UserAgent
#You should the following info concerning spamassassin. The PID might differ on
your system, but you get the idea.
#spamd 3734 0.2 2.0 24992 20808 ? S 14:21 0:01 /usr/bin/spamd -x -u spamd -H
/home/spamd -d
setup
#One in the setup menu, scroll down and select the "system services" option. From
the system services menu, scroll down to "clamd".
cd /tmp
wget http://kent.dl.sourceforge.net/sourceforge/qms-analog/qms-analog-0.4.4.tar.gz
cd qms-analog-0.4.4
make all
cd /tmp
wget http://kent.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner-
2.01.tgz
cd /tmp
wget http://toribio.apollinare.org/qmail-scanner/download/q-s-2.01st-
20070204.patch.gz
gunzip q-s-2.01st-20070204.patch.gz
cp -a q-s-2.01st-20070204.patch /tmp/qmail-scanner-2.01
cd /tmp/qmail-scanner-2.01
cd /tmp
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-6.7.tar.gz
tar zxvf pcre-6.7.tar.gz
cd pcre-6.7
./configure
make
make check
make install
cd /tmp
wget http://kent.dl.sourceforge.net/sourceforge/courier/maildrop-2.0.2.tar.bz2
tar jxvf maildrop-2.0.2.tar.bz2
cd maildrop-2.0.2
./configure
make
make install-strip
cd /tmp/qmail-scanner-2.01
vi qms-config
#!/bin/sh
./qms-config
./qms-config install
vi /var/qmail/supervise/qmail-smtpd/run
#Note: It is absolutely vital that you change the "Softlimit" setting in this
script. If you don't, qmail may fail to deliver mail!!!
qmailctl stop
qmailctl start
qmailctl stat
cd /tmp/qmail-scanner-2.01/contrib/
./test_installation.sh -doit
Sending eicar test virus with altered filename - should only be caught by
commercial anti-virus modules (if you have any)...
Sending bad spam message for anti-spam testing - In case you are using
SpamAssassin...
Done!
If you get 2 messages in your inbox and you see 2 messages in the quarantine
folder, it's time to crack open a cold one! You've successfully installed all 3
packages! Woohoo!
#Maintainance Setup
#Reference: http://qmailrocks.org/maintain.php
#Configure the following commands to be run everyday.
crontab -e
00 4 * * * rm -rf /var/spool/qscan/quarantine/viruses/new/*
###
/var/spool/qscan/qmail-queue.log {
missingok
notifempty
copytruncate
}
###
# Setting up Spam folder with automatic spam message filtering and redirection to
Spam Imap folder
Reference: http://opensourceheaven.net/?page_id=98
cd /home/vpopmail/domains/yourdomain.com/
vi mailfilter
Copy and paste the contents of the script
( http://www.tnpi.biz/internet/mail/toaster/etc/mailfilter-domain )into the
window.
#############
SHELL="/bin/sh"
import EXT
import HOST
VPOP="| /usr/local/vpopmail/bin/vdelivermail '' bounce-no-mailbox"
VHOME=`/usr/local/vpopmail/bin/vuserinfo -d $EXT@$HOST`
##
# title: mailfilter-domain
# author: Matt Simerson
# version 2.0
# http://www.tnpi.biz/internet/mail/toaster/etc/mailfilter-domain
#
# Usage: Install this file in ~vpopmail/domains/example.com/mailfilter
#
# Create a .qmail-default file with the following:
# "| /usr/local/bin/maildrop mailfilter"
#
# After your satisifed that this is working properly, comment out all
# the lines that start with "log"
##
logfile "/var/log/mail/maildrop.log"
log "==== BEGIN maildrop processing for $EXT@$HOST ==="
if ( $VHOME eq "" )
{
LOG " ERROR: VHOME isn't set, falling back to vdelivermail"
LOG "=== EXIT === "
to "$VPOP"
}
##
# Comment out this section if you run SpamAssassin via qmailscanner
# Spamassassin is slow enough, no point in doubling your expense
#
# Note that if you want to pass a message larger than 250k to spamd
# and have it processed, you'll need to also set spamc -s. See the
# spamc man page for more details.
##
##
# Include any rules set up for the user - this gives the
# administrator a way to override the domain's mailfilter file
#
# this is also the "suggested" way to set individual values
# for maildrop such as quota.
##
`test -r $VHOME/.mailfilter`
if( $RETURNCODE == 0 )
{
log " including $VHOME/.mailfilter"
exception {
include $VHOME/.mailfilter
}
}
##
# create the maildirsize file if it doesn't already exist
# (could also be done via "deliverquota user@dom.com 10MS,1000C)
##
`test -e $VHOME/Maildir/maildirsize`
if( $RETURNCODE == 1)
{
log " creating $VHOME/Maildir/maildirsize for quotas"
`/usr/local/vpopmail/bin/vuserinfo -Q $EXT@$HOST`
`test -s "$VHOME/Maildir/maildirsize"`
if ( $RETURNCODE == 0 )
{
`/usr/sbin/chown vpopmail:vchkpw $VHOME/Maildir/maildirsize`
`/bin/chmod 640 $VHOME/Maildir/maildirsize`
}
}
##
# Set MAILDIRQUOTA. If this isn't set, maildrop and deliverquota
# will not enforce quotas for message delivery.
#
# I find this much easier than creating yet another config file
# to store this in. This way, any time the quota is changed in
# vpopmail, it'll get noticed by maildrop immediately.
##
##
# The message should be tagged, so let's bag it.
##
if ( /^X-Spam-Status: *Yes/)
{
`test -d $VHOME/Maildir/.Spam` # make sure .Spam folder exists
if( $RETURNCODE == 1 )
{
log " creating $VHOME/Maildir/.Spam "
`maildirmake -f Spam $VHOME/Maildir`
`/usr/local/sbin/subscribeIMAP.sh Spam $VHOME`
}
##
# Include any other rules that the user might have from
# sqwebmail or other compatible program
##
`test -r $VHOME/Maildir/.mailfilter`
if( $RETURNCODE == 0 )
{
log " including $VHOME/Maildir/.mailfilter"
exception {
include $VHOME/Maildir/.mailfilter
}
}
exception {
log " quota enabled delivery to $VHOME/Maildir"
xfilter "/usr/local/bin/deliverquota $VHOME/Maildir"
}
##
# check to make sure the message was delivered
# returncode 77 means that out maildir was overquota - bounce mail
##
if( $RETURNCODE == 77)
{
log " BOUNCED: bouncesaying '$EXT@$HOST is over quota'"
to "|/var/qmail/bin/bouncesaying '$EXT@$HOST is over quota'"
}
#######
Modify
logfile "/var/log/mail/maildrop.log"
# to
logfile "/var/log/qmail/maildrop.log"
# to this:
touch /var/log/qmail/maildrop.log
chown vpopmail:vchkpw /var/log/qmail/maildrop.log
chmod 774 /var/log/qmail/maildrop.log
cd /home/vpopmail/domains/yourdomain.com/
chown vpopmail:vchkpw mailfilter
chmod 600 mailfilter
vi .qmail-default
# Comment out your existing line and add this one (all on one line)
| /usr/local/bin/maildrop /home/vpopmail/domains/yourdomain.com/mailfilter
LIST="$2/Maildir/courierimapsubscribed"
if [ -f "$LIST" ]; then
# if the file exists, check it for the new folder
TEST=`cat "$LIST" | grep "INBOX.$1"`
qmailctl stop
qmailctl start
qmailctl stat
tail -f /var/log/qmail/qmail-smtpd/current
tail -f /var/log/qmail/qmail-send/current
cd /etc/logrotate.d/
vi maildrop
###
/var/log/qmail/maildrop.log {
missingok
notifempty
copytruncate
}
###
# Install DCC
mkdir /downloads/spam
cd /downloads/spam
# Download DCC from http://www.rhyolite.com/anti-spam/dcc/
wget http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Z
tar zxfv dcc.tar.Z
cd dcc-1.3.45/
./configure
make install
cd /downloads/spam
# Install Pyzor
Download Pyzor from http://pyzor.sourceforge.net
cd /downloads/spam
wget http://nchc.dl.sourceforge.net/sourceforge/pyzor/pyzor-0.4.0.tar.bz2
tar xjvf pyzor-0.4.0.tar.bz2
cd pyzor-0.4.0
python setup.py build
python setup.py install
pyzor discover
cd /downloads/spam
00 1 * * * /usr/bin/pyzor discover
# Install Razor
razor-admin -create
cd /root/.razor
chown spamd.spamd razor-agent.conf
chmod 764 razor-agent.conf
razor-admin -register -user=postmaster@yourdomain.com
cp -a /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.orig
dcc_home /var/dcc
dcc_path /usr/local/bin/dccproc
dcc_dccifd_path /var/dcc/libexec/dccifd
pyzor_path /usr/bin/pyzor
score PYZOR_CHECK 1
########
sa-learn --sync
/etc/rc.d/init.d/spamassassin restart
spamassassin -D --lint
#If this file is already in /etc/mail/spamassassin, then you are ready for the
next bit. If the file is somewhere else on your system, copy it to
/etc/mail/spamassassin/.
vi /etc/mail/spamassassin/v310.pre
qmailctl stop
qmailctl start
/etc/init.d/spamd restart
#To test if the changes are working, send yourself a message (from a different
email address) with http://surbl-org-permanent-test-point.com in the message body.
If all is well message should be tagged as spam.
#Enable RBL checking
vi /var/qmail/supervise/qmail-smtpd/run
# Edit the lines as shown below
/etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g ................ \
rblsmtpd \
-r zen.spamhaus.org \
-r bl.spamcop.net \
-r relays.ordb.org \
/var/qmail/bin/qmail-smtpd server.yourdomain.com \
qmailctl stop
qmailctl start
qmailctl stat
References:
http://www.goodcleanemail.com/kb.php?ToDo=view&questId=90&catId=2
http://fuzzyocr.own-hero.net/wiki/Downloads
# Installing dependecnies
yum install ImageMagick
yum install netpbm
yum install netpbm-progs
yum install netpbm-devel
yum install libungif
# On Fedora Core 6 libungif is known as giflib
yum install libungif-progs
# On Fedora Core install giflib-utils instead of libungif-progs
cpan
install String::Approx
# Installing GOCR
cd /tmp
wget http://prdownloads.sourceforge.net/jocr/gocr-0.43.tar.gz
tar zxvf gocr-0.43.tar.gz
cd gocr-0.43
./configure --with-netpbm=/usr/lib/
make
make install
# Installing Fuzzyocr
cd /tmp
wget http://users.own-hero.net/~decoder/fuzzyocr/fuzzyocr-2.3b.tar.gz
#########
focr_logfile /var/log/FuzzyOcr.log
vi FuzzyOcr.pm
# Add this line below any existing use statements at start of the file
use Mail::SpamAssassin::Timeout;
######
######
cd /var/log
touch FuzzyOcr.log
cp -a FuzzyOcr.cf /etc/mail/spamassassin/
cp -a FuzzyOcr.words.sample /etc/mail/spamassassin/
cp -a FuzzyOcr.pm /etc/mail/spamassassin/
cd /etc/mail/spamassassin/
mv FuzzyOcr.words.sample FuzzyOcr.words
chown root.root FuzzyOcr.*
touch focr_digest_db
chmod o+w focr_digest_db
vi v310.pre
cd /var/log/qmail
chown spamd.spamd FuzzyOcr.log
chmod 600 FuzzyOcr.log
spamassassin -D --lint
/etc/rc.d/init.d/spamassassin restart
# Testing
/tmp/FuzzyOcr-2.3b/samples
spamassassin -t < animated-gif.eml
spamassassin -t < corrupted-gif.eml
spamassassin -t < jpeg.eml
spamassassin -t < png.eml