This guide is meant to build a spam and virus scanner to be put in place with an existing mail setup. All mail to the domain will come through this server, and then be relayed for normal delivery, with spam forwarded to email@example.com. This has been tested in front of Domino.
This doc is a collaboration from James and Derek at PCA (thanks guys), various docs at fedoranews.org, Ugo Bellavance, and my own experiences.
First things first, you need these software packages to continue:
Fedora Core 1
Sendmail (should install with OS)
SpamAssassin - do not install from Fedora, get the source tarball
Fedora Core 1 Install
In the FC1 install, select ONLY Sendmail and Sendmail-cf under Mail Server, Development Tools, and Kernel Development. Nothing else is needed from Fedora.
Run yum update as soon as you're done booting up This will ensure a fully up-to-date system to work with.
Before you begin, make sure you have the following packages installed:
Before you install webmin, install Net:SSLeay with:
rpm -ivh perl-Net-SSLeay-x.xx-x.rhfc1.dag.i386.rpm
with the package specifically for FC1 put together by Dag Wieers.
Once the install is complete, download webmin and install it with: rpm -ivh webmin-x.xxx-x.noarch.rpm
Open up a web browser, and point to https://your-box:10000.
Once you're logged into webmin, you can click on the system tab,
and go to bootup/shutdown and turn off any unnecessary services, and stop them from starting up.
Install MailScanner -
There have been some posted problems with man2prod errors, to avoid this type:
Unpack the tar file with:
tar xvzf MailScanner-x.xx-x.tar.gz
./install.sh (You may need to run ./Update-MakeMaker.sh)
Open up your favorite text editor and edit /etc/mail/sendmail.mc, and comment out the following lines by placing dnl in front of them:
dnl DAEMON_OPTIONS('Port=smtp,Adr=127.0.0.1, Name=MTA')
dnl FEATURE('accept_unresolvable_domains') dnl
Close and save. Now recreate the sendmail.cf at a command prompt with:
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Install SpamAssassin -
Get the following four rpms:
Install all of these. That is it for now.
Install DCC -
Extract the package with tar zxvf dcc-dccd.tar.Z, cd into the directory, and to install type:
./configure; make install
SpamAssassin will automagically pick up DCC and use it.
Install Pyzor -
You will need the package python-devel for Pyzor
Extract the package with tar zxvf pyzor-0.4.0.tar.gz, cd into the directory, and to install type:
python setup.py build
python setup.py install
Pyzor will automagically be picked up by SpamAssassin as well.
Install Razor -
Download the razor-agents, and the razor-agents-sdk tarballs, along with Net::DNS and Time::HiRes perl modules.
Extract the razor-agents-sdk first with:
tar zxvf razor-agents-sdk-2.03.tar.gz
tar zxvf razor-agents-2.40.tar.gz
cd into the agents-sdk directory first, and type:
When you're done with both packages, type in: razor-client, which creates the needed symlinks.
Razor will automagically be picked up by SpamAssassin.
Make this a shell script, and chmod 744 it. I put it in /etc/cron.daily
Install Clam-AV -
First, create the clamav user and group.
useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav
Download clam-av, and extract it with:
tar zxvf clamav-x.xx.tar.gz
cd into the directory, and run:
MailScanner will update your Clam-AV defs for you.
Modify the following in /etc/MailScanner/MailScanner.conf
MTA = sendmail
Use SpamAssassin = yes
Delivery Method = queue
Spam Actions = forward firstname.lastname@example.org
High Scoring Spam Actions = forward email@example.com
Virus Scanners = clamav
Comment out the following lines in /etc/MailScanner/spam.lists.conf
*Note - make sure you make an account firstname.lastname@example.org
From Webmin, click on Servers, click on Sendmail Configuration.
Go to Domain Routing (mailertable) and manually edit /etc/mail/mailertable and add the following line:
normalmailserver.xxx.com is the full hostname of the mail server that spam server will forward all mail to.
Make sure to separate with the tab key and save the settings.
Next, Click on Relay domains and add yourdomain.com