Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
References:http://dspamwiki.expass.de/Installation/Postfix/RelayStepByStep?highlig
ht=(relay)
vi /usr/local/etc/clamd.conf
# mkdir -p /var/work/source
# mkdir -p /var/work/compile/configure
# cd /var/work/source
# wget http://www.tigertech.net/mirrors/postfix-release/official/postfix-
2.2.9.tar.gz
# cd ../compile
# tar -zxf ../source/postfix-2.2.9.tar.gz
# cd postfix-2.2.9
# vim ../configure/postfix
#!/bin/sh
make -f Makefile.init makefiles \
"CCARGS=-DHAS_MYSQL -I/usr/include/mysql" \
"AUXLIBS=-L/usr/lib/mysql -lmysqlclient -lz -lm"
# chmod 755 ../configure/postfix
# ../configure/postfix
# make && make install
( answer default settings to all prompts )
# postfix start
( see that postfix starts )
# ps axf
*******
Warning: you still need to edit myorigin/mydestination/mynetworks
parameter settings in /etc/postfix/main.cf.
# vi /etc/rc.local
# start postfix
/usr/sbin/postfix start
# cd /var/work/source
# wget http://www.nuclearelephant.com/projects/dspam/sources/dspam-3.6.4.tar.gz
# cd ../compile
# tar -zxf ../source/dspam-3.4.2.tar.gz
# cd dspam-3.4.2/
# vi ../configure/dspam
#!/bin/sh
./configure \
--with-dspam-home=/var/dspam \
--with-dspam-home-mode=770 \
--with-dspam-home-owner=dspam \
--with-dspam-home-group=postdrop \
--with-dspam-mode=2510 \
--with-dspam-owner=dspam \
--with-dspam-group=postfix \
--with-delivery-agent=/usr/sbin/sendmail \
--with-storage-driver=mysql_drv \
--with-mysql-includes=/usr/include/mysql \
--with-mysql-libraries=/usr/lib/mysql \
--enable-preferences-extension \
--enable-virtual-users \
--enable-daemon \
--enable-debug --enable-clamav --build=i686-pc-linux-gnu
# cd /var/work/source
# wget http://gulus.usherbrooke.ca/pub/appl/apache/httpd/httpd-2.0.53.tar.gz
# cd ../compile
# tar -zxf ../source/httpd-2.0.53.tar.gz
# cd httpd-2.0.53/
# vi ../configure/apache
#!/bin/sh
./configure \
--enable-rewrite \
--enable-cgi \
--disable-userdir \
--enable-suexec \
--with-suexec-caller=apache \
--with-suexec-docroot=/var/www \
--with-suexec-uidmin=1000 \
--with-suexec-gidmin=1000 \
--enable-ssl
# chmod 755 ../configure/apache
# ../configure/apache
# make && make install
Closer
We have now installed the main tools; we will now start configuration!
Mysql DSPAM user and database creation.
# cd /var/work/compile/dspam-3.4.2/src/tools.mysql_drv/
# mysql -e "create database dspam"
# mysql -e "grant all on dspam.* to dspam@localhost identified by 'yourpassword'"
# mysql dspam < mysql_objects-4.1.sql
You can use any of the following lines based on whether u want dspam to add non-
exixtant users automaically in to the system or whether you would add users using
the mysql backend
# cp purge-4.1.sql /usr/local/share/dspam/
(To keep your database nice and clean you will want to run this command nightly)
# crontab -e
0 0 * * * /usr/local/bin/mysql -udspam -pDSPAMSQLPASS dspam <
/usr/local/share/dspam/purge-4.1.sql
Postfix configuration
The following configuration steps will make your postfix act as a relay (not
opened), uses DSPAM for users validation and forward mails to your real inside
server.
# cd /etc/postfix/
# vi master.cf
( Add/Remove what is needed )
smtp inet n - n - - smtpd
-o content_filter=dspam:
dspam unix - n n - 10 pipe
flags=Rhqu user=dspam argv=/usr/local/bin/dspam --deliver=innocent --user
${recipient} -i -f ${sender} -- ${recipient}
Now replace the content of your main.cf by this one; and modifie the 4 lines
(you'll see where) with your data
# vi main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no
# Modify to your need thoses 4 lignes
mynetworks = 127.0.0.0/8 12.34.56.0/24
myorigin = dspam.lab.infoglobe.ca
mydomain = lab.infoglobe.ca
virtual_mailbox_domains = dspam.lab.infoglobe.ca
virtual_transport = lmtp:unix:/tmp/dspam.sock
virtual_mailbox_maps = mysql:/etc/postfix/vmailbox.cf
dspam_destination_recipient_limit = 1
mydestination =
local_recipient_maps =
local_transport = error:local mail delivery is disabled
unknown_local_recipient_reject_code = 550
parent_domain_matches_subdomains =
debug_peer_list smtpd_access_maps
smtpd_recipient_restrictions =
permit_mynetworks reject_unauth_destination
relay_recipient_maps = hash:/etc/postfix/relay_recipients
transport_maps = hash:/etc/postfix/transport
alias_maps = hash:/etc/aliases
relay_domains = $transport_maps
smtpd_helo_required = yes
disable_vrfy_command = yes
biff = no
empty_address_recipient = MAILER-DAEMON
queue_minfree = 40000000
message_size_limit = 20000000
mailbox_size_limit = 100000000
smtpd_banner = $myhostname ESMTP Postfix
local_transport = local
# vi vmailbox.cf
user = dspam
password = DSPAMSQLPASS
dbname = dspam
query = SELECT username FROM dspam_virtual_uids WHERE username='%s'
table = dspam_virtual_uids
host = 127.0.0.1
select_field = username
where_field = username
Put every domain you want to relay mail for in the transport table, and what
server to relay each one to. This will route mail for "domain.com" to the inside
gateway machine. The [] forces Postfix to do no MX lookup.
# vi transport
domain.com smtp:[inside-gateway.domain.com]
Now we enter every valid e-mail address in the relay_recipient table. Any not
found will get rejected right here. If you want to allow any e-mail address for a
domain, leave off the user name. The right-hand "dummy" value must be present. It
is ignored, but the file must be in name/value pairs.
# vi relay_recipients
# domain1.com, three valid addresses
foo@domain1.com dummy
foo2@domain1.com dummy
foo3@domain1.com dummy
# domain2.com, one valid address
foo@domain2.com dummy
# domain3.com, allow any address
@domain3.com dummy
Do not forget to use this each times you modifie one of theses files:
# postmap transport
# postmap relay_recipients
You need to setup an address that root mail goes to (not here!):
# vi aliases
root: you@domain.com
# postalias aliases
# postfix reload
# tail /var/log/maillog
# vi /usr/local/apache2/conf/httpd.conf
User apache
Group apache
AddHandler cgi-script .cgi
# Modify /dspam.example.com/ to your needs
<VirtualHost *:80>
DocumentRoot "/var/www/antispam.stpimumbai.net/cgi-bin"
ServerName antispam.stpimumbai.net
ServerAdmin server-manager@megaesecure.com
ErrorLog /var/log/httpd/antispam.stpimumbai.net-error_log
TransferLog /var/log/httpd/antispam.stpimumbai.net-access_log
RewriteEngine on
RewriteRule ^/$ /dspam.cgi [R]
SuexecUserGroup dspam dspam
<Directory "/var/www/antispam.stpimumbai.net/cgi-bin">
Options FollowSymLinks ExecCGI
AllowOverride None
Order deny,allow
Deny from all
AuthType Basic
AuthName "DSPAM Control Center"
AuthUserFile /var/www/etc/htpasswd
Require valid-user
Satisfy Any
</Directory>
</VirtualHost>
# apachectl restart
# ps axf
# mkdir -p /var/www/etc/
# chown apache.dspam /var/www/etc/
Setup the password file for logging into the web interface:
# htpasswd -c /var/www/etc/htpasswd user@domain.com
# htpasswd /var/www/etc/htpasswd user2@domain.com
# mkdir -p /var/www/dspam.exemple.com
# chmod 555 /var/www/dspam.exemple.com
# chown dspam.dspam /var/www/dspam.example.com
# cd /var/www/dspam.example.com
# cp -r /var/work/compile/dspam-3.4.2/cgi/* .
# rm -f Makefile*
# chown -R dspam.dspam *
# chmod 444 *.*
# chmod 554 *.cgi
# chmod 555 templates
# chmod 444 templates/*
# vi configure.pl
$CONFIG{'LOCAL_DOMAIN'} = "YourDomain.com";
$CONFIG{'DSPAM_HOME'} = "/var/dspam";
And you need (for the configuration we choses (authentication with the domain
name) to remove the domain:
# vi templates/nav_performance.html
- <strong>spam-$REMOTE_USER$@yourdomain.com</strong>
+ <strong>spam-$REMOTE_USER$</strong>
You should now be able to test the web interface! BUT graphics generation is not
ready!...
Downloading, compiling and installing GD & Co.
# vi /usr/local/etc/dspam.conf
+ Trust dspam
+ Trust apache
+ Trust postfix
+ AllowOverride localStore
MySQLServer /tmp/mysql.sock
MySQLPort 3306
MySQLUser dspam
MySQLPass DSPAMSQLPASS
MySQLDb dspam
MySQLCompress true
This prevents Postfix from needing to use any aliases for retraining. When users
email spam-name@domain.com, DSPAM will automatically realize that it needs to
retrain the message.
ParseToHeaders on
ChangeModeOnParse on
ChangeUserOnParse off
ServerQueueSize 32
ServerPID /var/run/dspam.pid
ServerMode standard
ServerParameters "--deliver=innocent"
ServerIdent "localhost.localdomain"
ServerDomainSocketPath /tmp/dspam.sock
Misc
Database cleanning
# crontab -e
0 0 * * * /usr/local/bin/mysql -u dspam -p'DSPAMPASS' dspam <
/usr/local/share/dspam/purge-4.1.sql | mail root
# telnet 203.129.232.18 25
Trying 203.129.232.18...
Connected to 203.129.232.18 (203.129.232.18).
Escape character is '^]'.
220 antispam.stpimumbai.net ESMTP Postfix
helo myself
250 antispam.stpimumbai.net
MAIL FROM:<spammer@spamserver.com>
250 Ok
RCPT TO:<vaibhav@stpimumbai.net>
250 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
My message
>
.
250 Ok: queued as 52B821FFA5C
# locate apxs
If apxs is not found on your server then install httpd-devel using the following
command
Add the following entries to your apache virtual host section in httpd.conf
<VirtualHost *:80>
DocumentRoot "/var/www/antispam.stpimumbai.net/cgi-bin"
ServerName antispam.stpimumbai.net
ServerAdmin server-manager@megaesecure.com
ErrorLog /var/log/httpd/antispam.stpimumbai.net-error_log
TransferLog /var/log/httpd/antispam.stpimumbai.net-access_log
RewriteEngine on
RewriteRule ^/$ /dspam.cgi [R]
SuexecUserGroup dspam dspam
<Directory "/var/www/antispam.stpimumbai.net/cgi-bin">
Options FollowSymLinks ExecCGI
AllowOverride None
Order deny,allow
Deny from all
Auth_IMAP_Enabled on
AuthType Basic
AuthName "mail.stpimumbai.net"
Auth_IMAP_Authoritative on
Auth_IMAP_Server sandesh.stpimumbai.net
Auth_IMAP_Port 143
Require valid-user
Auth_IMAP_Log on
Satisfy Any
</Directory>
</VirtualHost>
Dspam Training
#Touch /var/dspam/group
#vi /var/dspam/group
global_group:classification:*globaluser
# cd /tmp
# wget http://dspam.sourceforge.net/sources/extras/dspam_sa_trainer.tar.gz
Download the public corpus from http://spamassassin.apache.org/publiccorpus/.
It is recommended you grab all of the 20030228 archives except for
easy_ham_2 (to help balance the corpus) and the 2002 spam archive.
Extract and untar each archive in /tmp/spam directory.
vi /var/www/antispam.stpimumbai.net/cgi-bin/configure.pl
Modify as follows
$CONFIG{'HISTORY_SIZE'} = 10000;
$CONFIG{'HISTORY_PER_PAGE'} = 10000;