Thanks for a great how-to, after some time I finally got the system working! Although I have some issues I would like some help with: 1) I keep getting "cron daemon" mails in my inbox! Aren't these supposed to be sent to root@localhost? I don't need all that info in my main inbox Is there somewhere I can change this? See snip from log below: From "mail.log": Code: Feb 22 08:43:01 mailgw postfix/smtp[2510]: 6AC2CC2B85: to=<[email protected]>, orig_to=<[email protected]>, relay=node01.domain.tld[78.46.92.124]:25, delay=0.04, delays=0.01/0/0/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 07E9720067) Mail from cron I recive: Code: Reading status from /var/spool/MailScanner/quarantine/phishingupdate/status Checking that /var/spool/MailScanner/quarantine/phishingupdate/cache/2011-082 exists... ok Checking that /var/spool/MailScanner/quarantine/phishingupdate/cache/2011-082.18 exists... ok I am working with: Current: 2011-082 - 20 and Status: 2011-082 - 18 No base update required Update required Retrieving http://www.mailscanner.tv/2011-082.19 Retrieving http://www.mailscanner.tv/2011-082.20 /var/spool/MailScanner/quarantine/phishingupdate/cache/2011-082.20 Updating live file /opt/MailScanner/etc/phishing.bad.sites.conf Deleting cached file: 2011-082.18.... ok 2) I'm getting errors in "mail.err" about DCC and ClamAV, see below. From "mail.err": Code: Feb 22 07:42:02 mailgw ClamAV-autoupdate[8718]: ClamAV updater /usr/local/bin/freshclam cannot be run Feb 22 08:35:08 mailgw dccifd[1264]: fopen(/var/run/dcc/dccifd.pid): No such file or directory Feb 22 08:42:02 mailgw ClamAV-autoupdate[2298]: ClamAV updater /usr/local/bin/freshclam cannot be run 3) When running spamassassin -x -D -p /opt/MailScanner/etc/spam.assassin.prefs.conf --lint, I see that my userid=1 and not 2. See below. Code: Feb 22 09:26:17.606 [3308] dbg: bayes: database connection established Feb 22 09:26:17.606 [3308] dbg: bayes: found bayes db version 3 Feb 22 09:26:17.607 [3308] dbg: bayes: Using userid: 1 4) Using the Baruwa web-interface, I'm getting "Error connecting to server. check network!", when trying to perform a release, quarantine, delete, etc. on mails. I've browsed the web and suggestions are to disable Javascript, which seems to work. But is there any other workaround for this? It annoys me that I have to change Javascript setting all the time! 5) How do I setup my mailserver to work with this gateway/spamsnake? 5a) Are my clients still supposed to send mails via SMTP through my mailserver? Or should they now use the gateway/spamsnake to send mail from(SMTP) 5b) If I configure my mailserver to accept mails only from the gateway/spamsnake, how will my clients be able to connect via SMTP for sending email(if answer to 5a are yes). 6) I would love for someone (topdog), to check my server config and general setup via SSH, before throwing it into production, if this is by anyway possible. Thanks for any replies.
2) is solved now, if you get this: Code: Feb 22 17:10:23 mailgw dccifd[1248]: fopen(/var/run/dcc/dccifd.pid): No such file or directory Edit /etc/init.d/dcc-client and make it look like below, I have commented where edit starts and ends: Code: #!/bin/sh # # dcc-client example file to build /etc/init.d/ scripts. # This file should be used to construct scripts for /etc/init.d. PATH=/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/sbin/dccifd NAME=dccifd DESC="DCC program interface daemon" [B]########START EDIT########## DCC_RUNDIR=/var/run/dcc if [ ! -d $DCC_RUNDIR ]; then mkdir -p $DCC_RUNDIR chown dcc:dcc $DCC_RUNDIR fi ########END EDIT###########[/B] test -f $DAEMON || exit 0 set -e case "$1" in start) echo -n "Starting $DESC: $NAME" start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid \ --chuid dcc:dcc --exec $DAEMON -- $OPTIONS echo "." ;; stop) echo -n "Stopping $DESC: $NAME" start-stop-daemon --oknodo --stop --quiet --exec $DAEMON echo "." ;; restart) echo -n "Restarting $DESC: $NAME" start-stop-daemon --stop --quiet --pidfile \ /var/run/$NAME.pid --exec $DAEMON sleep 1 start-stop-daemon --start --quiet --pidfile \ /var/run/$NAME.pid --exec $DAEMON -- $OPTIONS echo "." #echo "\n" ;; *) N=/etc/init.d/$NAME # echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2 echo "Usage: $N {start|stop|restart}" >&2 exit 1 ;; esac exit 0 Afterwards reboot Ubuntu and you'll see that "dccifd.pid" now exists in /var/run/dcc 2) If you get this: Code: Feb 22 18:42:01 mailgw ClamAV-autoupdate[3976]: ClamAV updater /usr/local/bin/freshclam cannot be run Then edit the following line in /opt/MailScanner/etc/virus.scanners.conf and make it look like below! You probably have /usr/local at the the end. Code: clamav /opt/MailScanner/lib/clamav-wrapper /usr Afterwards, run: /etc/init.d/clamav-freshclam restart Still looking for help on the others though Thanks
Hey, Glad you got the snake up and running, although not completely 100% functional, I'm sure a few minor tweaks will fix your issues. Add &> /dev/null at the end of all of your cronjobs, before the comment (#) statement to avoid the email messages. The bayes user will be 1 because we specified root as the override user, who has access to the db, so that's normal. Ok so you've figured out dcc and clamav, that's great. Give us a breakdown of your setup. What is it relaying to, are your clients internal, have you setup proper dns mx records for your mails to flow to the snake? Once your mx records are setup properly, mails will start flowing to the snake. You'll have to setup the domains/transports in Baruwa for which you're relaying for and the destination smtp server, and after filtering, mails should flow to that server. A writeup can be found in the howto for the snake on how to do this.
Thanks for your post Rocky! I have 2 servers, the first server "node01" is running Debian with ISPConfig3 and acts as a LAMP basically. All my domains and mailboxes reside here. The second server "mailgw" is running the spamsnake. Where I have setup "node01" as relay host in the Baruwa interface. For now I have redirected only a test domains MX-record to the spamsnake. Mail seem to be relaying just fine. But if I manually send mail through "node01" to the test domain, mails are also coming in. This is obvious, as I have not limited "node01" to recieve mail from the spamsnake only. This is what I'm trying to find out howto to do in a proper way. Both server are "external", running as seperate machines with external global IP's. I'm wondering if I need to specify anything special in this line in /usr/src/postfix.sh Code: postconf -e "mynetworks = 127.0.0.0/8, 192.168.0.0/24" Obviously I'm not using 192.168.0.0/24 as my network, but I'm in doubt as what to enter here. Thanks for any assistance and please ask if you need more info.
5 is now also solved \o/ I'm using IPTables to allow ONLY the spamsnake on port 25. Postfix on the mailserver has been changed to port 587/TLS SMTP for my mail users. uncommented below in master.cf enables submission port 587. Code: submission inet n - - - - smtpd
You actually need: Code: submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject Not just: Code: submission inet n - n - - smtpd
Thanks Topdog, I need to remove "chroot" as that would't work. Code: Feb 23 16:20:02 node01 postfix/smtpd[24056]: fatal: SASL per-process initialization failed
I'm getting this, running the spamassasin --lint command: Code: Feb 24 06:11:23.936 [20573] warn: config: failed to parse line, skipping, in "/etc/MailScanner/spam.assassin.prefs.conf": use_auto_whitelist 0 Should this be uncommented or?? Thanks
Hmm that's odd Checking the Baruwa web interface under "Status->Spamassasin lint" outputs the same error: Code: Feb 24 06:11:23.936 [20573] warn: config: failed to parse line, skipping, in "/etc/MailScanner/spam.assassin.prefs.conf": use_auto_whitelist 0 BUT, running: Code: mailgw:~# spamassassin -x -D -p /opt/MailScanner/etc/spam.assassin.prefs.conf --lint 2>&1 | fgrep 'warn' Only outputs this: Code: Feb 24 19:08:14.744 [27556] dbg: config: warning: score set for non-existent rule SHORTCIRCUIT Feb 24 19:08:14.744 [27556] dbg: config: warning: score set for non-existent rule SUBJ_RE_NUM Feb 24 19:08:14.744 [27556] dbg: config: warning: score set for non-existent rule FM_VIAGRA_SPAM1114 Feb 24 19:08:14.745 [27556] dbg: config: warning: score set for non-existent rule AXB_HELO_LH_HOME Feb 24 19:08:14.745 [27556] dbg: config: warning: score set for non-existent rule ACCESSDB Which one to trust Thanks EDIT: No luck with the info from your link, Falko. Thanks though.
Jim, Your're having these issues because you've used the distributed deb package, which will install the distributed mailscanner version for ubuntu. Now, you have 2 instances of mailscanner, since you followed my guide. The distributed version will be an older version where as the tar version will be the latest version and is always installed in /opt. You can either remove the distributed version and create a symlink of /opt/MailScanner in /etc or get rid of both mailscanner and baruwa and reinstall them via the guide using my deb v102 package. Rocky
Ah, yes I see your point I'll stick to your upgrades! I've uninstalled mailscanner and baruwa and installed from your guide 1.0.2. Everything seems to work as intended. Thanks for your excellent assistance
Thanks, all is working excellent, although a slight problem with the Altermime function. ALL my mails have this message at the bottom, even the incoming ones: -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. I have double-checked the AlterMIME section of your guide, but without success. Any pointers here? Thanks
Hey, I'm sure you added the following to master.cf: -o content_filter=dfilt: Make sure /etc/postfix/disclaimer is setup according to the guide. Use this as a guide http://www.gypthecat.com/index.php/how-to-add-different-disclaimers-using-altermime-and-postfix-based-on-domain/
Thanks again Rocky, I never got this to work properly. Even when following the other guide from scratch. Never the less, it's not so important at the moment so I'll leave it at that. Thanks for all your help on this.
