Professional Documents
Culture Documents
0 r3 (Webmin,
MailScanner, SpamAssassin, Clamav, Pyzor and razor2,
DCC, Mailwatch)
1. Tambahkan Source list pada /etc/apt/source.list
2. Secara default, debian akan menginstall aplikasi-aplikasi portmap, inetd, exim4, rpc.statd. Aplikasi
ini membuka port2 yang sebenarnya tidak akan kita gunakan di sini. Jadi kita perlu
memnonaktifkannya terlebih dahulu.
Kita bisa install sysv-rc-conf, kemudian menjalankannya dan memilih aplikasi2 yang akan kita aktifkan
atau sebaliknya.
apt-get install binutils cpp fetchmail flex gcc libarchive-zip-perl libc6-dev libcompress-zlib-perl
libdb4.3-dev libpcre3 libpopt-dev lynx m4 make ncftp nmap openssl perl perl-modules unzip zip
zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++ build-essential dpkg-dev db4.3-util
vim bzip2 perl-doc libwww-perl libdbi-perl libconvert-binhex-perl libmail-spf-query-perl rblcheck
libnet-ident-perl tnef pax libberkeleydb-perl unzoo arj lzop nomarch arc zoo libdb-file-lock-perl
4. Install unarj
cd /usr/src
wget ftp://ftp.gva.es/mirror/debian2/pool/main/a/arj/unarj_3.10.21-2_all.deb
dpkg -i unarj_3.10.21-2_all.deb
perl -MCPAN -e shell > pada saat awal akan ditanyakan mirror yang akan kita gunakan pilih sesuai
regional masing2.
install Module::Build
install Mail::SPF (Needed for SPF Checking)
install NetAddr::IP (Needed for SPF Checking)
install MLDBM::Sync this should also install MLDBM (Needed for MailWatch)
6. Install Webmin
Kita bisa login hi https://localhost:10000 dengan user root dan password root server.
Continue installing libc-client without Maildir support? <– Yes Kemudian kita edit file
/etc/apache2/mods-available/dir.conf dan ubah menjadi :
a2enmod ssl
a2enmod rewrite
a2enmod suexec
a2enmod include
/etc/init.d/apache2 force-reload
apt-get install postfix postfix-pcre postfix-mysql postfix-ldap cabextract lha unrar razor pyzor
spamassassin
General type of mail configuration: <– Internet Site System mail name: = 2.02); however:
Version of libmailtools-perl on system is 1.74-1.
mailscanner depends on libole-storage-lite-perl (>= 0.17); however:
Package libole-storage-lite-perl is not installed.
dpkg: error processing mailscanner (–install):
dependency problems – leaving unconfigured
Errors were encountered while processing:
mailscanner
Ini disebabkan karena versi beberapa paket yang kita install tidak sesuai dengan versi mailscannernya.
Kita download dulu versi terbaru dari paket2 yang belum sesuai yaitu (libmailtools-perl dan libole-
storage-lite-perl)
wget http://ftp.jp.debian.org/debian/pool/main/libm/libmailtools-perl/libmailtools-perl_2.04-1_all.deb
dpkg -i libmailtools-perl_2.04-1_all.deb
wget http://debian.mirror.inra.fr/debian/pool/main/libo/libole-storage-lite-perl/libole-storage-lite-
perl_0.18-1_all.deb
dpkg -i libole-storage-lite-perl_0.18-1_all.deb
dpkg -i mailscanner_4.74.16-1_all.deb
Pyzor
——
Razor
—–
rm /etc/razor/razor-agent.conf
mkdir /var/lib/MailScanner/.razor
razor-admin -home=/var/lib/MailScanner/.razor -create
razor-admin -home=/var/lib/MailScanner/.razor -discover
razor-admin -home=/var/lib/MailScanner/.razor -register
chown -R postfix:www-data /var/lib/MailScanner
chmod -R ug+rwx /var/lib/MailScanner
debuglevel = 0
razorhome = /var/lib/MailScanner/.razor/
DCC
—-
cd /usr/src/
wget http://packages.bosslinux.in/boss/pool/tarang/main/d/dcc/dcc-common_1.2.74-4_i386.deb
wget http://packages.bosslinux.in/boss/pool/tarang/main/d/dcc/dcc-server_1.2.74-4_i386.deb
dpkg -i dcc-common_1.2.74-4_i386.deb
dpkg -i dcc-server_1.2.74-4_i386.deb
wget http://www.rhyolite.com/dcc/source/dcc.tar.Z
tar zxvf dcc.tar.Z
cd dcc-1.3.103
./configure
postfix stop
apt-get install clamav clamav-daemon
freshclam
mkdir /var/spool/MailScanner/spamassassin
cp /etc/MailScanner/MailScanner.conf /etc/MailScanner/MailScanner.conf.back
%org-name% = ORGNAME
%org-long-name% = ORGFULLNAME
%web-site% = ORGWEBSITE
Run As User = postfix
Run As Group = www-data
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Virus Scanners = clamav
Spam Subject Text = ***SPAM***
Send Notices = no
Spam List = spamcop.net SBL+XBL
Required SpamAssassin Score = 6
High SpamAssassin Score = 10
Spam Actions = deliver
High Scoring Spam Actions = delete
Rebuild Bayes Every = 0
Wait During Bayes Rebuild = no
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin
run_mailscanner=1
/etc/init.d/mailscanner start
/etc/init.d/postfix start
tail -f /var/log/mail.log
Akan ada error “smtp dbclean[2324]: hostname “optimus22.ietf.org”: Unknown error in line 135 of
/var/lib/dcc/whitecommon”.
Kita harus menginstall MySQL, Apache dan PHP. Selain itu, pastikan libdbd-mysql-perl sudah
terinstall untuk sinkronisasi Mailscanner dengan database MySQL.
short_open_tag = On
safe_mode = Off
register_globals = Off
magic_quotes_gpc = On
magic_quotes_runtime = Off
session.auto_start = 0
extension=mysql.so
extension=gd.so
cd /usr/src/
wget http://downloads.sourceforge.net/mailwatch/mailwatch-1.0.4.tar.gz
tar xzvf mailwatch-1.0.4.tar.gz
cd mailwatch-1.0.4
Membuat Database
Edit Mailwatch.pm dan ubah $db_user dan &db_pass value berdasarkan setting user mysql diatas.
mv Mailwatch.pm /etc/Mailscanner/CustomFunctions/
Membuat Mailwatch Web User
mkdir temp
chgrp www-data temp
chmod g+w temp
cp conf.php.example conf.php
vim conf.php, ubah settingannya jadi seperti ini:
define(DB_USER, ‘mailwatch’);
define(DB_PASS, ‘password’);
define(MAILWATCH_HOME, ‘/var/www/mailscanner’);
define(MS_LIB_DIR, ‘/usr/share/MailScanner/’);
define(QUARANTINE_USE_FLAG, true);
Setup MailScanner
cd /usr/src/mailwatch-1.0.4
vim SQLBlackWhiteList.pm
my($db_user) = ‘mailwatch’;
my($db_pass) = ‘password’;
cp SQLBlackWhiteList.pm /etc/MailScanner/CustomFunctions/
vim /etc/MailScanner/MailScanner.conf
cd /usr/src
wget http://www.gbnetwork.co.uk/mailscanner/files/postfixmail.tar.gz
tar xvfz postfixmail.tar.gz
cd postfixmail
cp postfix* /var/www/mailscanner
patch /var/www/mailscanner/functions.php functions.php.diff
SpamAssassin
mv /etc/spamassassin/local.cf /etc/spamassassin/local.cf.disabled
cp /etc/MailScanner/spam.assassin.prefs.conf /etc/MailScanner/spam.assassin.prefs.conf.back
vi /etc/MailScanner/spam.assassin.prefs.conf
#bayes_auto_expire 0
vi /etc/MailScanner/spam.assassin.prefs.conf
bayes_path /etc/MailScanner/bayes/bayes
bayes_file_mode 0660
bayes_ignore_header X-YOURDOMAIN-COM-MailScanner
bayes_ignore_header X-YOURDOMAIN-COM-MailScanner-SpamCheck
bayes_ignore_header X-YOURDOMAIN-COM-MailScanner-SpamScore
bayes_ignore_header X-YOURDOMAIN-COM-MailScanner-Information
mkdir /etc/MailScanner/bayes
chown -R root:www-data /etc/MailScanner/bayes
chmod -R ug+rw /etc/MailScanner/bayes
chmod g+s /etc/MailScanner/bayes
vim /etc/MailScanner/spam.assassin.prefs.conf
bayes_auto_expire 0
# paths to utilities
ifplugin Mail::SpamAssassin::Plugin::Pyzor
pyzor_path /usr/bin/pyzor
endif
ifplugin Mail::SpamAssassin::Plugin::DCC
dcc_path /usr/local/bin/dccproc
endif
vi /etc/spamassassin/v310.pre , Uncomment / Hapus tanda # pada baris berikut :
loadplugin Mail::SpamAssassin::Plugin::DCC
loadplugin Mail::SpamAssassin::Plugin::Razor2
/etc/init.d/mailscanner restart
Perhatikan apakah DCC, Pyzor dan Razor sudah berjalan atau belum.
Agar Mailwatch bisa berjalan dengan baik, edit db_clean
vim /usr/src/mailwatch-1.0.4/tools/db_clean.php
#!/usr/bin/php -qn
Jadi
#!/usr/bin/php -q
cp /usr/src/mailwatch-1.0.4/tools/quarantine_maint.php /usr/bin/quarantine_maint.php
cp /usr/src/mailwatch-1.0.4/tools/db_clean.php /usr/bin/db_clean.php
chmod +x /usr/bin/quarantine_maint.php
chmod +x /usr/bin/db_clean.php
crontab -e
tail -f /var/log/mail.log
Apr 3 20:01:14 smtp dccd[2325]: 1.2.74 listening to port 6277 with /var/lib/dcc and 115 MByte
window
Apr 3 20:04:31 smtp MailScanner[2382]: MailScanner E-Mail Virus Scanner version 4.74.16
starting…
Apr 3 20:04:31 smtp MailScanner[2382]: Read 848 hostnames from the phishing whitelist
Apr 3 20:04:31 smtp MailScanner[2382]: Read 4278 hostnames from the phishing blacklist
Apr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function SQLBlacklist
Apr 3 20:04:31 smtp MailScanner[2382]: Starting up SQL Blacklist
Apr 3 20:04:31 smtp MailScanner[2382]: Read 0 blacklist entries
Apr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function MailWatchLogging
Apr 3 20:04:31 smtp MailScanner[2382]: Started SQL Logging child
Apr 3 20:04:31 smtp MailScanner[2382]: Config: calling custom init function SQLWhitelist
Apr 3 20:04:31 smtp MailScanner[2382]: Starting up SQL Whitelist
Apr 3 20:04:31 smtp MailScanner[2382]: Read 0 whitelist entries
Apr 3 20:04:32 smtp postfix/master[2440]: daemon started — version 2.3.8, configuration /etc/postfix
Apr 3 20:04:33 smtp MailScanner[2382]: Using SpamAssassin results cache
Apr 3 20:04:33 smtp MailScanner[2382]: Connected to SpamAssassin cache database
Apr 3 20:04:33 smtp MailScanner[2382]: Enabling SpamAssassin auto-whitelist functionality…
Apr 3 20:04:43 smtp MailScanner[2382]: Using locktype = flock
Login ke Mailscanner
Browsing ke http:///mailscanner. Tentunya sesuaikan hostname itu dengan server anda. Misalnya saya
browsing ke http://smtp.msr.web.id/mailscanner atau bisa juga ke IP addressnya saja.
Ubah /var/www/mailscanner/geoip_update.php:
vi /var/www/mailscanner/geoip_update.php
dbquery(“LOAD DATA INFILE
Jadi…
Lakukan pengetesan send/receive email, harusnya sudah berjalan. Cek mail.log untuk melihat error
yang mungkin terjadi. Tapi, sampai sini Instalasi saya berjalan lancar.
Vim /var/www/mailscanner/clamav_status.php
Jadi…
cd /usr/src
wget http://www.openspf.org/blobs/postfix-policyd-spf-perl-2.007.tar.gz
tar xvfz postfix-policyd-spf-perl-2.005.tar.gz
cd postfix-policyd-spf-perl-2.005
cp postfix-policyd-spf-perl /usr/lib/postfix/policyd-spf-perl
/etc/init.d/postfix reload
imagemagick tesseract-ocr
cd /usr/src/
wget http://users.own-hero.net/~decoder/fuzzyocr/fuzzyocr-3.5.1-devel.tar.gz
1. Sanesecurity Signatures
Banyak SPAM yang di attach sebagai file .pdf, .xls, bahkan di archive sebagai .zip dan .rar. Clamav
bisa menangkap dengan mudah ketika signature file dibuat untuk scan attachment file.
mkdir /usr/src/sanesecurity
cd /usr/src/sanesecurity
wget http://www.inetmsg.com/pub/unofficial-sigs.sh
mv unofficial-sigs.sh /usr/bin/ss_bill.sh
chmod +x /usr/bin/ss_bill.sh
user_configuration_complete=”yes”
ss_bill.sh
======================================================================
SaneSecurity Database & Signature File Updates
======================================================================
Number of files: 19
Number of files transferred: 12
Total file size: 5090959 bytes
Total transferred file size: 5084880 bytes
Literal data: 210600 bytes
Matched data: 4874280 bytes
File list size: 408
File list generation time: 0.001 seconds
File list transfer time: 0.000 seconds
Total bytes sent: 26987
Total bytes received: 29977
[…....]
crontab -e
cp /usr/share/doc/altermime/examples/postfix_filter.sh /etc/postfix/disclaimer
chgrp filter /etc/postfix/disclaimer
chmod 750 /etc/postfix/disclaimer
vi /etc/postfix/disclaimer_addresses
user1@example.com
user2@example.org
user3@example.net
vi /etc/postfix/disclaimer
#!/bin/sh
# Localize these.
INSPECT_DIR=/var/spool/filter
SENDMAIL=/usr/sbin/sendmail
####### Changed From Original Script #######
DISCLAIMER_ADDRESSES=/etc/postfix/disclaimer_addresses
####### Changed From Original Script END #######
# Exit codes from
EX_TEMPFAIL=75
EX_UNAVAILABLE=69
# Clean up when done or when aborting.
trap “rm -f in.$$” 0 1 2 3 15
# Start processing.
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit
$EX_TEMPFAIL; }
cat >in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; }
####### Changed From Original Script #######
# obtain From address
from_address=`grep -m 1 “From:” in.$$ | cut -d “” -f 1`
if [ `grep -wi ^${from_address}$ ${DISCLAIMER_ADDRESSES}` ]; then
/usr/bin/altermime –input=in.$$ \
–disclaimer=/etc/postfix/disclaimer.txt \
–disclaimer-html=/etc/postfix/disclaimer.txt \
–xheader=”X-Copyrighted-Material: Please visit http://www.company.com/privacy.htm” || \
{ echo Message content rejected; exit $EX_UNAVAILABLE; }
fi
####### Changed From Original Script END #######
$SENDMAIL “$@”
exit $?
cp /usr/share/doc/altermime/examples/disclaimer.txt /etc/postfix/disclaimer.txt
vi /etc/postfix/master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: “man 5 master”).
#
#
=========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
#
=========================================================================
=
smtp inet n – – – – smtpd
-o content_filter=dfilt:
[...]
dfilt unix – n n – – pipe
/etc/init.d/postfix restart
Selesai! Sekarang disclaimer/penolakan akan ditambahkan pada email yang dikirm dari alamat yang
dicantumkan di /etc/postfix/discalaimer_addressess.