| View previous topic :: View next topic |
| Author |
Message |
apokalyptik
n00b
Joined: 18 Jun 2002
Posts: 62
|
 Posted: Fri Apr 25, 2003 4:51 pm Post subject: qmail + vpopmail + spamassassin + anomy + f-prot virus scan |
 |
|
Prerequisites: php, qmail, vpopmail
Step 1: install anomy
| Code: | mkdir /usr/local/src/download
mkdir /usr/local/src/working
cd /usr/local/src/download
wget http://mailtools.anomy.net/dist/anomy-sanitizer-1.57.tar.gz
cd ../working/
tar -zxf ../download/anomy-sanitizer-1.57.tar.gz
|
Step 2: install safecat
| Code: | cd /usr/local/src/download
wget http://www.pobox.com/~lbudney/linux/software/safecat/safecat-1.9.tar.gz
cd ../working/
tar -zxf ../download/safecat-1.9.tar.gz
cd safecat-1.9
make
make setup check
|
Step 3: "emerge f-prot Mail-SpamAssassin"
Step 4: mkdir /var/quarantine/
Step 5: chown vpopmail.vpopmail /var/quarantine/
Step 6: chsh -s /bin/bash vpopmail
Step 7: create /etc/sanitizer.cfg
| Code: | feat_verbose = 1 # Warn user about unscanned parts, etc.
feat_log_inline = 0 # Inline logs: 0 = Off, 1 = Maybe, 2 = Force
feat_log_stderr = 0 # Print log to standard error
feat_log_xml = 0 # Dont use XML format for logs.
feat_log_trace = 0 # Omit trace info from logs.
feat_log_after = 0 # Dont add any scratch space to part headers.
feat_files = 1 # Enable filename-based policy decisions.
feat_force_name = 1 # Force all parts (except text/html parts) to have file names.
feat_boundaries = 0 # Replace all boundary strings with our own! NOTE: Always breaks PGP/MIME messages!
feat_lengths = 1 # Protect against buffer overflows and null values.
feat_scripts = 1 # Defang incoming shell scripts.
feat_html = 1 # Defang active HTML content.
feat_webbugs = 0 # Web-bugs are allowed.
feat_trust_pgp = 1 # Dont scan PGP signed message parts.
feat_uuencoded = 1 # Sanitize inline uuencoded files.
feat_forwards = 1 # Sanitize forwarded messages
feat_testing = 0 # This isnt a test-case configuration.
feat_fixmime = 1 # Fix invalid MIME, if possible.
feat_paranoid = 0 # Dont be excessively paranoid about MIME headers etc.
score_bad = 100
file_name_tpl = /var/quarantine/att-$F.$$$
file_default_policy = accept
file_default_filename = unnamed.file
file_list_rules = 1
file_list_1 = (?s).*
file_list_1_scanner = 0:1:2:/opt/f-prot/f-prot -ai -archive -dumb %FILENAME
file_list_1_policy = accept:mangle:mangle:unknown
|
Step 8: /var/qmail/bin/fullscan
| Code: | #!/usr/bin/php -f
<?php
$SAFE_CAT="/usr/local/bin/safecat";
$SPAM_ASS="/usr/bin/spamassassin";
$ANOM_DIR="/usr/local/src/working/anomy";
$ANOM_CMD="/usr/local/src/working/anomy/bin/sanitizer.pl -fprotd /etc/sanitizer.cfg ";
$TEMP_DIR="/tmp/";
$DEST_DIR=$argv[1];
$fp=fopen("/dev/stdin", "r");
while ( !feof($fp) ) {
$input.=fgets($fp, 255);
}
fclose($fp);
$TEMP_FIL=$TEMP_DIR.md5($input);
$fp=fopen($TEMP_FIL, "w");
fputs($fp, $input);
fclose($fp);
putenv("ANOMY=$ANOM_DIR");
$CMD=" cat $TEMP_FIL | $SPAM_ASS | $ANOM_CMD | $SAFE_CAT $TEMP_DIR $DEST_DIR";
`$CMD`;
unlink($TEMP_FIL);
?>
|
Step 9: chmod 755 /var/qmail/bin/fullscan
Step 10: make your /var/vpopmail/domains/{domain}/.qmail-{user} file
| Code: | |/var/qmail/bin/fullscan /var/vpopmail/domains/{domain}/{user}/Maildir/new
|
Step 11: crontab -e
Step 12: add the following line to the end of the cron jobs to update virus defs every day at midnight
| Code: | | 0 0 * * * /opt/f-prot/check-updates.sh 2>/dev/null 1>/dev/null |
_________________
http://www.apokalyptik.com/ |
|
| Back to top |
|
 |
apokalyptik
n00b
Joined: 18 Jun 2002
Posts: 62
|
| Posted: Tue May 13, 2003 2:52 pm Post subject: |
|
|
This is an updated script you can use as a for calling in
/var/vpopmail/domains/domain.com/.qmail-default
| Code: | #!/usr/bin/php -f
<?php
# Depends:
# Spamassassin (http://www.spamassassin.org)
# Anomy (http://mailtools.anomy.net/)
# SafeCat (http://budney.homeunix.net:8080/users/budney/linux/software/safecat.html)
# PHP-CLI (http://www.php.net)
# Usage:
# use in a .qmail-default file
# VPOPMAIL EXAMPLE:
# "| /var/qmail/bin/cleanmail $LOCAL $HOME {catchall directory}"
# e.g:
# "| /var/qmail/bin/cleanmail $LOCAL $HOME /var/vpopmail/domains/test.com/postmaster/Maildir/new/"
### Spamassassin
$BIN_SPAMASSASSIN='/usr/bin/spamassassin';
$ARG_SPAMASSASSIN='';
### Anomy
$BIN_ANOMY='/usr/local/src/working/anomy/bin/sanitizer.pl';
# change to ARG_ANOMY='' to disable f-prot support
$ARG_ANOMY='-fprotd';
putenv("ANOMY=/usr/local/src/working/anomy/");
### SafeCat
$BIN_SAFECAT='/usr/local/bin/safecat';
$ARG_SAFECAT='/var/vpopmail/tmp';
$LOCAL=getenv('LOCAL');
$MAILDIR=`echo $LOCAL | /usr/bin/tr "A-Z" "a-z"`;
putenv("MAILDIR=$MAILDIR");
$CMD='echo ${MAILDIR##*"-"}';
$MAILDIR=trim(`$CMD`);
$MAILDIR.='/Maildir/new/';
$PATH=getenv("HOME");
if (substr($PATH, -1) != '/') {
$PATH.='/';
}
$FULLPATH=trim($PATH).trim($MAILDIR);
if ( ! is_dir($FULLPATH) && ! empty($argv[3]) ) {
$FULLPATH=$argv[3];
}
$fp=fopen("/dev/stdin", "r");
while ( !feof($fp) ) {
$input.=fgets($fp, 255);
}
fclose($fp);
$tfn='/tmp/'.md5($input.microtime());
$fp=fopen($tfn, 'w');
#fputs($fp, getenv('UFLINE'));
#fputs($fp, getenv('DTLINE'));
#fputs($fp, getenv('RPLINE'));
fputs($fp, $input);
fclose($fp);
$CMD="/usr/bin/cat $tfn | $BIN_ANOMY $ARG_ANOMY | $BIN_SPAMASSASSIN $ARG_SPAMASSASSIN | $BIN_SAFECAT $ARG_SAFECAT $FULLPATH";
`$CMD`;
unlink($tfn);
?> |
(edited once to work with gentoo without so much modification)
_________________
http://www.apokalyptik.com/ |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Documentation, Tips & Tricks
