Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
qmail + vpopmail + spamassassin + anomy + f-prot virus scan
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
apokalyptik
n00b
n00b


Joined: 18 Jun 2002
Posts: 62

PostPosted: Fri Apr 25, 2003 4:51 pm    Post subject: qmail + vpopmail + spamassassin + anomy + f-prot virus scan Reply with quote

Prerequisites: php, qmail, vpopmail

Step 1: install anomy
Code:
   mkdir /usr/local/src/download
   mkdir /usr/local/src/working
   cd /usr/local/src/download
   wget http://mailtools.anomy.net/dist/anomy-sanitizer-1.57.tar.gz
   cd ../working/
   tar -zxf ../download/anomy-sanitizer-1.57.tar.gz

Step 2: install safecat
Code:
   cd /usr/local/src/download
   wget http://www.pobox.com/~lbudney/linux/software/safecat/safecat-1.9.tar.gz
   cd ../working/
   tar -zxf ../download/safecat-1.9.tar.gz
   cd safecat-1.9
   make
   make setup check

Step 3: "emerge f-prot Mail-SpamAssassin"
Step 4: mkdir /var/quarantine/
Step 5: chown vpopmail.vpopmail /var/quarantine/
Step 6: chsh -s /bin/bash vpopmail
Step 7: create /etc/sanitizer.cfg
Code:
   feat_verbose           = 1   # Warn user about unscanned parts, etc.
   feat_log_inline        = 0   # Inline logs: 0 = Off, 1 =  Maybe, 2 = Force
   feat_log_stderr        = 0   # Print log to standard error
   feat_log_xml           = 0   # Dont use XML format for logs.
   feat_log_trace         = 0   # Omit trace info from logs.
   feat_log_after         = 0   # Dont add any scratch space to part headers.
   feat_files             = 1   # Enable filename-based policy decisions.
   feat_force_name        = 1   # Force all parts (except text/html parts) to have file names.
   feat_boundaries        = 0   # Replace all boundary strings with our own! NOTE:  Always breaks PGP/MIME messages!
   feat_lengths           = 1   # Protect against buffer overflows and null values.
   feat_scripts           = 1   # Defang incoming shell scripts.
   feat_html              = 1   # Defang active HTML content.
   feat_webbugs           = 0   # Web-bugs are allowed.
   feat_trust_pgp         = 1   # Dont scan PGP signed message parts.
   feat_uuencoded         = 1   # Sanitize inline uuencoded files.
   feat_forwards          = 1   # Sanitize forwarded messages
   feat_testing           = 0   # This isnt a test-case configuration.
   feat_fixmime           = 1   # Fix invalid MIME, if possible.
   feat_paranoid          = 0   # Dont be excessively paranoid about MIME headers etc.
   score_bad              = 100
   file_name_tpl          = /var/quarantine/att-$F.$$$
   file_default_policy    = accept
   file_default_filename  = unnamed.file
   file_list_rules = 1
   file_list_1 = (?s).*
   file_list_1_scanner = 0:1:2:/opt/f-prot/f-prot -ai -archive -dumb %FILENAME
   file_list_1_policy = accept:mangle:mangle:unknown

Step 8: /var/qmail/bin/fullscan
Code:
#!/usr/bin/php -f
<?php
           $SAFE_CAT="/usr/local/bin/safecat";
           $SPAM_ASS="/usr/bin/spamassassin";
           $ANOM_DIR="/usr/local/src/working/anomy";
           $ANOM_CMD="/usr/local/src/working/anomy/bin/sanitizer.pl -fprotd /etc/sanitizer.cfg ";
   
           $TEMP_DIR="/tmp/";
           $DEST_DIR=$argv[1];
   
           $fp=fopen("/dev/stdin", "r");
           while ( !feof($fp) ) {
                   $input.=fgets($fp, 255);
           }
           fclose($fp);
           $TEMP_FIL=$TEMP_DIR.md5($input);
   
           $fp=fopen($TEMP_FIL, "w");
           fputs($fp, $input);
           fclose($fp);
   
           putenv("ANOMY=$ANOM_DIR");
           $CMD=" cat $TEMP_FIL | $SPAM_ASS | $ANOM_CMD | $SAFE_CAT $TEMP_DIR $DEST_DIR";
           `$CMD`;
   
           unlink($TEMP_FIL);
?>

Step 9: chmod 755 /var/qmail/bin/fullscan
Step 10: make your /var/vpopmail/domains/{domain}/.qmail-{user} file
Code:
   |/var/qmail/bin/fullscan /var/vpopmail/domains/{domain}/{user}/Maildir/new

Step 11: crontab -e
Step 12: add the following line to the end of the cron jobs to update virus defs every day at midnight
Code:
0 0 * * * /opt/f-prot/check-updates.sh 2>/dev/null 1>/dev/null

_________________
http://www.apokalyptik.com/
Back to top
View user's profile Send private message
apokalyptik
n00b
n00b


Joined: 18 Jun 2002
Posts: 62

PostPosted: Tue May 13, 2003 2:52 pm    Post subject: Reply with quote

This is an updated script you can use as a for calling in

/var/vpopmail/domains/domain.com/.qmail-default

Code:
#!/usr/bin/php -f
<?php

   # Depends:
   #   Spamassassin (http://www.spamassassin.org)
   #   Anomy (http://mailtools.anomy.net/)
   #   SafeCat (http://budney.homeunix.net:8080/users/budney/linux/software/safecat.html)
   #   PHP-CLI (http://www.php.net)

   # Usage:
   #   use in a .qmail-default file
   #   VPOPMAIL EXAMPLE:
   #   "| /var/qmail/bin/cleanmail $LOCAL $HOME {catchall directory}"
   #   e.g:
   #   "| /var/qmail/bin/cleanmail $LOCAL $HOME /var/vpopmail/domains/test.com/postmaster/Maildir/new/"

        ### Spamassassin
        $BIN_SPAMASSASSIN='/usr/bin/spamassassin';
        $ARG_SPAMASSASSIN='';
        ### Anomy
        $BIN_ANOMY='/usr/local/src/working/anomy/bin/sanitizer.pl';
        # change to ARG_ANOMY='' to disable f-prot support
        $ARG_ANOMY='-fprotd';
        putenv("ANOMY=/usr/local/src/working/anomy/");
        ### SafeCat
        $BIN_SAFECAT='/usr/local/bin/safecat';
        $ARG_SAFECAT='/var/vpopmail/tmp';
        $LOCAL=getenv('LOCAL');
        $MAILDIR=`echo $LOCAL | /usr/bin/tr "A-Z" "a-z"`;
        putenv("MAILDIR=$MAILDIR");
        $CMD='echo ${MAILDIR##*"-"}';
        $MAILDIR=trim(`$CMD`);
        $MAILDIR.='/Maildir/new/';
        $PATH=getenv("HOME");
        if (substr($PATH, -1) != '/') {
                $PATH.='/';
        }
        $FULLPATH=trim($PATH).trim($MAILDIR);
        if ( ! is_dir($FULLPATH) && ! empty($argv[3]) ) {
                $FULLPATH=$argv[3];
        }
        $fp=fopen("/dev/stdin", "r");
        while ( !feof($fp) ) {
                $input.=fgets($fp, 255);
        }
        fclose($fp);
        $tfn='/tmp/'.md5($input.microtime());
        $fp=fopen($tfn, 'w');
                #fputs($fp, getenv('UFLINE'));
                #fputs($fp, getenv('DTLINE'));
                #fputs($fp, getenv('RPLINE'));
                fputs($fp, $input);
        fclose($fp);
        $CMD="/usr/bin/cat $tfn | $BIN_ANOMY $ARG_ANOMY | $BIN_SPAMASSASSIN $ARG_SPAMASSASSIN | $BIN_SAFECAT $ARG_SAFECAT $FULLPATH";
        `$CMD`;
        unlink($tfn);
?>


(edited once to work with gentoo without so much modification)
_________________
http://www.apokalyptik.com/
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum