In continue to my document https://help.ubuntu.com/community/QmailOpenLDAP about setting up qmail-ldap on ubuntu this document will help you to setup qmail-scanner with clamav antivirus and spamassassin spamfilter.
Introduction
Qmail-Scanner is an add-on that enables a Qmail email server to scan email for certain characteristics. It is typically used for its anti-virus and anti-spam protection functions, in which case it is used in conjunction with external scanners. It also enables a site (at a server/site level) to create "Policy blocks": i.e. react to email that contains specific strings in particular headers, or particular attachment filenames or types (e.g. *.EXE attachments even in a zip file).
Its archival features helps ISPs and corporations around the world with new or pending legislation, and regulatory requirements. It can archive all processed email into an archive maildir. This is ideal for backup purposes for audit policy reasons. Unlike certain Windows-based server solutions, the mail envelope headers (the "rcpt to:" and "mail from:" headers) are kept intact - appended to the bottom of each message - confirming true sender and destination addresses. Archiving also supports filtering to a subset of addresses (e.g. only archive "support@domain.name" emails instead of all).
We will bind spamassasin and clamav with qmailsacnner. Spamassassin is a open Source mail filter, written in Perl, to identify spam using a wide range of heuristic tests on mail headers and body text. It can also use some use full plugins like Pyzor, Razor, and DCC. Clamav will scan mail message for virus infected mails.
Installation
We will install and configure Qmail-Scanner, Clamav and SpamAssassin with plugins Pyzor, Razor, and DCC.
Clam Antivirus
ClamAV is an open source antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates.
Download
Download latest version from http://downloads.sourceforge.net/project/clamav
wget http://nchc.dl.sourceforge.net/project/clamav/clamav/0.97/clamav-0.97.tar.gz
Install and Configure ClamAV
cd /download tar zxvf clamav-0.97.tar.gz useradd -c "Qmail-Scanner Account" -s /bin/false qscand cd clamav-0.97 ./configure --with-user=qscand --with-group=qscand make && make install ldconfig -v
Now, we configure its configuration files,these are as:
vi /usr/local/etc/clamd.conf #Example LogFile /var/log/clamav/clamd.log LogFileMaxSize 20M LogTime yes LogClean yes LogSyslog yes PidFile /var/run/clamav/clamd.pid TemporaryDirectory /var/tmp DatabaseDirectory /usr/local/share/clamav LocalSocket /var/run/clamav/clamd.cl MaxConnectionQueueLength 30 User qscand MaxThreads 20 Scanmail yes
Now, create some directories with the ownership of qscand
mkdir /var/run/clamav chown -R qscand.qscand /var/run/clamav mkdir /var/log/clamav chown -R qscand.qscand /var/log/clamav chmod -R 755 /var/log/clamav
By this, clamav is will successful install.
/usr/local/sbin/clamd &
vi /usr/local/etc/freshclam.conf #Example DatabaseDirectory /usr/local/share/clamav UpdateLogFile /var/log/clamav/freshclam.log LogSyslog yes DatabaseOwner qscand DNSDatabaseInfo current.cvd.clamav.net DatabaseMirror database.clamav.net DatabaseMirror db.in.clamav.net NotifyClamd /usr/local/etc/clamd.conf
Save and exit
freshclam -v
crontab -e 25 1 * * * /usr/local/bin/freshclam -l /var/log/clamav/freshclam.log
SpamAssassin
SpamAssassin is a mail filter to identify spam. It is an intelligent email filter which uses a diverse range of tests to identify unsolicited bulk email, more commonly known as Spam. These tests are applied to email headers and content to classify email using advanced statistical methods.
Install and configure spamassassin
apt-get install spamassassin libdigest-sha1-perl libnet-dns-perl libmail-spf-query-perl libgeo-ip-perl libnet-ident-perl libio-socket-ssl-perl libio-socket-inet6-perl perl-modules
groupadd spamd useradd -g spamd -s /bin/false spamd
vi /etc/default/spamassassin ENABLED=1 OPTIONS=" --user-config --username=spamd --max-children 5 --debug --helper-home-dir=/home/spamd"
vi /etc/mail/spamassassin/local.cf required_score 5.0 dns_available yes use_pyzor 1 use_razor2 1 use_bayes 1 bayes_auto_learn 1 bayes_file_mode 0700 include /etc/mail/spamassassin/autowhitelist bayes_path /etc/mail/spamassassin/.spamassassin/bayes bayes_auto_learn_threshold_nonspam 0.1 bayes_auto_learn_threshold_spam 12.0 ok_languages en hi ok_locales en
Now start up Spamassassin...
/etc/init.d/spamassassin start
Now add some plugins..
Razor
cd /downloads/ wget "http://citylan.dl.sourceforge.net/project/razor/razor-agents/2.85/razor-agents-2.85.tar.bz2" wget 'http://citylan.dl.sourceforge.net/project/razor/razor-agents-sdk/2.07/razor-agents-sdk-2.07.tar.bz2'
tar xvf razor-agents-sdk-2.07.tar.bz2 cd razor-agents-sdk-2.07 perl Makefile.PL make make test make install
cd /downloads/ tar xvfj razor-agents-2.85.tar.bz2 cd razor-agents-2.85 perl Makefile.PL make make test make install
Make sure your firewall is allowing port tcp/2703
razor-admin -home=/home/spamd/.razor -create razor-admin -home=/home/spamd/.razor -register razor-admin -home=/home/spamd/.razor -discover
DCC
cd /downloads/ wget http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Z
tar xvfz dcc.tar.Z cd dcc-1.3.120/ ./configure make && make install
Make sure your firewall is allowing port udp/6277
Pyzor
cd /downloads/ wget http://space.dl.sourceforge.net/project/pyzor/pyzor/0.5.0/pyzor-0.5.0.tar.gz
tar xvf pyzor-0.5.0.tar.gz cd pyzor-0.5.0 python setup.py build python setup.py install python -c 'import gdbm' && echo 'gdbm found'
run the next command to complete pyzor installation
pyzor --homedir /home/spamd discover
vi /etc/mail/spamassassin/v310.pre enable the line loadplugin Mail::SpamAssassin::Plugin::DCC
spamassassin –lint
Qmail-Scanner
cd /downloads/qmailrocks tar xvfz qmail-scanner-1.25.tgz tar zxvf qms-analog-0.4.2.tar.gz
cd qms-analog-0.4.2 make all cp qmail-scanner-1.25-st-qms-20050219.patch ../qmail-scanner-1.25/ cd ../qmail-scanner-1.25 patch -p1 < qmail-scanner-1.25-st-qms-20050219.patch
vi qms-config ./configure --domain yourdomain.com \ --admin postmaster \ --local-domains "yourdomain.com" \ --add-dscr-hdrs yes \ --dscr-hdrs-text "X-Antivirus-YOURDOMAIN" \ --ignore-eol-check yes \ --sa-quarantine 0 \ --sa-delete 0 \ --sa-reject no \ --sa-subject ":SPAM:" \ --sa-alt yes \ --sa-debug yes \ --sa-report yes \ --notify "psender,admin" \ --redundant yes \ --unzip yes \ --qms-monitor no \ "$INSTALL"
chmod 755 qms-config ./qms-config
if configuretion are ok then..
./qms-config install
setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g
vi /var/qmail/bin/qmail-scanner-queue.pl msg_size > 500000
chown -R qscand:qscand /var/spool/qmailscan
vi /service/qmail-smtpd/run QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" ; export QMAILQUEUE
now restart your qmail server and see things works...