Subscribe Us

How to configure mailwatch [ Part-6/6 ]

MailWatch for MailScanner is developed on RedHat 9 & RHEL 3.0, so these docs will reflect this and I will make note on anything that will be required to run on other distro's or operating systems.

BEFORE YOU START

You must have a working MailScanner set-up and have running copies of MySQL, Apache, PHP (with MySQL and GD support) and for MailScanner to be able to use a database you need Perl DBD and DBD-MySQL.

SUPPORT

Please use the mailing-list mailwatch-users@lists.sourceforge.net or the forums on Sourceforge. Note that you will get faster support from me if you use the mailing-list.

NOTES FOR OTHER OPERATING SYSTEMS/LINUX DISTRO'S

PHP should have the following set in php.ini (possibly others too....)

short_open_tag = On
safe_mode = Off
register_globals = Off
magic_quotes_gpc = On
magic_quotes_runtime = Off
session.auto_start = 0

INSTALLATION

All commands below should be run as the 'root'.

Create the database
# mysql < create.sql 
NOTE: you will need to modify the above as necessary for your system if you have a root password for your MySQL database (recommended!) - RH9 is blank by default. Create a MySQL user and password & Set-up MailScanner for SQL logging
# mysql
mysql> GRANT ALL ON mailscanner.* TO mailwatch@localhost IDENTIFIED BY '';
mysql> GRANT FILE ON *.* TO mailwatch@localhost IDENTIFIED BY ''; 
mysql> FLUSH PRIVILEGES;
Edit MailWatch.pm and change the $db_user and $db_pass values accordingly and move MailWatch.pm to /usr/lib/MailScanner/MailScanner/CustomFunctions (this could be /opt/MailScanner/lib/MailScanner/MailScanner/CustomFunctions on non-RPM systems). Create a MailWatch web user.
# mysql mailscanner -u mailwatch -p
Enter password: ******

try this or 
mysql> desc users;
mysql> insert into users(username, password, fullname, type) 
       values('mailscanner',md5('redhat'),'mailwatch','A');

try this
mysql> INSERT INTO users VALUES (',md5(''),'','A');

Install & Configure MailWatch - Move the mailscanner directory to the web server's root.
# mv mailscanner /var/www/html/
Check the permissions of /var/www/html/mailscanner/images and /var/www/html/images/cache - they should be ug+rwx and owned by root and in the same group as the web server user (apache on RedHat 9).
# chown root:apache images
# chmod ug+rwx images
# chown root:apache images/cache
# chmod ug+rwx images/cache
- Create conf.php by copying conf.php.example and edit the values to suit, you will need to set DB_USER and DB_PASS to the MySQL user and password that you created earlier.

Note that MailWatch 1.0 can use the quarantine more effectively when used with MailScanner version 4.43 or later as Julian added some code for me to keep track of messages quarantined by using a flag in the maillog table. This means that MailWatch 1.0 is *much* faster when you have a large quarantine directory. The new quarantine report requires the use of the new functionality - so you must upgrade if you want to run this.

The new quarantine flag is not used by default - if you have MailScanner verions 4.43 or later, you can activate the new functionality by setting QUARANTINE_USE_FLAG to true in conf.php - if you do this, you must disable the clean.quarantine script supplied by MailScanner and use the new quarantine_maint.php script in the tools directory instead.

To clean the quarantine - set 'QUARANTINE_DAYS_TO_KEEP' in conf.php and run './quarantine_maint --clean'. This should then be run daily from cron.

# cp conf.php.example conf.php
Set-up MailScanner - Stop MailScanner
# service MailScanner stop
Next edit /etc/MailScanner/MailScanner.conf - make sure that the following options are set:
Always Looked Up Last = &MailWatchLogging
 Detailed Spam Report = yes
 Quarantine Whole Message = yes
 Quarantine Whole Message As Queue Files = no
 Include Scores In SpamAssassin Report = yes
 Quarantine User = root
 Quarantine Group = apache (this should be the same group as your web server)
 Quarantine Permissions = 0660
Spam Actions and High Scoring Spam Actions should also have 'store' as one of the keywords if you want to quarantine items for learning/viewing in MailWatch. If you want to use the integrate Blacklist/Whitelist (optional): then edit the file and change the connection string in the CreateList subroutine to match MailWatch.pm.

Copy SQLBlackWhiteList.pm to /usr/lib/MailScanner/MailScanner/CustomFunctions and in MailScanner.conf set:

Is Definitely Not Spam = &SQLWhitelist
Is Definitely Spam = &SQLBlacklist
Then edit SQLBlackWhitelist.pm and change the connection string in the CreateList subroutine to match MailWatch.pm. - Move the Bayesian Databases and set-up permissions (skip this if you don't use bayes).

Edit /etc/MailScanner/spam.assassin.prefs.conf and set:

bayes_path /etc/MailScanner/bayes/bayes
bayes_file_mode 0660
Create the 'new' bayes directory, make the directory owned by the same group as the web server user and make the directory setgid:
# mkdir /etc/MailScanner/bayes
# chown root:apache /etc/MailScanner/bayes
# chmod g+rws /etc/MailScanner/bayes
Copy the existing bayes databases and set the permissions:
# cp /root/.spamassassin/bayes_* /etc/MailScanner/bayes
# chown root:apache /etc/MailScanner/bayes/bayes_*
# chmod g+rw /etc/MailScanner/bayes/bayes_*
Test SpamAssassin to make sure that it is using the new databases correctly:
# spamassassin -D -p /etc/MailScanner/spam.assassin.prefs.conf --lint
and you should see soomething like:
debug: using "/etc/MailScanner/spam.assassin.prefs.conf" for user prefs file
debug: bayes: 28821 tie-ing to DB file R/O /etc/MailScanner/bayes/bayes_toks
debug: bayes: 28821 tie-ing to DB file R/O /etc/MailScanner/bayes/bayes_seen
debug: bayes: found bayes db version 2
debug: Score set 3 chosen.
Start MailScanner up again.
# service MailScanner start && tail -f /var/log/maillog
You should see something like:
Jun 13 12:18:23 hoshi MailScanner[26388]: MailScanner E-Mail Virus Scanner version 4.20-3 starting...
Jun 13 12:18:24 hoshi MailScanner[26388]: Config: calling custom init function MailWatchLogging
Jun 13 12:18:24 hoshi MailScanner[26388]: Initialising database connection
Jun 13 12:18:24 hoshi MailScanner[26388]: Finished initialising database connection
Congratulations - you now have MailScanner logging to MySQL.

Test the MailWatch interface

Point your browser to http:///mailscanner/ - you should be prompted for a username and password - enter the details of the MailWatch web user that you created earlier, and you should see a list of the last 50 messages processed by MailScanner.

- Update the SpamAssassin Rules table

MailWatch keeps a list of all the SpamAssassin rules and descriptions which are displayed on the 'Message Detail' page - to show the descriptions, you need to run the updater every time you add new rules or upgrade SpamAssassin.

Click on the 'Other' menu and select 'Update SpamAssassin Rule Descriptions' and click 'Run Now'.

- Update the GeoIP database

Click on the 'Other' menu and select 'Update GeoIP database' and click 'Run Now'.

- Setup the Mail Queue watcher (optional)

You can get MailWatch to watch and display your sendmail queue directories - all you need to do is copy mailq.php (from the root of the mailwatch tarball - not from the mailscanner directory - they are different!) to /usr/local/bin and set-up a cron-job to run it.

Edit mailq.php first to change the require line to point to the location of functions.php, then:

# cp mailq.php /usr/local/bin
# crontab -e
0-59 * * * *  /usr/local/bin/mailq.php
Note: mailq.php re-creates all entries on each run, so for busy sites you will probably want to change this to run every 5 minutes or greater.

Setup the Sendmail Relay Log watcher (optional)

You can get MailWatch to watch your sendmail logs and store all message relay information which is then displayed on the 'Message Detail' page which helps debugging and makes it easy for a Helpdesk to actually see where a message was delivered to by the MTA and what the response back was (e.g. the remote queue id etc.).

# cp tools/sendmail_relay.php /usr/local/bin
# nohup /usr/local/bin/sendmail_relay.php 2>&1 > /dev/null &

PART-1 Configure complete sendmail server in rhel. PART-2 Creating the Certificate for secured communication(dovecot). PART-3 Fetchmail Sample file to download the mail. PART-4 Installation of CLAMAV antivirus. PART-5 Mailscanner quick install notes. PART-6 Installation instruction MailWatch & SpamAssassin.

Here Done the Complete sendmail.... Enjoy

Please write any suggestion/Comment & Query in below box.


Post a Comment

0 Comments