MailScanner

From Indie IT Wiki

HOWTO: Definitive Ubuntu Linux Installation Guide

Ubuntu_Server#INSTALL:_Basic_Email_Server_-_Part_III_-_ClamAV_.2B_SpamAssassin_.2B_DCC_.2B_Razor_.2B_Pyzor_.2B_MailScanner

HOWTO: Fix: Error: "plugin: failed to parse plugin (from @INC): Can't locate Mail/SpamAssassin/"

When you use Postfix and ClamAV for Ubuntu Server, and you run this command...

sudo -u postfix -g postfix /opt/MailScanner/bin/MailScanner --lint

...you may receive this error...

plugin: failed to parse plugin (from @INC): Can't locate Mail/SpamAssassin/Plugin/SpamCop.pm:   Permission denied at (eval 127) line 1.

FIX

The problem comes from running MailScanner --lint from the /root directory. Change to any other directory and the error goes away.

cd /var/spool/postfix
sudo -u postfix -g postfix /opt/MailScanner/bin/MailScanner --lint

Thanks - http://comments.gmane.org/gmane.mail.virus.mailscanner/80313

HOWTO: Stop MailScanner

pkill MailScanner

HOWTO: Restart MailScanner

pkill -HUP MailScanner

HOWTO: Install On Ubuntu Linux

http://xmodulo.com/2014/02/clam-antivirus-spamassassin-mailscanner-ubuntu-mail-server.html

SPAM: Forward to Multiple Email Address

Set the following in MailScanner.conf

Spam Actions = /opt/MailScanner/etc/rules/spam.actions.rules

This is an example spam.actions.rules file...

FromOrTo:   domain1.nl   delete   forward   spam@domain1.nl
FromOrTo:   otherdomain.nl   delete   forward   spam@otherdomain.nl
FromOrTo:   yourdomain.com   delete   forward   spam@yourdomain.com
FromOrTo:   default   delete   forward   myspam@mydomain.com

Adding Multiple Signatures

Using Just The Server

Add the contents of the general signature to each one of the personal signatures.

Rename inline.sig.txt to uselesscrap.txt,

go to /opt/MailScanner/etc/reports/en/,

for a in *.sig.txt; do cat extrawords.txt >> $a; done

Then you can rename extrawords.txt back to inline.sig.txt.

Using The Client And The Server

Add the person's name, job title, email address + magic token.

Paul Littlefield
General Manager
paul.littlefield@domain.com
_SIGNATURE_

...and make sure 'Sign Clean Messages' is enabled in the MailScanner.conf

http://www.mailscanner.info/MailScanner.conf.index.html#Sign%20Clean%20Messages

Using ClamAV

Add or edit the following to the MailScanner configuration...

Incoming Work Dir = /var/spool/MailScanner/incoming
Incoming Work Group = clamav
Virus Scanners = clamd
Clamd Port = 3310
Clamd Socket = /var/run/clamav/clamd.sock
Clamd Lock File = # /var/lock/subsys/clamd
Clamd Use Threads = no
ClamAV Full Message Scan = yes

Fix the ownership and permissions of the working directory...

chgrp -R clamav /var/spool/MailScanner/incoming/*
chmod g+w /var/spool/MailScanner/incoming/*

Restart MailScanner...

killall MailScanner
/opt/MailScanner/bin/check_mailscanner

Troubleshooting

If you receive the following errors on an auto update...

update.virus.scanners: Found generic installed
update.virus.scanners: Running autoupdate for generic
update.virus.scanners: Found clamav installed
update.virus.scanners: Running autoupdate for clamav
ClamAV-autoupdate[2903]: ClamAV updater /usr/local/bin/freshclam cannot be run

Then edit the virus scanners configuration file to (a) remove the generic option, and (b) put the correct path in...

clamd           /bin/false                              /usr      
#generic        /opt/MailScanner/lib/generic-wrapper    /

NOTE: freshclam is normally running and checks every hour anyway, so it be worth removing the update feature for this.

#clamd           /bin/false                              /usr      
#generic         /opt/MailScanner/lib/generic-wrapper    /

Using SpamAssassin

Razor

perl -MCPAN -e shell
razor-admin -home=/etc/mail/spamassassin/.razor -create
razor-admin -home=/etc/mail/spamassassin/.razor -discover
razor-admin -home=/etc/mail/spamassassin/.razor -register

http://labs.erweb.it/pub/installing_spamassassin.php

HOWTO: Fix: ERROR:: UNKNOWN CLAMD RETURN ./lstat() failed: Permission denied. :: /var/spool/MailScanner/incoming/32410

sudo nano /etc/apparmor.d/usr.sbin.clamd
  /var/spool/MailScanner/** rw,
  /var/spool/MailScanner/incoming/** rw,
sudo /etc/init.d/apparmor reload
sudo start-stop-daemon -v --stop --pidfile /opt/MailScanner/var/MailScanner.pid

HOWTO: Fix: ERROR: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./razor-agent.log/Access denied

sudo mkdir  /etc/mail/spamassassin/razor
sudo nano /etc/mail/spamassassin/razor.conf
     razorhome /etc/mail/spamassassin/razor
     logfile /var/log/razor-agent.log
sudo nano /etc/mail/spamassassin/mailscanner.cf
     razor_config /etc/mail/spamassassin/razor/razor-agents.conf
sudo pkill MailScanner 
sudo /opt/MailScanner/bin/check_mailscanner

Thanks - http://lists.mailscanner.info/pipermail/mailscanner/2009-November/093787.html

Testing

Testing a file with Pyzor, Razor and DCC...

spamassassin -t -D -p /etc/mail/spamassassin/mailscanner.cf </path/to/email/file

Allow Filenames

Add the configuration option...

nano /opt/MailScanner/etc/MailScanner.conf
  Allow Filenames = %rules-dir%/allow.filenames.rules

Add the rules file...

nano /opt/MailScanner/etc/rules/allow.filenames.rules
  From: me@mydomain.com \.docx$

Restart MailScanner...

killall -HUP MailScanner

Fixing .docx Quarantine File Problems

If you get this error...

Report: MailScanner: Message contained archive nested too deeply

...then change the MailScanner.conf file setting

Maximum Archive Depth = 5

Release Quarantined Messages

If your MailScaner.conf setting says this...

Quarantine Whole Messages As Queue Files = no

...then do this...

cd /path/to/quarantine/dir
sendmail -i alternate_recipient@example.net < message

Taken from http://wiki.mailscanner.info