by April 12, 2005 0 comments



Last month, we explained how to set up an anti-spam and anti-virus system using amavisd-new (Mail Server, page 50, PCQuest, March 2005). To configure amavisd-new we have to tinker with a text file, amavisd.conf found in /etc. Fortunately, there is a better way to fine tune amavisd-new-namely Maia Mailguard. Once set up, it offers a plethora of options and flexibility. One of them is that each mail user can fine-tune his anti-spam and anti-virus settings through a Web-based front end. The front end shows the mail, which are potential spam or ham (not spam) and gives the user the options to report false positives. amavisd-new uses a point system to mark a mail as spam. That is, if the number of entities which identify the mail as spam contribute to more than a specified number of points, the mail gets marked as spam. Maia allows this to be configured on a per user basis, quite intuitively. What’s more, it displays informative and comparative statistics about the spam, ham and virus-infected mail. Setting up Maia requires a bit of efforts, which we have explained below. 

To start with, download the latest version of Maia (maia-1.0.0-rc5-2.tar.gz, as of this writing) from
http://www.renaissoft.com/projects/maia.
Login as root and extract it in the /root directory. This will produce a directory named maia-1.0.0-rc5-2 under /root. Before proceeding further we assume that you have set up the mail server on Linux (as per our last month’s article mentioned above). We also assume that you have set up PHP and MySQL as explained in the articles Your own Forum (page 60) and JDBC Drivers (page 76) in our last month’s issue.

Set up Maia
A Maia patch needs to be applied to amavisd-new. Unfortunately, the patch does not work with the amavisd-new bundled with PCQLinux 2005. You will need to download a specific version of amavisd-new from the URL:
http://www.ijs.si/software/amavisd/amavisd-new-20030616-p10.tar.gz
Extract the archive, which will produce a directory named amavisd-new-20030616. Copy the file named amavid found in the directory to /usr/sbin-overwriting the existing one. Subsequently, apply the patch by issuing the following.

Direct Hit!
Applies to:
Linux system administrators
USP: Fine-tune
amavisd-new with this easy-to-use GUI tool 
Links:
www.renaissoft.com/projects/maia 

patch -b /usr/sbin/amavisd
/root/maia-1.0.0-rc5-2/amavisd-maia.patch

Also copy the file named amavisd.conf found in the amavisd-new-20030616 to /etc directory, overwriting the existing file. You will again need to make the changes to the amavisd.conf file as explained in the section ‘Set up anti-spam and anti-virus’ in the Mail Server article in our March 2005 issue.

Set up MySQL for Maia
Maia stores its data and configuration in a MySQL database. First, set up MySQL on PCQLinux 2005 as per the section ‘Connect to MySQL’ in our article (JDBC Drivers, page 76, March 2005). Start MySQL as:

/etc/init.d/mysql start

Then create a database for Maia as:

mysqladmin -u root -p create maia 

When prompted, supply the password for the MySQL’s root user. 

Open the file amavisd.conf in a text editor and add the following line at the top, after the first line, which says ‘use strict;’

@lookup_sql_dsn = ( [‘DBI:mysql:maia:localhost’, ‘root’, ‘<password>’] );

Substitute <password> with the MySQL’s root password. 
Next issue the following to populate the Maia database with tables and data.

mysql -u root -p maia <
/root/maia-1.0.0-rc5-2/maia-mysql.sql 

Some more steps to go
Create a directory named maia in /var/amavis. Copy the directory named scripts, found in /root/maia-1.0.0-rc5-2 to this directory. Then issue:

Setting up per user anti spam and anti virus preferences had never been so easy

chown -R amavis.amavis /var/amavis/maia 

Next, open the file named database.cfg-found in /var/amavis/maia/scripts-in a text editor and specify root for the ‘username’ and the corresponding MySQL password for the ‘password’. Next open each of the .pl files-found in the scripts directory-in a text editor and modify the line, which says:

# CONFIGURE THIS: Location of your database.cfg file
my $cfg = "/var/amavisd/maia/scripts/database.cfg";

to

# CONFIGURE THIS: Location of your database.cfg file
my $cfg = "/var/amavis/maia/scripts/database.cfg";

We have changed, in the above line, the path to the database.cfg file-from /var/amavisd/maia/ scripts to
/var/amavis/maia/script.

Next, open the file named load-sa-rules.pl in a text editor and modify the values for the variables $local_cf_dir, $system_rules_dir and my $user_rules_ dir to, as shown below.

my $local_cf_dir = “/etc/mail/spamassassin”;
my $system_rules_dir = “/usr/share/spamassassin”;
my $user_rules_dir = "/var/amavis/.spamassassin";

Execute this script as:

./load-sa-rules.pl

Next, create a directory named maia under /var/www/html. Copy the contents the directory php in /root/maia-1.0.0-rc5-2 to /var/ www/html/maia. Copy the templates directory to /var/www/html/ maia. Open the file named config. php.dist in a text editor and change the value of the variable $maia_sql _dsn, as shown below.

$maia_sql_dsn = “mysql://root:<password>@tcp(localhost:3306)/maia"; 

Substitute <password> with the MySQL’s root user password. 

Start it up
You have to issue the following commands to start the Apache Web server and
amavisd-new.

service httpd restart
service amavisd restart

Subsequently, load the URL http://127.0.0.1/maia/configtest.php 
in a Web browser (Firefox or Konqueror) on your Linux machine. Follow the instructions given on this page to install any missing but required module. Subsequently, key in the URL
http://127.0.0.1/maia/internal-init.php
For the template file path fill in /var/www/html/maia/templates. For new users to log in, type in
http://<ip-address-of-linux-machine>/maia/internal-init.php
For the e-mail addresses, type in root@cybermedia.co.in 
(in the Mail Server article we used cybermedia.co.in as the domain. Feel free to substitute it with your e-mail domain). Click on the ‘Initialize’ button, which will mail a password to the root account. Retrieve the mail (say, using the mail command) and note down the password. 

Next key in the URL http://127.0.0.1/maia/login.php?super=register
Log in as root@cybermedia.co.in 
and the password you got through the mail. 

Configure anti spam and anti virus
Click on the settings button at the top. Click on the link ‘root@cybermedia.co.in‘.
Click on ‘Enabled’ for virus scanning and spam filtering. Select Yes for ‘Add a prefix’. For ‘Add X-Spam’ type in 3 and ‘For consider mail spam’ type in 5. Select Enabled for ‘Attachment Type Filtering’ and ‘Bad Header Filtering’. Select Quarantined for Mail with dangerous attachments. Click on the button ‘Update this Addresses’ Settings’. Similarly, other e-mail users can configure their spam settings once their account has been created (refer to the next section).

Add Maia users
Click on the key icon at the top, and then click on System Configuration. Select Yes for ‘Enable auto-creation of user accounts’. Click on ‘Update Settings’ button at the bottom. This will automatically open user accounts corresponding to your e-mail users as and when mail for them get downloaded. For example, the moment Fetchmail (as configured in last month’s article) downloads mails for, say,
anoop@cybermedia.co.in,  Maia will create a user account with login as anoop and mail him an auto-generated password to log in to the Maia system. 

Reporting false positives
It may happen that some ham mail get marked spam and vice versa. Maia provides an intuitive interface to report such mail so that false positives get minimized. Click on ‘report spam icon’ at the top. Click on the link ‘suspected ham item’ or ‘suspected spam item’. This will present a tabular form in which you can select the radio buttons corresponding to ham or spam. Once done, clicking on the ‘Confirm Status’ button will make the system learn about the false positives. Maia also allows you to totally blacklist or whitelist an e-mail address. In the former case, even if a non-spam mail arrives from the blackisted e-mail address, it will be treated as a ham. In the latter case, even if a spam arrives from the whitelisted address it will be treated as ham. You can feed in the whitelist and blacklist addresses by clicking on the ‘W/B List’ icon at the top.

The quarantined mail
Mail that contain viruses will be quarantined, as we had set up above. With Maia, you can see all the quarantined messages on a simple click. This is useful if the message in the e-mail is useful but some trojan-attached malicious contents to the mail. Click on the Quarantine icon at the top. Subsequently click on the ‘Virus/Malware item’ link. This will show you the quarantined mail. You can click on them to see the mail content, as Maia will not execute any attachments. What’s more, it even blocks images and hyperlinks in the mail for safety. 

Maia mailguard is a boon for system administrators dealing with users in a large network where each wants to treat his e-mail in a different way. For example, some may subscribe to a newsletter, which will be often treated as a spam by the anti-spam software. So system wide anti spam rules may not work. With Maia, the user who has subscribed to the newsletter, can login to the Web-based interface and whitelist the newsletter domain. This setting will be effective only for him, while for others, newsletters will still be treated as spam. 

Shekhar Govindarajan
IT4Enterprise

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

Your data will be safe!Your e-mail address will not be published. Also other data will not be shared with third person.