The biggest problem faced by network administrators today is to provide a mail server that can filter spam and doesn't distribute viruses. True, creating a mail server that is completely secure from spam and viruses is virtually impossible. But in this article you will see one way of creating a mail server for your intranet, which is both effective and cost efficient. We shall be using Postfix (a Linux mail server) coupled with Spamassassin (a well known open source spam filter) and Amavis (an e-mail anti virus). This triplet combination is very popular and is deployed on many mail servers for internal and external mailing. But the same settings can be migrated to an Internet mail server as well.
What you will need
Obviously Postfix, Amavis and Spamassassin are the three most important components. And if you are using either FC3 (Fedora Core 3) or RHEL 3 then you will need only these three components. You can download all of them from rpmfind.net. But if you are using PCQLinux 2004 then you will need to sort out some dependencies: metamail, libstdc++, ncompress and zoo. Again all these rpms can be downloaded from the rpmfind.net. When the downloads are done, install them one by one using the following command:
|
# rpm -ivh filename
Let's get started
First of all you have to select the mail transfer agent you want use. By default PCQLinux/Fedora has two MTAs and the default is set to sendmail. Run the following command as root to choose the right one.
#alternatives --config mta
It will give you an output as in this screenshot (on page 68).
Now to select Postfix as your default MTA press '2' at the prompt and hit enter. This command will also set Postfix to get started when the system reboots.
|
Next comes configuring. There are two ways of configuring Postfix. One using Webmin and the other, modifying the configuration file manually. The parameters to modify are as follows.
Open up the file /etc/postfix/main.cf and add the values to the following entries
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owners = postfix
myshotname=yourhost.yourdomain.com
mydomainname=yourdomain.com
inet_interface = all
mydestination=$mydomain, $myostname, localhost
mynetwork=your_network_address/subnet, 127.0.0.0/8
relayhost=<$mail.myprovider>
alias_database = hash:/etc/postfix/aliases
disable_dns_lookups=yes
Save the file, exit and execute the following to start Postfix and the network.
# service postfix restart
# service network restart
|
Postfix is now configured to distribute mails in your local domain. To check whether its running or not, you can telnet into it like this:
# telnet 127.0.0.1 25
This would connect to your Postfix server and give you a welcome message as:
220 yourhostname ESMTP Postfix.
All your SMTP command should work here. In case you can want to come out from here just type in 'quit'.
Configuring Spamassassin
Configuring spamassassin is not a tough job because you just need to install it. Now that you have already done this, it is already configured. But there is still one step you have to do manually. You have to configure Postfix so that it can pass all the mail through spamassassin before sending them. For this, you need to write a shell script, which would do it automatically. First start spamassassin in daemon mode as:
# service spamassassin start
Now create a file called '/bin/filter.sh' and key in the following into it.
#!/bin/sh
#
INSPECT_DIR=/var/spool/flter
SENDMAIL="/usr/sbin/sendmail -i"
SPAMASSASSIN=/usr/bin/spamc
Ex_TEMPFAIL=75
EX_UNAVAILABLE=69
cd $INSPECT_DIR || {echo $INSPECT_DIR does not exists; \
Exit $EX_TEMPFAIL; }
trap "rm -f in.$$; rm -f out.$$" 0 1 2 3 15
cat | $SPAMASSASSIN -f > out.$$ #|| \
# {echo Message content reject; exit $EX_UNAVAILABLE;}
$SENDMAIL "$@" < out.$$
exit $?
|
Now give it executable rights (chmod 777). After this you have to create a user and a usergroup called spamfilter. To do this, run the following command.
# useradd -d /dev/null -s /bin/false spamfilter
Next run the following.
# mkdir /var/spool/filter
# chgrp spamfilter /var/spool/filter
# chmod 777 /var/spool/filter
Now you have to re-modify your master.cf file so that it can call filter.sh automatically. For this open the file /etc/postfix/mater.cf in any editor and enter the following.
filter unix - n n - - pipe
user=spamfilter argv=/bin/filter.sh
-f $(sender) -- ${recipent}
smtp inet n -n - - smtpd
-o content_filter=filter;
Now, all your mail will pass through Postfix twice-once before and once after getting scanned by spamassassin. You can check this by sending a test mail containing some spam-list words such as 'credit card offers', 'enlarge', 'compare rates', 'be amazed' etc.
In the next part of this article you can learn to configure Amavis with this server so that it can also scan the mail for viruses.
Anindya Roy