Mail Server usng Postfix CentOS 6.4 - 5

Part 7

l  Chapter 16 Postfix Backup Mailserver

l  Chapter 17 Postfix Admin with MySQL

Chapter 16 Postfix Backup Mail server

1. DNS configuration

# vi /var/named/chul.zone

chul.com                 IN MX 10 ms1.chul.com

chul.com                 IN MX 20 ms2.chul.com

ms1                        IN  A           192.168.80.5

ms2                        IN  A           192.168.80.6

# service named restart

# host –a chul.com

2. In the backup server (ms2.chul.com)

# vi /etc/postfix/main.cf

§   myhostname = ms2.chul.com

§   mydomain = chul.com

§   myorigin = $mydomain

§   inet_interfaces = all

§   mydestination = ms2.chul.com

§   mynetworks = 127.0.0.1 192.168.80.0/24

§   relay_domains = hash:/etc/postfix/relaydomains

§   transport_m aps = hash:/etc/postfix/transport

§   relay_recipient_maps =

§  smtpd_recipient_restrictions=permit_sasl_authenficated,permit_mynetworks,reject_unauth_destinaton

2. In the backup server

# vi  /etc/postfix/relaydomains

chul.com                 OK

jeong.com    OK

linux.com     OK

# vi /etc/postfix/transport

chul.com                 smtp:ms1.chul.com:25

jeong.com    smtp:ms1.chul.com:25

linux.com     smtp:ms1.chul.com:25

# postmap /etc/postfix/relaydomains

# postmap /etc/postfix/transport; service postfix restart

3. Testing

a. Shutdown Primary mail server in ms1.chul.com

# service postfix stop

b. Mail sending and checking on Backup mail server

# mail –v –s “backup server” itc@chul.com, lee@jeong.com, park@linux.com

# postqueue –p

# postqueue -f

Chapter 17 Postfix Admin with MySQL

1.What is Postfix Admin?

§  supply to configure Postfix on Web based GUI.

§  Web Server and Database Server are also necessary to be installed

2.Download and install package

a. Create a database and user for PostfixAdmin

# mysql -u root -p

mysql> create database postfixadmin;

mysql> grant all privileges on postfixadmin.* to ‘postfixadmin’@'localhost' identified by 'password';
mysql> flush privileges;

b. Download package and move to Webserver directory

# yum-y install php-mysql php-imap

http://sourceforge.net/projects/postfixadmin/postfixadmin-2.3.6

# tar zxvf postfixadmin-2.3.6.tar.gz

# mv  postfixadmin-2.3.6 /var/www/html/postfixadmin

c. Postfixadmin configuration

# vi /var/www/html/postfixadmin/config.inc.php
$CONF['configured'] = true;
$CONF['default_language'] = ‘en';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'password';
$CONF['database_name'] = 'postfixadmin';

# vi /etc/httpd/conf.d/postfixadmin.conf
<Directory /var/www/html/postfixadmin/>
   Order Deny,Allow
   Deny from all
   Allow from 127.0.0.1 192.168.80.0/24
</Directory>

#service httpd restart

3. PostfixAdmin Access

http://localhost/postfixadmin/setup.php

3. PostfixAdmin Access

http://localhost/postfixadmin/setup.php

1) Click ‘Lost Password’

2) Input setup password and generate password hash

3) Copy password hash and paste it to config.ini.php

31 $CONF[‘setup_password’] = ‘e84af77b4483dff5025ae85210b963a4:4a94735a0dd286b97cc38463b703ba77966effbb';

4) # service httpd restart

5) Create admin(e-mail) and password

6) Login as a admin in   http://localhost/postfixadmin/login.php

4. PostfixAdmin testing

1) Create virtual domain – jeong.com, linux.com

2) Create virtual users -  lee, park

3) Sending mail

Mail Server Setup using Postfix on CentOS 6.4
                            Summary

1. MTA Postfix

2. IMAP & POP3 using Dovecot

    Evolution, Thunderbird and Microsoft Outlook 2010

3. Postfix Aliases and Access Control

4. Mailman, SquirrelMail and Mailgraph

5. Postfix Authentication with SASL and TLS

6. Postfix Antispam and Antivirus with Spamassassin, Amavisd and ClamAV

7. Postfix backup and Admin with MySQL

Mail Server using Postfix on CentOS 6.4 - 4

Part 6

l  Chapter 14 Postfix Antispam with SpamAssassin and Amavisd

l  Chapter 15 Postfix Antivirus with ClamAV

Chapter 14 Postfix Antispam with SpamAssassin & Amavisd

Postfix + Amavisd (Scanner) + SpamAssassin(Antispam) + ClamAV(Antivirus)

1) configure amavisd to accept mail from MTA and pass it to ClamAV and SpamAssassin for checking

2) return it back to MTA for delivery

3) Amavisd will use lmtp listening on TCP port 10024 to accept mail from MTA and then pass it to ClamAV using a locScanned mail al UNIX socket and SpamAssassin using the Mail::SpamAssassin Perl module.

4) will be returned to MTA using smtp on TCP port 10025 for delivery.

1. Introduction of SpamAssassin and Amavisd-new

a. Amavisd-new (www.ijs.si/software/amavisd/)

§  a reliable high-performance interface between an email server (MTA) and content checkers like virus scanners

§  supports both (E)SMTP and LMTP protocols as well as UNIX sockets for communicating with the MTA and content checkers.

§  use dedicated helper programs such as the Mail::SpamAssassin Perl module.

§  supports a number of MTA's.

b. SpamAssassin (spamassassin.apache.org)

§    Be used for e-mail spam filtering based on content-matching rules.

§    uses a variety of spam-detection techniques, that includes DNS-based and fuzzy-checksum-based spam detection, Bayesian filtering, external programs, blacklists and online databases.

§    can be integrated with the mail server to automatically filter all mail for a site.

§    awarded the Linux New Media Award 2006 as the "Best Linux-based Anti-spam Solution".

2. Packages installation

# rpm –qa | grep rpmforge

# yum install amavisd-new spamassassin –y

# rpm –qa | grep amavisd-new spamassassin

# chkconfig amavisd on; chkconfig spamassassin on

# chkconfig --list | grep "amavisd\|spamassassin“

3. Configuration

a. Spamassassin

# vi /etc/mail/spamassassin/local.cf

required_hits  5

# spamassassin --lint                             //syntax checking

b. Amavisd-new

# vi /etc/amavisd/amavisd.conf

$max_servers = 2;                        # num of pre-forked children (2..30 is common), -m

$daemon_user  = "amavis";            # (no default;  customary: vscan or amavis), -u

$daemon_group = "amavis";           # (no default;  customary: vscan or amavis), -g

$inet_socket_port = 10024;              # listen on this local TCP port(s)

$mydomain = ‘chul.com';                                  # Edit: a convenient default for other settings

$myhostname = ‘server.chul.com';

$virus_admin               = “tland\@$mydomain";               # notifications recip.

$mailfrom_notify_admin     = "virusalert\@$mydomain";         # notifications sender

$mailfrom_notify_recip     = "virusalert\@$mydomain";           # notifications sender

$mailfrom_notify_spamadmin = "spam.police\@$mydomain";       # notifications sender

['ClamAV-clamd',

380     \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],

c. Postfix

# vi /etc/postfix/main.cf

content_filter=amavisfeed:[127.0.0.1]:10024

# vi /etc/postfix/master.cf

 amavisfeed unix    -       -       n        -      2     lmtp

    -o lmtp_data_done_timeout=1200

    -o lmtp_send_xforward_command=yes

    -o disable_dns_lookups=yes

    -o max_use=20

127.0.0.1:10025 inet n    -       n       -       -     smtpd

    -o content_filter=

    -o smtpd_delay_reject=no

    -o smtpd_client_restrictions=permit_mynetworks,reject

    -o smtpd_helo_restrictions=

    -o smtpd_sender_restrictions=

    -o smtpd_recipient_restrictions=permit_mynetworks,reject

    -o smtpd_data_restrictions=reject_unauth_pipelining

    -o smtpd_end_of_data_restrictions=

    -o smtpd_restriction_classes=

    -o mynetworks=127.0.0.0/8

    -o smtpd_error_sleep_time=0

    -o smtpd_soft_error_limit=1001

    -o smtpd_hard_error_limit=1000

    -o smtpd_client_connection_count_limit=0

    -o smtpd_client_connection_rate_limit=0

    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings

    -o local_header_rewrite_clients=

    -o smtpd_milters=

    -o local_recipient_maps=

    -o relay_recipient_maps=

4. Service startup and connection test

a. Service startup

# service amavisd start 

# service postfix restart; service spamassassin start

# ps –ef | grep amavis

# ps –ef | grep spamd

# netstat –nat | grep 10024

# netstat –nat | grep 10025

b. Connect to amavisd and smtpd port

# telnet localhost 10024

# telnet localhost 10025

Chapter 15 Postfix Antivirus with ClamAV

1.What is ClamAV?

§  an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats

§  is standard for mail gateway scanning

§  provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates.

§  www.clamav.net

2. Package Introduction

①   clamtk: Easy to use front-end for ClamAV

②   clamav-db: Virus database for clamav

③   clamav-devel: Header files, libraries and development documentation for clamav

④   clamd : The Clam AntiVirus Daemon

⑤   clamav : Anti-virus software

⑥   clamsmtp : A SMTP virus scanning system

3. ClamAV installation

a. Install ClamAV

# yum --enablerepo=rpmforge -y install clamav clamav-db clamd clamav-devel

# vi /etc/freshclam.conf

#NotifyClamd /etc/clamd.conf

# vi /etc/clamd.conf

LocalSocket /var/run/clamav/clamd.sock

# TCPSocket 3310

User clamav

b. Update the database

# chown –R clamav.clamav /var/log/clamav/

# chown –R clamav.clamav /var/run/clamav

# freshclam                                       //update pattern files

# ls –l /var/lib/clamav

c. Try to scan
# clamscan --infected --remove --recursive  /home

d. try to download trial virus
# wget http://www.eicar.org/download/eicar.com

# clamscan --infected --remove --recursive
./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed. # just detected

----------- SCAN SUMMARY -----------

4. Clamsmtp

a. Install ClamSMTP

# yum --enablerepo=rpmforge -y install clamsmtp

b. Clamsmtp Configuration

# vi /etc/clamsmtpd.conf
OutAddress: 127.0.0.1:10027
Listen: 127.0.0.1:10026
ClamAddress: /var/run/clamav/clamd.sock
Header: X-Virus-Scanned: ClamAV using ClamSMTP
TempDirectory: /var/tmp
Action: drop
User: clamav

c. Service startup and checking
# service clamsmtpd start

# ps –ef | grep clamsmtpd

# netstat –nat | grep 10026
# chkconfig clamsmtpd on  

# chkconfig clamd on

5. Configure Postfix

[root@mail ~]# vi /etc/postfix/main.cf

content_filter = scan:127.0.0.1:10026

[root@mail ~]# vi /etc/postfix/master.cf

scan unix -       -       n       -       16       smtp

   -o smtp_data_done_timeout=1200

   -o smtp_send_xforward_command=yes

   -o disable_dns_lookups=yes

127.0.0.1:10027 inet n       -       n       -       16       smtpd

   -o content_filter=

   -o local_recipient_maps=

   -o relay_recipient_maps=

   -o smtpd_restriction_classes=

   -o smtpd_client_restrictions=

   -o smtpd_helo_restrictions=

   -o smtpd_sender_restrictions=

   -o smtpd_recipient_restrictions=permit_mynetworks,reject

   -o mynetworks_style=host

   -o smtpd_authorized_xforward_hosts=127.0.0.0/8

[root@mail ~]# service postfix restart

6. Testing antispam and antivirus

a. Amavis testing using sample files

# cd /usr/share/doc/amavisd-new-2.5.4/test-messages

# perl -pe 's/./chr(ord($&)^255)/sge' <sample.tar.gz.compl | zcat | tar xvf –

# mail –vs “virus teseting”   linux@chul.com < sample-virus-simple.txt

# mail –vs “spam testng”  linux@chul.com < sample-spam-GTUBE-junk.txt

# spamassassin –D < sample-spam-GTUBE-junk.txt

# spamc –c < sample-spam-GTUBE-junk.txt

# spamc –c < sample-nonspam.txt

# tail –f /var/log/maillog

b. ClamAV and Clamsmtp testing

# service clamsmtpd stop

# clamsmtpd –d 4                        //debuging mode

# mail –vs “virus teseting”   linux@chul.com < sample-virus-simple.txt

# tail –f /var/log/mailllog