How to Build Antispam SMTP Gateway for Exchange on Ubuntu 8.04
Because previous solution that I have done on Windows didn’t worked in way I wanted, I have decided to make dedicated Linux SMTP filtering gateway.
Note: You can copy/paste all commands written here although they are not inline, they will be when you paste them to shell or file.
For this I needed to have:
- Fully functional Linux machine ( I had already installed Ubuntu 8.04 server )
- Postfix - default installation will do
- Mail Scanner - free package that you can get on MailScanner home page
- SpamAssassin - free antispam solution
- Clam AV - free antivirus
Before of installing anything we will fetch the latest list of packages from Ubuntu repositories with command:
´´´ aptitude update ´´´
Now before installation of a Mail Scanner we need to install some packages with command:
Answer with Y when asked to install dependencies for these packages. During the installation of postfix you will get simple menu in which you need to select Internet site and write your full host name with domain.
Because whole configuration of Postfix is being done via main.cf and master.cf files we need to change some values in them. Open main.cf and add/edit following lines to look like this:
1 2 3 4 5 6 7 8 9 10 11
Now open /etc/postfix/transport and add your forwarding domains in it. For multiple domains go to new row by same principle.
This ip 192.168.1.5 is IP of my Exchange server, not of my Linux machine and sp.local is the name of my domain, replace IP and domain name with yours. After this editing we need to create hash of the transport file and to restart Postfix.
Now you can control if Postfix is working like it should and if it transports mail. If everything works stop it so that we can configure other options in it and because it needs to be started after MailScanner.
Next step would be to unpack and install the latest version of Mail Scanner because Ubuntu 8.04 still doesn’t have the latest version in the repositories. You can get the latest version of Mail Scanner here. Because we will compile it we need .tar.gz version.
1 2 3 4
You will see lot of output when you run ./install.sh because it will check which Perl modules do you have installed and install those that are missing, but as installation says: Do not worry too much about errors from the next command. It is quite likely that some of the Perl modules are already installed on your system.
When install.sh is done you will get message to enter some lines in crontab to automatize jobs. Type crontab -e and enter following lines in crontab (:w to write and exit if you are using Vi editor ctrl+x for Pico).
1 2 3 4 5
Now we need to edit /etc/default/spamassassin file and to enable SpamAssassin daemon. Open this file with editor and change these lines:
Now we have enabled SpamAssassin as a daemon and enabled it to update daily via cron. It’s time to start it for the first time.
Next step would be to edit MailScanner.conf. Find following lines and edit them to look like this:
1 2 3 4 5 6 7 8
Now we will run MailScanner with command:
It will automatically go to background. Now we need to tell Postfix to wait with forwarding of mails while they are checked against spam and antivirus definitions. We will need to edit file /etc/postfix/header_checks and to add following line because without it nothing will work.
Now we need to restart Postfix with command:
I have got interesting output when I once killed MailScanner process that really make me laugh.
1 2 3 4 5 6 7 8 9 10 11 12
LOL, they have a good sense of humor.
So if everything is working correctly you should receive now mails with small footer text:
1 2 3 4
You can control message delivery with command:
There you will see scrolling text like:
1 2 3 4 5 6 7 8 9 10 11 12
This means that MailScanner is scanning messages against spam and viruses.
Now the latest step would be to create RC script to start MailScanner on boot and before Postfix. Here you can read/download file mailscanner.txt file which you will use to create new /etc/init.d/mailscanner file.
This script is slightly modified original init script for MailScanner from Ubuntu. Next step would be to change permissions to the file and to create symlinks with commands:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
So now we need to test everything with commands:
1 2 3
If SpamAssassin doesn’t detect some of your messages as spam although they are spam you can easy manually learn it to detect that and other similar messages as spam. Follow next few steps:
- Find that message and save it to text file including headers and content
- Transfer file to your linux machine
- From the directory where you have transfered file run command: spamassassin –spam < your_text_file