Configure Sendmail Server in CentOS/Redhat/Fedora: MailScanner Part-5

Configure Sendmail Server in CentOS/Redhat/Fedora: MailScanner Part-5

by -
0 1919

MailScanner scans email for viruses, spam, phishing, malware, and other attacks against security vulnerabilities and plays a major part in the security of a network. By virtue of being open source, the technology in MailScanner has been reviewed many times over by some of the best and brightest in the field of computer security from around the world. MailScanner supports a wide range of MTAs and virus scanners to include the popular open source Clam AV. Spam detection is accomplished via Spamassassin, which is by far the most popular and standardized spam detection engine.

spamassasin clamav

ms_353x50

 

 

 

Installation of MailScanner

This describes the steps necessary to install MailScanner on
Red Hat, CentOS and other variants.

Ensure that your system has internet access. This is required to  install numerous packages via Yum.

Install the MailScanner package, by running the “./install.sh” script   contained in the distribution directory.

Install one or more supported antivirus packages. Virtually all Unix  antivirus packages are supported. The    install.sh script will give   you the option to install the free Clam AV package during setup.

You may need to edit the file /etc/MailScanner/virus.scanners.conf   to set the installation directory you used for your virus scanners.   You will be able to find this out by running “MailScanner –lint”   and reading the output to see if all your virus scanners correctly   spotted the test. MailScanner should automatically find all the   antivirus packages you have installed.

Stop any old versions of MailScanner by running

# service MailScanner stop

Check your configuration by running

# MailScanner –lint

Stop and disable your original sendmail setup. To do this,

#service sendmail stop
#chkconfig sendmail off

Note that you will need to replace “sendmail” with the MTA you are
using such as postfix or exim.

Enable and start your new MailScanner setup.

Flow Diagram of MailScanner , View video for Explaination

 

flow-ms

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

 

Download Package from mailscanner.info

[root@mail1 ~]# wget https://s3.amazonaws.com/mailscanner/release/v4/rpm/MailScanner-  4.85.2-3.rpm.tar.gz

–2015-05-19 17:46:09–  https://s3.amazonaws.com/mailscanner/release/v4/rpm/MailScanner-4.85.2-3.rpm.tar.gz
Resolving s3.amazonaws.com… 54.231.17.72
Connecting to s3.amazonaws.com|54.231.17.72|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 792426 (774K) [application/x-gzip]
Saving to: `MailScanner-4.85.2-3.rpm.tar.gz’

100%[======================================>] 792,426      108K/s   in 7.2s

2015-05-19 17:46:32 (108 KB/s) – `MailScanner-4.85.2-3.rpm.tar.gz’ saved [792426/792426]

# cd MailScanner-4.85.2-3

# ./install.sh

MailScanner Installation for RPM Based Systems

This will INSTALL or UPGRADE the required software for MailScanner on RPM based systems
via the Yum package manager. Supported distributions are RHEL 5,6,7 and associated
variants such as CentOS and Scientific Linux. Internet connectivity is required for
this installation script to execute.

You may press CTRL + C at any time to abort the installation. Note that you may see
some errors during the perl module installation. You may safely ignore errors regarding
failed tests if you opt to use CPAN. You may also ignore ‘No package available’ notices
during the yum installation of packages.

When you are ready to continue, press return …

Do you want to install a Mail Transfer Agent (MTA)?

I can install an MTA via the Yum package manager to save you the trouble of having to do
this later. If you plan on using an MTA that is not listed below, you will have install
it manually yourself if you have not already done so.

1 – sendmail
2 – postfix
3 – exim
N – Do not install

Recommended: 1 (sendmail)

Install an MTA? [1] : 1
Do you want to install recommended Perl modules?

I will automatically attempt to install the required Perl modules, but I
can also attempt to install additional recommended modules. Do you want to
install additional recommended Perl modules?

Recommended: Y (yes)
……………………………………………………………………………………………………………

Install recommended Perl modules? [n/Y] :y

Do you want to install or update Spamassassin?

This package is recommended unless you have your own spam detection solution.

Recommended: Y (yes)
……………………………………………………………………………………………………………..

Install or update Spamassassin? [n/Y] :y
Do you want to install EPEL? (Extra Packages for Enterprise Linux)

Installing EPEL will make more yum packages available, such as extra perl modules
and Clam AV, which is recommended. This will also reduce the number of Perl modules
installed via CPAN. Note that EPEL is considered a third party repository.

Recommended: Y (yes)
……………………………………………………………………………………………………………..

Install EPEL? [n/Y] :y
Do you want to install or update Clam AV during this installation process?

This package is recommended unless you plan on using a different virus scanner.
Note that you may use more than one virus scanner at once with MailScanner.

Even if you already have Clam AV installed you should select this option so I
will know to check the clamav-wrapper and make corrections if required.

Recommended: Y (yes)
…………………….’………………………………………………………………………………………..

Install or update Clam AV? [n/Y] :y

Do you want to install tnef via RPM if missing?

I will attempt to install tnef via the Yum Package Manager, but if not found I can
install this from an RPM provided by the MailScanner Community Project. Tnef allows
MailScanner to handle Microsoft specific winmail.dat files.

Recommended: Y (yes)
………………………………………………………………………………………………………………….

Install missing tnef via RPM? [n/Y] :y

Do you want to install unrar via RPM if missing?

I will attempt to install unrar via the Yum Package Manager, but if not found I can
install this from an RPM provided by MailScanner Community Project. unrar allows
MailScanner to handle archives compressed with rar.

Recommended: Y (yes)

Install missing unrar via RPM? [n/Y] :y
…………………………………………………………………………………………………………………..
Do you want to install missing perl modules via CPAN?

I will attempt to install Perl modules via yum, but some may not be unavailable during the
installation process. Missing modules will likely cause MailScanner to malfunction.

Recommended: Y (yes)
……………………………………………………………………………………………………………………..

Install missing Perl modules via CPAN? [n/Y] :y
Installation results are being logged to mailscanner-install.log

Installing required base system utilities.
You can safely ignore ‘No package available’ errors.

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile

———————————-

—————————————–

————————————-

at last >>>

To activate MailScanner run the following commands:

service sendmail stop
chkconfig sendmail off
chkconfig MailScanner on
service MailScanner start

Note that you will need to replace the sendmail option above with your respective MTA. Sendmail, Postfix, Exim, etc.

If you are using Clam AV, ensure that you check that the user and group specified in /usr/share/MailScanner/clamav-wrapper matches the user specified in /etc/passwd.

ClamAV update process started at Tue May 19 18:52:39 2015 WARNING: DNS record is older than 3 hours.
WARNING: Invalid DNS reply. Falling back to HTTP mode. Reading CVD header (main.cvd): nonblock_connect: connect timing out (30 secs) Can’t connect to port 80 of host db.in.clamav.net (IP: 120.88.46.210)
Trying host db.in.clamav.net (193.1.193.64)…
OK
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo) Reading CVD header (daily.cvd): OK
Downloading daily-20484.cdiff [100%]
daily.cld updated (version: 20484, sigs: 1392125, f-level: 63, builder: neo)
Reading CVD header (bytecode.cvd): OK (IMS)
bytecode.cvd is up to date (version: 256, sigs: 45, f-level: 63, builder: dgoddard)
Database updated (3816395 signatures) from db.in.clamav.net (IP: 193.1.193.64)

———————————————————-
Installation Complete

See http://www.mailscanner.info for more information and
Support via the MailScanner mailing list.


Now stop sendmail and start mailscanner, will takeover sendmail

[

root@mail1 MailScanner-4.85.2-3]# chkconfig sendmail off
[root@mail1 MailScanner-4.85.2-3]# chkconfig MailScanner on
[root@mail1 MailScanner-4.85.2-3]# service MailScanner start
Starting MailScanner daemons:
incoming sendmail:                                [  OK  ]
outgoing sendmail:                                [  OK  ]
MailScanner:                                      [  OK  ]

[root@mail1 MailScanner-4.85.2-3]# telnet 192.168.1.254 25
Trying 192.168.1.254…
Connected to mail1.linuxgateway.in (192.168.1.254).
Escape character is ‘^]’.

Now MailScanner is Up and Running

for confirmation you can check, bottom of the Email with MailScanner stamp

 —
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Mail Archiving  using  MailScanner

[root@mail1 ~]# vi /etc/MailScanner/MailScanner.conf

Search for Archive Mail =

if you want to backup all incomming and outgoing mails into a separate Email Id, then create a user

# useradd report

and make entry in /etc/MailScanner/MailScanner.conf

Archive Mail = report@localhost
save and exit
# service MailScanner restart

Now you able to collect all incoming and  outgoing mails into report account.

for separate email collection user archive rules

Archive Mail = /etc/MailScanner/rules/archive.rules

#vi /etc/MailScanner/rules/archive.rules

FromorTo:  bharat.mehra@       mehra.backup@localhost  <– for collection of all emails for bharat.mehra
From:   rajiv.mehra@      mehra.backup.out@localhost <– for collection of all outgoing emails for rajiv.mehra
To:       rajiv.mehra@     mehra.backup.in@localhost <– for collection of all incomming emails for rajiv.mehra
FromorTo:       *@                  report@localhost  <–for complete backup of incomming and outgoing Emails

Attachment Rules  in MailScanner

I do not want MailScanner to block any file attachments unless they are infected by a virus. How do I do this?

To disable any checking of file attachments except for viruses, make
the following changes in WHM > MailScanner > MailScanner Configuration
and then click “Change”:

1. Set “File Command =” to blank.
2. Set “Filename Rules =” to blank.
3. Set “Filetype Rules =” to blank.
4. Set “Archives: Filename Rules =” to blank.
5. Set “Archives: Filetype Rules =” to blank
6. To disable checking of zip attachments, set “Maximum Archive Depth =” to 0.

None of the above will affect scanning for viruses in attachments.
Virus scanning will be controlled by the rules in  /usr/mailscanner/etc/rules/virus.scanning.rules

Maximum Attachment Size

Maximum Attachment Size = %rules-dir%/max.attach.size.rules

#vi /etc/MailScanner/rules/max.attach.size.rules
from:         vivek@linuxadmin.org.in 0
fromorto:    default            -1

0 like no attachment
-1 like no limit attachment

Setting Up Disclaimer using MailScanner

How to add HTML Signature and jpg file in mailscanner ?

in /etc/MailScanner/MailScanner.conf these below lines should be present

and in /etc/MailScanner/reports/en/inline.sig.html
put  <img alt=”MailScanner Signature” src=”cid:signature.jpg” />

Example :–

# vi /etc/MailScanner/reports/en/inline.sig.html

<br>
<body>
<table cellpadding=”0″ cellspacing=”0″>
<tr>
<td><img alt=”Disclaimer” src=”cid:signature.jpg” width=”650″ height=”200″ border=”0″ usemap=”#Map” /></td>
</tr>
</table>
</body>

<pre>

This e-mail is the property of linuxgateway.in. It is intended solely to the person, to whom it has been addressed, it may contain confidential or legally privileged information and exempt from disclosure under applicable Law. If you are not the intended recipient or this e-mail reached to you by mistake please notify us at legal@linuxgateway.in  immediately and destroy all copies, both electronic and in any other form of this e-mail. Any dissemination, distribution or copying of this e-mail/communication is strictly prohibited. Internet communications may not be entirely secure or accurate as information could be intercepted, corrupted, lost, arrive late or contain viruses. Therefore, we do not accept liability for any errors or
omissions in the content of this message which may arise as a result of Internet transmission.

</pre>

Put the signature jpg file in /etc/MailScanner/reports/en/sig.jpg

Once all the changes made restart the MailScanner and check whether the disclaimer working or not.

CEO, KV IT-Solutions Pvt. Ltd. | vikas@kvit.in | 9810028374|
Linux Professional and an Industrial Trainer | 20 + years Experience in IT Industry

” We are born free, No Gate and Windows can snatch our freedom “

Download PDF

SIMILAR ARTICLES

0 889

0 572

NO COMMENTS

Leave a Reply

Required Captcha *