[Qmail-scanner-general]qms-analog-0.1.2 Released

Mon, 24 May 2004 16:29:10 -0700 

All:

I have now included the "st" patch with my "qms" patch and
added support for the quarantine and reject options of the
"st" patch. I have also added support for the other virus
scanner modules included with qmail-scanner. The patch
process has changed so be sure to follow the directions in
the README file of the distro, which I include below.

This *should* keep people happy for a little while :)

You can download the qms-analog distro at: www.mark.teel.ws.

The Sourceforge project will be online shortly...

MST


qms-analog/README:

qms-analog: Qmail-Scanner Log File Analyzer
-------------------------------------------

Version: 0.1.2, 05/24/2004


Distribution Files
------------------

COPYING                         - The GPL Version 2 License file
Makefile                        - builds the qms-analog
                                    utility
qmail-scanner-1.22-st-qms-20040524.patch
                                  - patch file for vanilla
                                    qmail-scanner-1.22 distro
                                    which contains the qms
                                    event logger and the
                                    popular "st" patch
qmailstats                      - improved script which
                                    invokes qms-analog
qms-analog-types.txt            - defines the event log
                                    types provided
                                    by the patch
qms-analog.c                    - source file for the
                                    utility
qms-config-script               - qmail-scanner config
                                    script for qms-analog
README                          - this file



What You Get
------------

/var/qmail/qmailstats
    My updated version that tidies things up a bit and invokes
    qms-analog to produce the qmail-scanner stats at the
    bottom of the nightly Qmail stats email (see QmailRocks
    procedure for details).

/var/qmail/bin/qms-analog
    The utility which takes var/spool/qmailscan/qms-events.log
    records as input from stdin and generates statistics on
    stdout.

/var/qmail/bin/qmail-scanner-queue.pl
    The patched version which generates nice logs in
    /var/spool/qmailscan/qms-events.log.



!!!!!!!! ATTENTION: READ THIS FIRST !!!!!!!!
--------------------------------------------
qms-analog requires a patch be applied to your
qmail-scanner-1.22 distribution in order to generate a new,
more legible log file. The patch file includes the popular
"st" patch which adds useful capability to qmail-scanner.

The following are minimum requirements for qms-analog to work:
1) qmail-scanner version 1.22 (unpatched, clean distro)
2) ClamAV
3) Spamassassin

If you don't have these, and are unwilling to upgrade or
install them, DO NOT USE qms-analog. I cannot be responsible
for what might happen.

Generally speaking, qms-analog is intended as a supplement
to the QmailRocks system. Using it outside of QmailRocks is
not tested or supported. You are on your own...


If you meet these requirements, let's get started...



Note Concerning Where This Fits In the QmailRocks Procedure
-----------------------------------------------------------

I would suggest installing qmail-scanner-1.22 instead of
1.21 in step 14 of the QmailRocks procedure. Do NOT install
the "st" patch as described in the procedure, it is included
in the qmail-scanner-1.22-st-qms-20040524.patch file in this
distribution. Then install the patch (step A below) prior to
configuring qmail-scanner-1.22 (the two ./configure
instructions). This distro contains a configuration script
(qms-config-script) which invokes the qmail-scanner
configure script with a good setup for qms-analog. Finally,
install qms-analog (step B below) at the end of step 14 in
the QmailRocks procedure.



A. Patching the qmail-scanner-1.22 Distribution
-----------------------------------------------

1)  Obtain the unpatched source distribution
qmail-scanner-1.22.tar.gz.

2)  Extract it to the location of your choice.

3)  Make a backup copy of the qmail-scanner-1.22 directory
before patching it:
          cp -R qmail-scanner-1.22 qmail-scanner-1.22-orig

4)  Extract qmail-scanner-1.22-st-qms-20040524.patch
          gunzip qmail-scanner-1.22-st-qms-20040524.patch.gz

5)  Copy qmail-scanner-1.22-st-qms-20040524.patch from the
qms-analog distro to the qmail-scanner-1.22 directory where
the tarball was extracted.
          cp
<path_qms_analog>/qmail-scanner-1.22-st-qms-20040524.patch
<path_qm-scanner-1.22>

6)  Change directory to the qmail-scanner-1.22 distribution:
          cd <path_qm-scanner-1.22>

7)  Patch qmail-scanner-1.22:
          patch -p1 < qmail-scanner-1.22-st-qms-20040524.patch

8)  Configure qmail-scanner-1.22 by using the file
qms-config-script included in this distribution. First, edit
the script to insert your domain name and your postmaster
account name. Then copy it to the qmail-scanner-1.22
directory and execute:
          ./qms-config-script

      if the test configure looks good, install it:
          ./qms-config-script install

      This sets up qmail-scanner in a qms-analog friendly way.

      Note: I changed debug to default to disabled in the
patch. You can add "--debug=1" as an option to configure to
enable it. It gets very large and is of no real use anyway
to users. The st --minidebug together with --sa_alt and
--sa_debug produce much better debug output anyway.

9)  After successful configuration , if you are using the
C-wrapper instead of perl's setuid, follow the directions in
the qmail-scanner-1.22/contrib/qmail-scanner-queue.c file -
to modify the permissions of qmail-scanner-queue.pl and the
perl tag at the top of that file (delete the "-T").

10) The following log files will need to be rotated or
otherwise monitored so they do not grow too large:

      /var/spool/qmailscan/qmail-queue.log
      /var/spool/qmailscan/qms-events.log



B. Building qms-analog and installing it with a new
qmailstats script
---------------------------------------------------------------------

1) Become root
2) cd to the qms-analog directory (wherever you extracted it)
3) make all
4) Edit the /var/qmail/qmailstats script to use your
postmaster email address (look for
<your_postmaster>@yourdomain.com).



C. Testing
----------

Allow several logs to accumulate in
/var/spool/qmailscan/qms-events.log.
Execute /var/qmail/qmailstats.  This should generate the
nightly email to the postmaster including the qms-analog
stats at the bottom.



D. Notes
--------

If you have any problems, first just restore the original
qmail-scanner-1.22 distribution (we backed it up, right?)
and configure it as normal. Also, let me know, perhaps I can
fix it or help you through a simple problem.


Mark Teel
[EMAIL PROTECTED]






-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
_______________________________________________
Qmail-scanner-general mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general

Reply via email to