|
Ok guys, here we go:
I have spamassasin working w/out procmail for all
incoming/outgoing/relay mail.
my target was to deploy it site wide on mail router
with antivirus and antispam features.
1. First of all we going to do antivirus part which
is being important part of our project. you find reason fot
that later.
We going to use antivirus deamon call DrWeb. I know
that not many people arround know about it, but this is antivirus superior to
AVP and all the rest including Symantec and NAI, trendmicro. And you will find
it for yourself very soon.
works on all platform, has 100% rate of virus
detection, i mean it - 100%. recently it has been awarded with Virus Bulletin
award as abosute antivirus protection. It has been designed by programmers used
to work on Russian military sattelite defence system. should i go any
futher?
it's available as fully functional trial version
with only limitation that it does not cure files and does not check inside
archive, which is not needed anyway. we've got no time to check inside archive
and certainly we not going to clean out viruses from messages and attachement -
this is not for mail router, obviously.if something got infected - we going to
delete it and inform sender and recepient that such a problem has occured,
that's it. but if someone need full version, then you wellcome to by it
directly of developer's site.
for now we going to download files we
need:
http://www.drweb.ru/ftp/web_pub/drwebd-4.27-linux.i386.rpm
- for RPM type of linuxes
http://www.drweb.ru/ftp/web_pub/drwebd-4.27-linux.tgz
- for tar installation on linux
http://www.drweb.ru/ftp/web_pub/drwebd-4.27-freebsd3.tgz -
for FreeBSD 3.x.x
http://www.drweb.ru/ftp/web_pub/drwebd-4.27-freebsd4.tgz -
for FreeBsd 4.x.x
http://www.drweb.ru/ftp/web_pub/drwebd-4.27-solaris.tar.gz -
for Solaris X86
follow instruction you will find in
/opt/drweb/clients/nameofyourMTA for how to install it for sendmail, qmail,
postfix, communigate pro or exim MTA.
With postfix, briefly, you require to edit 2 files:
/opt/drweb/drweb32.ini and
/opt/drweb/clients/postfix/drweb_postfix.sh
use .sh file, not .pl - it's faster and works
100%.
next step is to compile delivery client for
antivirus daemon.
in /opt/drweb/cliets/drwebdc
./configure
follow script question , then make
next step is to modify postfix configuration file
to plug drweb_postfix.sh script as filter program
read /opt/drweb/clients/postfix/readme.postfix file
for step by step instructions. it's really too easy.
IMPORTANT !!!! before you will go on with
installation please execute:
/opt/drweb/update/update.pl /opt/drweb/
- this update client delivering for you updates from developers
site.
in version 4.27 there is a bug in antivirus daemon,
in release version developers left debug switched on, so after execution of
update script you will find in dir /opt/dtweb tar file with updated daemon
delivered to you with latest antivirus definition along. just untar
it.
another thing is that in drweb_postfix.sh there is
small bug where report from antivirus daemon is missing From: if this is a
problem i can post later exact number of line where it has to be fixed in
postfix.sh, but i'm sure you will find it quiet easy for you to
find.
after we've finished with configuration just
execute ./drwebd in /opt/drweb and it's up and listenning for request on
localhost port 3000. make sure that you have commented out all references to
sockets in drweb_postfix.sh file if you are not running it via unix sockets. by
default it is uncomented.
Ok, now presuming we already have spamassassin
installed (spamc/spamd) variant, we need to invoke spamc from drweb_postfix.sh
directly. drweb receiving mail directly from postfix, creates temp file in dir
you have specified in config files, deliver file to drwebd for check up (if you
running drweb in NO local mode) or call drwebd and disclose location of temp
file for check up.it depends on how you will set it up in you conf files again.
our goal is to check that temp file for spam after virus checkup and before
delivery to mail recepient. in drweb_postfix it's being delivered by executing
sendmail command.
Now, in drweb_postfix.sh file
around line 238:
we have originaly something like :
#Send normal message
$MAIL_CMD -i -bm -f "$SENDER" "$@" <
$TEMP_FILE
its being changed for:
/usr/bin/spamc -f < $TEMP_FILE | $MAIL_CMD -i
-bm -f "$SENDER" "$@"
that's it guys.
now we have spamc called directly from the script
to check mail just before final delivery.
works BEAUTIFULLY, has been tested for more then 3
month in production environment so far , no problems at all
now if you've got any problems at all with drweb
installation, here the link to support forum for unixes.
it's being supported directly by developers team
and they are VERY professional people there and responding to you question
really rapidly. obviously, they talk english there no problem. Some times they
gets to busy with support but normaly VERY helpfull.
in result of all these troubles we have very
responsive mail system ( if -L is used with spamd, sorry has to be that way) and
all mail passing through being checked for viruses and spam. just make sure that
you have in you cronjobs execution of
/opt/drweb/update.pl /opt/drweb/ daily
to keep you updated. satisfaction guranteed.
Sure you welcome to modify drweb_postfix.sh file
and get rid of antivirus code at all leaving just call to spamc, but i have
found this couple just perfect, cause you run it on any platform and almost any
MTA.
Best regards,
Alexander Moloksher
|
