If your Perl installation does NOT allow for setuid functionality
cd /downloads/qmailrocks/qmail-scanner-1.25/contrib
make install
Now we will customize the qmail-scanner configuration script...
cd /downloads/qmailrocks/qmail-scanner-1.25
vi qms-config-cwrapper
You will notice several fields that need to be customized to fit your needs. Let's have a look. I've highlighted the fields you should customize in RED
#!/bin/sh
if [ "$1" != "install" ]; then
INSTALL=
else
INSTALL="--install"
fi
./configure --domain yourdomain.com \
--admin postmaster \
--local-domains "yourdomain.com,yourotherdomain.com" \
--add-dscr-hdrs yes \
--dscr-hdrs-text "X-Antivirus-MYDOMAIN" \
--ignore-eol-check yes \
--sa-quarantine 0 \
--sa-delete 0 \
--sa-reject no \
--sa-subject ":SPAM:" \
--sa-delta 0 \
--sa-alt yes \
--sa-debug no \
--notify admin \
--skip-setuid-test \
"$INSTALL"
Now save and exit out of the config file. That was easy, wasn't it.
And now we will run a test config for qmail-scanner...
chmod 755 qms-config-cwrapper
./qms-config-cwrapper
Answer YES to all questions. If you get no errors, you can then run the script in "install" mode and this will install qmail-scanner on your server. If you do get errors, check out these troubleshooting tips.
./qms-config-cwrapper install
Again, answer YES to all questions. If you get no errors, you can then run the script in "install" mode and this will install qmail-scanner on your server. If you do get errors, check out these troubleshooting tips.
vi /var/qmail/bin/qmail-scanner-queue.pl
Then change the first line of /var/qmail/bin/qmail-scanner-queue.pl
to "#!/usr/bin/perl (in other words, remove the "-T" from the perl call.)
chmod 0755 /var/qmail/bin/qmail-scanner-queue.pl
And now all that's left for qmail-scanner is to initiate the version file and the perlscanner database...
First, we'll initialize the version file. This command also helps to keep your server's /var/spool/qmailscan folder clear of rogue files that can develop when SMTP sessions are dropped. You may want to stick this command into your server's crontab and run it once a day. You'll see more on this in the "maintaining your qmail server" step near the end of this tutorial.. So let's run it...
/var/qmail/bin/qmail-scanner-queue -z
And now we will generate a new perlscanner database for qmailp-scanner. For future reference, it's a good idea to run this next command whenever you upgrade qmail-scanner. You'll see more on this in the "maintaining your qmail server" step near the end of this tutorial. So let's do i t...
/var/qmail/bin/qmail-scanner-queue -g
A successful database build should produce the following output:
perlscanner: generate new DB file from /var/spool/qmailscan/quarantine-attachments.txt
perlscanner: total of 9 entries.
And now one final ownership check...
chown -R qscand:qscand /var/spool/qmailscan
Woohoo, qmail-scanner is installed! Now it's time to tie qmail-scanner into qmail itself.
vi /var/qmail/supervise/qmail-smtpd/run
To instruct Qmail to use Qmail-Scanner as the alternative queuing mechanism, we add the following line to the SMTP "run" script right under the first line (#!/bin/sh):
QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue" ; export QMAILQUEUE
..and we change the "softlimit" in that same script...
change softlimit to 40000000
Note: It is absolutely vital that you change the "Softlimit" setting in this script. If you don't, qmail may fail to deliver mail!!!
So now the qmail-smtp/run file should look like this:
#!/bin/sh
QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue" ; export QMAILQUEUE
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi
if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts!"
echo "Refusing to start SMTP listener because it'll create an open relay"
exit 1
fi
exec /usr/local/bin/softlimit -m 40000000 \
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
/var/qmail/bin/qmail-smtpd your_domain.com \
/home/vpopmail/bin/vchkpw /usr/bin/true 2>&1
Once you've got the qmail-smtpd file modified, save the changes and exit from the file. Now we will finalize the qmail-scanner installation by going over some post-install configuration options. After that, we'll fire everything up and take qmail-scanner for a test drive!
Click Here to continue
To activate all the changes we just made, we're going to have to completely stop and restart qmail.
Stop it...
qmailctl stop
and start it...
qmailctl start
And a quick check of the qmail processes, just to be safe..
qmailctl stat
Now it's time to test the whole damn thing to see if Qmail-Scanner, Spamassassin and Clam AV are all working correctly. Fortunately, Qmail-Scanner comes with it's own testing script that does a fantastic job. So let's test it!
cd /downloads/qmailrocks/qmail-scanner-1.25/contrib
chmod 755 test_installation.sh
./test_installation.sh -doit
A successful test should produce the following output. 2 messages should be quarantined by Clam Antivirus in /var/spool/quarantine/new and 2 messages should be set to whatever mailbox you specified in the Qmail-scanner configuration script. Don't worry if you don't get virus notification emails. The normal notification emails that get sent out upon virus detection usually don't work during the test.
setting QMAILQUEUE to /var/qmail/bin/qmail-scanner-queue.pl for this test...
Sending standard test message - no viruses...
done!
Sending eicar test virus - should be caught by perlscanner module...
done!
Sending eicar test virus with altered filename - should only be caught by commercial anti-virus modules (if you have any)...
Sending bad spam message for anti-spam testing - In case you are using SpamAssassin...
Done!
Finished test. Now go and check Email for postmaster@mydomain.com
If you get 2 messages in your inbox and you see 2 messages in the quarantine folder, it's time to crack open a cold one! You've successfully installed all 3 packages! Woohoo!
