MailScanner on Centos
This is a simple guide to building an email gateway which will perform anti-spam and anti-virus filtering prior to delievering email to its intended destination.
I also make use of a sendmail milter to verify the recpients of email messages are valid, and drop the messages if the recpient is found to be invalid. Recipient filtering not only reduces the amount of work that the gateway has to do (as it doesn't perform any anti-spam analyasis etc on the message) but reduces the load on the destination server(s) and protects them.
The milter works by simply connecting to the destination server and testing if it accepts the recipient address prior to accepting the rest of the email body from the machine which is connected to it. If you use Exchange as your destination server, make sure it doesn't accept invalid recipients and returns an NDR which is the default. If the recipient isn't valid, the miltor returns to the SMTP server which is attempting to send email to it that the mail box is full or invalid.
- Install Centos
Just follow normal install - Install Updates
yum update - Install Webmin
If you like to install and update Webmin via RPM, create the /etc/yum.repos.d/webmin.repo file containing:
[Webmin]
name=Webmin Distribution Neutral
baseurl=http://download.webmin.com/download/yum
enabled=1 - You should also fetch and install my GPG key with which the packages are signed, with the command:
rpm --import http://www.webmin.com/jcameron-key.asc
You will now be able to install with the command :
yum install webmin
All dependencies should be resolved automatically. - Install Mailscanner
export MAILSCANNER_CREATE_TMPFS=1
wget http://yum.fslupdate.com/fsl-beta/fsl-beta.repo -O /etc/yum.repos.d/fsl-beta.repo
yum -y groupinstall MailScannerGold
export PERL5LIB=/opt/fsl/lib/perl5
chkconfig MailScanner on
yum update - Configure Mailscanner
vi /etc/MailScanner/MailScanner.conf - Install Sender/Recipient verification sendmail milter
yum install sendmail-devel
yum install sendmail-cf
yum install libmilter
tar xzvf smf-sav-1.4.0.tar.gz
cd smf-sav-1.4.0
make
make install - Configire address verification milter
- Configure Sendmail
Do what ever forwarding and routing you need to configure.
Add the following lines to sendmail.mc above the MAILER(smtp)dnl like
INPUT_MAIL_FILTER(`smf-sav', `S=unix:/var/run/smfs/smf-sav.sock, T=S:30s;R:4m')dnl - Configure Startup scripts to include milter
We need to modify the MailScanner init script at \etc\inif.d\MailScanner to ensure that the process that performs the address verification is started before sendmail and mailscanner.
start)
...
daemon /usr/local/sbin/smf-sav
...
stop)
if test "x`pidof smf-sav`" != x; then
echo -n $"Stopping $prog: "
killproc smf-sav
echo
...