Gateway installation

 Top  Previous  Next

This page describes how to configure Sendmail as a SMTP gateway with MailWasher and ClamAV.

 

 

1. Introduction

 

These instructions cover how to set up Sendmail as a SMTP gateway using MailWasher Server and ClamAV for e-mail filtering. These instructions are intended to be a recipe, and as such the reader is expected to already have an understanding of how e-mail systems, and Sendmail in particular, work.

 

 

2. Pre-requisites

 

This document assumes the following things about the installation environment:

 

Debian GNU/Linux Woody Operating System. Other versions may also work, but should be considered outside the scope of this document.

 

The necessary development tools have been installed. This can be most simply accomplished by selecting the C/C++ Development task from within tasksel.

 

The latest binary distribution of MailWasher downloaded to ~. This can be obtained from http://sourceforge.net/projects/mailwasher.

 

The latest source distribution of ClamAV downloaded to ~. This can be obtained from http://www.clamav.net.

 

A basic familiarity with the unix shell.

 

That the machine the gateway is to be installed on is a single-purpose system.

 

The operating system has been sufficiently secured.

 

DNS has been properly configured, both for the gateway machine, and the internal mail servers.

 

 

3. Installation

 

This section assumes that the operating system has been installed and that the user has logged into a root shell. Text in this font should be typed as commands at the prompt.

 

3.1 Installing support packages

 

Some additional packages need to be installed to support the compilation of ClamAV:

 

zlib
libbz2
libgmp3
curl
libmilter-dev

 

This can be done with the following command:

 

apt-get install zlib1g zlib1g-dev libbz2 libbz2-dev libgmp3 \libgmp3-dev curl libmilter-dev

 

 

3.2 Installing Sendmail

 

The version of sendmail supplied with the operating system is sufficient for our purposes. Install it with

 

apt-get install sendmail

 

 

When asked to configure sendmail by the installation process, say no. The configuration file created here will be overwritten later.

 

 

3.3 Installing MailWasher Server

 

Install MailWasher by running the shell installer downloaded earlier:

 

./mwserver-installer.bin

 

The prompts will walk you through the installation, otherwise visit Linux installation or Setup overview. Once installation is complete, visit http://<your-server>:4044 to configure MailWasher.

 

 

3.4 Compiling ClamAV

 

1. Create the ClamAV user and group.

 

groupadd clamav

useradd -g clamav clamav

 

2. Untar the ClamAV distribution:

 

tar zxvf clamav-0.83.tar.gz

 

3. cd clamav-0.83

 

4. Configure the source for building. The milter interface to clamav is needed to use it with sendmail, and we dont really need dazuko support.

 

./configure --enable-milter --disable-clamuko

 

5. make

 

6. make install

 

 

3.5 Configuring ClamAV

 

1. Edit the clamd.conf and freshclam.conf files, removing the Examplelines as appropriate. These files can be found in /usr/local/etc. In clamd.conf uncomment the User clamav line. This ensures ClamAV runs as the clamav user.

 

2. Add an entry to clamavs crontab to update the anti-virus database. The entry should look like

 

N * * * * /usr/local/bin/freshclam --quiet

 

N should be a number between 3 and 57, avoiding multiples of 10.

 

3. Configure clamav-milter to start automatically on boot. Copy the supplied script(clamav-milter) to /etc/init.d and use update-rc.d to create the appropriate links.

 

4. Edit the script and set the POSTMASTER variable to the e-mail address youd like to have virus notifications sent to.

 

5. Create the directory for the milter socket

 

mkdir /var/run/clamav

chown clamav:clamav /var/run/clamav

 

6. Start clamav-milter.

 

/etc/init.d/clamav-milter start

 

 

3.6 Configuring Sendmail

 

1. The supplied sendmail configuration file, sendmail.mc contains all the configuration necessary for sendmail. Copy it to /etc/mail.

 

2. Compile the configuration.

 

cd /usr/share/sendmail/cf/cf

m4 </etc/mail/sendmail.mc >/etc/mail/sendmail.cf

 

3. touch /etc/mail/local-host-names

 

4. Create the spool directory.

 

mkdir /var/spool/mqueue

 

 

3.6.1 Adding a Filtered Domain

 

1. Add the domain to the /etc/mail/relay-domains file. Add entries like my-domain.com to match addresses such as foo@mydomain.com or .mydomain.com to accept mail for all hosts in that domain, one per line. Note: A .mydomain.com entry will NOT match foo@mydomain.com. This also applies to the mailertable file.

 

2. Add the domain to the /etc/mail/mailertable file. Lines in this file have the following format:

 

mydomain.com smtp:internalmail.mydomain.com

 

Replace internalmail.mydomain.com with the DNS name of the system which handles your mail. This line tells sendmail to forward all mail for that domain to the specified system via SMTP.

 

3. Rebuild the mailertable database.

 

makemap hash /etc/mail/mailertable </etc/mail/mailertable

 

 

3.6.2 Configuring the Admin E-mail Address

 

1. Edit the /etc/mail/aliases file. This file should look as follows:

 

postmaster: admin@foo.com

 

abuse: postmaster

spam: postmaster

 

Replace admin@foo.com with the e-mail address you wish to receive mail from sendmail on.

 

2. Run newaliases.

 

 

3.7 Finishing up

All thats left to be done is to start sendmail with /etc/init.d/sendmail start.