Scalix & Amavisd-New HOWTO - Wiki updated

[btisdall]

I found a typo in the path to smtpd.cfg in the wiki that I fixed

Cool.

First off, the ${sender} being set in amavisd.conf by $mailfrom_notify_recip is throwing a warning. Is this normal?

Yes, that always happens here. I think 'warning' is a bit strong really, 'notice' might be more appropriate. Depends on your level of security paranoia I guess.

Really pleased you found the howto useful.

Best.

[dresdn]

Ben,

On your Wiki page, you say:

As far as I'm aware there's no binary package available for amavisd-milter

Well, why not just follow the directions here?
http://dag.wieers.com/home-made/apt/FAQ.php#B

Then all you have to do is type

Code: Select all

up2date -i amavisd-new amavisd-new-milter


Piece of cake =)

-Mike

[btisdall]

why not just follow the directions here?
http://dag.wieers.com/home-made/apt/FAQ.php#B

Because that's amavisd-new-milter, the older(!) version:

Code: Select all

bentis@jerry:~/avtmp$ rpm -qpi amavisd-new-milter-2.4.1-2.el4.rf.i386.rpm

<snip>

URL         : http://www.ijs.si/software/amavisd/
Summary     : The Amavisd-new sendmail-milter Daemon

<snip>



Follow that link & you'll find:

NOTE2:
a rewrite by Petr Rehor of the helper program amavis-milter.c to use
the new AM.PDP protocol (README.protocol) is available as a separate
project, see: http://sourceforge.net/projects/amavisd-milter/
in FreeBSD ports collection: security/amavisd-milter

[btisdall]

I've updated the wiki to include information for SuSE systems. Please note that I haven't repeatedly tested the instructions as I have on RH, so if anyone has a SuSE development system & some time that would be great.

[btisdall]

Added SuSE-specific info for changing sendmail queue value & reorganised sendmail sections to accomodate.

[btisdall]

To stop the following message:

Code: Select all

Authentication-Warning: mybox.local: amavis set sender to virusalert@example.com using -f

Simply add "amavis" (RH) or "vscan" (SuSE) to /etc/mail/trusted-users.

No need to restart sendmail.

[btisdall]

In Configuring amavisd-new

Changed:

$sa_tag_level_deflt = undef;

to:

$sa_tag_level_deflt = -9999;

I believe the former was not proper & (possibly after an SA upgrade) had stopped SA tags from being reliably added on one of my systems.

[dresdn]

I followed this setup and have everything working perfectly. Yesterday I ran into a problem though where someone needed an e-mail that was quarantined. Any idea how to unquarantine it? With courier-imap, I could just place the e-mail in the person's inbox, but that's not possible here.

I've also tried doing without success:

Code: Select all

mail email@domain.com < zcat quarantine/a/bleh.gz


But the problem is that the attachments aren't attached, they're inline.

Any other ideas?

Thanks,
Mike[/code]

[btisdall]

Hi Mike,

this is one area where sendmail/amavisd/milter needs to catch up with postfix/amavisd. I'm looking at Maia Mailguard & Mailzu as mechanisms to achieve unquarantining, it's rather harder than with Postfix since there's no re-injection mechanism.

In the meantime I just found a command-line tool 'uudeview' - just doing:

Code: Select all

uudeview virus-quarantine-file

worked for me. It's in the dag repo.

[IanCoubrough]

This is day two of installing Scalix on FC4, day one got Scalix working as expected and I explored the interface and configured some users.
(This is a test setup for another installation to replace Communigate Pro)
I followed the wiki - or so I thought, but ended up with two copies of CLAMAV and several hours of sorting out config issues between amavisd and clamd, am I correct in thinking the wiki is wrong in referring to clamav.conf when it should now be clamd.conf?

Anyway, thanks v much for the wiki because without it I would be nowhere at all!

I finally ended up with one problem that there seemed no answer to, and that is the real point of this post.

After rebuilding sendmail.cf and restarting everything, all mail started to be delivered to my local mbox on the system and not through Scalix. The only fix I found for this was to do a diff file between my new version of sendmail.cf and the original before I rebuilt it, and to manually insert the differences regarding the milter. Without this step it seems that all the lines that Scalix altered on its own install were left out - presumably because Scalix alters sendmail.cf directly and not via sendmail.mc?

Or have I done something wrong here?

[btisdall]

Ian,

you are quite right about the clamav config file, it should be clamd.conf (duly corrected).

As for the problem with delivery to scalix, are you absoutely sure you ran

Code: Select all

omsendin

having rebuilt your sendmail.cf?

[IanCoubrough]

Ben,

Thanks very much for your reply, yes, I did run omsendin the first time I went through the process, however I must confess to not fully appreciating the meaning of the comment, so - I had not appreciated what it was actually doing.

My problem must have arisen because having run the whole process I had a series of problems to correct, one of which was a spurious ') generated half way through sendmail.cf, plus a couple of "extra arguments ignored" warnings on the milter definition. These together with the socket configuration problems I experienced due to installation path variations from the expected meant that I was going backwards and forwards through the installation fixing things without fully appreciating the correct sequence. - I will remember next time!

Thanks

Ian

[quacka]

I am trying to follow this guide on a freshly installed RHEL4 and Scalix 10.

What confuses me is your line saying: Firstly, DO NOT install the amavisd-new-milter RPM - despite the 'new' tag this is a different, older version that lacks the ability to add anything other than a hard-coded 'virus scanned by amavisd-new-milter' to the message headers

but your Prerequesites state that I must have amavisd-new for Redhat.

I got up to make install amavisd-milter and basically stuck from here. Any help would be greatly appreciated.

Also I even try installing amavisd-new-2.4.2-1.el4.rf.i386.rpm
it comes with the following Failed dependencies:
arc >= 5.21e is needed by amavisd-new-2.4.2-1.el4.rf.i386
cabextract is needed by amavisd-new-2.4.2-1.el4.rf.i386
freeze is needed by amavisd-new-2.4.2-1.el4.rf.i386
lzop is needed by amavisd-new-2.4.2-1.el4.rf.i386
ncompress is needed by amavisd-new-2.4.2-1.el4.rf.i386
nomarch >= 1.2 is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Archive::Tar) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Archive::Zip) >= 1.14 is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(BerkeleyDB) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Compress::Zlib) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Compress::Zlib) >= 1.35 is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Convert::TNEF) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Convert::UUlib) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(IO::Stringy) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(MIME::Entity) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(MIME::Parser) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(MIME::Tools) >= 5.420 is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(MIME::Words) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Mail::Address) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Net::Server) >= 0.87 is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Net::Server) >= 0.93 is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Net::Server::PreForkSimple) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl(Unix::Syslog) is needed by amavisd-new-2.4.2-1.el4.rf.i386
perl-MailTools is needed by amavisd-new-2.4.2-1.el4.rf.i386
ripole is needed by amavisd-new-2.4.2-1.el4.rf.i386
unarj is needed by amavisd-new-2.4.2-1.el4.rf.i386
unrar >= 2.71 is needed by amavisd-new-2.4.2-1.el4.rf.i386
zoo >= 2.10 is needed by amavisd-new-2.4.2-1.el4.rf.i386
Suggested resolutions:
ncompress-4.2.4-41.rhel4.i386.rpm

Which is a lot to install.

[quacka]

Ok i got apt-get to install it since up2date dont haev it on the redhat network.

What I can do is to add these two line into amavisd.conf
$virusadmin='virusalert\@$mydomain #NDR recipient if virus found
$virusadmin='virusalert\@$mydomain #The sender address for NDRs
it looks identical and seems to be missing the '. what shoudl I do here?

Also I download the Init script and rename then copy it to the specified location, ls -la has it as a normal file. how do i make it green like the otehr scripts?

[btisdall]

What confuses me is your line saying: Firstly, DO NOT install the amavisd-new-milter RPM - despite the 'new' tag this is a different, older version that lacks the ability to add anything other than a hard-coded 'virus scanned by amavisd-new-milter' to the message headers

but your Prerequesites state that I must have amavisd-new for Redhat.

There's no conflict here - you need amavisd-new but NOT amavisd-new-milter.