James B. Byrne napsal(a):
> I have a problem getting spamd and sendmail (both stock CentOS4 rpms)
> to work together on a couple of smtp relay machines. This is clearly
> a configuration issue and no doubt revolves around my lack of
> comprehension of how this is to work.
>
> Basically, the setup consists of two frontend public smtp transports
> that redirect all email through a firewall to an internal imap server
> for final delivery. The firewall and sendmail access map prohibit
> connections to the imap server except for the local MX gateway. The
> external MX gateway is a fallback mx server that routes everything it
> queues through the primary gateway.
>
> So:
>
> MX 2 routes to MX 1 that routes to IMAP
>
> MX 2 and MX 1 are running spamd.
>
> the sendmail.m4 file has the following at its very end:
>
> dnl #
> dnl # MAILERs are always last after all FEATURES are defined
> MAILER(smtp)dnl
> MAILER(procmail)dnl
>
>
> The contents of /etc/procmailrc are:
>
> :0fw
> | /usr/bin/spamassassin
>
>
> Spamd is running on both.
>
> There is a local configuration rule set in
> /etc/mail/spamassassin/local.cf
>
You need an milter interface instead of just procmail (it is local
delivery program)
My solution
====================================================================
Instalace
+++++++++
Milan Kerslager repository
ftp://ftp.linux.cz/pub/linux/people/milan_kerslager/RHEL-4/stable/
-----------------------------------------------
yum install clamav-milter clamav cvgfilter spamass-milter spamassassin
sendmail-cf
-----------------------------------------------
p?idej do startu systemu
-----------------------------------------------
/sbin/chkconfig clamd on
/sbin/chkconfig freshclam on
/sbin/chkconfig clamav-milter on
/sbin/chkconfig cvgfilter on
/sbin/chkconfig spamassassin on
/sbin/chkconfig spamass-milter on
/sbin/chkconfig sendmail on
-----------------------------------------------
Make helper scripts
-----------------------------------------------
echo '#!/bin/bash
/sbin/service freshclam start
/sbin/service clamd start
/sbin/service clamav-milter start
/sbin/service cvgfilter start
/sbin/service spamassassin start
/sbin/service spamass-milter start
/sbin/service sendmail start
' |cat >/root/bin/mail.start
echo '#!/bin/bash
/sbin/service sendmail stop
/sbin/service spamass-milter stop
/sbin/service spamassassin stop
/sbin/service cvgfilter stop
/sbin/service clamav-milter stop
/sbin/service clamd stop
/sbin/service freshclam stop
' | cat >/root/bin/mail.stop
echo '#!/bin/bash
/root/bin/mail.stop
/root/bin/mail.start
' | cat >/root/bin/mail.restart
chmod 700 /root/bin/mail.*
-----------------------------------------------
Configuration
+++++++++++++
Changes in /etc/mail/sendmail.mc
-----------------------------------------------
dnl # ven jde jen PEPA
dnl define(`SMART_HOST',`smtp.your.provider')
define(`SMART_HOST',`XXXXX')
dnl # Prilohy do 20M
dnl define(`UUCP_MAILER_MAX', `2000000')dnl
define(`UUCP_MAILER_MAX', `20000000')dnl
dnl # Trochu pozmenim chovani pri nedorucitelnosti
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_QUEUEWARN', `6h')dnl
define(`confTO_QUEUERETURN', `2d')dnl
define(`confQUEUE_LA', `12')dnl
define(`confREFUSE_LA', `18')dnl
dnl # Not sure
dnl dnl FEATURE(always_add_domain)dnl
dnl FEATURE(always_add_domain)dnl
dnl # nebezpecne , spamoidni dnl
dnl dnl FEATURE(`accept_unresolvable_domains')dnl
dnl FEATURE(`accept_unresolvable_domains')dnl
dnl # Musime prijimat na vsech interfacech ... dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
-----------------------------------------------
and before mailers in /etc/mail/sendmail.mc
-----------------------------------------------
dnl # OPEN RELAY Check ... dnl
FEATURE(`dnsbl', `relays.ordb.org', `"550 Email rejected due to sending
server misconfiguration - see http://www.ordb.org/faq/\#why_rejected";')dnl
dnl # clamav-milter - z README ... dnl
INPUT_MAIL_FILTER(`clamav-milter',`S=local:/var/run/clamav/clamav-milter.sock,
F=,T=S:4m;R:4m;E:10m')dnl
dnl # CVGFILTER - z README ... dnl
define(`_FFR_MILTER', `1')dnl
INPUT_MAIL_FILTER(`cvgfilter', `S=unix:/var/run/cvgfilter.sock, F=T')dnl
dnl # SPAMASSASSIN dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=,
T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`b, j, _, {daemon_name}, {if_name},
{if_addr}')dnl
-----------------------------------------------
/etc/sysconfig/clamav-milter
-----------------------------------------------
CLAMAV_FLAGS="--max-children=80 --force-scan -HP -p viry@xxxxxxxxx
--server=localhost local:/var/run/clamav/clamav-milter.sock"
-----------------------------------------------
/etc/mail/spamassassin/local.cf
-----------------------------------------------
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
# additional
rewrite_subject 1
subject_tag [SPAM]
fold_headers 0
#clear_headers
remove_header all Report
#remove_header all Status
#remove_header all Level
#remove_header all Flag
#add_header all Status _YESNOCAPS_ , _STARS(*)_, hits=_HITS_
required=_REQD_
-----------------------------------------------
========================================================================
/root/bin/mail.restart and enjoy the show ...
--
Petr Kl?ma
JIHOMILK a.s.
Rudolfovsk? 246/83
370 50 ?esk? Bud?jovice
Czech Rpublic
phone: +420 389 136 209
e-mail: petr.klima@xxxxxxxxxxx
