New distro

L.P.H. van Belle belle at
Fri Jun 11 10:39:58 UTC 2021

> Hi list!

Hai Remco, 

> OK, with the input and help from the list I managed to complete the 
> script for a super easy istall of 
> MailScanner+postfix+SpamAssassin on a 
> fresh install of ubuntu and got it working!
> See attached, still work in progress ;)
> All it takes is from Thom's website in the same 
> directory as the 
> script, and specify hostname, domain name and ip address of 
> the exchange 
> server where to deliver the mail i.e.:
> ./ gw1
> Some questions :
> - Not sure if pyzor, razor and DCC still do any good, i added 
> pyzor+razor packages to the spamassassin install, DCC requires 
> manual install. (Do pyzor and razor need configuration?)
>    razor-admin -register tells me :
>    Unable to register without a valid razorhome or identity

Yes, pyzor and razor need to be configured and yes you can still install dcc also. 

I have to look this up, i have it somehere documented, ill look them up when i start on my setup. 

Make sure you run as the user spamassassin and point pyzor and razor there homedir of the user running spammassassin.
I havent tested this one. 
But that still looks correct. Key part is, setting the "correct homedir" and rights..  

Not /etc/mail/spamassassin  but run this : 
getent passwd |grep spamd|awk -F: '{ print $6 }' 
Output: /var/lib/spamassassin 
So thats where you create these homdirs.
And.. Then. 
echo "chown -R $(getent passwd |grep spamd|awk -F: '{ print $3":"$4 }') /var/lib/spamassassin/.pyzor/" 
echo "chown -R $(getent passwd |grep spamd|awk -F: '{ print $1":"$1 }') /var/lib/spamassassin/.pyzor/"

> - spamassassin -D hangs when I run it yet test mail gets delivered
> - 5 missing perl modules, can I skip/ignore or someone found them :
>    Digest::SHA1 (is it included in libdigest-sha-perl ? Will 
> MailScanner
>      install Digest::SHA1 from CPAN nonetheless if i install 
> the package
>      and will I end up with 2 conflicting packags ?
Or ms-configure, Or install with cpan  Or use an other repo that offers it as packages. 
There should be one, but i have to look that up. (not to much time atm). 

>    IP::Country (is it included in libgeo-ipfree-perl ? same as Digest)
you can use that. : libgeo-ipfree-perl 
same for digest. 

>    Mail::ClamAV
Look like this needs a cpan install 

>    Mail::SPF::Query (is it included in spf-tools-perl ?)
I dont see it in debian official packages, same cpan install. 

>    SAVI 
Dont know this one. 

> - Should I run ms-configure ?

Yes, that would get the missing perl modules. 

> Thom created /usr/local/etc/postfix-db to create the databases, I am 
> thinking to either move that to cron.hourly instead or create it as a 
> "make" file in postfix directory just like it was with sendmail :)
> Still to do : fail2ban, postscreen, SPF, DKIM, DANE, DMARC, BIMI, CAA
Dkim : 
Should still work, try reading the script a bit, it shows what it does. 

> Thanks for any comments / help / tips to further improve :) 
Good read .. 

Simple test on how your server is setup.
This used the dutch recommends setting by government. 

Coming from : 
* which is basicly a reference to the existing RFC's.

Last tip. 
DONT run sa-learn "just like that" because that makes the next update fail. 
Why is read : /etc/cron.daily/spamassassin 
(you set root/wrong user rights on the compiles files). 
The fix is shown in the cron job.  ;-)




More information about the MailScanner mailing list