New distro
L.P.H. van Belle
belle at bazuin.nl
Fri Jun 11 10:39:58 UTC 2021
>
> Hi list!
Hai Remco,
>
> OK, with the input and help from the list I managed to complete the
> script for a super easy istall of
> MailScanner+postfix+SpamAssassin on a
> fresh install of ubuntu and got it working!
>
> See attached, still work in progress ;)
>
> All it takes is main.cf from Thom's website in the same
> directory as the
> script, and specify hostname, domain name and ip address of
> the exchange
> server where to deliver the mail i.e.:
> ./mailscanner-postfix.sh gw1 mynicedomain.com 10.1.0.60
>
> Some questions :
> - Not sure if pyzor, razor and DCC still do any good, i added
> pyzor+razor packages to the spamassassin install, DCC requires
> manual install. (Do pyzor and razor need configuration?)
> razor-admin -register tells me :
> Unable to register without a valid razorhome or identity
Yes, pyzor and razor need to be configured and yes you can still install dcc also.
I have to look this up, i have it somehere documented, ill look them up when i start on my setup.
Make sure you run as the user spamassassin and point pyzor and razor there homedir of the user running spammassassin.
I havent tested this one. https://kura.gg/2011/09/22/spamassassin-razor-pyzor/
But that still looks correct. Key part is, setting the "correct homedir" and rights..
Not /etc/mail/spamassassin but run this :
getent passwd |grep spamd|awk -F: '{ print $6 }'
Output: /var/lib/spamassassin
So thats where you create these homdirs.
And.. Then.
echo "chown -R $(getent passwd |grep spamd|awk -F: '{ print $3":"$4 }') /var/lib/spamassassin/.pyzor/"
Or
echo "chown -R $(getent passwd |grep spamd|awk -F: '{ print $1":"$1 }') /var/lib/spamassassin/.pyzor/"
> - spamassassin -D hangs when I run it yet test mail gets delivered
> - 5 missing perl modules, can I skip/ignore or someone found them :
> Digest::SHA1 (is it included in libdigest-sha-perl ? Will
> MailScanner
> install Digest::SHA1 from CPAN nonetheless if i install
> the package
> and will I end up with 2 conflicting packags ?
Or ms-configure, Or install with cpan Or use an other repo that offers it as packages.
There should be one, but i have to look that up. (not to much time atm).
> IP::Country (is it included in libgeo-ipfree-perl ? same as Digest)
you can use that. : libgeo-ipfree-perl
same for digest.
> Mail::ClamAV
Look like this needs a cpan install
> Mail::SPF::Query (is it included in spf-tools-perl ?)
I dont see it in debian official packages, same cpan install.
> SAVI
Dont know this one.
> - Should I run ms-configure ?
Yes, that would get the missing perl modules.
>
> Thom created /usr/local/etc/postfix-db to create the databases, I am
> thinking to either move that to cron.hourly instead or create it as a
> "make" file in postfix directory just like it was with sendmail :)
>
> Still to do : fail2ban, postscreen, SPF, DKIM, DANE, DMARC, BIMI, CAA
Dkim : https://github.com/thctlo/debian-scripts/blob/master/setup-opendkim-postfix.sh
Should still work, try reading the script a bit, it shows what it does.
>
> Thanks for any comments / help / tips to further improve :)
https://www.sidn.nl/en/news-and-blogs/hands-on-implementing-dane-in-postfix
Good read ..
Simple test on how your server is setup.
https://www.internet.nl/mail/
This used the dutch recommends setting by government.
Coming from :
https://www.forumstandaardisatie.nl/open-standaarden
* which is basicly a reference to the existing RFC's.
Last tip.
DONT run sa-learn "just like that" because that makes the next update fail.
Why is read : /etc/cron.daily/spamassassin
(you set root/wrong user rights on the compiles files).
The fix is shown in the cron job. ;-)
Enjoy.
Greetz,
Louis
More information about the MailScanner
mailing list