New distro

Remco Barendse mailscanner at barendse.to
Fri Jun 11 15:00:32 UTC 2021 

Thanks for all the hints and pointers, saved me ages in trial+error!

pyzor discover didnt work and found a post online that it was deprecated 
in 2010, it now works just out of the box. Razor installed, will test over 
the weekend and see if it produces any hits.

ms-configure installed a gazillion of different packages still missing

Testing further!


On Fri, 11 Jun 2021, L.P.H. van Belle via MailScanner wrote:

>>
>> Hi list!
>
> Hai Remco,
>
>>
>> OK, with the input and help from the list I managed to complete the
>> script for a super easy istall of
>> MailScanner+postfix+SpamAssassin on a
>> fresh install of ubuntu and got it working!
>>
>> See attached, still work in progress ;)
>>
>> All it takes is main.cf from Thom's website in the same
>> directory as the
>> script, and specify hostname, domain name and ip address of
>> the exchange
>> server where to deliver the mail i.e.:
>> ./mailscanner-postfix.sh gw1 mynicedomain.com 10.1.0.60
>>
>> Some questions :
>> - Not sure if pyzor, razor and DCC still do any good, i added
>> pyzor+razor packages to the spamassassin install, DCC requires
>> manual install. (Do pyzor and razor need configuration?)
>>    razor-admin -register tells me :
>>    Unable to register without a valid razorhome or identity
>
> Yes, pyzor and razor need to be configured and yes you can still install dcc also.
>
> I have to look this up, i have it somehere documented, ill look them up when i start on my setup.
>
> Make sure you run as the user spamassassin and point pyzor and razor there homedir of the user running spammassassin.
> I havent tested this one. https://kura.gg/2011/09/22/spamassassin-razor-pyzor/
> But that still looks correct. Key part is, setting the "correct homedir" and rights..
>
> Not /etc/mail/spamassassin  but run this :
> getent passwd |grep spamd|awk -F: '{ print $6 }'
> Output: /var/lib/spamassassin
> So thats where you create these homdirs.
> And.. Then.
> echo "chown -R $(getent passwd |grep spamd|awk -F: '{ print $3":"$4 }') /var/lib/spamassassin/.pyzor/"
> Or
> echo "chown -R $(getent passwd |grep spamd|awk -F: '{ print $1":"$1 }') /var/lib/spamassassin/.pyzor/"
>
>
>> - spamassassin -D hangs when I run it yet test mail gets delivered
>> - 5 missing perl modules, can I skip/ignore or someone found them :
>>    Digest::SHA1 (is it included in libdigest-sha-perl ? Will
>> MailScanner
>>      install Digest::SHA1 from CPAN nonetheless if i install
>> the package
>>      and will I end up with 2 conflicting packags ?
> Or ms-configure, Or install with cpan  Or use an other repo that offers it as packages.
> There should be one, but i have to look that up. (not to much time atm).
>
>>    IP::Country (is it included in libgeo-ipfree-perl ? same as Digest)
> you can use that. : libgeo-ipfree-perl
> same for digest.
>
>
>>    Mail::ClamAV
> Look like this needs a cpan install
>
>>    Mail::SPF::Query (is it included in spf-tools-perl ?)
> I dont see it in debian official packages, same cpan install.
>
>>    SAVI
> Dont know this one.
>
>> - Should I run ms-configure ?
>
> Yes, that would get the missing perl modules.
>
>>
>> Thom created /usr/local/etc/postfix-db to create the databases, I am
>> thinking to either move that to cron.hourly instead or create it as a
>> "make" file in postfix directory just like it was with sendmail :)
>>
>> Still to do : fail2ban, postscreen, SPF, DKIM, DANE, DMARC, BIMI, CAA
> Dkim : https://github.com/thctlo/debian-scripts/blob/master/setup-opendkim-postfix.sh
> Should still work, try reading the script a bit, it shows what it does.
>
>>
>> Thanks for any comments / help / tips to further improve :)
>
> https://www.sidn.nl/en/news-and-blogs/hands-on-implementing-dane-in-postfix
> Good read ..
>
> Simple test on how your server is setup.
> https://www.internet.nl/mail/
> This used the dutch recommends setting by government.
>
> Coming from :
> https://www.forumstandaardisatie.nl/open-standaarden
> * which is basicly a reference to the existing RFC's.
>
>
> Last tip.
> DONT run sa-learn "just like that" because that makes the next update fail.
> Why is read : /etc/cron.daily/spamassassin
> (you set root/wrong user rights on the compiles files).
> The fix is shown in the cron job.  ;-)
>
>
> Enjoy.
>
> Greetz,
>
> Louis
>
>
>
>
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list