MailScanner with Postfix

Prerequisite

Resolving MailScanner Dependencies

  1. Run the following cpan commands one at a time (i.e. to see if they are successfully installed):
    sudo cpan -i Filesys::Df
    sudo cpan -i IO::Stringy
    sudo cpan -i DBI
    sudo cpan -i Net::CID
    sudo cpan -i Sys::SigAction
    sudo cpan -i MIME::Parser
    sudo cpan -i Archive::Zip
    sudo cpan -i OLE::Storage_Lite
    sudo cpan -i DBD::SQLite
  2. Install the following packages:
    sudo apt-get install unrar
    sudo apt-get install sqlite

Installing Clamav Antivirus

Run the following command:

sudo apt-get install clamav clamav-daemon

Integrating Clamav to MailScanner

  1. Update the /etc/MailScanner/MailScanner.conf to have the fields Virus Scanner and Clamd Socket to become as follows:
    Virus Scanner = clamd
    Clamd Socket = /var/run/clamav/clamd.ctl
  2. Restart the mailscanner service with the following command:
    sudo service mailscanner restart
  3. Update the file /etc/apparmor.d/usr.sbin.clamd to have the following entries:
      /var/spool/MailScanner/** rw,
      /var/spool/MailScanner/incoming/** rw,
  4. Restart the apparmor service with the following command:
    sudo systemctl restart apparmor.service

Installing and Updating Spamassassin

Run the following commands:

sudo apt-get install spamassassin
sudo sa-update
sudo service spamassassin start

Integrating MailScanner to Postfix

  1. Open the file /etc/postfix/main.cf for editing and add the following line and save:
    header_checks = regexp:/etc/postfix/header_checks
  2. Create the file /etc/postfix/header_checks with the following:
    /^Received:/ HOLD
  3. Open the file /etc/MailScanner/MailScanner.conf for editing and update with the following if necessary:
    Run As User = postfix
    Run As Group = postfix
    Incoming Queue Dir = /var/spool/postfix/hold
    Outgoing Queue Dir = /var/spool/postfix/incoming
    MTA = postfix
  4. Open the file /etc/MailScanner/defaults for editing and update with the following if necessary:
    run_mailscanner=1
  5. Update the group of /var/spool/MailScanner to mtagroup and allow the it write permission as follows:
    sudo chown :mtagroup /var/spool/MailScanner
    sudo chmod 775 MailScanner
  6. Prepare spamassassin's directory using the following commands:
    sudo mkdir /var/spool/MailScanner/spamassassin
    sudo chown postfix /var/spool/MailScanner/spamassassin
  7. Update the permission of the MailScanner's incoming and quarantine folders with the following commands:
    sudo chown postfix.mtagroup /var/spool/MailScanner/incoming
    sudo chmod 770 /var/spool/MailScanner/incoming
    sudo chown postfix.mtagroup /var/spool/MailScanner/quarantine
  8. Restart the mailscanner service with the following command:
    sudo service mailscanner restart

Related Post
Configuring Email Server with Postfix and Dovecot:

Configuring Email Server with Postfix and Dovecot

Prerequisite

  • privkey.pem file
  • fullchain.pem file

Installing Postfix

Run the following commands:

sudo apt-get update
sudo apt-get install postfix

Configuring Postfix

  1. Run the following command:
    sudo dpkg-reconfigure postfix

    Configuration questions:

    1. Select OK to proceed.
    2. Choose Internet Site.
    3. System Mail Name: <EMAIL_DOMAIN>
    4. Other destinations for mail: <EMAIL_DOMAIN>, localhost.<EMAIL_DOMAIN>, localhost
    5. Force synchronous updates on mail queue?: No
    6. Local networks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    7. Use procmail for local delivery?: No
    8. Mailbox size limit (bytes): 0
    9. Local address extension character: +
    10. Internet protocols to use: all

    Feel free to answer the preceding questions based on your setup. Just replace the EMAIL_DOMAIN (i.e. example.com) with a valid value.

  2. Create the following folder:
    /etc/postfix/ssl
  3. Copy the your privkey.pem and fullchain.pem to /etc/postfix/ssl.
  4. Do additional configurations by executing the following commands:
    sudo postconf -e 'smtpd_sasl_local_domain ='
    sudo postconf -e 'smtpd_sasl_auth_enable = yes'
    sudo postconf -e 'smtpd_sasl_security_options = noanonymous'
    sudo postconf -e 'broken_sasl_auth_clients = yes'
    sudo postconf -e 'smtpd_recipient_restrictions =  permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
    sudo postconf -e 'inet_interfaces = all'
    sudo postconf -e 'smtp_tls_security_level = may'
    sudo postconf -e 'smtpd_tls_security_level = may'
    sudo postconf -e 'smtpd_tls_auth_only = no'
    sudo postconf -e 'smtp_tls_note_starttls_offer = yes'
    sudo postconf -e 'smtpd_tls_loglevel = 1'
    sudo postconf -e 'smtpd_tls_received_header = yes'
    sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
    sudo postconf -e 'tls_random_source = dev:/dev/urandom'	
    sudo postconf -e 'mua_client_restrictions = permit_sasl_authenticated,reject'
    sudo postconf -e 'mua_helo_restrictions = permit_mynetworks, permit_sasl_authenticated'
    sudo postconf -e 'mua_sender_restrictions = permit_sasl_authenticated'
    sudo postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/privkey.pem'
    sudo postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/fullchain.pem'
    sudo postconf -e 'myhostname = ronella.xyz'
  5. Create or update the /etc/postfix/sasl/smtpd.conf with the following:
    pwcheck_method: saslauthd
    mech_list: plain login
  6. In the /etc/postfix/master.cf file, uncomment the submission section and must be like the following entries:
    submission inet n       -       y       -       -       smtpd
      -o syslog_name=postfix/submission
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_reject_unlisted_recipient=no
      -o smtpd_client_restrictions=$mua_client_restrictions
      -o smtpd_helo_restrictions=$mua_helo_restrictions
      -o smtpd_sender_restrictions=$mua_sender_restrictions
      -o smtpd_recipient_restrictions=
      -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
      -o milter_macro_daemon_name=ORIGINATING
  7. Also in the same file, uncomment the smtps section and must be like the following entries:
    smtps     inet  n       -       y       -       -       smtpd
      -o syslog_name=postfix/smtps
      -o smtpd_tls_wrappermode=yes
      -o smtpd_sasl_auth_enable=yes
      -o smtpd_reject_unlisted_recipient=no
      -o smtpd_client_restrictions=$mua_client_restrictions
      -o smtpd_helo_restrictions=$mua_helo_restrictions
      -o smtpd_sender_restrictions=$mua_sender_restrictions
      -o smtpd_recipient_restrictions=
      -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
      -o milter_macro_daemon_name=ORIGINATING
  8. Update the owner and group of /var/spool/postfix directory to become postfix as follows:
    sudo chown postfix:postfix /var/spool/postfix
  9. Restart the postfix service with the following command:
    sudo systemctl restart postfix

Installing SASL

Run the following command:

sudo apt-get install libsasl2-2 sasl2-bin libsasl2-modules

Configuring SASL

  1. Open the /etc/default/saslauthd file for editing.
  2. Search for START=no and change it like the following:
    START=yes
  3. Add the following entries just after preceding entry:
    PWDIR="/var/spool/postfix/var/run/saslauthd"
    PARAMS="-m ${PWDIR}"
    PIDFILE="${PWDIR}/saslauthd.pid"
  4. Search for OPTIONS="-c -m /var/run/saslauthd" and change it like the following:
    OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
  5. Update the dpkg state using the following command:
    sudo dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd
  6. Create a symbolic link using the following command:
    sudo ln -s /etc/default/saslauthd /etc/saslauthd
  7. Restart the sasl service using the following command:
    sudo service saslauthd restart

Installing Dovecot

Run the following command:

sudo apt-get install dovecot-core dovecot-imapd dovecot-pop3d

The default location of the mail directory is /var/mail.

Configuring Dovecot

  1. Update the certificate location in the file /etc/dovecot/conf.d/10-ssl.conf to be as follows:
    ssl_cert = </etc/postfix/ssl/fullchain.pem
    ssl_key = </etc/postfix/ssl/privkey.pem
  2. Restart the dovecot service using the following command:
    sudo service dovecot restart

Related Posts
Basic Postfix Management
Creating an Email Alias
MailScanner with Postfix

Writing an Image File to an SDCard using Win32DiskImager

  1. Insert your SDCard.
  2. Startup your Win32DiskImager.
  3. On the Image file field, specify the location of the image file.
  4. On the Device field, select the drive letter of the inserted SDCard.
  5. Click the Write button.
  6. To continue, click the Yes button and wait until it's done.
  7. Once completed, click the OK button.
  8. Click the Exit button.

Related Post
Creating an Image File of an SDCard using Win32DiskImager

Basic Postfix Management

CommandDescription
postqueue -pDisplay the queue
postcat -vq <QUEUE_ID>View the content of the email
postsuper -d ALLRemove all emails
postsuper -d <QUEUE_ID>Remove a particular email
postqueue -i <QUEUE_ID>Attempt to send one particular email
Token Description
QUEUE_ID Can be identified by displaying the queue.

Using Rsync to Sync a Local Directory to Another Local Directory

Syntax

To sync some of your local directories to another local directory, you can use the following syntax:

rsync -av -L --delete <DIR1>[[ <DIR2>] <DIRn>] <DESTINATION_DIR>
Token Description
DIR1, DIR2, DIRn These are the local directories you've wanted to be synced. Only DIR1 is required and the rest are optional.
DESTINATION_DIR The destination directory on the remote machine.

Example

rsync -av -L --delete /var/log/ /data/log/

Useful Environment Variable for Git Troubleshooting

VariableDescriptionPossible Values
GIT_CURL_VERBOSETells Git to emit all the messages generated by that library. This is similar to doing curl -v on the command line.1
GIT_SSL_NO_VERIFYTells Git not to verify SSL certificates.true
GIT_TRACEControls general traces1, 2 or true
GIT_TRACE_PACKETEnables packet-level tracing for network operations.true