Installing qmail-scanner

  1. Get qmail-scanner from http://unc.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner-1.20.tgz
  2. Install Maildrop 1.3.4 from the ports collection.
    1. su -
    2. cd /usr/ports/mail/maildrop
    3. make install
  3. Install Berkeley DB 3.x from the ports collection.
    1. cd /usr/ports/databases/db3
    2. make install
  4. Install Perl 5 from the ports collection.
    1. cd /usr/ports/lang/perl5
    2. make install
  5. Install tnef-1.1 from the ports collection.
    1. cd /usr/ports/converters/tnef
    2. make install
  6. Install unzip from the ports collection.
    1. cd /usr/ports/archivers/unzip
    2. make install
  7. Recompile qmail with QMAILQUEUE patch
    1. cd /usr/ports/mail/qmail
    2. make install WITH_QMAILQUEUE_PATCH=yes
    3. exit
  8. Download Perl module Time::HiRes from http://www.cpan.org/authors/id/J/JH/JHI/Time-HiRes-1.55.tar.gz
  9. Install the Perl Module. See instructions here.
    1. tar xzvf Time-HiRes-1.55.tar.gz
    2. cd Time-HiRes-1.55
    3. perl Makefile.PL
    4. make
    5. make test
    6. su -
    7. cd <source_dir>/Time-HiRes-1.55
    8. make install
    9. exit
  10. Download Perl module DB_File from http://www.cpan.org/authors/id/P/PM/PMQS/DB_File-1.808.tar.gz
  11. Install the Perl Module. See instructions here.
    1. tar xzvf DB_File-1.808.tar.gz
    2. cd DB_File-1.808
    3. perl Makefile.PL
    4. make
    5. make test
    6. su -
    7. cd <source_dir>/DB_File-1.808
    8. make install
    9. exit
  12. Install qmail-scanner
    1. su -
    2. create user qscand
      adduser
    3. chown root /usr/bin/suidperl
    4. chmod 4711 /usr/bin/suidperl
    5. cd <source_dir>
    6. tar xvzf qmail-scanner-1.01.tgz
    7. cd qmail-scanner-1.01
    8. ./configure --admin gwong --domain orchardlabs.com --notify none
    9. verify that this ran correctly
    10. ./configure --admin gwong --domain orchardlabs.com --notify none --install
    11. Test by running: /var/qmail/bin/qmail-scanner-queue.pl -g
      There should be no errors
    12. exit
    13. Test by running: ./contrib/test_installation.sh
      This will send three emails when you run it with the -doit option
  13. su -
  14. modify /usr/local/etc/rc.d/qmail.sh and add the next two lines to the beginning of the file (after #!/bin/sh)
    echo -n "qmail-smtpd, "
    QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" export QMAILQUEUE
    exec /usr/local/bin/softlimit -m 5000000 /usr/local/bin/tcpserver \     
                 -x/usr/local/etc/tcp.smtp.cdb \
                 -u82 -g81 0 smtp /var/qmail/bin/qmail-smtpd &
    
  15. If you are using tcpserver, you will need to add an entry for QMAILQUEUE in the tcp.smtp file and recompile the cdb (please see Installing qmail for more information)
    192.168.0.:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
  16. Make sure you reset your softlimit for qmail if you use softlimit
  17. If you want to scan outgoing files add the following lines
  18. In /etc/csh.cshrc add:
    setenv QMAILQUEUE /var/qmail/bin/qmail-scanner-queue.pl
  19. In /etc/profile add:
    QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"; export QMAILQUEUE
  20. Also it is a good idea to roll your logfiles (/var/spool/qmailscan/qmail-queue.log with a cron job (mv -f qmail-queue.log qmail-queue.log.1)
  21. Also run /var/qmail/bin/qmail-scanner-queue.pl -z once daily to delete files from dropped connections
  22. edit /var/spool/qmailscan/quarantine-attachments.txt to add rules (make sure entries are TAB-delimited!)
    .scr                    0       W32.Badtrans.B@mm
    .pif                    0       W32.Badtrans.B@mm
    .bat                    0       W32.Sircam.Worm@mm
    .com                    0       W32.Sircam.Worm@mm
    .lnk                    0       W32.Sircam.Worm@mm
    
  23. run /var/qmail/bin/qmail-scanner-queue.pl -g to rebuild the database
  24. exit
  25. read http://qmail-scanner.sourceforge.net/ for more info.



Internet: vtec.net
IC Design: view list
2002-08-07: Orchard Labs, Inc. introduces Internet Consulting and IC Consulting services.

2002-08-07: Read the OpenACS 4.5 FreeBSD Installation Guide.

2002-08-07: Read about the Orchard Labs Community System (OLCS).

© 2000-2002 Orchard Labs, Inc.