Installing ClamAV & SpamAssassin to CentOS 5 with Sendmail

Posted on June 12, 2011 by richard

Installing these Mail Server open-source software sets to CentOS 5 with Sendmail on a 64-bit CentOS 5.4 (or higher) Linux host.

1. Install RPMForge Repo to get access to more Software Packages for CentOS5

Install (using rpm -Uvh) http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm

2. Use yum to install from the previously installed RPMForge Repo the necessary software packages

yum -y install spamass-milter clamav-milter
yum -y install perl-Mail-SPF
yum -y install sendmail-cf

Restart spamd after installing the new SPF package with
/etc/init.d/spamassassin restart

Install DKIM for Message Signing with
yum -y install perl-Mail-DKIM

Check DKIM use by sending yourself an email from GMail and saving that message (headers and all) to a local text file, processing that file with
spamassassin -D < /tmp/gmail-msg.txt 2>&1 |grep -i dk

Install GeoIP for regional/geographic message filtering
yum -y install geoip

Check that all of ClamAV is installed with
yum -y install clamav clamav-db clamav-milter clamd

Check then on the settings in /etc/sysconfig/clamav-milter & then set/check on the following in /etc/clamav-milter.conf
MilterSocket unix:/var/clamav/clmilter.socket
User clamav
AllowSupplementaryGroups yes
ClamdSocket unix:/var/run/clamav/clamd.sock
LogFile /var/log/clamav/clamav-milter.log
LogFileMaxSize 0
LogTime yes
LogSyslog yes

Set/check the following in /etc/clamd.conf
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 0
LogTime yes
LogSyslog yes
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /var/tmp
DatabaseDirectory /var/clamav
LocalSocket /var/run/clamav/clamd.sock
FixStaleSocket yes
TCPSocket 3310
TCPAddr 127.0.0.1
MaxConnectionQueueLength 30
MaxThreads 50
ReadTimeout 300
User clamav
AllowSupplementaryGroups yes
ScanPE yes
ScanELF yes
DetectBrokenExecutables yes
ScanOLE2 yes
ScanMail yes
ScanArchive yes
ArchiveBlockEncrypted no

Install SPF capabilities with
yum -y install smf-spf

3. Start Configuring main software servers

3a. Sendmail for ClamAV & SpamAssassin

Load the following to /etc/mail/sendmail.mc, placed above any MAILER definition and I place it after the line “FEATURE(use_ct_file)dnl”

dnl # LOCAL ADDITIONS before Mailers
dnl # clamav-milter - z README ... dnl
INPUT_MAIL_FILTER(`clamav-milter',`S=local:/var/clamav/clmilter.socket, F=,T=S:4m;R:4m;E:10m')dnl
dnl #
dnl # SPAMASSASSIN dnl
dnl **
dnl ** enable spamassassin-milter to scan for spam using spamassassin **
dnl **
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
dnl # END LOCAL ADDITIONS
dnl #

You can test / check the newly installed & configured SpamAssassin with the command:
spamassassin -D < /usr/share/doc/spamassassin-3.2.5/sample-spam.txt 2>&1 |grep -i spf
Looking for lines like:
[1290] dbg: spf: using Mail::SPF for SPF checks
&
[1290] dbg: spf: def_spf_whitelist_from: already checked spf and didn’t get pass, skipping whitelist check
[1290] dbg: spf: whitelist_from_spf: already checked spf and didn’t get pass, skipping whitelist check

3b. Now rebuild the sendmail.cf from your updated sendmail.mc in /etc as root with

make

3c. Ensure all the dependent & requisite servers are running for Clam & SA with

chkconfig clamd on
chkconfig clamav-milter on
chkconfig spamass-milter on
chkconfig sendmail on
chkconfig dovecot on

3d. Then start everything in the same order as per their init.d files, with

service clamd start
service clamav-milter start
service spamass-milter start

3e. Then restart Sendmail with

service sendmail restart

3z. SPF config & enabling <- OPTIONAL, NOT YET WORKING! Configure for the SMF-SPF support in /etc/mail/sendmail.mc and remake sendmail.cf with cd /etc/mail
cat >> sendmail.mc < END dnl ** dnl ** enable smf-spf (Sender Policy Framework) ** dnl ** define(`confMILTER_MACROS_HELO', confMILTER_MACROS_HELO`, {verify}')dnl INPUT_MAIL_FILTER(`smf-spf', `S=unix:/var/run/smfs/smf-spf.sock, T=S:30s;R:1m')dnl END make

In /etc/mail as root run make to generate the new sendmail.cf & submit.cf Sendmail config files.

Start SPF and restart Sendmail with
/etc/init.d/smf-spf restart
/etc/init.d/sendmail restart

4. Testing / Verifying Setup

4a. Check /var/log/maillog

4b. Test with a manual SMTP dialog using the telnet command to the server from another remote host on the Internet (ie: NOT from the server itself) to port 25 on your Sendmail host.

This entry was posted in Network Presence and tagged , , , . Bookmark the permalink.