This howto was written in order to help users of DirectAdmin install and correctly configure MailScanner with Exim.
It is based on several years experience working with MailScanner and has been used in the installation of production servers running a variety of rpm based linux distributions including:
RedHat 9
Fedora
Centos
WhiteBox
While every effort has been made to make this howto as comprehensive and easy to follow as possible the author welcomes feedback.
Before you start you should install vim.
On most Red Hat Enterprise clones, such as Centos, the following command should work:
yum install vim-enhanced
I would recommend creating a directory such as /home/installstuff or similar for any files / packages related to your MailScanner setup.
The next step is to install SpamAssassin.
There are a number of ways of doing this, however the developer of MailScanner has put together an easy to use package that will install all the required perl Modules for you. It can be downloaded here.
NB: As of SA 3.1 the licensing has changed for some of the plugins. You will need to enable razor etc., in the *.pre files in the /etc/mail/spamassassin directory
Now to install MailScanner.
First download the MailScanner rpm tarball from the website.
There are usually two versions available – stable and beta.
wget location of file
tar -zxvf MailScanner file
cd MailScanner directory
./install.sh
For example, to download and install the current beta version at time of writing the command would be:
wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.50.8-1.rpm.tar.gz
tar -zxvf MailScanner-4.50.8-1.rpm.tar.gz
cd MailScanner-4.50.8-1
./install.sh
Relax and have a cup of coffee.
Once the install is finished you can proceed with the setup of MailScanner to work with exim.
You need to change the permissions on the MailScanner spool directory:
chown -R mail.mail /var/spool/MailScanner
MailScanner works by running two processes of the MTA.
One listens for SMTP connections (inbound mail) while the other processes outbound mail.
If you think of it like this:
mail > exim > MailScanner > exim
Mail is passed from one exim process to the other via MailScanner, where all the content checks are conducted.
For this reason you need to have two .conf files for exim. One for each exim process.
Always create backups!
cp /etc/exim.conf /etc/exim.back
Make a copy to handle outbound mail:
cp /etc/exim.conf /etc/exim_send.conf
Edit the exim.conf file:
vim /etc/exim.conf
and add the following lines in the main part of the configuration:
#Added for MailScanner mail queues and logging
spool_directory = /var/spool/exim.in
queue_only = true
queue_only_override = false
log_file_path = /var/spool/exim/msglog/%slog
MailScanner comes with its own startup script, so you can safely get rid of the original one:
#cd /etc/init.d/
cp exim exim.orig;chmod -x exim.orig
rm exim
However, DirectAdmin will check for the exim file, so we create a symlink to fool it:
ln -s MailScanner exim
NB: You may need to do this again if a DirectAdmin update installs a new exim init script
Create the following directories:
mkdir /var/spool/exim.in
mkdir /var/spool/exim.in/input
mkdir /var/spool/exim.in/data
mkdir /var/spool/exim.in/db
then fix the ownership:
chown -R mail.mail /var/spool/exim.in/
Now you need to customise your MailScanner.conf both for your particular server and to let it know that it is running exim:
Open MailScanner.conf in vim as follows:
vim /etc/MailScanner/MailScanner.conf
The file is very well documented. Please read it!
You should edit the following settings:
%org-name% = servername
%org-long-name% = Your Company Name
.
%web-site% = www.yourwebaddress.tld
Now to tell it about your exim configuration.
Find the following lines in MailScanner.conf and edit as indicated:
#Run As User = mail
#Run As User = postfix
Run As User = mail
# Group to run as (not normally used for sendmail)
#Run As Group = mail
#Run As Group = postfix
Run As Group = mail
Incoming Queue Dir = /var/spool/exim.in/input
Outgoing Queue Dir = /var/spool/exim/input
Sendmail = /usr/sbin/exim -C /etc/exim.conf
Sendmail2 = /usr/sbin/exim -C /etc/exim_send.conf
MTA = exim (as opposed to sendmail)
You can further tweak your MailScanner settings later on.
Some more changes are needed to finalise your setup.
MailScanner should autodetect exim, but you need to make a number of changes to /etc/sysconfig/MailScanner
do the following:
mkdir /usr/local/exim/
mkdir /usr/local/exim/bin
make the following symlinks:
ln -s /etc/exim_send.conf /usr/local/exim/exim_send.conf
ln -s /etc/exim.conf /usr/local/exim/configure
ln -s /usr/sbin/exim /usr/local/exim/exim
ln -s /usr/sbin/exim /usr/local/exim/bin/exim
To test if it is working properly or not issue the following command:
/etc/init.d/MailScanner restart;tail -f /var/log/maillog
You should see something like the following:
Shutting down MailScanner daemons:
MailScanner: [ OK ]
incoming exim: [ OK ]
outgoing exim: [ OK ]
Starting MailScanner daemons:
incoming exim: [ OK ]
outgoing exim: [ OK ]
MailScanner: [ OK ]
Keep an eye on the logs for a few minutes.
If anything is wrong you should see an error in them.
In order to increase your setup’s effectiveness against spam and viruses you can now tweak your settings.
As I already mentioned, the MailScanner.conf file is very well commented, so read what the configuration options are doing before you actually change them on a production system.
This method of setting up MailScanner has been tried and tested.
It works for us, however any feedback is always appreciated.
Leave a Reply