Set Up an Email Gateway with CentOS Linux 5.

4
Today Im going to walk you through the set up of an open source email gateway on CentOS 5.4. Some of the tools well use include Postfix, SpamAssassin, ClamAV, MailScanner, and MailWatch. First lets install some prerequisites from the CentOS base packages:
# yum install wget ntp vixie-cron crontabs postfix patch rpm-build binutils glibc-devel gcc make yumprotectbase yum-priorities

Next well disable SELinux. I generally disable this on servers but you may want to keep it turned on if security is more of a concern. To disable, edit /etc/selinux/config and modify the parameter to read: SELINUX=disabled Reboot the server and log back in. Now well disable the iptables firewall. If you do this make sure that the server is not exposed directly to the internet and is behind a firewall or filtering router of some kind. Once everything is configured properly youll want to re-enable iptables and set up rules to allow inbound traffic like SMTP. # chkconfig iptables off && service iptables stop Configuring and Verifying Postfix
Now well configure Postfix as an email relay. Edit /etc/postfix/main.cf to include these parameters: myhostname = YourHost.YourDomain.com mydomain = localhost myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, $mydomain mynetworks_style = host

Also modify the following line in main.cf to specify which domains for which Postfix will relay email. Email whose destination domain is specified here will be forwarded to your email server. If you want to include multiple domains, separate them with whitespace.
relay_domains = YourDomain.com

Append this to the end of main.cf to allow Postfix to map email addresses to the transport method such as local or SMTP:
transport_maps = hash:/etc/postfix/transport

Next append this line to /etc/postfix/transport to specify the transport protocol and what server to forward the email to for this domain :

YourDomain.com smtp:[192.168.10.7]

Now lets build the lookup tables to activate email forwarding:

# postmap /etc/postfix/transport

Now youll want to test the above configuration and ensure that Postfix is relaying email to your internal email server. Stop the Postfix daemon and restart to apply the configuration, and test that email is being forwarded.
# service postfix restart

Install MailScanner First we need to download and extract the MailScanner archive:
# # # # cd ~ wget http://www.mailscanner.info/files/4/rpm/MailScanner-4.79.11-1.rpm.tar.gz tar zxvf MailScanner-4.79.11-1.rpm.tar.gz cd MailScanner-4.79.11-1

Time to run the install script. It will warn us if any prerequisites are missing.
# ./install.sh

Once the installer has finished, disable the automatic startup of Postfix and enable MailScanner, the MailScanner startup script will handle the startup of Postfix:
# chkconfig postfix off # service postfix stop # chkconfig MailScanner on

Give the Postfix user permissions on the MailScanner directories:

# chown postfix.postfix /var/spool/MailScanner/incoming # chown postfix.postfix /var/spool/MailScanner/quarantine Time to edit /etc/MailScanner/MailScanner.conf and change the following parameters to tell MailScanner to use Postfix: Run As User = postfix Run As Group = postfix Incoming Queue Dir = /var/spool/postfix/hold Outgoing Queue Dir = /var/spool/postfix/incoming MTA = postfix Use SpamAssassin = no Edit /etc/postfix/main.cf to include the following parameter: header_checks = regexp:/etc/postfix/header_checks

Append this line to /etc/postfix/header_checks /^Received:/ HOLD Now start MailScanner and once again test that email is forwarding to your email server properly:
# service MailScanner start

Install ClamAV We need to activate the RPMForge repository which contains an updated version of ClamAV.
# cd ~ # wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm # rpm -ivh rpmforge-release-0.5.1-1.el5.rf.i386.rpm

I found an error in the repository file that is installed. Edit /etc/yum.repos.d/rpmforge.repo and under the [rpmforge] section and change: enable = 0 to enabled = 0 This will ensure that the RPMForge repository is only activated when we explicitly request it to be when we run yum. Now its time to install ClamAV:
# yum install --enablerepo=rpmforge clamav clamav-db clamd

Update ClamAV to include the newest virus definitions:

# freshclam Edit /etc/MailScanner/MailScanner.conf to properly identify the ClamAV update paths: Monitors for ClamAV Updates = /var/clamav/*.cld /var/clamav/*.cvd

Install SpamAssassin
# yum install spamassassin

Set up directories for SpamAssassin:

# mkdir /var/spool/MailScanner/spamassassin # chown postfix.postfix /var/spool/MailScanner/spamassassin

Configure MailScanner for SpamAssassin by editing /etc/MailScanner/MailScanner.conf: Use SpamAssassin = yes SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

Now lets restart MailScanner and test email forwarding again:

# service MailScanner restart

Now is a good time also to test and verify that ClamAV and SpamAssassin are filtering viruses and spam properly. The following websites have test files and strings that should allow you to see if filtering is working. http://www.eicar.org/anti_virus_test_file.htm http://spamassassin.apache.org/gtube/ By default SpamAssassin will not forward email that it identifies as spam to your internal email server so to verify that spam is filtering correctly check the contents of the maillog:
# tail /var/log/maillog

Install MailWatch PHP, MySQL, and Apache are prerequisites for MailWatch so lets start by installing these plus a few other needed packages:
# yum install mysql-server php php-mysql php-gd httpd perl-DBD-MySQL

Its a good idea set the password on the root user account inside MySQL:
# /usr/bin/mysqladmin -u root password 'new-password'

Now we need to make a change to a parameter in /etc/php.ini magic_quotes_gpc = On Download the MailWatch archive and extract the files:
# # # # cd ~ wget http://downloads.sourceforge.net/project/mailwatch/mailwatch/1.0.5/mailwatch-1.0.5.tar.gz tar zxvf mailwatch-1.0.5.tar.gz cd mailwatch-1.0.5

Edit /etc/MailScanner/MailScanner.conf, otherwise you may receive an error when you attempt to start MailWatch:
Virus Scanners = clamav

Now proceed to run through the MailWatch installation instructions here: http://mailwatch.sourceforge.net/doku.php?id=mailwatch:documentation:install Once completed with the MailWatch set up, your Email Gateway should now be complete.