NA Homework 4+5

Postfix + DNS Demo

> Setup everything before Demo, or you’ll get no point if something don’t work. > Show your mail functions to TA, you could use ‘Remote Desktop’. > Be prepared, TA will ask some questions.

2 Installation Steps

> postfix > cyrus-sasl2-saslauthd > imap-uw > amavisd-new > postgrey > Clamav > spamassassin

3 Postfix

# cd /usr/ports/mail/postfix # make install clean

4 Postfix

===> Installing for postfix-2.4.1,1 ===> postfix-2.4.1,1 depends on file: /usr/local/lib/libcrypto.so.5 - found ===> postfix-2.4.1,1 depends on shared library: pcre.0 – found ===> postfix-2.4.1,1 depends on shared library: sasl2.2 - found Added group "postfix". Added group "maildrop". Added user "postfix". You need user "postfix" added to group "mail". Would you like me to add it [y]? y

install -d -o root -g wheel -m 555 /usr/local//doc/postfix Installed HTML documentation in /usr/local/share/doc/postfix Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y

5 Postfix

> edit /etc/rc.conf sendmail_enable="NONE“ postfix_enable="YES"

> edit /etc/defaults/periodic.conf daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" daily_status_include_submit_mailq="NO" daily_submit_queuerun="NO"

> edit /usr/local/etc/postfix/main.cf – edit it by yourself – ex: myhostname, mynetworks, alias_maps…

6 Postfix with TLS

> make your certificates > edit /usr/local/etc/postfix/main.cf

7 Cyrus-sasl2-saslauthd

8 Cyrus-sasl2-saslauthd

# cd /usr/ports/security/cyrus-sasl-saslauthd # make install clean

> edit /etc/rc.conf saslauthd_enable="YES"

9 imap-uw

# cd /usr/ports/mail/imap-uw # make install clean

> edit /etc/inetd.conf pop3 stream tcp nowait root /usr/local/libexec/ipop3d ipop3d imap4 stream tcp nowait root /usr/local/libexec/imapd imapd

> If using TLS pop3s stream tcp nowait root /usr/local/libexec/ipop3d ipop3d imaps stream tcp nowait root /usr/local/libexec/imapd imapd

10 Hold on and Test

# /usr/local/etc/rc.d/saslauthd start # /usr/local/etc/rc.d/postfix start # /etc/rc.d/inetd reload

> It’s better to test you can receive and send mail before next step. > If it’s not work, check /var/log/maillog.

11 Amavisd-new

# cd /usr/ports/security/amavisd-new # make install clean

12 Amavisd-new

Added group "vscan". Added user "vscan".

Created "/var/" directory. Created "/var/amavis/db" directory. Created "/var/amavis/tmp" directory. Created "/var/virusmails" directory.

To use amavisd-new, you need to install at least one virus scanner. The following virus scanners are available in the FreeBSD ports collection:

/usr/ports/security/vscan McAfee VirusScan /usr/ports/security/clamav Clam Antivirus /usr/ports/security/f-prot F-Prot Antivirus /usr/ports/security/drweb DrWeb antivirus suite 13 Amavisd-new

Enable amavisd-new in /etc/rc.conf with the following line:

amavisd_enable="YES"

If you want to use the amavis milter interface, you need the following additional line in /etc/rc.conf

amavis_milter_enable="YES"

Configuration templates are available in /usr/local/etc as amavisd.conf-dist, amavisd.conf-sample and amavisd.conf-default. Documentation is available in /usr/local/share/doc/amavisd-new.

14 postgrey

# cd /usr/ports/mail/postgrey # make install clean

> edit /etc/rc.conf

postgrey_enable="YES" postgrey_pidfile="/var/run/postgrey.pid" postgrey_flags="--delay=60 --pidfile=${postgrey_pidfile} \ --inet=10023 -d --user=postgrey --group=postgrey \ --dbdir=/var/db/postgrey"

15 Clamav

# cd /usr/ports/security/clamav # make install clean

16 Clamav

> edit /etc/rc.conf

clamav_clamd_enable="YES" clamav_freshclam_enable="YES"

> edit where you put your aliases file

virusalert: root

> edit /usr/local/etc/clamd.conf by yourself

17 Final Configuration

18 Final Configuration for Postfix

> edit /usr/local/etc/postfix/main.cf content_filter = smtp-amavis:[127.0.0.1]:10024

> edit /usr/local/etc/postfix/master.cf

smtp-amavis unix - - n - 2 lmtp -o smtp_data_done_timeout=1200s -o smtp_never_send_ehlo=yes -o notify_classes=protocol,resource,software 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o mynetworks=127.0.0.0/8 -o myhostname=localhost -o local_recipient_maps= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject

19 Final Configuration for Amavisd-new

> edit /usr/local/etc/amavisd.conf

$mydomain = ‘cs.nctu.edu.tw' $notify_method = 'smtp:[127.0.0.1]:10025'; $forward_method = 'smtp:[127.0.0.1]:10025';

20 Now Startup everything

# /usr/local/etc/rc.d/clamav-clamd start # /usr/local/etc/rc.d/postgrey start # /usr/local/etc/rc.d/amavisd start # /usr/local/etc/rc.d/postfix restart

21 Test for Virus

# telnet localhost 25 Trying ::1... Trying 127.0.0.1... Connected to localhost.twbbs.org. Escape character is '^]'. 220 nabsd.cs.nctu.edu.tw ESMTP Postfix mail from: 250 Ok rcpt to: 250 Ok data 354 End data with . Subject: Virus Coming X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* . 250 Ok: queued as 647781152E quit 221 Bye Connection closed by foreign host. da

22 Test for Virus

> Normal Mail

May 11 20:09:27 nabsd amavis[29003]: (29003-01) Passed CLEAN, -> , Message-ID: <[email protected]>, mail_id: Vidtcl9St6oz, Hits: -, 1312 ms

> Mail with virus

May 13 16:55:50 nabsd amavis[29004]: (29004-05) Blocked INFECTED (Eicar-Test-Signature), [127.0.0.1] -> , quarantine: virus-VivGNwT9NIja, Message-ID: <[email protected]>, mail_id: VivGNwT9NIja, Hits: -, 1071 ms

23 Spamassassin

> /usr/local/etc/amavis.conf > /usr/local/etc/mail/spamassassin/local.cf > man Mail::SpamAssassin::Conf

24 Spamassassin

Content-Type: text/html; charset="big5" Content-Transfer-Encoding: 8bit Sender: =?big5?B?wnmkSKR+?= Reply-To: [email protected] X-Virus-Scanned: amavisd-new at csie.nctu.edu.tw X-Spam-Status: Yes, hits=10.687 tagged_above=3 required=6.3 tests=BAYES_60, DATE_IN_PAST_96_XX, DOMAIN_RATIO, HTML_90_100, HTML_IMAGE_ONLY_20, HTML_IMAGE_RATIO_02, HTML_MESSAGE, HTML_WEB_BUGS, MIME_HTML_ONLY X-Spam-Level: ********** X-Spam-Flag: YES Status:

25