Installation

Before you install SpamCheck you will need to ensure that a number of required packages are already installed and configured. Installation instructions for a number of common distributions will be provided below.

RedHat / CentOS 5.x

SpamCheck is developed for CentOS 5.x and this is currently the preferred platform for installation.

Enable the epel repository

vim /etc/yum.repos.d/epel.repo

[epel]
name=Extra Packages for Enterprise Linux 5 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/5/$basearch
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL

[epel-debuginfo]
name=Extra Packages for Enterprise Linux 5 - $basearch - Debug
#baseurl=http://download.fedoraproject.org/pub/epel/5/$basearch/debug
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-debug-5&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
gpgcheck=1

[epel-source]
name=Extra Packages for Enterprise Linux 5 - $basearch - Source
#baseurl=http://download.fedoraproject.org/pub/epel/5/SRPMS
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-source-5&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
gpgcheck=1

Install the signing key

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm

Install Yum Packages

yum install exim zlib-devel php-mysql php-pear-Mail php-pear-Mail-Mime gmp-devel php-pear-Image-Graph perl-Digest-SHA1 perl-Net-DNS perl-IO-Socket-SSL
yum install perl-IO-Zlib mod_ssl system-switch-mail mysql-server php-readline

Install CPAN Packages

cpan
install Mail::SPF
install Mail::SPF::Query
install IP::Country
install CPAN::DistnameInfo
install Encode::Detect
quit

Turn off safe mode for PHP

Edit /etc/php.ini and change

safe_mode = On

safe_mode = Off

Install Razor2

wget http://prdownloads.sourceforge.net/razor/razor-agents-2.84.tar.bz2?download
tar xjf razor-agents-2.84.tar.bz2
cd razor-agents-2.84
perl Makefile.PL
make
make install
razor-admin -create
razor-admin -register

Install SpamAssassin

wget http://mirror.public-internet.co.uk/ftp/apache/spamassassin/source/Mail-SpamAssassin-3.2.5.tar.gz
tar xzf Mail-SpamAssassin-3.2.5.tar.gz
cd Mail-SpamAssassin-3.2.5
perl Makefile.PL

make install

cd spamd
cp redhat-rc-script.sh /etc/init.d/spamd

chkconfig --add spamd

Create the SpamAssassin database

mysql
create database spamassassin;
use spamassassin;
CREATE TABLE bayes_expire (
  id int(11) NOT NULL default '0',
  runtime int(11) NOT NULL default '0',
  KEY bayes_expire_idx1 (id)
) TYPE=MyISAM;

CREATE TABLE bayes_global_vars (
  variable varchar(30) NOT NULL default '',
  value varchar(200) NOT NULL default '',
  PRIMARY KEY  (variable)
) TYPE=MyISAM;

INSERT INTO bayes_global_vars VALUES ('VERSION','3');

CREATE TABLE bayes_seen (
  id int(11) NOT NULL default '0',
  msgid varchar(200) binary NOT NULL default '',
  flag char(1) NOT NULL default '',
  PRIMARY KEY  (id,msgid)
) TYPE=MyISAM;

CREATE TABLE bayes_token (
  id int(11) NOT NULL default '0',
  token char(5) NOT NULL default '',
  spam_count int(11) NOT NULL default '0',
  ham_count int(11) NOT NULL default '0',
  atime int(11) NOT NULL default '0',
  PRIMARY KEY  (id, token),
  INDEX bayes_token_idx1 (token),
  INDEX bayes_token_idx2 (id, atime)
) TYPE=MyISAM;

CREATE TABLE bayes_vars (
  id int(11) NOT NULL AUTO_INCREMENT,
  username varchar(200) NOT NULL default '',
  spam_count int(11) NOT NULL default '0',
  ham_count int(11) NOT NULL default '0',
  token_count int(11) NOT NULL default '0',
  last_expire int(11) NOT NULL default '0',
  last_atime_delta int(11) NOT NULL default '0',
  last_expire_reduce int(11) NOT NULL default '0',
  oldest_token_age int(11) NOT NULL default '2147483647',
  newest_token_age int(11) NOT NULL default '0',
  PRIMARY KEY  (id),
  UNIQUE bayes_vars_idx1 (username)
) TYPE=MyISAM;

\q

Select exim as your default mail server

SpamCheck uses exim as it's Mail Transfer Agent, so you will need to switch from the default sendmail to exim, using the system-switch-mail program.

system-switch-mail

Run the SpamCheck installer

spamcheck-0.6.11-installer.run

Configure ClamD to run automatically

Edit /usr/local/etc/clamd.conf and change the line:

Example

# Example

and the line

#LocalSocket /tmp/clamd.socket

LocalSocket /tmp/clamd.socket

and then repeat the first change for the /usr/local/etc/freshclam.conf file

Copy the following to /etc/init.d/clamd

#! /bin/bash
#
# crond   Start/Stop the clam antivirus daemon.
#
# chkconfig: 2345 70 41
# description: clamd is a standard Linux/UNIX program that scans for Viruses.
# processname: clamd
# config: /usr/local/etc/clamd.conf
# pidfile: /var/lock/subsys/clamd

# Source function library.
. /etc/init.d/functions

RETVAL=0

# See how we were called.

prog="clamd"
progdir="/usr/local/sbin"

# Source configuration
if [ -f /etc/sysconfig/$prog ] ; then
	. /etc/sysconfig/$prog
fi

start() {
	echo -n $"Starting $prog: "
	# Don't allow files larger than 20M to be created, to limit DoS
	# Needs to be large enough to extract the signature files
	ulimit -f 20000
        LANG= daemon $progdir/$prog
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/clamd
	return $RETVAL
}

stop() {
	echo -n $"Stopping $prog: "
	# Would be better to send QUIT first, then killproc if that fails
	killproc $prog
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/clamd
	return $RETVAL
}

rhstatus() {
	status clamd
}

restart() {
	stop
	start
}

reload() {
	echo -n $"Reloading clam daemon configuration: "
	killproc clamd -HUP
	retval=$?
	echo
	return $RETVAL
}

case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  restart)
	restart
	;;
  reload)
	reload
	;;
  status)
	rhstatus
	;;
  condrestart)
	[ -f /var/lock/subsys/clamd ] && restart || :
	;;
  *)
	echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
	exit 1
esac

exit $?

Now configure clamd to start automatically at boot:

chmod +x /etc/init.d/clamd
chkconfig --add clamd
chkconfig clamd on

Configure exim to use the SpamCheck configuration

cd /etc/exim
mv exim.conf exim.old.conf
ln -s /spamcheck/exim/config/exim.conf
chkconfig exim on

Make sure Exim, MySQL, SpamAssassin and Apache are running

chkconfig mysqld on
chkconfig httpd on
chkconfig exim on
chkconfig spamd on
service mysqld restart
service httpd restart
service exim restart
service spamd restart

Schedule relevant housekeeping tasks

Firstly schedule the tasks required for the apache user

crontab -u apache -e

SHELL=/bin/bash
MAILTO=postmaster
HOME=/spamcheck/www/scripts
#
0 16 * * * /usr/bin/php -c /etc/php.ini /spamcheck/www/scripts/send_quarantine.php >> /var/log/quarantine.log
0 1 * * * /usr/bin/php -c /etc/php.ini /spamcheck/www/scripts/spamcheckdaily.php >> /var/log/spamcheckdaily.log
1 * * * * /usr/bin/php -c /etc/php.ini /spamcheck/www/scripts/spamstats.php >> /var/log/spamstats.log
30 0 * * * /usr/bin/php -c /etc/php.ini /spamcheck/www/scripts/spamstatsdaily.php >> /var/log/spamstatsdaily.log

And then the tasks to keep ClamD and SpamAssassin up to date:

crontab -e

0 * * * * /usr/local/bin/freshclam >> /var/log/freshclam.log
30 * * * * /usr/bin/sa-update && /etc/init.d/spamassassin reload >> /var/log/sa-update.log

And finally create empty logs with the correct ownership:

touch /var/log/quarantine.log
touch /var/log/spamcheckdaily.log
touch /var/log/spamstats.log
touch /var/log/spamstatsdaily.log
chown apache:apache /var/log/quarantine.log
chown apache:apache /var/log/spamcheckdaily.log
chown apache:apache /var/log/spamstats.log
chown apache:apache /var/log/spamstatsdaily.log

Contact

If you need to contact the developers, please send an e-mail to spamcheck at lyzard dot net

SpamCheck is developed by Blane Bramble

SpamCheck - e-Mail Spam and Virus Scanning