Installation
Before you install SpamCheck you will need to ensure that a number of required packages are already installed and configured. Installation instructions for
a number of common distributions will be provided below.
Ubuntu Server 9.10
SpamCheck has been tested on Ubuntu Server 9.10 with the following installation instructions
Install Additional Packages
apt-get install mysql-server apache2 php5 php5-cli libnet-dns-perl libmail-spf-perl libmail-spf-query-perl libencode-detect-perl
apt-get install libcpan-distnameinfo-perl php-mail php5-mysql php-mail-mime php-file exim4-daemon-heavy spamassassin razor zlib1g-dev zlib1g
Install CPAN Packages
cpan
install IP::Country
quit
Enable output buffering for PHP
Edit /etc/php5/apache2/php.ini and change
output_buffering = Off
to
output_buffering = 4096
Configure Razor2
razor-admin -create
razor-admin -register
Create the SpamAssassin database
mysql
create database spamassassin;
use spamassassin;
CREATE TABLE bayes_expire (
id int(11) NOT NULL default '0',
runtime int(11) NOT NULL default '0',
KEY bayes_expire_idx1 (id)
) TYPE=MyISAM;
CREATE TABLE bayes_global_vars (
variable varchar(30) NOT NULL default '',
value varchar(200) NOT NULL default '',
PRIMARY KEY (variable)
) TYPE=MyISAM;
INSERT INTO bayes_global_vars VALUES ('VERSION','3');
CREATE TABLE bayes_seen (
id int(11) NOT NULL default '0',
msgid varchar(200) binary NOT NULL default '',
flag char(1) NOT NULL default '',
PRIMARY KEY (id,msgid)
) TYPE=MyISAM;
CREATE TABLE bayes_token (
id int(11) NOT NULL default '0',
token char(5) NOT NULL default '',
spam_count int(11) NOT NULL default '0',
ham_count int(11) NOT NULL default '0',
atime int(11) NOT NULL default '0',
PRIMARY KEY (id, token),
INDEX bayes_token_idx1 (token),
INDEX bayes_token_idx2 (id, atime)
) TYPE=MyISAM;
CREATE TABLE bayes_vars (
id int(11) NOT NULL AUTO_INCREMENT,
username varchar(200) NOT NULL default '',
spam_count int(11) NOT NULL default '0',
ham_count int(11) NOT NULL default '0',
token_count int(11) NOT NULL default '0',
last_expire int(11) NOT NULL default '0',
last_atime_delta int(11) NOT NULL default '0',
last_expire_reduce int(11) NOT NULL default '0',
oldest_token_age int(11) NOT NULL default '2147483647',
newest_token_age int(11) NOT NULL default '0',
PRIMARY KEY (id),
UNIQUE bayes_vars_idx1 (username)
) TYPE=MyISAM;
\q
Enable SpamAssassin
Edit /etc/default/spamassassin and change:
ENABLED=0
to
ENABLED=1
Run the SpamCheck installer
spamcheck-0.6.11-installer.run
Configure ClamD to run automatically
Edit /usr/local/etc/clamd.conf and change the line:
Example
to
# Example
and the line
#LocalSocket /tmp/clamd.socket
to
LocalSocket /tmp/clamd.socket
and then repeat the first change for the /usr/local/etc/freshclam.conf file
Copy the following to /etc/init.d/clamd
#! /bin/sh
### BEGIN INIT INFO
# Provides: skeleton
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Example initscript
# Description: This file should be used to construct scripts to be
# placed in /etc/init.d.
### END INIT INFO
# Author: Blane Bramble
#
# Please remove the "Author" lines above and replace them
# with your own name if you copy and modify this script.
# Do NOT "set -e"
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="clamd scanner"
NAME=clamd
DAEMON=/usr/local/sbin/$NAME
#DAEMON_ARGS="--options args"
DAEMON_ARGS=""
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
ulimit -f 20000
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
# Add code here, if necessary, that waits for the process to be ready
# to handle requests from services started subsequently which depend
# on this one. As a last resort, sleep for some time.
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently. A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
#
# If the daemon can reload its configuration without
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
return 0
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
;;
#reload|force-reload)
#
# If do_reload() is not implemented then leave this commented out
# and leave 'force-reload' as an alias for 'restart'.
#
#log_daemon_msg "Reloading $DESC" "$NAME"
#do_reload
#log_end_msg $?
#;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
Configure clamd to run
chmod +x /etc/init.d/clamd
update-rc.d clamd defaults
Configure exim to use the SpamCheck configuration
mv /etc/exim4 /etc/exim4.old
mkdir /etc/exim4
cd /etc/exim4
ln -s /spamcheck/exim/config/exim.conf exim4.conf
Ensure Apache is running mod SSL
cd /etc/apache2/mods-enabled
ln -s ../mods-available/ssl.conf
ln -s ../mods-available/ssl.load
service apache2 restart
Make sure Exim, MySQL, SpamAssassin and Apache are running
service mysql restart
service apache2 restart
service exim4 restart
service spamassassin restart
Schedule relevant housekeeping tasks
Firstly schedule the tasks required for the apache user
crontab -u www-data -e
SHELL=/bin/bash
MAILTO=postmaster
HOME=/spamcheck/www/scripts
#
0 16 * * * /usr/bin/php -c /etc/php.ini /spamcheck/www/scripts/send_quarantine.php >> /var/log/quarantine.log
0 1 * * * /usr/bin/php -c /etc/php.ini /spamcheck/www/scripts/spamcheckdaily.php >> /var/log/spamcheckdaily.log
1 * * * * /usr/bin/php -c /etc/php.ini /spamcheck/www/scripts/spamstats.php >> /var/log/spamstats.log
30 0 * * * /usr/bin/php -c /etc/php.ini /spamcheck/www/scripts/spamstatsdaily.php >> /var/log/spamstatsdaily.log
And then the tasks to keep ClamD and SpamAssassin up to date:
crontab -e
0 * * * * /usr/local/bin/freshclam >> /var/log/freshclam.log
30 * * * * /usr/bin/sa-update && /etc/init.d/spamassassin reload >> /var/log/sa-update.log
And finally create empty logs with the correct ownership:
touch /var/log/quarantine.log
touch /var/log/spamcheckdaily.log
touch /var/log/spamstats.log
touch /var/log/spamstatsdaily.log
chown www-data:www-data /var/log/quarantine.log
chown www-data:www-data /var/log/spamcheckdaily.log
chown www-data:www-data /var/log/spamstats.log
chown www-data:www-data /var/log/spamstatsdaily.log
Contact
If you need to contact the developers, please send an e-mail to spamcheck at lyzard dot net
SpamCheck is developed by Blane Bramble
