SUSE 10 Professional Anti-Spam & Anti-Virus Gateway Build Guide For Beginners
Novell Cool Solutions: Feature
By Stephen Carter
Digg This -
Updated: 28 Feb 2006
*Update - to get the new PDF for the SUSE 10 Professional Anti-Spam & Anti-Virus Gateway Build Guide For Beginners, click here.
Author's Note: I've had some tips from people who have gone through my document and found a couple of technical anomalies that could cause some people distress. I have fixed these in the PDF.
PROBLEM: Too much spam and too many viruses in my mailbox. I decided to do something about it and thought maybe SUSE 9.3 Professional could help, but I couldn't find a cohesive single information source for setting up a reliable open source anti-spam/virus gateway for use on SUSE 9.3.
ENVIRONMENT: NetWare 6.5 SBS running GroupWise 6.5.
Mail gateway running on SUSE 9.3 Professional using postfix, amavisd-new, clamav, spamassassin, dcc, razor2, mysql and Maia Mailguard for web front-end management of the lot.
SOLUTION: I went through the pain that everyone else goes through the first time around setting up something new, but I documented it as well so as to help others just starting out and to remind myself in the following months exactly what I did and why.
A reliable, free and flexible anti-spam/anti-virus solution
Although there are many README and INSTALL documents and other bits around on the Internet today, I couldn't find a single consolidated guide for configuring everything I wanted in an e-mail gateway solution for SUSE.
As a result I've created my own guide which involved a lot of reading, cursing, troubleshooting, more cursing, then finally success. I've tried to put it all together here in an easy to follow step-by-step format to help myself in future for reference, along with anyone else out there.
If you come across something that doesn't work as expected, is just plain wrong, could be better in any way or just want to comment in general, please feel free to e-mail me your feedback to email@example.com
The e-mail gateway I describe here is designed to sit between your Internet connection and your existing e-mail server, be that GroupWise, Exchange, Notes, postfix or whatever else is out there... as long as it runs an SMTP daemon this gateway will work.
The gateway will include the following main software:
- SUSE 9.3 Professional
- Amavisd-new v2.2.1-5
The 'glue' between Postfix and spam/virus scanners
- DCC v3.1.14
Anti-spam plug-in to SpamAssassin
- Postfix v2.2.1
Mail Transfer Agent
- SpamAssassin v3.0.4
- Razor2 v2.67
Anti-spam plug-in to SpamAssassin
- MySQL v4.1.10
- ClamAV v0.86.1
- Maia Mailguard v1.0-RC5-2
Web front-end management for spam & viruses
- Apache v2
I've tested this solution on an AMD 2500+ Barton processor with 1 Gb RAM and a 60 Gb IDE hard disk and found that it can easily cope with up to 30,000 e-mails per day.
How much e-mail your gateway solution will cope with will depend on many things, such as how long an acceptable processing time per e-mail is for you, the average size of e-mails that pass through your system and how often the system is managed by someone to clear out spam/ham (clean) e-mail confirmations.
To follow this guide you should have available:
An existing e-mail server
This is an e-mail gateway scanning solution only, so you will need an e-mail server for this gateway to pass e-mail onto it's final destination. The SMTP interface on your e-mail server will also need to accept connections from the gateway server, so if you have configured any relay restrictions on your current email server, you'll need to add the IP address of the gateway server as an exception.
A Pentium class PC
If you're just setting this up for training or testing, just about anything will do, including a VMWare session but make sure it has a least 256Mb RAM available. For a production system I suggest at least 1Gb RAM.
Your hard disk should have enough space to hold the OS, the MySQL database of at least 30 days e-mail (more on that later), plus any queued e-mail plug logs... in other words, plenty. For a typical 1000 user company you should be looking at potentially 100Gb +. Fast hard disks will also make a difference, so try to get SCSI drives with 15k rpm ratings. If not, no big deal... you'll have to upgrade them if they don't cope, although if you install more RAM there is a potential alternative that I mention in the Tips and tweaks section using a RAM drive.
The processor is hit quite hard once more than a couple of parallel scans are occurring so the faster the better, but realistically for less than 30,000 e-mails a day, a 3 Ghz AMD or Intel processor should do fine.
You will need to download software from the Internet, and some software being installed will also need to access the Internet in order to be configured.
I only describe a directly connected box, so if you need to go via a proxy server, you'll need to figure that out for yourself. If I get time I'll try to update the notes with proxy information but there's no guarantee on that.
Some software described here will require outbound access on non-regular ports, so you will need to configure your Internet router to allow those ports out.
Firstly, I will lead you through it all so you shouldn't worry about not knowing how to enable services, edit configuration files or compile software.
This guide starts with a base OS installation along with additional packages that SUSE can provide for a complete setup. I have chosen to use, whereever possible, SUSE packages for simplicity.
After installing the OS, you configure postfix to act as a simple e-mail relay and enable amavis, configure the ClamAV anti-virus scanner, configure additional anti-spam filters (DCC & Razor2), setup the MySQL database then install and configure the Maia Mailguard web front end.
You then run through a series of tests to confirm it's all working, tweak it, then test it again and you're finally done.
If you think you can handle it, keep reading and good luck.
If you have any questions you may contact Stephen at firstname.lastname@example.org
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com