This guide explains how to install Maia Mailguard, a spam and virus management system, on a Debian Squeeze mailserver. Maia Mailguard is a web-based interface and management system based on the popular amavisd-new email scanner and SpamAssassin. Written in Perl and PHP, Maia Mailguard gives end-users control over how their mail is processed by virus scanners and spam filters, while giving mail administrators the power to configure site-wide defaults and limits.
I do not issue any guarantee that this will work for you!
My server has the hostname mail.example.com and the IP address 192.168.0.1. I will install Maia's web interface in Debian's default lighttpd document root, /var/www, and I will use www.example.com to access the web interface. You will have to adjust this if your document root and your domain differ.
Next make sure you have a big enough value for max_allowed_packet in your /etc/mysql/my.cnf (in the [mysqld] section). This setting determines the size of the largest mail item you'll be able to process with Maia, so make sure to set this value large enough to accommodate your needs.
Restart MySQL if you have changed the value of max_allowed_packet:
Make sure you fill in the correct password for the MySQL user amavis in the $password line. Also fill in the correct URL in the $base_url line.
Run
Run
If modules are missing, you must install them now. I had to do the following to install the missing modules:
First stop your current amavisd processes:
Then we copy /usr/src/trunk/amavisd.conf.dist to /etc/amavisd.conf...
Make sure you fill in the correct password for the amavis MySQL user in the @lookup_sql_dsn line. In the ClamAV-clamd stanza, you must change the socket - the correct socket on Debian Squeeze is /var/run/clamav/clamd.ctl.
Start amavisd afterwards:
If you use Maia Mailguard for the first time, you should register yourself as the Maia super-administrator. Go to http://www.example.com/maia/login.php?super=register and log in with your existing email address and password - this will automatically make you the super-administrator of the Maia system:
As super-administrator, you have all the privileges of administrators (e.g. "impersonating" other users, and deleting users), but also the ability to grant administrator privileges to others (and revoke them, if desired).
Should the super-administrator ever wish to give up his privileges, he has to do so by logging in at http://www.example.com/maia/login.php?super=unregister (after a super-administrator "unregisters" himself, the system effectively has no super-administrator, so the next user to login with the ?super=register argument will become the super-administrator).
After your login, you should read the notes on the welcome page:
At the bottom of the welcome page, you can set your protection level (this is only for the account that you used to log in - each user can set his protection level individually). High is recommended:
These are the available protection levels:
Off:
Low:
Medium:
High:
You should read the help page to learn how to use Maia Mailguard:
Here's the settings page for your mail account:
While you browse the Maia web interface, you might encounter some fatal PHP errors, such as this one:
I had to fix the following files to make these errors go away:
Here's the statistics page:
From the statistics page, you can access your spam and virus mails - they are quarantined, and it's possible to rescue these mails from the quarantine (they will then be delivered to your mailbox), to delete them, or to confirm their status:
The following variables are available for /var/lib/amavis/maia/templates/reminder.tpl:
The following variables are available for /var/lib/amavis/maia/templates/newuser.tpl:
I do not issue any guarantee that this will work for you!
1 Preliminary Note
This tutorial is based on Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Debian Squeeze), so you should have this set up already. If your mail setup is different, this tutorial might not work out for you, or you might have to make some adjustments.My server has the hostname mail.example.com and the IP address 192.168.0.1. I will install Maia's web interface in Debian's default lighttpd document root, /var/www, and I will use www.example.com to access the web interface. You will have to adjust this if your document root and your domain differ.
2 Downloading Maia Mailguard
Maia Mailguard can be downloaded from SVN only, so we have to install Subversion first:aptitude install subversion
I want to download the sources to /usr/src/maia:mkdir /usr/src/maia
cd /usr/src/maia
Open a browser and go to https://www.maiamailguard.com/svn/branches/1.0 to find out what the latest revision is - in my case it was 1578. Then start the download as follows:cd /usr/src/maia
svn -r 1578 checkout https://www.maiamailguard.com/svn/branches/1.0
(Make sure you replace 1578 with the latest revision.)3 Creating A Database For Maia Mailguard
Next log into MySQL...mysql -u root -p
... and create a database called maia:CREATE DATABASE maia;
Leave the MySQL shell afterwards:quit;
Import Maia's SQL dump into the empty maia database: cd /usr/src/maia/1.0/
mysql -u root -p maia < maia-mysql.sql
Then log into MySQL again...mysql -u root -p maia < maia-mysql.sql
mysql -u root -p maia
... and create a MySQL user called amavis:GRANT CREATE, DROP, ALTER, SELECT, INSERT, UPDATE, DELETE ON maia.* TO amavis@localhost IDENTIFIED BY 'amavismysqlpasswd';
FLUSH PRIVILEGES;
Fix Unknown column 'discard_ham' problem that prevents emails from being sent anywhere:ALTER TABLE users ADD COLUMN discard_ham char(1) NOT NULL default 'N'
Exit MySQL:quit;
(You can replace amavismysqlpasswd with a password of your choice, but keep in mind that you have to use that password later on in the Maia configuration!)Next make sure you have a big enough value for max_allowed_packet in your /etc/mysql/my.cnf (in the [mysqld] section). This setting determines the size of the largest mail item you'll be able to process with Maia, so make sure to set this value large enough to accommodate your needs.
nano /etc/mysql/my.cnf
[...] [mysqld] [...] max_allowed_packet = 16M [...] |
/etc/init.d/mysql restart
4 Installing Maia's Scripts And Templates
The home directory of the amavis user on Debian Squeeze is /var/lib/amavis, and that's where we create a subdirectory called maia. In that subdirectory we will place Maia's scripts and templates:mkdir /var/lib/amavis/maia
mkdir /var/lib/amavis/maia/scripts
mkdir /var/lib/amavis/maia/templates
mkdir /var/lib/amavis/maia/scripts
mkdir /var/lib/amavis/maia/templates
cp -pfr /usr/src/maia/1.0/scripts/* /var/lib/amavis/maia/scripts
cp -pfr /usr/src/maia/1.0/templates/* /var/lib/amavis/maia/templates
cp -pfr /usr/src/maia/1.0/templates/* /var/lib/amavis/maia/templates
chown -R amavis /var/lib/amavis/maia
chgrp -R amavis /var/lib/amavis/maia
chmod 640 /var/lib/amavis/maia/templates/*.tpl
chmod 750 /var/lib/amavis/maia/scripts/*.pl
chgrp -R amavis /var/lib/amavis/maia
chmod 640 /var/lib/amavis/maia/templates/*.tpl
chmod 750 /var/lib/amavis/maia/scripts/*.pl
5 Configuring Maia
Next we rename /usr/src/maia/1.0/maia.conf.dist to /etc/maia/maia.conf:mkdir /etc/maia/
cp /usr/src/maia/1.0/maia.conf.dist /etc/maia/maia.conf
chown amavis /etc/maia/maia.conf
chgrp amavis /etc/maia/maia.conf
chmod 640 /etc/maia/maia.conf
Open /etc/maia/maia.conf and adjust the following settings:cp /usr/src/maia/1.0/maia.conf.dist /etc/maia/maia.conf
chown amavis /etc/maia/maia.conf
chgrp amavis /etc/maia/maia.conf
chmod 640 /etc/maia/maia.conf
nano /etc/maia/maia.conf
[...] # Configure your Maia database DSN here $dsn = "DBI:mysql:maia:localhost:3306"; # Your Maia database user's login name $username = "amavis"; # Your Maia database user's password $password = "amavismysqlpasswd"; # The directory where Maia's Perl scripts can be found. $script_dir = "/var/lib/amavis/maia/scripts"; [...] # Location to write the lock/PID files (must be writeable by your # amavis user) $pid_dir = "/var/lib/amavis/"; [...] # Base URL to Maia's PHP scripts $base_url = "http://www.example.com/"; # Template directory $template_dir = "/var/lib/amavis/maia/templates/"; [...] |
6 Maia Mailguard Configuration Test
Now runcd /var/lib/amavis/maia/scripts/
./configtest.pl
This script checks if all Perl modules that are needed by amavisd-maia, SpamAssassin, and Maia Mailguard's maintenance scripts are installed. For me the output was as follows:./configtest.pl
server1:/var/lib/amavis/maia/scripts# ./configtest.pl
MAIA MAILGUARD CONFIGURATION TEST
This script checks for the presence of applications and Perl modules
required by maiad, SpamAssassin, and Maia Mailguard's maintenance
scripts. Version numbers are also checked, and if a newer version of
a component is recommended, you should consider upgrading to at least
the minimum recommended version.
If you have already configured your Maia Mailguard database, the script
will also test the connection to that database.
Remember also to run the configtest.php script on your web server to
perform similar tests of your web, PHP, and PEAR environment.
Application/Module Version Status
========================================================================
Perl : 5.10.1 : OK
file(1) : 5.04 : OK
Archive::Tar : 1.52 : OK
Archive::Zip : 1.30 : OK
BerkeleyDB : 0.42 : OK
Compress::Zlib : 2.02 : OK
Convert::TNEF : 0.17 : OK
Convert::UUlib : 1.12 : OK
Crypt::Blowfish : N/A : NOT INSTALLED (Maia Mailguard's optional encryption feature requires this)
Crypt::CBC : N/A : NOT INSTALLED (Maia Mailguard's optional encryption feature requires this)
Crypt::OpenSSL::RSA : 0.25 : OK
Data::UUID : N/A : NOT INSTALLED (required by Maia Mailguard)
DB_File : 1.82 : OK
DBD::mysql : 4.016 : OK
DBD::Pg : N/A : NOT INSTALLED (required if you use PostgreSQL as your Maia Mailguard database)
DBI : 1.612 : OK
Digest::MD5 : 2.39 : OK
Digest::SHA : 5.47 : OK
Digest::SHA1 : 2.13 : OK
Encode::Detect : N/A : NOT INSTALLED (SpamAssassin's optional normalize_charset feature requires this)
File::Spec : 3.3 : OK
forks : N/A : NOT INSTALLED (required by Maia Mailguard's process-quarantine tool)
HTML::Parser : 3.66 : OK
HTTP::Date : 5.831 : OK
IO::Stringy : 2.110 : OK
IO::Socket::INET6 : 2.65 : OK
IO::Zlib : 1.09 : OK
IP::Country::Fast : N/A : NOT INSTALLED (SpamAssassin's optional RelayCountry plugin requires this)
libdb : 4.8 : OK
LWP : 5.836 : OK
Mail::Address : 2.06 : OK
Mail::DKIM : 0.38 : OK
Mail::Internet : 2.06 : OK
Mail::SpamAssassin : 3.3.1 : OK
Mail::SPF : 2.007 : OK
MIME::Base64 : 3.08 : OK
MIME::Parser : 5.428 : OK
MIME::QuotedPrint : 3.08 : OK
Net::CIDR::Lite : N/A : NOT INSTALLED (SpamAssassin's optional SPF plugin requires this)
Net::Cmd : 2.29 : OK
Net::DNS : 0.66 : OK
Net::Server : 0.97 : OK
Net::SMTP : 2.31 : OK
NetAddr::IP : 4.028 : OK
Pod::Usage : 1.36 : OK
Razor2::Client::Agent : 2.84 : OK
Template : N/A : NOT INSTALLED (required by Maia Mailguard)
Time::HiRes : 1.9719 : OK
Unix::Syslog : 1.1 : OK
URI : 1.54 : OK
Text::CSV : N/A : NOT INSTALLED (required by maiadbtool.pl)
MySQL Server : 5.1.49 : OK
Database DSN test : PASSED
Patch 'MySQL Bug 46675' needs to be applied (see http://www.maiamailguard.com/maia/ticket/565).
Patch file mysql-bug-46675.patch not found.
Download the patch from: http://www.maiamailguard.com/maia/raw-attachment/ticket/565/mysql-bug-46675.patch
To apply the patch, you will need to do the following as 'root':
patch -d /usr/share/perl5/Mail/SpamAssassin/BayesStore MySQL.pm < mysql-bug-46675.patch
Run this configtest again afterward to confirm that the patch was applied successfully.
If the patching was successful this patch warning should no longer appear.
Restart maiad after patching is verified.
NOTE: When upgrading Perl to version 5.10 or planning to do so, please
do not forget to add a missing /m flag to regular expressions in your existing
AV entries, as suggested in the example file maiad.conf.dist. Perl 5.8 does
not mind missing /m flags, but with perl 5.10 the results from a virus scanner
may no longer be properly recognized.
server1:/var/lib/amavis/maia/scripts#
Please note that Maia requires additional patching:MAIA MAILGUARD CONFIGURATION TEST
This script checks for the presence of applications and Perl modules
required by maiad, SpamAssassin, and Maia Mailguard's maintenance
scripts. Version numbers are also checked, and if a newer version of
a component is recommended, you should consider upgrading to at least
the minimum recommended version.
If you have already configured your Maia Mailguard database, the script
will also test the connection to that database.
Remember also to run the configtest.php script on your web server to
perform similar tests of your web, PHP, and PEAR environment.
Application/Module Version Status
========================================================================
Perl : 5.10.1 : OK
file(1) : 5.04 : OK
Archive::Tar : 1.52 : OK
Archive::Zip : 1.30 : OK
BerkeleyDB : 0.42 : OK
Compress::Zlib : 2.02 : OK
Convert::TNEF : 0.17 : OK
Convert::UUlib : 1.12 : OK
Crypt::Blowfish : N/A : NOT INSTALLED (Maia Mailguard's optional encryption feature requires this)
Crypt::CBC : N/A : NOT INSTALLED (Maia Mailguard's optional encryption feature requires this)
Crypt::OpenSSL::RSA : 0.25 : OK
Data::UUID : N/A : NOT INSTALLED (required by Maia Mailguard)
DB_File : 1.82 : OK
DBD::mysql : 4.016 : OK
DBD::Pg : N/A : NOT INSTALLED (required if you use PostgreSQL as your Maia Mailguard database)
DBI : 1.612 : OK
Digest::MD5 : 2.39 : OK
Digest::SHA : 5.47 : OK
Digest::SHA1 : 2.13 : OK
Encode::Detect : N/A : NOT INSTALLED (SpamAssassin's optional normalize_charset feature requires this)
File::Spec : 3.3 : OK
forks : N/A : NOT INSTALLED (required by Maia Mailguard's process-quarantine tool)
HTML::Parser : 3.66 : OK
HTTP::Date : 5.831 : OK
IO::Stringy : 2.110 : OK
IO::Socket::INET6 : 2.65 : OK
IO::Zlib : 1.09 : OK
IP::Country::Fast : N/A : NOT INSTALLED (SpamAssassin's optional RelayCountry plugin requires this)
libdb : 4.8 : OK
LWP : 5.836 : OK
Mail::Address : 2.06 : OK
Mail::DKIM : 0.38 : OK
Mail::Internet : 2.06 : OK
Mail::SpamAssassin : 3.3.1 : OK
Mail::SPF : 2.007 : OK
MIME::Base64 : 3.08 : OK
MIME::Parser : 5.428 : OK
MIME::QuotedPrint : 3.08 : OK
Net::CIDR::Lite : N/A : NOT INSTALLED (SpamAssassin's optional SPF plugin requires this)
Net::Cmd : 2.29 : OK
Net::DNS : 0.66 : OK
Net::Server : 0.97 : OK
Net::SMTP : 2.31 : OK
NetAddr::IP : 4.028 : OK
Pod::Usage : 1.36 : OK
Razor2::Client::Agent : 2.84 : OK
Template : N/A : NOT INSTALLED (required by Maia Mailguard)
Time::HiRes : 1.9719 : OK
Unix::Syslog : 1.1 : OK
URI : 1.54 : OK
Text::CSV : N/A : NOT INSTALLED (required by maiadbtool.pl)
MySQL Server : 5.1.49 : OK
Database DSN test : PASSED
Patch 'MySQL Bug 46675' needs to be applied (see http://www.maiamailguard.com/maia/ticket/565).
Patch file mysql-bug-46675.patch not found.
Download the patch from: http://www.maiamailguard.com/maia/raw-attachment/ticket/565/mysql-bug-46675.patch
To apply the patch, you will need to do the following as 'root':
patch -d /usr/share/perl5/Mail/SpamAssassin/BayesStore MySQL.pm < mysql-bug-46675.patch
Run this configtest again afterward to confirm that the patch was applied successfully.
If the patching was successful this patch warning should no longer appear.
Restart maiad after patching is verified.
NOTE: When upgrading Perl to version 5.10 or planning to do so, please
do not forget to add a missing /m flag to regular expressions in your existing
AV entries, as suggested in the example file maiad.conf.dist. Perl 5.8 does
not mind missing /m flags, but with perl 5.10 the results from a virus scanner
may no longer be properly recognized.
server1:/var/lib/amavis/maia/scripts#
wget http://www.maiamailguard.com/maia/raw-attachment/ticket/565/mysql-bug-46675.patch
patch -d /usr/share/perl5/Mail/SpamAssassin/BayesStore MySQL.pm < mysql-bug-46675.patch
As you see a few modules are missing. Most of them can be installed via aptitude:patch -d /usr/share/perl5/Mail/SpamAssassin/BayesStore MySQL.pm < mysql-bug-46675.patch
aptitude install libcrypt-blowfish-perl libcrypt-cbc-perl libcrypt-openssl-rsa-perl libmail-dkim-perl libmail-spf-query-perl libnet-cidr-lite-perl libtemplate-perl libtext-csv-perl g++
Quite a few PHP modules are not available as Debian Squeeze packages, so we must install them using the Perl shell: perl -MCPAN -e shell
install YAML
install Crypt::Blowfish Crypt::CBC DBD::Pg Net::CIDR::Lite Template Text::CSV Data::UUID IP::Country::Fast Encode::Detect
install forks
Typeq
to leave the Perl shell afterwards.Run
./configtest.pl
again - output should now be as follows:server1:/var/lib/amavis/maia/scripts# ./configtest.pl
MAIA MAILGUARD CONFIGURATION TEST
This script checks for the presence of applications and Perl modules
required by amavisd-maia, SpamAssassin, and Maia Mailguard's maintenance
scripts. Version numbers are also checked, and if a newer version of
a component is recommended, you should consider upgrading to at least
the minimum recommended version.
If you have already configured your Maia Mailguard database, the script
will also test the connection to that database.
Remember also to run the configtest.php script on your web server to
perform similar tests of your web, PHP, and PEAR environment.
Application/Module Version Status
========================================================================
Perl : 5.10.0 : OK
file(1) : 4.26 : OK
Archive::Tar : 1.38 : OK
Archive::Zip : 1.18 : OK
BerkeleyDB : 0.34 : OK
Compress::Zlib : 2.012 : OK
Convert::TNEF : 0.17 : OK
Convert::UUlib : 1.11 : OK
Crypt::Blowfish : 2.10 : OK
Crypt::CBC : 2.29 : OK
Crypt::OpenSSL::RSA : 0.25 : OK
Data::UUID : 1.215 : OK
DB_File : 1.816_1 : OK
DBD::mysql : 4.007 : OK
DBD::Pg : N/A : NOT INSTALLED (required if you use PostgreSQL as your Maia Mailguard database)
DBI : 1.605 : OK
Digest::MD5 : 2.36_01 : OK
Digest::SHA1 : 2.11 : OK
File::Spec : 3.2501 : OK
HTML::Parser : 3.56 : OK
HTTP::Date : 5.810 : OK
IO::Stringy : 2.110 : OK
IO::Zlib : 1.07 : OK
IP::Country : 2.27 : OK
LWP::UserAgent : 5.813 : OK
Mail::Address : 2.03 : OK
Mail::DKIM : 0.32 : OK
Mail::Internet : 2.03 : OK
Mail::SpamAssassin : 3.2.5 : OK
Mail::SPF::Query : 1.999.1 : OK
MIME::Base64 : 3.07_01 : OK
MIME::Parser : 5.427 : OK
MIME::QuotedPrint : 3.07 : OK
Net::CIDR::Lite : 0.20 : OK
Net::Cmd : 2.29 : OK
Net::DNS : 0.63 : OK
Net::Server : 0.97 : OK
Net::SMTP : 2.31 : OK
Pod::Usage : 1.35 : OK
Template : 2.19 : OK
Time::HiRes : 1.9711 : OK
Unix::Syslog : 1.1 : OK
URI : 1.35 : OK
Text::CSV : 1.06 : OK
Database DSN test : PASSED
NOTE: When upgrading Perl to version 5.10 or planning to do so, please
do not forget to add a missing /m flag to regular expressions in your existing
AV entries, as suggested in the example file amavisd.conf.dist. Perl 5.8 does
not mind missing /m flags, but with perl 5.10 the results from a virus scanner
may no longer be properly recognized.
server1:/var/lib/amavis/maia/scripts#
Since we are using MySQL and not PostgreSQL, we don't need the DBD::Pg module.MAIA MAILGUARD CONFIGURATION TEST
This script checks for the presence of applications and Perl modules
required by amavisd-maia, SpamAssassin, and Maia Mailguard's maintenance
scripts. Version numbers are also checked, and if a newer version of
a component is recommended, you should consider upgrading to at least
the minimum recommended version.
If you have already configured your Maia Mailguard database, the script
will also test the connection to that database.
Remember also to run the configtest.php script on your web server to
perform similar tests of your web, PHP, and PEAR environment.
Application/Module Version Status
========================================================================
Perl : 5.10.0 : OK
file(1) : 4.26 : OK
Archive::Tar : 1.38 : OK
Archive::Zip : 1.18 : OK
BerkeleyDB : 0.34 : OK
Compress::Zlib : 2.012 : OK
Convert::TNEF : 0.17 : OK
Convert::UUlib : 1.11 : OK
Crypt::Blowfish : 2.10 : OK
Crypt::CBC : 2.29 : OK
Crypt::OpenSSL::RSA : 0.25 : OK
Data::UUID : 1.215 : OK
DB_File : 1.816_1 : OK
DBD::mysql : 4.007 : OK
DBD::Pg : N/A : NOT INSTALLED (required if you use PostgreSQL as your Maia Mailguard database)
DBI : 1.605 : OK
Digest::MD5 : 2.36_01 : OK
Digest::SHA1 : 2.11 : OK
File::Spec : 3.2501 : OK
HTML::Parser : 3.56 : OK
HTTP::Date : 5.810 : OK
IO::Stringy : 2.110 : OK
IO::Zlib : 1.07 : OK
IP::Country : 2.27 : OK
LWP::UserAgent : 5.813 : OK
Mail::Address : 2.03 : OK
Mail::DKIM : 0.32 : OK
Mail::Internet : 2.03 : OK
Mail::SpamAssassin : 3.2.5 : OK
Mail::SPF::Query : 1.999.1 : OK
MIME::Base64 : 3.07_01 : OK
MIME::Parser : 5.427 : OK
MIME::QuotedPrint : 3.07 : OK
Net::CIDR::Lite : 0.20 : OK
Net::Cmd : 2.29 : OK
Net::DNS : 0.63 : OK
Net::Server : 0.97 : OK
Net::SMTP : 2.31 : OK
Pod::Usage : 1.35 : OK
Template : 2.19 : OK
Time::HiRes : 1.9711 : OK
Unix::Syslog : 1.1 : OK
URI : 1.35 : OK
Text::CSV : 1.06 : OK
Database DSN test : PASSED
NOTE: When upgrading Perl to version 5.10 or planning to do so, please
do not forget to add a missing /m flag to regular expressions in your existing
AV entries, as suggested in the example file amavisd.conf.dist. Perl 5.8 does
not mind missing /m flags, but with perl 5.10 the results from a virus scanner
may no longer be properly recognized.
server1:/var/lib/amavis/maia/scripts#
7 Loading SpamAssassin Rules
Maia Mailguard needs to index all of the SpamAssassin rules you have installed on your system. This can be done as follows:./load-sa-rules.pl --debug
This should be done again whenever your SpamAssassin rules are updated. If you've followed the Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Debian Squeeze) tutorial, you have the following cron job on your system:23 4 */2 * * /usr/bin/sa-update --no-gpg &> /dev/null
Runcrontab -e
to modify that cron job so that it looks as follows:23 4 */2 * * /usr/bin/sa-update --no-gpg && /var/lib/amavis/maia/scripts/load-sa-rules.pl && /etc/init.d/amavis restart &> /dev/null |
8 Installing The Maia Mailguard Web Interface
I want to install Maia's web interface in /var/www/maia so that it can be accessed via http://www.example.com/maia (please adjust the path if your document root is different from /var/www). Therefore I create that directory now and copy Maia's web interface to it:mkdir /var/www/maia
cp -pfr /usr/src/maia/1.0/php/* /var/www/maia/
Certain subdirectories of the /var/www/maia/themes directory must be writable by the Apache user. This can be achieved as follows:cp -pfr /usr/src/maia/1.0/php/* /var/www/maia/
chgrp amavis /var/www/maia/themes/*/compiled
chmod 775 /var/www/maia/themes/*/compiled
gpasswd -a www-data amavis
Maia's web interface uses the Smarty template engine which can be installed as follows:chmod 775 /var/www/maia/themes/*/compiled
gpasswd -a www-data amavis
aptitude install smarty
ln -s /usr/share/php/smarty/libs /usr/share/php/Smarty
Next we rename /var/www/maia/config.php.dist to /var/www/maia/config.php...mv /var/www/maia/config.php.dist /var/www/maia/config.php
... and change the following settings:nano /var/www/maia/config.php
[...] $maia_sql_dsn = "mysql://amavis:amavismysqlpasswd@tcp(localhost:3306)/maia"; [...] $address_rewriting_type = 4; [...] // Select an authentication method from one of the following: // // "pop3" - use a POP3 server to authenticate // "imap" - use an IMAP server to authenticate // "ldap" - use an LDAP server to authenticate // "exchange" - use an Exchange Server to authenticate // "sql" - use a SQL database server to authenticate // "internal" - use Maia's internal SQL database to authenticate $auth_method = "pop3"; [...] |
chmod 0640 /var/www/maia/config.php
chown root:www-data /var/www/maia/config.php
afterwards.chown root:www-data /var/www/maia/config.php
9 Testing Your PHP Configuration
Open a browser and go to http://www.example.com/maia/admin/configtest.php. This page tells you if all needed PHP modules are installed:If modules are missing, you must install them now. I had to do the following to install the missing modules:
aptitude install php-pear
pear channel-update pear.php.net
pear install Mail_Mime
pear install Mail_mimeDecode
pear install Pager
pear install Net_Socket
pear install Net_SMTP
pear install Auth_SASL
pear install Net_IMAP
pear install Net_POP3
pear install Log
pear install Image_Color
pear install Image_Canvas-0.3.1
pear install Image_Graph-0.7.2
pear install Mail_mimeDecode
pear install Pager
pear install Net_Socket
pear install Net_SMTP
pear install Auth_SASL
pear install Net_IMAP
pear install Net_POP3
pear install Log
pear install Image_Color
pear install Image_Canvas-0.3.1
pear install Image_Graph-0.7.2
cd /usr/share/php/Image/Graph/Plot/
cp Pie.php Pie.php.original
wget http://www.maiamailguard.org/maia/raw-attachment/ticket/326/Pie.php.patch
patch -p0<pie.php.patch< p="">
cp Pie.php Pie.php.original
wget http://www.maiamailguard.org/maia/raw-attachment/ticket/326/Pie.php.patch
patch -p0<pie.php.patch< p="">
pear install Numbers_Roman
pear install Numbers_Words-0.16.1
pear install Numbers_Words-0.16.1
pear channel-discover htmlpurifier.org
pear install hp/HTMLPurifier
pear install hp/HTMLPurifier
aptitude install php5-imap php5-ldap php5-mcrypt
/etc/init.d/lighttpd restart
Now reload http://www.example.com/maia/admin/configtest.php - all required modules should now be installed:10 Configuring Amavisd-new
Maia Mailguard comes with its own amavisd-new configuration and amavisd binary, so we must replace our existing amavisd-new with it.First stop your current amavisd processes:
/etc/init.d/amavis stop
First we need to download amavisd-maia to /usr/src... Please remember about updating Maia's revision number (1578).cd /usr/src/
svn -r 1578 checkout https://www.maiamailguard.com/svn/trunk/
We copy amavisd-maia to /usr/local/sbin/amavisd-new... svn -r 1578 checkout https://www.maiamailguard.com/svn/trunk/
cd /usr/src/trunk/
cp amavisd-maia /usr/local/sbin/amavisd-new
chown root /usr/local/sbin/amavisd-new
chmod 755 /usr/local/sbin/amavisd-new
... and adjust our /etc/init.d/amavis init script as follows:cp amavisd-maia /usr/local/sbin/amavisd-new
chown root /usr/local/sbin/amavisd-new
chmod 755 /usr/local/sbin/amavisd-new
nano /etc/init.d/amavis
[...] #DAEMON=/usr/sbin/amavisd-new DAEMON=/usr/local/sbin/amavisd-new [...] #START="--start --quiet --pidfile /var/run/amavis/${NAME}.pid --name ${DAEMONNAME} --startas ${DAEMON}" #STOP="--stop --quiet --pidfile /var/run/amavis/${NAME}.pid --name ${DAEMONNAME}" START="--start --quiet --pidfile /var/lib/amavis/${NAME}.pid --name ${DAEMONNAME} --startas ${DAEMON}" STOP="--stop --quiet --pidfile /var/lib/amavis/${NAME}.pid --name ${DAEMONNAME}" [...] |
cp /usr/src/trunk/amavisd.conf.dist /etc/amavisd.conf
... and edit that file:nano /etc/amavisd.conf
[...] $mydomain = 'localhost'; #$mydomain = 'yourdomain.tld'; # a convenient default for other settings $MYHOME = '/var/lib/amavis'; #$MYHOME = '/var/amavisd'; # a convenient default for other settings [...] $log_level = 5; #$log_level = 0; # verbosity 0..5 [...] # Database connection string @lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', 'amavis', 'amavismysqlpasswd'] ); [...] $myhostname = 'mail.example.com'; #$myhostname = 'host.domain.tld'; # must be a fully-qualified domain name! [...] $final_virus_destiny = D_DISCARD; $final_banned_destiny = D_DISCARD; $final_spam_destiny = D_DISCARD; $final_bad_header_destiny = D_DISCARD; [...] # See https://secure.renaissoft.com/maia/wiki/VirusScannerConfig # for more virus scanner definitions. @av_scanners = ( ### http://www.clamav.net/ ['ClamAV-clamd', \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"], qr/\bOK$/m, qr/\bFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], # NOTE: run clamd under the same user as amavisd; match the socket # name (LocalSocket) in clamav.conf to the socket name in this entry # When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"], ); [...] |
Start amavisd afterwards:
/etc/init.d/amavis start
You should now check /var/lib/amavis/amavis.log for errors - please make sure that the database connection is working.11 Log Into Maia Mailguard
You can now access Maia Mailguard under http://www.example.com/maia/ - this is where you and your users can log in with an existing email address/password:If you use Maia Mailguard for the first time, you should register yourself as the Maia super-administrator. Go to http://www.example.com/maia/login.php?super=register and log in with your existing email address and password - this will automatically make you the super-administrator of the Maia system:
As super-administrator, you have all the privileges of administrators (e.g. "impersonating" other users, and deleting users), but also the ability to grant administrator privileges to others (and revoke them, if desired).
Should the super-administrator ever wish to give up his privileges, he has to do so by logging in at http://www.example.com/maia/login.php?super=unregister (after a super-administrator "unregisters" himself, the system effectively has no super-administrator, so the next user to login with the ?super=register argument will become the super-administrator).
After your login, you should read the notes on the welcome page:
At the bottom of the welcome page, you can set your protection level (this is only for the account that you used to log in - each user can set his protection level individually). High is recommended:
These are the available protection levels:
Off:
Pass viruses through? | Y |
Pass spam through? | Y |
Pass banned files through? | Y |
Pass mail with invalid headers through? | Y |
Disable virus scanning? | Y |
Disable spam checking? | Y |
Disable banned files checking? | Y |
Disable invalid header checking? | Y |
Discard viruses? | N |
Discard spam? | N |
Discard banned files? | N |
Discard invalid mail headers? | N |
Add a prefix to spam subjects? | N |
Add spam score headers when score is >= | 999 |
Consider mail spam when score is >= | 999 |
Quarantine or discard spam when score is >= | 999 |
Pass viruses through? | N |
Pass spam through? | Y |
Pass banned files through? | Y |
Pass mail with invalid headers through? | Y |
Disable virus scanning? | N |
Disable spam checking? | Y |
Disable banned files checking? | Y |
Disable invalid header checking? | Y |
Discard viruses? | N |
Discard spam? | N |
Discard banned files? | N |
Discard invalid mail headers? | N |
Add a prefix to spam subjects? | N |
Add spam score headers when score is >= | 999 |
Consider mail spam when score is >= | 999 |
Quarantine or discard spam when score is >= | 999 |
Pass viruses through? | N |
Pass spam through? | N |
Pass banned files through? | Y |
Pass mail with invalid headers through? | Y |
Disable virus scanning? | N |
Disable spam checking? | N |
Disable banned files checking? | Y |
Disable invalid header checking? | Y |
Discard viruses? | N |
Discard spam? | N |
Discard banned files? | N |
Discard invalid mail headers? | N |
Add a prefix to spam subjects? | Y |
Add spam score headers when score is >= | 5 |
Consider mail spam when score is >= | 999 |
Quarantine or discard spam when score is >= | 999 |
Pass viruses through? | N |
Pass spam through? | N |
Pass banned files through? | N |
Pass mail with invalid headers through? | N |
Disable virus scanning? | N |
Disable spam checking? | N |
Disable banned files checking? | N |
Disable invalid header checking? | N |
Discard viruses? | N |
Discard spam? | N |
Discard banned files? | N |
Discard invalid mail headers? | N |
Add a prefix to spam subjects? | N |
Add spam score headers when score is >= | 1 |
Consider mail spam when score is >= | 5 |
Quarantine or discard spam when score is >= | 5 |
Here's the settings page for your mail account:
While you browse the Maia web interface, you might encounter some fatal PHP errors, such as this one:
Fatal error: Call to undefined function subtr() in /var/www/maia/wblist.php on line 190
I had to fix the following files to make these errors go away:
nano /var/www/maia/wblist.php
In line 190, there's the lineif (subtr(get_database_type($dbh),0,5) == "mysql") {
The function must be substr, not subtr: [...] //if (subtr(get_database_type($dbh),0,5) == "mysql") { if (substr(get_database_type($dbh),0,5) == "mysql") { [...] |
Fatal error: Call to undefined function subtr() in /var/www/maia/cache.php on line 238
Again, we have this subtr error, so change subtr to substr in /var/www/maia/cache.php on line 238:nano /var/www/maia/cache.php
[...] if (substr(get_database_type($this->dbtype),0,5) == "mysql") { [...] |
Fatal error: Call to undefined function response_text() in /var/www/maia/cache.php on line 406
This error can be fixed by simply commenting out line 406:nano /var/www/maia/cache.php
[...] //$this->smarty->assign("actionlang", response_text($this->type)); [...] |
Fatal error: Call to undefined function subtr() in /var/www/maia/maia_db.php on line 1954
Here we have the subtr error again - replace subtr with substr:nano /var/www/maia/maia_db.php
[...] if (substr(get_database_type($dbh),0,5) == "mysql") { [...] |
Here are a few more screenshots of the Maia Mailguard interface. Here you can whitelist and blacklist email addresses:
Here's the statistics page:
From the statistics page, you can access your spam and virus mails - they are quarantined, and it's possible to rescue these mails from the quarantine (they will then be delivered to your mailbox), to delete them, or to confirm their status:
12 Creating Cron Jobs For Maia's Maintenance Scripts
Maia Mailguard comes with some maintenance scripts that need to be run regularly. It's best to set up cron jobs that are run by the user amavis:crontab -u amavis -e
10 * * * * /var/lib/amavis/maia/scripts/process-quarantine.pl &> /dev/null @hourly /var/lib/amavis/maia/scripts/stats-snapshot.pl &> /dev/null @daily /var/lib/amavis/maia/scripts/expire-quarantine-cache.pl &> /dev/null @weekly /var/lib/amavis/maia/scripts/send-quarantine-reminders.pl &> /dev/null */10 * * * * /var/lib/amavis/maia/scripts/send-quarantine-digests.pl &> /dev/null |
13 Deleting The /var/www/maia/admin Subdirectory
Now that Maia Mailguard is up and running properly, you should delete the /var/www/maia/admin subdirectory for security reasons:rm -fr /var/www/maia/admin
14 Modifying Email Templates
If you like, you can modify the email templates for emails to users whose quarantines/caches start to get large (/var/lib/amavis/maia/templates/reminder.tpl) and for new users (/var/lib/amavis/maia/templates/newuser.tpl).The following variables are available for /var/lib/amavis/maia/templates/reminder.tpl:
Placeholder | Expands To |
%%VIRUSCOUNT%% | Number of viruses in quarantine |
%%SPAMCOUNT%% | Number of suspected spam items in quarantine |
%%BANNEDCOUNT%% | Number of items with banned file attachments in quarantine |
%%HEADERCOUNT%% | Number of items with invalid mail headers in quarantine |
%%VIRUSSIZE%% | Total size of all viruses in quarantine |
%%SPAMSIZE%% | Total size of all suspected spam items in quarantine |
%%BANNEDSIZE%% | Total size of all items with banned file attachments in quarantine |
%%HEADERSIZE%% | Total size of all items with invalid mail headers in quarantine |
%%MAIAURL%% | URL users should visit to log into Maia Mailguard |
%%ADMINEMAIL%% | Email address of the mail administrator |
%%EXPIRYPERIOD%% | Number of days items are allowed to live in quarantine |
%%OLDESTITEMTTL%% | Number of days before the oldest quarantined item is deleted |
%%OLDESTITEMAGE%% | Age (in days) of the oldest item in quarantine |
Placeholder | Expands To |
%%LOGIN%% | The new user's temporary login name |
%%PASSWORD%% | The new user's temporary password |
%%LOGINURL%% | URL users should visit to login to Maia Mailguard |
%%ADMINEMAIL%% | Email address of the mail administrator |
15 Links
- Maia Mailguard: http://www.maiamailguard.com/
- Debian: http://www.debian.org/
No comments:
Post a Comment