Postfix Spam Filter using Ubuntu Dapper, MailScanner, SpamAssassin, Razor, Pyzor, DCC and ClamAV

Introduction

This is a similar version of the HOWTO that can be found here: http://www200.pair.com/mecham/spam/spamfilter20050628.html. If you're looking at this howto it is assumed that you have some level of experience with email servers, DNS, TCP/IP, Firewalls and Linux in general.

1 Setting up Ubuntu Server

Please see the documentation already online for details on setting up an Ubuntu server. HowToForge has a couple of HowTo's that are very detailed. However there are a couple of installation configurations outlined here that should be taken into account when setting up the server that might differ from other howto's.

NOTE: Ubuntu is installed as a setuid system by default. What that means is that the root account is disabled and you have to run everything with a 'sudo' in front of it to run it as root. The way around this is to run 'sudo su -' and you will no longer have to type 'sudo' in front of the command because you are in a bash session as root. For the rest of this document it is assumed that you have done this and are running a bash session as root so no sudo commands will be given. Moral of the story is, when you log into Ubuntu via SSH or console, remember to run 'sudo su -' before you start editing system files, moving/making directories or installing/uninstalling software and services.

1.1 Partitions

Partitioning the drive this way is not a requirement but it will keep your server from completely running out of space if something goes wrong in the /var directory. Also, partitioning the drive up this way will allow you to create some extra graphs with MailScannerMRTG that can look at /var, /var/log and /var/spool separately. MailScannerMRTG will not check drive space on directories, it can only calculate size by partitions.

Example of my partition table:
/boot		50MB		Boot Partition		EXT3 (PRIMARY)
Swap		2GB		Swap Partition (Size depends on your Memory, double your memory should be fine) (PRIMARY)
/		2GB		Root Partition		EXT3 (LOGICAL)
/var		1GB		Variable Data partition	EXT3 (LOGICAL)
/var/log	3GB		Variable Data partition	EXT3 (LOGICAL)
/var/spool	2GB		Variable Data partition Spool	EXT3 (LOGICAL)
/usr		4GB		User installed programs		EXT3 (LOGICAL)
/usr/local	2GB		User installed programs		EXT3 (LOGICAL)
/home		ANY		Home Directories (Good place to put any extra space, you can repartition if you run out of space and use this.)	EXT3 (LOGICAL)

1.2 Verify Network Settings

We need to make sure that the system is setup with a valid static IP, the correct DNS servers are in /etc/resolv.conf and your server is identified in the /etc/hosts file.

vi /etc/network/interfaces

The Network Interfaces file should look something like this:

auto lo eth0
iface lo inet loopback
# The primary network interface
iface eth0 inet static
        address  192.168.1.100
        netmask  255.255.255.0
        network  192.168.1.0
        broadcast 192.168.1.255
        gateway  192.168.1.1

Restart the network service to make these changes take effect:

/etc/init.d/networking restart

Edit the resolv.conf file to add DNS servers:

vi /etc/resolv.conf

Make sure your domain name is at the top of the resolv.conf, it should look look something like this:

search example.com
nameserver 192.168.0.1
nameserver 192.168.0.2

vi /etc/hosts

The top of file should look something like this:

127.0.0.1 localhost.localdomain localhost
192.168.0.100 sfp.example.com sfp

Since we are here, you might as well add any other hosts you would like our spamfilter to know about. Add any internal mail server(s) here. Simply append any other entries to the bottom of the list.

1.3 APT and Other Tweaks

Apt needs to be setup to search in the universe and multiverse repositories. Backup your current /etc/apt/sources.list:

cp /etc/apt/sources.list /etc/apt/sources.list.default

Replace it with the following sources.list file:

vi /etc/apt/sources.list

deb http://us.archive.ubuntu.com/ubuntu dapper main restricted
deb-src http://us.archive.ubuntu.com/ubuntu dapper main restricted
deb http://us.archive.ubuntu.com/ubuntu dapper-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu dapper-updates main restricted
deb http://us.archive.ubuntu.com/ubuntu dapper universe multiverse
deb-src http://us.archive.ubuntu.com/ubuntu dapper universe multiverse
deb http://security.ubuntu.com/ubuntu dapper-security main restricted
deb-src http://security.ubuntu.com/ubuntu dapper-security main restricted
deb http://security.ubuntu.com/ubuntu dapper-security universe multiverse
deb-src http://security.ubuntu.com/ubuntu dapper-security universe multiverse

We need to update/refresh the apt cache and install some software. To update the cache run:

apt-get update

Note: This is a good time to change your kernel image to the correct one, most likely you will need the 'linux-image-i686'. If you don't know what that means, look it up. Run an apt-get upgrade and take a moment to troubleshoot any errors and or problems that you might be having. We want to eliminate anything that could cause problems in the future. Remember to reboot once everything is ready and run a quick dmesg | less, it can go a long way.

apt-get install ssh

Once ssh is installed you should connect to the server via ssh using PuTTY from your linux or windows desktop. This would make it easier to get the rest of this howto done because you will be able to copy/paste onto the terminal from the desktop. So go ahead, ssh this puppy.

I usually just set the BIOS clock to local time then run the following to sync the clock.

apt-get install ntpdate

hwclock --systohc

Now we install most of the stuff we'll need. I split the list into 4 APT install runs. 5-15 installs at one time seems prudent, up to you:

apt-get install libc6-dev dpkg-dev db4.3-util libdb4.3-dev vim lynx bzip2 unzip perl-doc libwww-perl ntp-simple

apt-get install zlib1g-dev zip libdbi-perl libconvert-binhex-perl gcc make autoconf automake libtool libmail-spf-query-perl rblcheck libnet-ident-perl

apt-get install flex bison libcompress-zlib-perl pax libberkeleydb-perl ncftp unzoo arj lzop nomarch arc zoo

apt-get install postfix postfix-pcre postfix-mysql postfix-ldap cabextract lha unrar razor pyzor spamassassin

Select NO CONFIGURATION when Debconf for Postfix comes up.

Install unarj:

wget http://archive.ubuntu.com/ubuntu/pool/universe/a/arj/unarj_3.10.21-2_all.deb

dpkg -i unarj_3.10.21-2_all.deb

Now we also need to remove some programs, hopefully you don't need PCMCIA or printer support. This server will not need dial-up support either. You will not necessarily have all of these programs installed.

Uninstall the following software (All one line):

apt-get remove ipchains lpr nfs-common portmap pidentd pcmcia-cs pcmciautils pppoe pppoeconf ppp pppconfig uw-imapd qpopper mailagent

1.6 Cleaning up services

Some services might still linger even after uninstalling the daemons. First we need to backup inet.d:

cp -R /etc/init.d /etc/init.d.backup

Now we can stop all of the services that might be running which we don't need:

/etc/init.d/lpd stop
update-rc.d -f lpd remove

/etc/init.d/nfs-common stop
update-rc.d -f nfs-common remove

/etc/init.d/portmap stop
update-rc.d -f portmap remove

/etc/init.d/pcmcia stop
update-rc.d -f pcmcia remove

/etc/init.d/pcmciautils stop
update-rc.d -f pcmciautils remove

/etc/init.d/ppp stop
update-rc.d -f ppp remove

/etc/init.d/exim4 stop
update-rc.d -f exim4 remove

update-rc.d -f ntpdate remove

Disable all of the services we stopped:

update-inetd --disable time

update-inetd --disable daytime

update-inetd --disable echo

update-inetd --disable chargen

update-inetd --disable ident

update-inetd --disable discard

The last one may ask you a question regarding "multiple entries", answer yes (y).

Check that we got everything: