[Pkg-exim4-users] Fw: Sequence of installation

Peter Gossner gossner at internode.on.net
Sun May 15 15:53:02 UTC 2011 


Begin forwarded message:

MY oops I was actually testing a dovecot virtual when I wrote this originally.


Date: Sun, 15 May 2011 19:32:41 +0930
From: Peter Gossner <trillian42 at virtmail.dbinformatics.com.au>
To: pkg-exim4-users at lists.alioth.debian.org
Cc: l.rinetti at movimatica.com
Subject: Re: [Pkg-exim4-users] Sequence of installation


On Sun, 15 May 2011 09:54:31 +0200
Luciano Rinetti <l.rinetti at movimatica.com> wrote:

> In effect i know that Exim4 can be used with the Content Scanning
> Extension as an alternative to the (old) method of scan based on
> sa-exim but where can i find the correct installation and
> configuration instruction ?
> Sometime the exim4 documentation is not easy to use: where i need to
> insert the "included spam=..." and where is documented ?
> 
> Thank You for the patience
> luciano
> 
> Il 01/05/2011 10.18, Andreas Metzler ha scritto:
> > l.rinetti at movimatica.com<l.rinetti at movimatica.com>  wrote:
> >> I need to install from scratch an MTA based on Exim4.
> >> Supposing to use:
> >>    ClamAV
> >>    Spamassassin
> >>    Razor and Pyzor
> >>    Courier Imap
> >>    SA-exim
> >> could you recommend me the correct sequence of installation of
> >> these packages?
> > [...]
> >
> > Apt-get/aptitude should automatically take care of the correct
> > sequence. I wonder why you plan on using sa-exim instead of exim's
> > included spam=... condition.
> >
> > cu andreas
> >
> >

Yep the docs are comprehensive ...
However as suggested by Andreas
apt-get install your list
install daemon-heavy version ... its called heavy because it has a built in perl engine and interfaces for tasks just like this.
The light version is great for desktop use and simple server setups
It plain "just works" out of the box for all your system mail ... 

Configure spamassasin and clamav to taste 
(that can be a whole journey in its own right)
For initial testing just go with the flow, stick with the defaults.
(hint: /etc/default/ is a great place to do simple configs)


OK once they all start up OK ....
(check them out with something like: 
$sudo netstat -tap | grep spam )

They all work OK? Now forget about them ! Move on to exim4.

1/ Decide about your exim4 config approach.
I find the split system best by of course YMMMV.
(if for no other reason than its less to digest in one mouthfull)
Which ever way you go a live config is created by exim and read from:

/var/lib/exim4/config.autogenerated
Its worth browsing that file when comprehending what  the configs actually do.


so to engage spamassasin you might do something like:

? where is spam mentioned ?
$ cd /etc/exim4/conf.d
$ grep -r spam ./*
 potentially lots of output ..note the file names.
The two files here that are used (and they are defaults) are:
./main/02_exim4-config_options
./acl/40_exim4-config_check_data

so back them up somewhere and open them ...
cp -p main/02_exim4-config_options ./
cp -p acl/40_exim4-config_check_data ./ 
(or somesuch)
main/02_exim4-config_options has a section to enable clamav and just after it spamassassin

Here is what one of mine says right now ...
# For spam scanning, there is a similar option that defines the interface to
# SpamAssassin. You do not need to set this if you are using the default, which
# is shown in this commented example. As for virus scanning, you must also
# modify the acl_check_data access control list to enable spam scanning.

spamd_address = 127.0.0.1 783


I have uncommented to built in default just so I know I have been here really.
You can also set this to another hosts spamassassin (which I do in other instances).


Almost done:
Now that other file ...

open acl/40_exim4-config_check_data
 scroll down to the spam section.
 best stick with the default to test...
 
Now here you can do all sorts of magic...
Note _spamassassin_ is tasked with setting how spammy something is.
Exim4s tasks are set here ... you decide what to do with it depending on what spamassassin reckons..

Here is an example (only) from a household level gateway install.
 Though I have similar rules on real mail servers.
 Usually with more specific messages which are used for filtering tracking etc.
 There are very many ways to do this ... this is just ONE way.
<quote attrib="cut and pasted section only">
 # See the exim docs and the exim wiki for more suitable examples.                   
  #                                                                                   

# first match denies:                                                                 
  deny
     spam = Debian-exim/defer_ok
     message = Message scored $spam_score . OUCH .No spam.
     condition = ${if > {$spam_score_int} {200} {1} {0}}

  deny
     spam = Debian-exim/defer_ok
     message = Message scored $spam_score . No spam processed here.
     condition = ${if > {$spam_score_int} {150} {1} {0}}

# this should probably match spamassassins trip level                                 
  deny
     spam = Debian-exim/defer_ok
     message = Message rates as spam: $spam_score .\n Please check this mail is not u\
nintentional spam
     condition = ${if > {$spam_score_int} {110} {1} {0}}

# these are warnings and reports for mail that is allowed through                     

# this _should_ always return true (:true)                                            
# NOTE only matches when SPAM assassin returns a SPAM match                           
# (see /etc/spamassassin/local.cf                                                     
# so we try to match with < (less than)                                               
# should also match when spamassassin says so as well                                 

 warn
     spam = Debian-exim:true
     add_header = X-Spam_Checked: Spam Checked at doors.tux
     add_header = X-Spam_Score: $spam_score
 
 warn
     condition = ${if > {$spam_score_int} {0} {1} {0}}
     spam = Debian-exim/defer_ok
     add_header = X-Spam_Bar: $spam_bar
     message = Possible Spam. Please check this mail.
     add_header = X-Spam_Report: $spam_report
     add_header = X-Subject: $h_subject : possible spam.

 warn
     condition = ${if < {$spam_score_int} {0} {1} {0}}
     add_header = X-Spam-Status: Not Spam.  $spam_score_int

</quote>

(yeah my LAN is called tux :) 
 
> > _______________________________________________
> > Pkg-exim4-users mailing list
> > Pkg-exim4-users at lists.alioth.debian.org
> > http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-users
> 
> 


-- 
Peter Gossner <pete at dbinformatics.com.au>
              <gossner at internode.on.net>

http://dbinformatics.com.au

--pete (again) 
Message made on joni.tux: Sun May 15 15:47:38 UTC 2011
Calendar events:
May 16 	First report on SNOBOL distributed (within BTL), 1963
May 16*	Adelaide Cup (SA)
May 16 	Discovery Day in Cayman Islands
May 16*	Memorial Day in Michigan (3rd Monday)
     
Peter Gossner <gossner at internode.on.net>
<pete.gossner at gmail.com>

More information about the Pkg-exim4-users mailing list