Alright, the next 2 steps are going to be the trickiest of the entire installation. First, on this page, we're going to install Clam Antivirus and Spamassassin. Then, on the next page, we will install qmail-scanner which will tie ClamAV and Spamassassin into the operation of our qmail server. I'm going to warn you again that these next two steps are typically a pain in the ass. I am constantly trying to make these steps as universal and easy as possible, but the ease of these steps depends heavily on how your system is configured and how experienced you are. If you've never done this before, you can pretty much bet you're going to have a problem or 2 along the way. But don't give up. If you get into a bind, feel free to consult the qmailrocks mailing list, mailing list archive, IRC channel or chat forum. Using these 4 resources, you've got an excellent chance of getting any help you may need. OK, it's time to put some hair on your chest!

First, let's make sure you have all the required perl modules and required packages. All of the perl modules below are required for Spamassassin and Qmail-Scanner to work. I'll talk more about this further down in the install.

You will need these Perl Modules:

Digest::SHA1
Digest::HMAC
Net::DNS
Time::HiRes
HTML::Tagset
HTML::Parser

Suid Perl isn't installed by default on Slackware systems. This is because of historical security problems. Instead, there's a way to build a suid style wrapper around the qmail scanner module.

Ok, so at this point you should have all of the above Perl modules installed on your system. In addition, as noted above, you will also need to have "unzip" and "perl-suidperl" packages installed. So let's install Clam Anti Virus and Spammassin..

Installing Clam Anti Virus...

cd /path/to/qmailrocks/

tar -xzf clamav-x.xx.tar.gz

cd clamav-x.xx

groupadd clamav

useradd clamav -g clamav -s /sbin/nologin

./configure --prefix=/usr --sysconfdir=/etc

make && make check && make install

Ok, this is where I do thing a bit differently with ClamAV. Under normal conditions, you would use the daemonized version of ClamAV, by way of a program called clamdscan. However, I've never had anything but trouble when using clamd with qmail. Instead, I choose to only use the clamscan utility, which is the non-daemonized version of Clam Antivirus. The most thorough way to ensure that clamdscan is 100% bypassed it to simple remove the real clamdscan and replace it with a simply symlink to clamscan.

I do it like this...

mv /usr/bin/clamdscan /usr/bin/clamdscan.orig

ln -s /usr/bin/clamscan /usr/bin/clamdscan

Now we'll do a few configuration settings to the /etc/clamd.conf file. This file won't get use much, since we aren't going be using the daemonized version of ClamAV, but it does get accessed occasionally by other processes.

vi /etc/clamd.conf

"Example" - should be commented out.
"LogFile" - should be set to /var/log/clamav/clamd.log
"LogTime" - should be uncommmented.
"LogSyslog" - should be uncommented.
"ScanMail" - should be uncommented.

Ok, Clam AV is now installed, but let's go ahead and set it up so that it will auto-update every night with the latest virus definitions! First we will want to set up the proper logging for the updater....

/usr/bin/freshclam -l /var/log/clamav/clam-update.log

If the server is able to get updates, you should see an output similar to this:

[root@crescent clamav]# freshclam -l /var/log/clamav/clamav-update.log
ClamAV update process started at Sun Oct 24 23:36:22 2004
main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek)
daily.cvd is up to date (version: 549, sigs: 1583, f-level: 3, builder: ccordes)

Woohoo! You're updated with the latest virus definiations from the Clam database!

Now we just set a crontab to run every night, which will run the auto-update procedure! In the example below, I've set mine to run every day at 1:15 AM. The odd run time came reccomended from ClamAV, if you're wondering. Running freshclam at times other than the top of an hour reduces the load on their servers. so feel free to adjust the time to something even more offbeat, like 1:27 AM or something. The guys at ClamAV will thank you.

crontab -e (make sure you run this command as root)

15 1 * * * /usr/bin/freshclam --quiet -l /var/log/clamav/clam-update.log

Now save your new crontab and exit.

That's it! We're all done with Clam Anti Virus! You will now have a server-wide e-mail virus scanner that updates itself every night with the latest and greatest virus definitions!

Now let's install Spamassassin...

Note: Spamassassin utilizes port 783 to properly scan and release e-mail. If you have a firewall on your server, you will need to open up port 783 going in and out.

If you don't have the Mail::Spamassassin Perl module installed on your system, let's install it now...

cd /path/to/qmailrocks/perlmods/source

tar zxvf Mail-SpamAssassin-2.63.tar.gz

cd Mail-SpamAssassin-2.63

perl Makefile.PL (This will ask some configuration questions. Use your best judgment)

make && make install

Alright. Now we're going to add a user/group called "spamd" under which Spamassassin will be run...

groupadd spamd

useradd -g spamd -s /bin/false spamd

We'll need to create a startup script for spamassassin - normally stored as /etc/rc.d/rc.spamd

vi /etc/rc.d/rc.spamd

#!/bin/sh

# Spamd init script for Slackware 9.0
# August, 2th 2003
# Martin Ostlund, nomicon
# Modified slightly by Troy Belding for Qmailrocks - February 23, 2004

PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
DAEMON=/usr/bin/spamd
NAME=spamd
SNAME=rc.spamd
DESC="SpamAssassin Mail Filter Daemon"
PIDFILE="/var/run/$NAME.pid"
PNAME="spamd"

DOPTIONS="-x -u spamd -H /home/spamd -d --pidfile=$PIDFILE"

KILL="/bin/kill"
KILLALL="/bin/killall"
# Defaults - don't touch, edit /etc/mail/spamassassin/local.cf
ENABLED=0
OPTIONS=""

set -e

case "$1" in
start)
echo -n "Starting $DESC: "
$PNAME $OPTIONS $DOPTIONS

echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
$KILL -9 `cat $PIDFILE`
/bin/rm $PIDFILE
echo "$NAME."
;;
restart|force-reload)
echo -n "Restarting $DESC: "
$0 stop
$0 start

echo "$NAME."
;;
*)
ME=/etc/rc.d/$SNAME
echo "Usage: $ME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac

exit 0

Save and exit from this new init script and then set permissions on it...

chmod 755 /etc/rc.d/rc.spamd

And now let's set some config options...

vi /etc/mail/spamassassin/local.cf

Replace the contents of the local.cf file with the following config settings:

rewrite_subject 1
required_hits 5

Save and exit from the file.

Now start up Spamassassin...

/etc/rc.d/rc.spamd start

Now let's see if Spamassassin is running...

ps aux | grep spamd

You should the following info concerning spamassassin. The PID might differ on your system, but you get the idea.

spamd 3734 0.2 2.0 24992 20808 ? S 14:21 0:01 /usr/bin/spamd -x -u spamd -H /home/spamd -d

If all has gone well, both Spamassassin and Clam Anti Virus should now be installed! With both of these programs installed, we can now install Qmail-Scanner.

Proceed to Part 15