Alright, the next 2 steps are going to be the trickiest of the entire installation. First, on this page, we're going to install Clam Antivirus and Spamassassin. Then, on the next page, we will install qmail-scanner which will tie ClamAV and Spamassassin into the operation of our qmail server. I'm going to warn you again that these next two steps are typically a pain in the ass. I am constantly trying to make these steps as universal and easy as possible, but the ease of these steps depends heavily on how your system is configured and how experienced you are. If you've never done this before, you can pretty much bet you're going to have a problem or 2 along the way. But don't give up. If you get into a bind, feel free to consult the qmailrocks mailing list, mailing list archive, IRC channel or chat forum. Using these 4 resources, you've got an excellent chance of getting any help you may need. OK, it's time to put some hair on your chest!

First, let's make sure you have all the required perl modules and required packages. If you read Part 0 of this install guide, you should have made sure that you installed a version of Perl from ftp.sunfreeware.com. If you're running with a default Sun Perl installation, you're going to raelly have a hard time getting these Perl modules installed. All of the perl modules below are required for Spamassassin and qmail-Scanner to work. I'll talk more about this further down in the install.

You will need these Perl Modules:

Digest::SHA1
Digest::HMAC
Net::DNS
Time::HiRes
HTML::Tagset
HTML::Parser

You will also need these other packages:
unzip

If you don't have perl-suidperl or unzip installed, you will find RPM's of these 2 packages included in the Qmailrocks package.

Ok, so at this point you should have all 4 of the above Perl modules installed on your system. So let's install Clam Anti Virus and then Spamassassin.

Installing Clam Anti Virus...

cd /downloads/qmailrocks/

gunzip clamav-x.xx.tar.gz

tar xvf clamav-x.xx.tar

cd clamav-x.xx

groupadd clamav

useradd -d /tmp -s /bin/false clamav

./configure

make && make check && make install && make clean

Ok, this is where I do thing a bit differently with ClamAV. Under normal conditions, you would use the daemonized version of ClamAV, by way of a program called clamdscan. However, I've never had anything but trouble when using clamd with qmail. Instead, I choose to only use the clamscan utility, which is the non-daemonized version of Clam Antivirus. The most thorough way to ensure that clamdscan is 100% bypassed it to simple remove the real clamdscan and replace it with a simply symlink to clamscan.

I do it like this...

mv /usr/local/bin/clamdscan /usr/local/bin/clamdscan.orig

ln -s /usr/local/bin/clamscan /usr/local/bin/clamdscan

Now we'll do a few configuration settings to the /usr/local/etc/clamd.conf file. This file won't get use much, since we aren't going be using the daemonized version of ClamAV, but it does get accessed occasionally by other processes.

vi /usr/local/etc/clamd.conf

"Example" - should be commented out.
"LogFile" - should be set to /var/log/clamav/clamd.log
"LogTime" - should be uncommmented.
"LogSyslog" - should be uncommented.
"ScanMail" - should be uncommented.

Ok, Clam AV is now installed, but let's go ahead and set it up so that it will auto-update every night with the latest virus definitions! First we will want to set up the proper logging for the updater....

/usr/local/bin/freshclam -l /var/log/clamav/clam-update.log

If the server is able to get updates, you should see an output similar to this:

[root@crescent clamav]# freshclam -l /var/log/clamav/clamav-update.log
ClamAV update process started at Sun Oct 24 23:36:22 2004
main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek)
daily.cvd is up to date (version: 549, sigs: 1583, f-level: 3, builder: ccordes)

Woohoo! You're updated with the latest virus definiations from the Clam database!

Now we just set a crontab to run every night, which will run the auto-update procedure! In the example below, I've set mine to run every day at 1:50 AM. The odd run time came reccomended from ClamAV, if you're wondering. Running freshclam at times other than the top of an hour reduces the load on their servers. so feel free to adjust the time to something even more offbeat, like 1:53 AM or something. The guys at ClamAV will thank you.

crontab -e (make sure you run this command as root)

50 1 * * * /usr/local/bin/freshclam --quiet -l /var/log/clamav/clam-update.log

Now save your new crontab and exit. That's it! We're all done with Clam Anti Virus! You will now have a server-wide e-mail virus scanner that updates itself every night with the latest and greatest virus definitions!

Now we install SpamAssassin...

If you don't have the Mail::Spamassassin Perl module installed on your system, let's install it now...

cd /path/to/qmailrocks/perlmods/source

gunzip Mail-SpamAssassin-2.63.tar.gz

tar xvf Mail-SpamAssassin-2.63.tar

cd Mail-SpamAssassin-2.63

perl Makefile.PL (This will ask some configuration questions. Use your best judgment)

make && make install

Alright. Now we're going to add a user/group called "spamd" under which Spamassassin will be run...

groupadd spamd

useradd -g spamd -s /bin/false spamd

We'll need to create a startup script for spamassassin - normally stored as /etc/rc.d/rc.spamd

vi /etc/rc.d/rc.spamd

#!/bin/sh

# Spamd init script for Solaris 9
# August, 2th 2003
# Martin Ostlund, nomicon
# Modified slightly by Troy Belding for Qmailrocks - February 23, 2004
# Modified slightly again by Eric Siegel for Qmailrocks.org - June 21st, 2004

PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
DAEMON=/usr/local/bin/spamd
NAME=spamd
SNAME=spamd
DESC="SpamAssassin Mail Filter Daemon"
PIDFILE="/var/run/$NAME.pid"
PNAME="spamd"

DOPTIONS="-x -u spamd -H /export/home/spamd -d --pidfile=$PIDFILE --syslog-socket=inet"

KILL="/bin/kill"
KILLALL="/bin/killall"
# Defaults - don't touch, edit /etc/mail/spamassassin/local.cf
ENABLED=0
OPTIONS=""

set -e

case "$1" in
start)
echo -n "Starting $DESC: "
$PNAME $OPTIONS $DOPTIONS

echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
$KILL -9 `cat $PIDFILE`
/bin/rm $PIDFILE
echo "$NAME."
;;
restart|force-reload)
echo -n "Restarting $DESC: "
$0 stop
$0 start

echo "$NAME."
;;
*)
ME=/etc/init.d/$SNAME
echo "Usage: $ME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac

exit 0

Save and exit from this new init script and then set permissions on it...

chmod 755 /etc/init.d/spamd

SpamAssassin is now installed, so let's configure it...

cd /etc/mail/spamassassin (where x.x.x is the version of perl installed)

vi local.cf

Make sure the following lines exist and are not commented out.

rewrite_subject 1
required_hits 5

Now save and exit out of the file.

And now we will configure the server to start SpamAssassin on boot:

ln /etc/init.d/spamd /etc/rc3.d/S88spamd

Now save and exit out of the file.

Start up SpamAssassin:

/etc/init.d/spamd start

If all has gone well, both Spamassassin and Clam Anti Virus should now be installed and SpamAssassin should be running. With both of these programs installed, we can now install Qmail-Scanner.

Proceed to Part 14