Install MialWatch on CentOS 7 with postfix as MTA

MailWatch is a great web based application utilizing LAMP stack. It allows you to easily manage and monitor MailScanner gateway. We will be adding MailWatch install to existing MailScanner setup

Prerequisites

  • Working MailSanner installation. How to Install MailScanner
  • Install LAMP and additional PHP and Perl requirements
  • Make sure php.ini has correct settings

LAMP Install

yum install httpd
systemctl start httpd.service
systemctl enable httpd.service
yum install mariadb-server mariadb
systemctl start mariadb
mysql_secure_installation
systemctl enable mariadb.service
yum install php php-mysql
systemctl restart httpd

Install GD and mbstring support for PHP

yum install php-gd
yum install php-mbstring

Install Perl Encoding::FixLatin module

cpan App::cpanminus
cpanm  Encoding::FixLatin

Make sure exec function not disabled in /etc/php.ini

disable_functions =

Make sure the folowing set in /etc/php.ini file

safe_mode = Off
register_globals = Off
session.auto_start = 0

Installation

Mailwatch installation and configuration

Download Mailwatch and unzip it

Download Mailwatch 1.2.0 (at the moment of writing) Download Malwatch

 

unzip 1.2.0-master.zip
cd 1.2.0-master

Create database

mysql -u root -p < create.sql

Create a MySQL user and password & Set-up MailScanner for SQL logging

mysql -u root -p 
mysql> GRANT ALL ON mailscanner.* TO mailwatch@localhost IDENTIFIED BY '';
mysql> GRANT FILE ON *.* TO mailwatch@localhost IDENTIFIED BY '';
mysql> FLUSH PRIVILEGES;

Edit MailWatch.pm and change the $db_user and $db_pass values to mailwatch for $db_user and password to password you set above. Then move MailWatch.pm to /usr/share/MailScanner/MailScanner/CustomFunctions

cd MailScanner_perl_scripts/
vi MailWatch.pm
my($db_name) = 'mailscanner';
my($db_host) = 'localhost';
my($db_user) = 'mailwatch';
my($db_pass) = 'password';
mv MailWatch.pm /usr/share/MailScanner/MailScanner/CustomFunctions

Create a MailWatch web user

mysql mailscanner -u mailwatch -p
Enter password: ******
mysql> INSERT INTO users SET username = '', password = MD5(''), fullname = '', type = 'A';

Install & Configure MailWatch (make sure you are in 1.2.0-master mailwatch installation directory)

mv mailscanner /var/www/html/

Check the permissions of /var/www/html/mailscanner/images and /var/www/html/images/cache folders

cd /var/www/html/mailscanner
chown root:apache images
chmod ug+rwx images
chown root:apache images/cache
chmod ug+rwx images/cache

Create conf.php by copying conf.php.example to conf.php. Make sure $db_user and $db_pass values are adjusted

cd /var/www/html/mailscanner
cp conf.php.example conf.php
vi conf.php
define('DB_TYPE', 'mysql');
define('DB_USER', 'mailwatch');
define('DB_PASS', 'password');
define('DB_HOST', 'localhost');
define('DB_NAME', 'mailscanner');

MailScanner configuration

Stop MailScanner

service MailScanner stop

Edit /etc/MailScanner/MailScanner.conf and correct the following options

Always Looked Up Last = &MailWatchLogging
Detailed Spam Report = yes
Quarantine Whole Message = yes
Quarantine Whole Messages As Queue Files = no
Include Scores In SpamAssassin Report = yes
Quarantine User = root
Quarantine Group = apache
Quarantine Permissions = 0660

In order to integrate Blacklist/Whitelist. Copy SQLBlackWhiteList.pm to /usr/share/MailScanner/MailScanner/CustomFunctions.

cd MailScanner_perl_scripts
cp SQLBlackWhiteList.pm /usr/share/MailScanner/MailScanner/CustomFunctions

Now edit vi /etc/MailScanner/MailScanner.conf with the following changes

Is Definitely Not Spam = &SQLWhitelist
Is Definitely Spam = &SQLBlacklist

Then edit SQLBlackWhitelist.pm and change the connection string to match MailWatch.pm

cd /usr/share/MailScanner/MailScanner/CustomFunctions
vi SQLBlackWhiteList.pm 

sub CreateList {
  my($type, $BlackWhite) = @_;
  my($dbh, $sth, $sql, $to_address, $from_address, $count, $filter);
  my($db_name) = 'mailscanner';
  my($db_host) = 'localhost';
  my($db_user) = 'mailwatch';
  my($db_pass) = 'password';

Start MailScanner

service MailScanner start

You can now connect to Mailscanner

http://ip_address/mailscanner

Almost done. We just need to do some post installation tasks.

Database cleanup of maillog records and Quarantine Maintenance

cd ~/1.2.0-master/tools/Cron_jobs
cp db_clean.php /etc/cron.daily/
vi /var/www/html/mailscanner/conf.php

// Define how many days of emails to keep
define('RECORD_DAYS_TO_KEEP', 30);

cp ~/1.2.0-master/tools/Cron_jobs/quarantine_maint.sh /etc/cron.daily/
cp ~/1.2.0-master/tools/Cron_jobs/quarantine_report.php /etc/cron.daily/
cd /etc/cron.daily
rm clean.quarantine

MailScanner Rule Editor
Make sure MailWatch’s conf.php has the following lines at the end


<?php
// Enable MailScanner Rule Editor
define('MSRE', true);
define('MSRE_RELOAD_INTERVAL', 5);
define('MSRE_RULESET_DIR', "/etc/MailScanner/rules");

Change file permissions so that we can update the rules

chgrp -R apache /etc/MailScanner/rules
chmod g+rwxs /etc/MailScanner/rules
chmod g+rw /etc/MailScanner/rules/*.rules

We should now have working Mailwatch install