How to deploy ASSP Spam Gateway with Postfix MTA on CentOS 6.4
In this tutorial we will show how to install and configure ASSP spam Gateway with Postfix as MTA on CentOS 6.4. In this particular case this system will be used as spam gateway which will scan incoming and outgoing email for spam and viruses.
In this particular tutorial we disable SELinux but this is not a requirement although additional configuration is required in case if you want to keep it enabled.
vi /etc/selinux/config
change to SELINUX=disabled
Incoming and Outgoing mail flow
a.Internet mail coming in.
1. Internet email arrives on port 25 on ASSP server. ASSP listening on port 25.
2. ASSP server forwards email to port 225 on the same server to postfix.
3. Postfix on ASSP server relays email to internal mail server on port 25.
b.Outgoing mail.
1. Email generated on internal mail server.
2. It is forwarded to port 25 on ASSP server.
3. ASSP server scans email for spam and viruses and forwards it to postfix on the same server to
port 225.
4. Postfix relays email out to the internet based on local routing maps.
c.On ASSP server final domains set as local , which means ASSP will relay emails to this domains to
local postfix, which relays this domains based on local transport maps to internal mail server.
domain-test1.com, domain-test2.com, domain-test3.com
d.On ASSP server, postfix is set to relay email from internal mail server to outside.
Internal mail server is set to forward all emails to ASSP server.
Add RPMForge and Remi repositories:
yum install wget
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
rpm -Uvh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm
vi /etc/yum.repos.d/rpmforge.repo
Change “enabled=1” to “enabled=0“. 0 means turn-off and 1 means turn-on.
Install necessary Perl modules:
In order to see which modules already installed you can use this command
yum list available ‘perl*’
yum –enablerepo=rpmforge list available ‘perl’
We recomend installing following modules which works for most deployments:
yum install perl-File-Scan-ClamAV.noarch perl-IO-Compress-Zlib.x86_64 perl-Text-Glob.noarch perl-Number-Compare.noarch perl-Convert-TNEF.noarch perl-Digest-SHA1.x86_64 perl-Email-MIME-Modifier.noarch perl-Email-Send.noarch perl-Email-Valid.noarch perl-File-ReadBackwards.noarch perl-MIME-Types.noarch perl-Mail-DKIM.noarch perl-Mail-SPF-Query.noarch perl-Mail-SPF.noarch perl-Mail-SRS.noarch perl-Net-CIDR-Lite.noarch perl-Net-DNS.x86_64 perl-Net-IP-Match-Regexp.noarch perl-Net-SMTP-Multipart.noarch perl-Net-SMTP-SSL.noarch perl-Net-SMTP-TLS.noarch perl-Net-SMTP_auth.noarch perl-Net-SenderBase.noarch perl-Tie-DBI.noarch perl-Time-HiRes.x86_64 perl-Crypt-CBC.noarch perl-Crypt-OpenSSL-AES.x86_64 perl-IO-Socket-SSL.noarch perl-Sys-MemInfo.x86_64 perl-Schedule-Cron-Events.noarch perl-Time-HiRes.x86_64 perl-Tie-DBI.noarch perl-LWP-Authen-Negotiate.noarch.
Install and start ClamAV:
yum install clamd chkconfig clamd on service clamd start
Download and Install ASSP:
wget http://sourceforge.net/projects/assp/files/latest/download?source=dlp/ASSP_2.3.3_13187_install.zip unzip ASSP_2.3.3_13187_install.zip mv -f assp/* /usr/share/assp
Now we create startup script
vi /etc/init.d/assp
#!/bin/bash
. /etc/init.d/functions
# Start the service ASSP
start() {
echo -n "Starting ASSP server: "
cd /usr/share/assp
perl assp.pl 2>&1 > /dev/null &
### Create the lock file ###
touch /var/lock/subsys/ASSP
success $"ASSP server startup"
echo
}
# Restart the service ASSP
stop() {
echo -n "Stopping ASSP server: "
kill -9 `ps ax | grep "perl assp.pl" | grep -v grep | awk '{ print $1 }'`
### Now, delete the lock file ###
rm -f /var/lock/subsys/ASSP
success $"ASSP server shutdown"
echo
}
### main logic ###
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status ASSP
;;
restart|reload|condrestart)
stop
start
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
exit 1
esac
exit 0
chmod +x /etc/init.d/assp
Postfix configuration:
Change postfix port to 225
1. vi /etc/postfix/master.cf
smtp inet n – n – – smtpd --change to 225 inet n – n – – smtpd
Test to make sure it listens on port 225
netstat -tanp|grep 225
3. vi /etc/postfix/main.cf
inet_interfaces = all "<-- enable this so all interfaces can connect"
“make sure all the other ones disabled”
Postfix Transport maps configuration:
For the purpose of this tutorial we assume that test1-dom.com , test2-dom.com and test3-dom.com are internal domains. Meaning that users with this domains as smtp address located on internal mail server , in our case we simply use postfix with round cube as mail client.
1. vim /etc/postfix/transport
2. add this to a file
test1-dom.com smtp:[internalhost.domain.com] # where internalhost.domain.com is your internal mail server test2-dom.com smtp:[internalhost.domain.com] # if this is different mail server you can specify it here test3-dom.com smtp:[internalhost.domain.com]
3. generate the transport map
postmap /etc/postfix/transport
4. add this to the end of /etc/postfix/main.cf
transport_maps = hash:/etc/postfix/transport
After deployment we suggest the following course of action:
1. Let system run in this mode for 1 week period.
2. During this time you need to monitor spam and no spam folders for any emails that are wrongfully
marked as spam or spam emails getting through. Move them to appropriate folders.
The best thing to do is to go to /usr/share/assp/notspam and move any spam messages to /usr/share/assp/spam folder with the following command cp “message” ../spam this if you located in /usr/share/assp/notspam or you can use full path cp “message” /usr/share/assp/spam.
3. After one week you can run new database update and turn off test mode.
4. Designate specific mailboxes for each domain where all spam will be send.
This is a a practical guide and comes without warranty of any kind!