Integrating the AXIGEN Messaging Slutin with AMAVIS GECAD Technlgies 10A Dimitrie Pmpei Blvd., BUCHAREST 2, ROMANIA Tel.: +40 21 303 20 80 +40 21 303 20 81 http://www.axigen.cm Last mdified: 3/13/2007 Cpyright 2006 GECAD Technlgies S.R.L.
Intrductin This dcument describes the steps required t perfrm an integratin f the AXIGEN Mail Server with Amavis, in rder t insure antivirus prtectin and functinality. Amavis is a generic interface used t cnnect a mail server t a number f antivirus prducts. Prerequisites Operating systems The integratin was successfully tested n the fllwing perating systems: Fedra Cre 5 Mandriva 2006 Debian 3.1 Ubuntu Server 6.06 Amavis Amavisd-new versin 2.4.2 must be used in this setup. Antivirus prducts One f the fllwing antivirus prducts can be used: BitDefender Kaspersky Kav4Mailservers-linux Nte: Thugh tests were nly perfrmed with the prducts listed abve, the integratin shuld functin with any f the antivirus prducts Amavis supprts (Sphs, DrWeb, F-Secure, Symantec AV engine, F-PROT, Nd32, etc). Setting-up Amavis Fr the AXIGEN Mail Server and the desired antivirus prduct, please fllw the installatin prcedure described in the user s manual. Dependencies Amavisd-new requires the fllwing sftware packages in rder t run prperly: PERL v5.8.2 r newer PERL mdules Archive::Tar Archive::Zip ver. 1.14 r newer Cmpress::Zlib ver. 1.35 r newer Cnvert::TNEF Cnvert::UUlib ver. 1.05 r newer MIME::Base64 MIME::Parser ver. 5.420 r newer Mail::Internet ver. 1.58 r newer Net::Server ver. 0.88 r newer http://www.axigen.cm Page 2 f 7
Net::SMTP ver.1.16 r newer Digest::MD5 ver. 2.22 r newer IO::Stringy Time::HiRes ver. 1.49 r newer Unix::Syslg BerkeleyDB ver. 4.2 r newer If yu have all the dependencies prperly installed, Amavis will run crrectly. Belw yu will find a list f distributin-specific instructins n hw t make sure all the dependencies are installed. Make sure yu have the specific package management tls (yum, apt-get, etc) installed and prperly cnfigured befre cntinuing. Fedra Cre 5 Run the fllwing cmmands: # yum -y install amavisd-new # yum -y remve amavisd-new Mandriva 2006 Run the fllwing cmmands: # urpmi amavisd-new # rpme -e amavisd-new Debian 3.1 Run the fllwing cmmands: # apt-get update # apt-get -y install amavisd-new # apt-get --purge -y remve amavisd-new Dwnlad the 1.42 versin f the Cmpress::Zlib perl mdule (frm this link), uninstall the ld versin and install the new ne: # dpkg -r --frce-all libcmpress-zlib-perl # dpkg -i --frce-all libcmpress-zlib-perl_1.42-1_i386.deb Nte: Frcing the uninstall steps and the installatin f a package is nt a standard prcedure and may result in dependency prblems. Please use with care. Ubuntu Server 6.06 Run the fllwing cmmands: # apt-get update # apt-get install amavisd-new # apt-get remve amavisd-new Dwnlad the 5.420 versin f MIME-Tls perl mdule (frm this link) and install it: # dpkg -i libmime-perl_5.420-0.1_all.deb Installatin All the installatin prcess must be perfrmed while lgged-in as the rt user. 1. Dwnlad and unpack amavis: Create temprary directry: # mkdir /tmp/amavis/ http://www.axigen.cm Page 3 f 7
G t the temprary directry # cd /tmp/amavis/ Dwnlad amavisd-new versin 2.4.2: # wget http://www.ijs.si/sftware/amavisd/amavisd-new-2.4.2.tar.gz Unpack the archive: # tar -zxf amavisd-new-2.4.2.tar.gz 2. Set-up the Amavis envirnment Create a wrking dir fr Amavis: # mkdir /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/hme Set permissin fr the Amavis wrking dirs: # chwn -R axigen:axigen /var/amavis # chmd -R 750 /var/amavis Cpy the amavisd binary t its new lcatin: # cp /tmp/amavis/amavisd-new-2.4.2/amavisd /usr/lcal/sbin/ Set the wnership and permissins fr /amavisd: # chwn rt /usr/lcal/sbin/amavisd # chmd 755 /usr/lcal/sbin/amavisd Cpy the default cnfig file t: /etc/amavisd.cnf: # cp /tmp/amavis/amavisd-new-2.4.2/amavisd.cnf /etc/amavisd.cnf Set the wnership and permissins fr /etc/amavisd.cnf: # chwn rt /etc/amavisd.cnf # chmd 644 /etc/amavisd.cnf Create the quarantine flder: /var/virusmails # mkdir /var/virusmails Set the wnership and permissins fr the quarantine directry: # chwn axigen:axigen /var/virusmails # chmd 750 /var/virusmails Cpy the amavis package cntents t /usr/share/ # mkdir /usr/share/ # cp -Rp /tmp/amavis/amavisd-new-2.4.2 /usr/share/ 3. Mdify the amavis cnfiguratin Lcate the fllwing variables and mdify them as belw: $daemn_user = 'axigen'; $daemn_grup = 'axigen'; $TEMPBASE = "/var/pt/axigen/queue"; $enable_db = 0; $enable_glbal_cache = 0; $final_virus_destiny = D_DISCARD; http://www.axigen.cm Page 4 f 7
$final_banned_destiny = D_DISCARD; $final_spam_destiny = D_DISCARD; $final_bad_header_destiny = D_PASS; Please remember t uncmment (remve the leading hash # ) the final_*_destiny cnfiguratin variables befre setting them t the values specified abve. Nte: the D_BOUNCE ptin is nt supprted by Axigen. Lcate the fllwing cnfiguratin variable and enable it by remving the leading hash (#): @bypass_spam_checks_maps = (1); Lcate the fllwing cnfiguratin variable and enable it by remving the leading hash (#): $myhstname = 'hst.example.cm'; Replace hst.example.cm with yur specific hstname. Under the line: $plicy_bank{'am.pdp-sock'} = { prtcl=>'am.pdp' }; insert: $prtcl='am.pdp'; Under the line: $virus_admin = "virusalert\@$mydmain"; insert: undef $virus_admin; Antivirus cnfiguratin In rder t install the desired antivirus, the prcedure described in the user s manual shuld be fllwed. Fr the Kaspersky Kav4Mailservers, the fllwing additinal steps shuld be taken: Change the wnership n the Kaspersky directry # chwn -R axigen:axigen /pt/kav/ In the Amavis cnfiguratin file (/etc/amavisd.cnf) mdify the path t Kav4Mailservers Lk fr the kav4mailservers sectin Change '/pt/kav/bin/aveclient' t '/pt/kav/5.5/kav4mailservers/bin/aveclient' AXIGEN cnfiguratin A filter must be defined in rder t instruct AXIGEN t send email messages t Amavis fr scanning. Lg int Webadmin using the "admin" accunt; G t the Server sectin; 1. Define the Amavis filter Click n the "Filters" page. http://www.axigen.cm Page 5 f 7
Select the "AV/AS Filters" sub-page. Click the "Add new filter" buttn. Fill-in the fllwing filter parameters: name: amavis address: inet://127.0.0.1:10024 prtclfile: /var/pt/axigen/filters/amavis.afsl idletimeut: 60 actinonmatch: reject maxcnnectins: 10 Click the "Add" buttn. Click the "Cmmit" buttn. 2. Activate the Amavis filter Select the "Filters" tab again and Click the "Add new filter" Fill-in the fllwing parameters: pririty: 100 r belw, filter type: "Scket" filter name: "Amavis" apply n relay: "n". Click the "Add" buttn Click the "Cmmit" buttn 3. Save cnfiguratin changes G t the "Cmmands" sectin Click the "Save cnfig" buttn. Starting-up Antivirus Fllw the prcedure in the specific antivirus manual t start the service. Nrmally, the antivirus is autmatically started after installatin. Amavis Run the fllwing cmmand: # amavisd start AXIGEN The AXIGEN Mail Server is started with the cmmand: # /etc/init.d/axigen start Testing the slutin 1. Create a test user (r use an existing ne) and lgn using the Webmail interface. Alternatively yu can use an email client such as Outlk r Thunderbird. 2. Cmpse an e-mail and send it t the inbx f the same user. 3. Cmpse anther email and attach the EICAR test file (dwnlad frm here). http://www.axigen.cm Page 6 f 7
4. Yu shuld nt receive the secnd e-mail. The EICAR test file is a 'fake virus' created as a general test t see if yur antivirus sftware is wrking crrectly. This is NOT a live virus. AXIGEN Cpyright 2006 GeCAD Technlgies SRL [AXIGEN]. All rights reserved. This material r parts f the infrmatin cntained herein cannt be reprduced in any frm r by any means withut the prir written permissin f AXIGEN. The prduct and the dcumentatin that cmes with the prduct are prtected by AXIGEN cpyright. AXIGEN reserves the right t revise and mdify its prducts and dcumentatin accrding t its wn necessities, as well as this dcument cntent. This material describes a status, as it was in the mment this material was written and may nt crrectly describe the latest develpments. Fr this reasn, we recmmend yu t peridically check ur website, http://www.axigen.cm/. AXIGEN cannt be held respnsible fr any special, cllateral r accidental damages, related in any way t the use f this dcument. AXIGEN des nt guarantee either implicitly r explicitly the suitability f this material fr yur specific needs. This material is prvided n an "as-is" basis. http://www.axigen.cm Page 7 f 7