A new script had been released: dshield-preparser. This preparse’ the output from FreeBSD’s tcpdump in combination with OpenBSD’s PF (ported to FreeBSD) and makes it possible to create reports for DShield.
Continue reading »
Introduction
This document has the goal in providing easy examples on how to setup a complete FreeBSD mailserver, which includes a mailserver (postfix), a mail storage daemon (courier-imap), a spam scanner (amavisd-new/spamassassin), a virusscanner (clamav), a spam management application (maia), a postfix management application (postfixadmin) all build to work effectively together using MySQL as it's connector.
All the mentioned applications are available in the FreeBSD ports system except for the Maia Mailguard application, which makes the software easy to maintain and install.
This mini instruction on how you can setup something similiar expects that you already installed FreeBSD as your Operating System of choice, ofcourse you can also use a different OS if you prefer that; but you might need to do something extra which I will not cover (but I can if you give me the insight on how you should do it on your OS). If you have never done that before; the FreeBSD Documentation Team has created several interesting documents which covers the installation of FreeBSD amongst others. You can find this documentation in the FreeBSD Handbook; which can be found here.
A little more information about the setup; what talks with what component and why did I choose to let the components talk like that. I will also describe what I actually want to accomplish in some later stadium to reduce some depencies (which you will see in a later part of this mini instruction).
The setup is as follows; we have a couple of FreeBSD machine's already installed; on top of them there is a mailserver instance running in the form of Postfix. We use postfix since it gives us the flexibility we require (Virtual hosting is pretty well covered). The Postfix server talks with a MySQL server, this is a RDBMS Database, where the required virtual domain information is stored as well as relay information; account location; mail delivery agent specifications etc. The MySQL database is not soley used by Postfix; we feed the database through PostfixAdmin since that enables us to use a webserver. The webserver can be reached from anywhere in the world and makes administration much easier; even for people who had never used the software and operating system below it before. Also connected to the MySQL database is the Maia Mailguard application; this is a reworked version of Amavisd-new, and enables us to do spam checking and virus checking through one daemon (and it's child processes). Critical information is stored in the MySQL database; people can review their HAM (non spam) and SPAM (well..) items from a website (which is included in the maia mailguard application) and report that to external systems and the local Bayesian database. The Spam checking is performed by a third party application named Spamassassin (Which also uses the MySQL database to retrieve important account information; "what does the user want to be checked; what is whitelisted for this user, and what is blacklisted?; What should I do with a given score ?), and the virus checking is covered by ClamAV (A Free AntiVirus scanner, not connected to the database at this moment).
The incoming path seems covered with these items; (We will talk about the mailretrieval daemons later on); but we also need to be able to send email. We will do that by creating SMTP Authentication facilities on Postfix. Postfix can't do that on it's own so we need a Plugin that can achieve that. Hence; Cyrus SASL (And specifically saslauthd). The SASL plugin is configured to do remote IMAP authentication so that we do not need another connection to the already crowded database (in a previous setup we used a MySQL connector).
Now that we have incoming and outgoing email flows covered; we need to be able to actually retrieve the emails. For this I used Courier-IMAP, which delivers both Pop and IMAP facilities. The Courier-IMAP server is also connected to the database, where it reads the information (like Postfix does as well) given by PostfixAdmin and retrieves the email from there and presents them to your client (either the webmail server or your local client).
OK we have the incoming mail flow; the outgoing mail flow; and the storage facilities; but the email now needs to be delivered in the storage facility from the email server. We use Maildrop for that; it authenticates to the same connector as Courier-IMAP (it was build to interact) so that saves us one MySQL connection. Reason we choose for maildrop is that it works with virtual users and virtual account information; It also has a connection with the Database.
Before we will continue, make sure your ports system is up to date, I'd suggest portsnap as your tool to keep the system up to date (with regards to the ports tree that is).
Setting up MySQL
We are going to use MySQL 5.0 as our SQL server platform, this is the default version in the FreeBSD ports system; and setting it up is very trivial. It has some features that you might want to look into:
WITH_CHARSET=charset #define the primary built-in charset(latin1).
WITH_XCHARSET=list #define other built-in charsets (may be 'all').
WITH_COLLATION=collate #define Default collation (latin1_swedish_ci).
WITH_OPENSSL=yes #Enable secure connections.
WITH_LINUXTHREADS=yes #use the linuxthreads pthread library.
WITH_PROC_SCOPE_PTH=yes # Use process scope threads (try this if you use libpthread).
BUILD_OPTIMIZED=yes # Build a compiler optimized version (use this if you need speed).
BUILD_STATIC=yes # Build a static version of mysqld (use this if you need more speed).
WITHOUT_INNODB=yes # Disable support for InnoDB tables
WITH_ARCHIVE=yes # Enable support for the Archive Storage Engine
WITH_FEDERATED=yes # Enable support for the Federated Storage Engine.
WITH_NDB=yes # Enable support for NDB Cluster.
{mospagebreak}
Setting up PostfixAdmin
{mospagebreak}
Setting up the Maia Mailguard Application
{mospagebreak}
Setting up the remaining spam and virusscanner options
{mospagebreak}
Setting up Courier-Imap
{mospagebreak}
Setting up Cyrus-SASLauthd (relay authenticator)
{mospagebreak}
Setting up Postfix
{mospagebreak}
Testing the infrastructure
{mospagebreak}
References
{mospagebreak}
Links