Installation

LibAntispam Installation

   Here, we explain how to install LibAntispam in your system, and how to patch and install an MTA (Mail Transport Agent) with LibAntispam support.

   Currently Sendmail-8.14.x, MeTA1-1.x, Exim-4.x and Postfix-2.8.x have stable patches support for LibAntispam use. The Sendmail-X patch support for LibAntispam isn't avaiable anymore.

   First of all, we will adopt the following conventions for installations names, paths, URLs, etc. You can change them if you feel safe about it, but we would still recommend using the defaults values:

We are installing the complete LibAntispam package, including the LibAntispam-GUI (LibAntispam Graphical User Interface).

NOTE: The client's browser SHOULD support javascript in order to navigate in LibAntispam-GUI pages!

By default, the libraries (including LibVBMcgi libraries) are installed in /usr/local/lib, the headers (including LibVBMcgi headers) are installed in /usr/local/include and the configuration files are installed in /etc/antispam. The MTA-Antispam support of LibAntispam will create the directory /var/graylist if Graylisting support is set and the directory /var/rdssc if Remote Domain SMTP Sender Check is set too.

The machine where the LibAntispam will be installed should have Apache 2.2.x with https support enabled (for LibAntispam-GUI secure access) and the Apache http-server must have been installed in the directory /usr/local/www. You may put this http-server behind a firewall, to prevent external unauthorized access.
By default, the http-docs root directory is /usr/local/www/data, the libantispam-GUI system binary files are installed in /usr/local/www/bin and the Libantispam-GUI system script files are placed in /usr/local/www/scripts. The LibAntispam-GUI temporary directory is /usr/local/www/antispam and the LibAntispam-GUI users password access file (the passwd file) is placed in the directory /usr/local/www/LA_users_pwd.

NOTE: In this example the MTA and the HTTP servers run in the same machine, but you can put the http-server in another machine and export LibAntispam configurations to your Mail Exchange servers using shells-scripts and nfs, sftp, scp, etc. Into LibAntispam distribution example/sharing_configurations directory you will find a tested script shell with use instructions.

The antispam user configuration accounts are placed in the directory /usr/local/www/data/scfantispam, including system and users cgi-bin support programs for LibAntispam-GUI configuration. The antispam user configuration accounts do not have any direct correlation with system user accounts.

In your Apache ssl.conf file, you should set a secure (https) virtual host (i.e. antispam-conf.<YOUR_DOMAIN>). Pay attention to the fact that serious problems may occur if you run LibAntispam without secure http (https) connections, and that is your own responsibility! You can find an ssl.conf example in examples/apache directory, into the LibAntispam source code distribution.

NOTE #1:

SHOULD

DirectoryIndex

httpd.conf

DirectoryIndex index.html index.html.var

DirectoryIndex index.html index.html.var index.cgi

NOTE #2:

httpd.conf

AddHandler cgi-script .cgi

NOTE #3:

/usr/local/www/data/scfantispam

ssl.conf

Options +MultiViews -Indexes -FollowSymLinks +SymLinksIfOwnerMatch +IncludesNoExec +ExecCGI

   Download and unpack the LibAntispam source code (i.e. tar xzvf libantispam-1.2.0.tar.gz) and go to the source-code distribution directory.

   You can only modify the file Makefile.include: I recommend keeping all default values, except ANTISPAM_WWW_URL (your secure https virtual host URL), VALID_CALLER_USERNAME (the pseudo-user that your http-server is running) and VALID_CALLER_GROUPNAME (the pseudo-group that your http-server is running). These values are required if you plan to use LibAntispam-GUI.

   You SHOULD create the group antispam in /etc/groups file, i.e:

   antispam::34:

   If you use a MTA system that use non-root pseudo-user to run, you SHOULD add this pseudo-user in antispam group as follow:

   For MeTA1: antispam::34:meta1s

   For Exim: antispam::34:exim

   For Postfix: antispam::34:postfix

   Execute the 'make' command to compile LibAntispam and LibAntispam-GUI. It will compile the libVBMcgi that LibAntispam-GUI needs too.

   Now, as a root user, do 'make install'. This command will install LibAntispam (static and shared libraries, headers files and the default configuration files templates), libVBMcgi (static and shared libraries and headers files) and LibAntispam-GUI support programs. It will also create all the directories that are needed.

   The installation creates LibAntispam default configuration files, LibAntispam-GUI default directories, and the Admin-MTA account, so that you can manage the LibAntispam facilities using a friendly web interface. You will be asked to create a new non-empty password for the Admin-MTA account. Also, some scripts are created (in /usr/local/www/scripts), which are useful to help you create, at once, massive user configuration accounts for all users of your system.

   After compile your MTA (see below), you should copy and edit (using vi, emacs, etc) the configuration template files. Another option is to edit the default configurations using the LibAntispam-GUI interface (in this case, you do not need to copy or rename the template files).

   It is recommended to see the link Configuration in the left menu before edit the configurations files!

Patching your MTA to work with LibAntispam

Sendmail-8.14.x

   Download the last Sendmail-8.14.x source distribution from Sendmail Consortium and unpack the source code (i.e. tar xzvf sendmail.8.14.3.tar.gz).

   Download the last LibAntispam patch for Sendmail from the Downloads link in the left menu, and copy it into the unpacked Sendmail source distribution.

   Apply the patch (i.e. patch -p0 < sendmail-8.14.x-LibAntispam-1.2.0.patch).

   In Sendmail source code distribution, go to the directory devtools/Site and create a customized site.config.m4 file. Add the following three lines (you can find a site.config.m4 example in the LibAntispam source distribution, in the directory examples/MTAs/sendmail-8.14.x) to the file:

	APPENDDEF(`confINCDIRS',`-I/usr/local/include')
	APPENDDEF(`confLIBDIRS',`-L/usr/local/lib')
	APPENDDEF(`confLIBS',`-lantispam')

No further configurations is required for LibAntispam use. Compile Sendmail (i.e. ./Build) and install it (i.e. ./Build install and ./Build force-install) and go to cf/cf directory, and generate a new sendmail.cf file and a new submit.cf file (you will find two templates, sendmail.mc e submit.mc, in the directory examples/MTAs/sendmail-8.14.x in the LibAntispam source distribution). Generate the *.cf files and copy them to /etc/mail directory.

Start Sendmail process, as explained in the Sendmail's documentation:

	/usr/sbin/sendmail -L sm-mta -bd -q15m
	/usr/sbin/sendmail -L sm-msp-queue -Ac -q15m

MeTA-1.x

   Download the last Meta-1.x source distribution from MeTA1 - Message Transfer Agent and unpack the source code (i.e. tar xzvf meta1-1.0.PreAlpha41.0.tar.gz).

   Download the last LibAntispam patch for MeTA1 from the Downloads link in the left menu, and copy it into the unpacked MeTA1 source distribution.

   Apply the patch (i.e. patch -p0 < MeTA1-1.0.PreAlpha41.0-LibAntispam-1.2.0.patch).

   Compile MeTA1 (i.e. ./configure && make) and install it (i.e. make install). There is a meta1.conf sample file in the patch distribution source package, it's strongly recommended that you use it due LibAntispam GrayList need that 'processes' option be set as anything between 4 and 10 (these values are only suggestions) due the internal thread implementation of MeTA1 (see "Processes and Threads" in MeTA1 manual!

   No further configurations is required for LibAntispam use.

Exim-4.x

   Download the last Exim-4.x source distribution from The Exim Home Page and unpack the source code (i.e. tar xzvf exim.4.74.tar.gz).

   Download the last LibAntispam patch for Exim from the Downloads link in the left menu, and copy it into the unpacked Exim source distribution.

   Apply the patch (i.e. patch -p0 < exim-4.74-LibAntispam-1.2.0.patch).

   To compile Exim with LibAntispam support, use the Makefile.local (and change it to your needs). If you don't want to use this Makefile.local, change your Makefile.local to add LibAntispam support (see README.TXT in the patch source package), i.e.:

        LOOKUP_INCLUDE=-I/usr/local/include
        LOOKUP_LIBS=-L/usr/local/lib -lantispam

So, Compile and install Exim.

Use (and change before) the sample file configure.basic that you will find in the patch source package. Run Exim as the instruction in Exim source distribution and be happy.

Postfix-2.8.x

   Download the last Postfix-2.8.x source distribution from Postfix Home Page and unpack the source code (i.e. tar xzvf postfix.2.8.0.tar.gz).

   Download the last LibAntispam patch for Postfix from the Downloads link in the left menu, and copy it into the unpacked Postfix source distribution.

   Apply the patch (i.e. patch -p0 < postfix-2.8.0-LibAntispam-1.2.0.patch).

   To compile Postfix, see the INSTALL file in its source distribution package.

   There is a main.cf sample configuration file that you can use to configure Postfix to run correctly with LibAntispam.

   NOTE: Independently of the MTA that you use, the basic configuration approach for all them is disable all native antispam rules (except that who restrict the relay of the messages, i.e. close any open-relay possibility) to give to LibAntispam all control of system antispam mechanisms.

   To know how to configure LibAntispam, go to the link Configuration in the left menu.