sendmail - milter + mimedefang + spamassassin + cyrus


This should cover some of the trip-ups that I encountered

I am writing this for 2 reasons.

  1. I am going to forget what I did in a matter of weeks.. or days..
  2. want to save anyone the pain I went through


My config:

Mandrake cooker 10.0 ( the 2.6 kernel is really nice )

sendmail-8.12.11-1mdk
sendmail-cf-8.12.11-1mdk

cyrus-imapd-2.1.15-6mdk.i586.rpm
cyrus-imapd-utils-2.1.15-6mdk.i586.rpm
cyrus-sasl-2.1.15-7mdk.i586.rpm
perl-Cyrus-2.1.15-6mdk.i586.rpm

You may need this to fufill a dependency I don't remember

spamassassin-2.63-1.i386.rpm
spamassassin-tools-2.63-1.i386.rpm
perl-Mail-SpamAssassin-2.63-1.i386.rpm
MIMEDefang 2.41

I installed the below from cpan


IO::Stringy
MIME::Base64
Digest::SHA1
Unix::Syslog

I had trouble getting Mail-tools from cpan so I just downloaded the below version.
The version of MIME-tools need to be patch so I got it from the mimedefang web site.

MIME-tools-5.411a-RP-Patched-02.tar.gz
MailTools-1.1401.tar.gz

Our goal:

Get all the programs above to work in conjunction with each other. : )

Sendmail:

The sendmail install should be basic – not covered here
One note: you may need to run your “m4” processor from the /usr/share/sendmail-cf/m4 directory

Here is what you need to add to you sendmail.mc file – added at end of file -
Make sure that the INPUT_MAIL_FILTER is *BEFORE* the cyrusv2 stuff.

INPUT_MAIL_FILTER(`mimedefang', `S=unix:/var/spool/MIMEDefang/mimedefang.sock, F=T, T=S:1m;R:1m')dnl
define(`confLOCAL_MAILER', `cyrusv2')dnl
MAILER(`cyrusv2')dnl


Cyrus:

Cyrus install should be easy, but the config can be tricky.
Make your cyrus user “cyrus” (likely already created)
run “passwd cyrus”
login to cyradm “cyradm -u cyrus localhost”
create a mailbox “cm user.david”

Make sure “cyrus-imapd” and “saslpasswd” daemons are running!

One time consuming problem I ran into with cyrus was that the lmtp socket location needed to be changed.
Below is error that I got:
SYSERR(root): makeconnection_ds: unsafe domain socket: No such file or directory

To fix this edit the /etc/cyrus.conf - and change the lmtpunix line like below

#  lmtpunix     cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=0
  lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0

Now create the directory structure "mkdir -p /var/imap/socket/'
"chown cyrus:mail /var/imap/socket"

Spamassassin:

Installing all the rpms should be trival

MIMEDefang:

I think the tricky part is that you will need to download the source sendmail package for this.
So do this, untar and stuff, than go into the "libmilter" directory and run

"sh Build"

This is done because MIMEDefang looks for the librarys, and files from the sendmail source package.

Milter is cool... It's and API for sendmail. What it does is it enables other programs to intergrate with sendmail. e.g. MIMEDefang
Check out the milter website

There is a great “how to” on the www.mimedefang.org web site.

Note: This “document” is different in the aspect that here we are using mostly binary packages for install, espically sendmail.

Make sure you get your init script “mimedefang” installed and start it up before sendmail.

I had a few problems getting “mimedefang” started because of permissions.

chmod 755 /var/spool/MIMEDefang ; chown defang:root /var/spool/MIMEDefang
chmod 755 /var/spool/MD-Quarantine ; chown defang:root /var/spool/MD-Quarantine

I found if the group is not set to 'root' for "/var/spool/MIMEDefang" You get an unsafe domain socket error and
mimedefang will not create the socket correctly.

Note: make sure you check the init file for MIMEDefang program settings

Another problem I ran into was when I wanted to have MD filter incoming but not outgoing email.
I had to edit the init script and change  " MX_SENDER_CHECK=yes " instead of NO
Than I could use the  filter_relay portion - below example of my script

#my code  
sub filter_relay {
            my ($ip, $name, $helo) = @_;
            if ($ip =~ /^127\.0\.0\./ || /192\.168\.1\./) {
               return('ACCEPT_AND_NO_MORE_FILTERING',"ok");
        }
            return ('CONTINUE', "ok");
}

Testing:

By all means.
You can add the below text to the "mimedefang-filter" in /etc/ - (under the filter_begin)
action_add_header("X-MyHeader", "A nice piece of text");

Run "date | mail -v david"
Then look at the headers of the email, you should see a nice piece of text.
but probably not if you added the filter_relay stuff


This document was provided by:
www.ber10thal.com