Please read this whole page before downloading the package
Through our experience of installing, configuring and upgrading MailScanner for many clients we have decided to publish our scripts that can be used to:
webpage http://www.configserver.com/
- Install MailScanner
- Upgrade an existing MailScanner installation (that resides in /usr/mailscanner/)
- Upgrade an existing MailScanner installation (and use a clean installation of the files)
- Uninstall MailScanner
For upgrades and uninstallation, this package will only work with MailScanner installation installed from this package.
The package configures MailScanner with sensible options that will minimize impact on server performance. Do be aware, through, that high email traffic volumes will inevitably cost something in server performance. There are a few additional steps that you can take to minimize this:
While we're not aware of any significant bugs, there's no guarantee or warranty provided with the script. We also do not provide any support for it. If you require support and contact us, there may be a charge for any work or advice provided. If you want support, we offer a cheap package to do it all for you, and more, over here.
- Don't use the Default Address (this will help limit exposure to dictionary attacks). Instead create Forwarders to your Mail Accounts for all addresses that you actually use. Do note that if you do this the main account email address will no longer work (quirk of cPanel). To use it, you need to create an actual Mail account called username@yourdomain.com and use that for POP3 access.
- Use :fail: instead of :blackhole: for your Default or any other Address where you want delivery to fail. This causes email delivery to stop at an early stage (RCPT) before the email actually gets onto your server.
You use it at your own risk*
This script has only been tested on supported releases of Redhat or CentOS Linux. There is no support for running on servers running Trustix, FreeBSD, SUSE or any OS that is EOL/obsolete or unsupported by cPanel (e.g. RedHat 9, Fedora,etc).
Script installation
- If you have the cPanel Clamavconnector installed (WHM > Add-on Modules) remove it - it will break MailScanner
- Login to your root account on your server via SSH
- Download the package, expand it and go into it:
wget http://www.configserver.com/free/msinstall.tar.gz
tar -xzf msinstall.tar.gz
cd msinstall/- Follow the instructions in the README.txt and INSTALL.txt files in the package
- Please note that the script currently is configured to download the latest MailScanner at the time of writing. If you want a different version, edit msinstall.pl and modify the $mailscanner variable appropriately
- Once installed/upgraded/uninstalled make sure that both MailScanner is running correctly and that exim is sending and receiving emails (you should use 2 separate SSH windows to do this):
tail -f /var/log/maillog
tail -f /var/log/exim_mainlog- Subscribe to our blog to be notified about updates
These instructions will configure ClamAV to use the clamd daemon:
- Make sure clamavconnector is NOT installed in WHM > Manage Plugins as this will break MailScanner
- If you would like to verify ClamAV's digital signatures on the virus definition files as they are updated through freshclam, you need to install GMP first:
/scripts/ensurerpm gmp gmp-devel- Next you will need to create a user for clamav to use:
useradd clamav
Some OS's require you to add the group as well:
groupadd clamav
Don't worry if the user and/or group already exist.- Download the latest stable ClamAV distribution from http://www.clamav.net
Note: If you are running Fedora Core 4 or earlier, you cannot install any version of ClamAV later than 0.91.2 because of a broken gcc.- Expand the distribution and cd into the resultant directory and build ClamAV using:
tar -xzf clamav-*
cd clamav*
./configure --disable-zlib-vcheck
make
make install- pico -w /usr/local/etc/freshclam.conf
Comment out the line (put a # as the first character on the line) near the top that says simply:
Example- pico -w /usr/local/etc/clamd.conf
Comment out the line (put a # as the first character on the line) near the top that says simply:
Example- pico -w /usr/local/etc/clamd.conf
Change the following line:
#LocalSocket /tmp/clamd.socket
to this:
LocalSocket /tmp/clamd- Run ldconfig to create the necessary links and cache to most recent shared libraries
ldconfig- Run freshclam to download the latest definitions:
freshclam- Note: The following will no longer work as ClamAV has decided not to include the init examples in their latest version. You will have to create your own init script to start clamd or download an old version of ClamAV (pre-v0.95) and get the init script from there.
/bin/cp -fv contrib/init/RedHat/clamd /etc/init.d/clamd
chown root:root /etc/init.d/clamd
chmod +x /etc/init.d/clamd
chkconfig clamd on
service clamd restart- pico -w /etc/chkserv.d/clamav
Add the following line:
service[clamav]=x,x,x,service clamd restart,clamd,root
- Create an empty log file for clamav updates:
touch /var/log/clam-update.log
chown clamav:clamav /var/log/clam-update.log- Add clamav to chkservd so that it will be monitored:
pico -w /etc/chkserv.d/chkservd.conf
clamav:1- At this point you can setup clamd in the MailScanner configuration:
pico -w /usr/mailscanner/etc/MailScanner.conf
Set the following options:
Virus Scanners = clamd
Clamd Socket = /tmp/clamd
- Then restart MailScanner with:
service MailScanner restart- You can now set what domains you want scanned for viruses in:
/usr/mailscanner/etc/rules/virus.scanning.rules
That's it. If you don't feel confident doing any of this yourself, or if you get into a horrible mess, we offer a cheap package to do it all for you, and more, over here.
*Remember that adding virus scanning of emails to MailScanner will add load to your server.
readme.txt notes
################################################## #############################
# Copyright (c) 2004 Way to the Web Limited - all rights reserved.
# Without explicit prior consent from Way to the Web Limited this script:
# may not be altered in any way, apart from the initial variable setting
# may not be redistributed
# may not be copied in part or in its entirety
# For more information, please contact sales@waytotheweb.com
################################################## #############################
This is an installation and upgrade package for running MailScanner on a cPanel
server using the MailScanner tarball distribution.
Here's what you need to understand and what you need to do to get the
application installed or upgraded:
New Installation
================
1. Follow the INSTALL.txt file
The bulk of the application files are stored in /usr/mscpanel/. The only file
that you need to edit in that directory is mscpanel.pl which contains
detailed comments on the configurable options available for that script.
Upgrade Installation
====================
If you are upgrading an installation that previously called files in root, you
need to take the following into account:
1. The following scripts have moved from /root/ to /usr/mscpanel/
mscpanel.pl
mscheck.pl
You should modify any other procedures that call these, e.g.:
/scripts/postupcp
root crontab
2. The method for restarting MailScanner has changed so that the script
/root/restartMS.sh is not used, but a Linux service is installed instead. This
means that you should use the following if you want to restart MailScanner
(e.g. after an upgrade):
service MailScanner restart
Or, use the following if you've only changed a configuration file:
service MailScanner reload
3. Follow the INSTALL.txt file
The bulk of the application files are stored in /usr/mscpanel/. The only file
that you need to edit in that directory is mscpanel.pl which contains
detailed comments on the configurable options available for that script.
install.txt files
Installation and Upgrade
========================
1. Read and understand the README.txt file
2. You can now install. Download the tarball, then perform the following from a root account:
tar -xzf msinstall.tar.gz
cd msinstall/
sh install.sh
If you are performing a new installation, take option 1
If you are performing a upgrade, take option 1
If you are performing a upgrade and want to skip the full perl module installation, take option 2
3. You now need to disable the following options in WHM:
WHM > Tweak Settings > Uncheck "SpamAssassin Spam Filter" and "SpamAssassin Spam Box"
WHM > Service Manager > Uncheck both boxes for "spamd" and click "Save"
Feature Manager > Edit the feature list "disabled" and uncheck "SpamAssassin" and "SpamAssassin Spam Box"
4. Create a /scripts/postupcp file (or add the perl line if this file already exists) with the following contents:
#!/bin/sh
perl /usr/mscpanel/mscheck.pl
5. Set the correct permissions on /scripts/postupcp
chmod 700 /scripts/postupcp
6. MailScanner won't be scanning for much until you configure it for the domains on your server. We have another handy script that can keep your MailScanner installation in sync with your cPanel /etc/localdomains file. It will also email root any changes that it makes. You can run it manually with:
perl /usr/mscpanel/mscpanel.pl -i
You can then check the files in /usr/mailscanner/etc/rules/*.rules and modify them if desired. There are instructions and examples in the README and EXAMPLES files in that directory.
You can also create a cronjob to run it daily with a root crontab entry like this:
0 0 * * * perl /usr/mscpanel/mscpanel.pl > /dev/null 2>&1
MailScanner can be configured by editing the file /usr/mailscanner/etc/MailScanner.conf. There are detailed explanations and instructions in that file. Be sure to restart MailScanner after making modifications to this file.
For further information:
ConfigServer technical FAQ:
http://www.configserver.com/techfaq/faqlist.php?catid=5
ConfigServer forums:
http://forum.configserver.com/forumdisplay.php?f=20
MailScanner website:
http://www.mailscanner.info
MailScanner mailing list:
http://www.mailscanner.info/support.html#mailing
Uninstall
=========
Download the tarball, then perform the following from a root account:
tar -xzf msinstall.tar.gz
cd msinstall/
sh uninstall.sh