V3-Fresh-Install-Readme.txt 5.4KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175
  1. # Setting up Message Sniffer with Postfix
  2. # You should already have an SNF license ID and authentication string. If
  3. # you don't then sign up for a free trial first and they will be provided:
  4. # http://www.armresearch.com/products/trial.jsp
  5. # This procedure assumes you're running Linux.
  6. # If you are using BSD please substitue the correct distribution directory.
  7. # Follow this procedure logged in as root!
  8. # Download and unpack the distribution files.
  9. wget http://www.armresearch.com/message-sniffer/download/SNFSourceClientServer.3.0.1.zip
  10. unzip SNFSourceClientServer.3.0.1.zip
  11. # Compile the SNFServer.exe, SNFClient.exe and snf2check.exe programs.
  12. cd SNF_Source_Distribution/SNF_Service
  13. . compile
  14. cd ../SNF_Client
  15. . compile
  16. cd ../SNF2Check
  17. . compile
  18. cd ..
  19. # Create the /var/spool/snfilter directory.
  20. # Copy the necessary files to the snfilter directory.
  21. # The Linux distribution is assumed below.
  22. mkdir /var/spool/snfilter
  23. mkdir /var/spool/snfilter/msg
  24. cp SNF_Service/SNFServer.exe /var/spool/snfilter
  25. cp SNF_Client/SNFClient.exe /var/spool/snfilter
  26. cp SNF2Check/SNF2Check.exe /var/spool/snfilter
  27. cp GBUdbIgnoreList.txt /var/spool/snfilter
  28. cp snf_engine.xml /var/spool/snfilter
  29. cp identity.xml /var/spool/snfilter
  30. # Copy the control and update scripts to the snfilter directory.
  31. cp scripts/* /var/spool/snfilter
  32. # Copy a couple of test files to the snfilter directory.
  33. cp cleanmsg.txt /var/spool/snfilter
  34. cp junkmsg.txt /var/spool/snfilter
  35. # Create an unprivleged user with no shell or home directory.
  36. # Set Permissions and ownership of the files and directory.
  37. groupadd -g 93 snfilter
  38. useradd -g 93 -u 93 -c "Spam Filter" -d /bin/false snfilter
  39. chown snfilter /var/spool/snfilter /var/spool/snfilter/msg
  40. cd /var/spool/snfilter
  41. chown snfilter *
  42. chmod 460 *
  43. chmod 770 msg
  44. chmod 500 SNFServer.exe
  45. chmod 570 SNFClient.exe SNF2Check.exe
  46. chmod 570 getRulebase snfscan-spamassasin snfscan-standalone
  47. chmod 070 snfctrl
  48. # Modify your getRulebase script (input your license information)
  49. # Simulate a ready rulebase update and download your .snf file.
  50. touch UpdateReady.txt
  51. chown snfilter UpdateReady.txt
  52. su snfilter -c "/var/spool/snfilter/getRulebase"
  53. ls *.snf
  54. # SNFServer_readme.txt will guide you through the next step:
  55. # Make the appropriate adjustments to your GBUdbIgnoreList.txt,
  56. # identity.xml, and snf_engine.xml files.
  57. # Test your SNFServer installation
  58. ./snfctrl start
  59. ./SNFClient.exe -status.second
  60. # If successful you should see XML data. If not, an error.
  61. # Upon success, set up SNFServer to run on startup. We will
  62. # test the link by shutting down snf from init.d.
  63. ln -s /var/spool/snfilter/snfctrl /etc/init.d/snf
  64. /etc/init.d/snf stop
  65. # Tell chkconfig that we want SNFServer turned on.
  66. chkconfig snf on
  67. chkconfig --list | grep snf
  68. # Congratulations!!
  69. # If you've gotten to this point then you have successfully installed
  70. # SNF on your server! The next set of instructions assumes you will
  71. # be using SNF with postfix and simply injecting headers that will be
  72. # used later to remove, quarantine, or otherwise redirect messages
  73. # detected as spam. There are as many ways to use SNF as there are
  74. # systems using it -- so the following is just a good starting place
  75. # for postfix users.
  76. # Be sure to restar SNFServer before trying to use it ;-)
  77. service snf start
  78. #------------------------------------------------------------------
  79. # Copy the snfscan-standalone script to sniffer and set the correct
  80. # access rights.
  81. cp snfscan-standalone sniffer
  82. chown snfilter sniffer
  83. chmod 570 sniffer
  84. # The snfscan-standalone version of the sniffer script creates a
  85. # temporary copy of the message, scans it with SNF, and then reinjects
  86. # the message. It is presumed that SNF is configured with x-header
  87. # injection turned on and that the x-headers have been customized
  88. # to suit your needs. Check the <xheaders/> section of your snf_engine.xml
  89. # file to verify that SNF is configured to do what you want.
  90. # Edit the sniffer shell script, and uncomment the action you want
  91. # the script to take. The default action will only to add a
  92. # "X-SortMonster-Msg-Sniffer-Match:" header to messages that
  93. # match the filter. This default action will not stop spam from
  94. # getting through.
  95. # Changes to /etc/postfix/master.cf
  96. # LEADING WHITE SPACES ARE IMPORTANT WHEN MAKING THIS CHANGE
  97. change:
  98. smtp inet n - n - - smtpd
  99. to:
  100. smtp inet n - y - - smtpd
  101. -o content_filter=snfilter
  102. also add:
  103. snfilter unix - n n - 10 pipe
  104. flags=q user=snfilter argv=/var/spool/snfilter/sniffer
  105. -f ${sender} ${recipient}
  106. to master.cf
  107. # At this point You could just restart postfix, and hope nothing
  108. # goes wrong. Instead, it would be smarter to first test the
  109. # installation from the command line by injecting a message directly
  110. # into the filter script "sniffer". We can issue a command like
  111. ./sniffer -f sender recipient <junkmsg.txt
  112. # Where junkmsg.txt is a spam test message. We should also test
  113. # a clean message to make sure that this script is working as we
  114. # expect it to. In this case we would issue a command like
  115. ./sniffer -f sender recipient <cleanmsg.txt
  116. # If you've done everything correctly then all you have to do
  117. # is reload postfix to start the content_filter working.
  118. postfix reload
  119. # If something goes wrong you need only comment out, or remove
  120. # the line
  121. -o content_filter=snfilter
  122. # in /etc/postfix/master.cf, then reload postfix as shown above.