Please read this whole page before downloading the package Through our experience of installing, configuring and upgrading MailScanner for many clients we have decided to publish our scripts that can be used to: Install MailScanner Upgrade an existing MailScanner installation (that resides in /usr/mailscanner/) Upgrade an existing MailScanner installation (and use a clean installation of the files) Uninstall MailScanner webpage http://www.configserver.com/ For upgrades and uninstallation, this package will only work with MailScanner installation installed from this package. The package configures MailScanner with sensible options that will minimize impact on server performance. Do be aware, through, that high email traffic volumes will inevitably cost something in server performance. There are a few additional steps that you can take to minimize this: Don't use the Default Address (this will help limit exposure to dictionary attacks). Instead create Forwarders to your Mail Accounts for all addresses that you actually use. Do note that if you do this the main account email address will no longer work (quirk of cPanel). To use it, you need to create an actual Mail account called username@yourdomain.com and use that for POP3 access. Use :fail: instead of :blackhole: for your Default or any other Address where you want delivery to fail. This causes email delivery to stop at an early stage (RCPT) before the email actually gets onto your server. While we're not aware of any significant bugs, there's no guarantee or warranty provided with the script. We also do not provide any support for it. If you require support and contact us, there may be a charge for any work or advice provided. If you want support, we offer a cheap package to do it all for you, and more, over here. You use it at your own risk* This script has only been tested on supported releases of Redhat or CentOS Linux. There is no support for running on servers running Trustix, FreeBSD, SUSE or any OS that is EOL/obsolete or unsupported by cPanel (e.g. RedHat 9, Fedora,etc). Script installation If you have the cPanel Clamavconnector installed (WHM > Add-on Modules) remove it - it will break MailScanner Login to your root account on your server via SSH Download the package, expand it and go into it: wget http://www.configserver.com/free/msinstall.tar.gz tar -xzf msinstall.tar.gz cd msinstall/ Follow the instructions in the README.txt and INSTALL.txt files in the package Please note that the script currently is configured to download the latest MailScanner at the time of writing. If you want a different version, edit msinstall.pl and modify the $mailscanner variable appropriately Once installed/upgraded/uninstalled make sure that both MailScanner is running correctly and that exim is sending and receiving emails (you should use 2 separate SSH windows to do this): tail -f /var/log/maillog tail -f /var/log/exim_mainlog Subscribe to our blog to be notified about updates
These instructions will configure ClamAV to use the clamd daemon: Make sure clamavconnector is NOT installed in WHM > Manage Plugins as this will break MailScanner If you would like to verify ClamAV's digital signatures on the virus definition files as they are updated through freshclam, you need to install GMP first: /scripts/ensurerpm gmp gmp-devel Next you will need to create a user for clamav to use: useradd clamav Some OS's require you to add the group as well: groupadd clamav Don't worry if the user and/or group already exist. Download the latest stable ClamAV distribution from http://www.clamav.net Note: If you are running Fedora Core 4 or earlier, you cannot install any version of ClamAV later than 0.91.2 because of a broken gcc. Expand the distribution and cd into the resultant directory and build ClamAV using: tar -xzf clamav-* cd clamav* ./configure --disable-zlib-vcheck make make install pico -w /usr/local/etc/freshclam.conf Comment out the line (put a # as the first character on the line) near the top that says simply: Example pico -w /usr/local/etc/clamd.conf Comment out the line (put a # as the first character on the line) near the top that says simply: Example pico -w /usr/local/etc/clamd.conf Change the following line: #LocalSocket /tmp/clamd.socket to this: LocalSocket /tmp/clamd Run ldconfig to create the necessary links and cache to most recent shared libraries ldconfig Run freshclam to download the latest definitions: freshclam Note: The following will no longer work as ClamAV has decided not to include the init examples in their latest version. You will have to create your own init script to start clamd or download an old version of ClamAV (pre-v0.95) and get the init script from there. /bin/cp -fv contrib/init/RedHat/clamd /etc/init.d/clamd chown root:root /etc/init.d/clamd chmod +x /etc/init.d/clamd chkconfig clamd on service clamd restart pico -w /etc/chkserv.d/clamav Add the following line: service[clamav]=x,x,x,service clamd restart,clamd,root Create an empty log file for clamav updates: touch /var/log/clam-update.log chown clamav:clamav /var/log/clam-update.log Add clamav to chkservd so that it will be monitored: pico -w /etc/chkserv.d/chkservd.conf clamav:1 At this point you can setup clamd in the MailScanner configuration: pico -w /usr/mailscanner/etc/MailScanner.conf Set the following options: Virus Scanners = clamd Clamd Socket = /tmp/clamd Then restart MailScanner with: service MailScanner restart You can now set what domains you want scanned for viruses in: /usr/mailscanner/etc/rules/virus.scanning.rules
That's it. If you don't feel confident doing any of this yourself, or if you get into a horrible mess, we offer a cheap package to do it all for you, and more, over here. *Remember that adding virus scanning of emails to MailScanner will add load to your server.
readme.txt notes ################################################## ############################# # Copyright (c) 2004 Way to the Web Limited - all rights reserved. # Without explicit prior consent from Way to the Web Limited this script: # may not be altered in any way, apart from the initial variable setting # may not be redistributed # may not be copied in part or in its entirety # For more information, please contact sales@waytotheweb.com ################################################## ############################# This is an installation and upgrade package for running MailScanner on a cPanel server using the MailScanner tarball distribution. Here's what you need to understand and what you need to do to get the application installed or upgraded: New Installation ================ 1. Follow the INSTALL.txt file The bulk of the application files are stored in /usr/mscpanel/. The only file that you need to edit in that directory is mscpanel.pl which contains detailed comments on the configurable options available for that script. Upgrade Installation ==================== If you are upgrading an installation that previously called files in root, you need to take the following into account: 1. The following scripts have moved from /root/ to /usr/mscpanel/ mscpanel.pl mscheck.pl You should modify any other procedures that call these, e.g.: /scripts/postupcp root crontab 2. The method for restarting MailScanner has changed so that the script /root/restartMS.sh is not used, but a Linux service is installed instead. This means that you should use the following if you want to restart MailScanner (e.g. after an upgrade): service MailScanner restart Or, use the following if you've only changed a configuration file: service MailScanner reload 3. Follow the INSTALL.txt file The bulk of the application files are stored in /usr/mscpanel/. The only file that you need to edit in that directory is mscpanel.pl which contains detailed comments on the configurable options available for that script.
install.txt files Installation and Upgrade ======================== 1. Read and understand the README.txt file 2. You can now install. Download the tarball, then perform the following from a root account: tar -xzf msinstall.tar.gz cd msinstall/ sh install.sh If you are performing a new installation, take option 1 If you are performing a upgrade, take option 1 If you are performing a upgrade and want to skip the full perl module installation, take option 2 3. You now need to disable the following options in WHM: WHM > Tweak Settings > Uncheck "SpamAssassin Spam Filter" and "SpamAssassin Spam Box" WHM > Service Manager > Uncheck both boxes for "spamd" and click "Save" Feature Manager > Edit the feature list "disabled" and uncheck "SpamAssassin" and "SpamAssassin Spam Box" 4. Create a /scripts/postupcp file (or add the perl line if this file already exists) with the following contents: #!/bin/sh perl /usr/mscpanel/mscheck.pl 5. Set the correct permissions on /scripts/postupcp chmod 700 /scripts/postupcp 6. MailScanner won't be scanning for much until you configure it for the domains on your server. We have another handy script that can keep your MailScanner installation in sync with your cPanel /etc/localdomains file. It will also email root any changes that it makes. You can run it manually with: perl /usr/mscpanel/mscpanel.pl -i You can then check the files in /usr/mailscanner/etc/rules/*.rules and modify them if desired. There are instructions and examples in the README and EXAMPLES files in that directory. You can also create a cronjob to run it daily with a root crontab entry like this: 0 0 * * * perl /usr/mscpanel/mscpanel.pl > /dev/null 2>&1 MailScanner can be configured by editing the file /usr/mailscanner/etc/MailScanner.conf. There are detailed explanations and instructions in that file. Be sure to restart MailScanner after making modifications to this file. For further information: ConfigServer technical FAQ: http://www.configserver.com/techfaq/faqlist.php?catid=5 ConfigServer forums: http://forum.configserver.com/forumdisplay.php?f=20 MailScanner website: http://www.mailscanner.info MailScanner mailing list: http://www.mailscanner.info/support.html#mailing Uninstall ========= Download the tarball, then perform the following from a root account: tar -xzf msinstall.tar.gz cd msinstall/ sh uninstall.sh
cd /usr/src/rm -fv msfe*wget http://www.configserver.com/free/msfeinstaller.tgz tar -xzf...
Do the following steps: cd /usr/local/cpanel/base/frontend/xmail ln -s ../x/cells/ pico -w...
In WHM > MailScanner > MailScanner Configuration you will find a setting for 'Spam List =...
The {Disarmed} tag is added by MailScanner when it has detected and disarmed potentially...
In the /usr/mailscanner/etc/rules/ directory, edit filename.rules.rules and filetype.rules.rules...