Home - Projects - Publications - Partners - Contact Us

S40mail

Synopsys

# We really need email to work on these systems
# RedHat supports two different SMTP implementations
#     postfix
#     sendmail
# you move between them you use /usr/sbin/alternatives --config mta
# For the time being we'll stay with Sendmail, as this is well know
# 
# Sendmail is controlled by these things
# relay access is controlled by  /etc/mail/access
# host aliases are controlled by /etc/mail/local-host-names
set -x
echo "%Post: Mail Configuration"

Script

# All machines need clamav installing
/mnt/source/kickstart/scripts/s40mail_clamav.sh

# All machines need spamassassin starting
chkconfig --levels 345 spamassassin on

# All machines should be configured to use sendmail and postfix
/mnt/source/kickstart/scripts/s40mail_sendmail.sh
/mnt/source/kickstart/scripts/s40mail_postfix.sh

# FC3 machines should also have an exim configuration
# FC4 doesn't come with exim as standard
# RHEL4 does (go figure.)
if [ "$OS" != "fc4" ]; then
  /mnt/source/kickstart/scripts/s40mail_exim.sh
fi


# Now decide which SMTP server will be started on boot
if [ "$MTA" == "sendmail" ]; then
  echo 1 | /usr/sbin/alternatives --config mta
elif [ "$MTA" == "postfix" ]; then
  echo 2 | /usr/sbin/alternatives --config mta
elif [ "$MTA" == "exim" ]; then
  echo 3 | /usr/sbin/alternatives --config mta
fi

# IMAP/POP3 providing service depends on OS
# RHEL3/WBEL don't ship with dovecot
if [ "$OS" == "rhel3" ]; then
  /mnt/source/kickstart/scripts/s40mail_imap.sh
else
  /mnt/source/kickstart/scripts/s40mail_dovecot.sh
fi

# Redirect all of root's mail to the operator user
mv /etc/aliases /etc/aliases-$VERSION
sed -e "s/^\(operator.*\)/#\1/" /etc/aliases-$VERSION > /etc/aliases
echo "root:		operator" >> /etc/aliases

# operator user has /root as a home dir, so create somwhere writable
# to deliver the mail into
mkdir -p /root/mail/cur /root/mail/new /root/mail/tmp
chgrp -R mail /root/mail
chmod -R g+w /root/mail

Examples and Testing

# with sendmail and postfix, need to run "newaliases" 
# and restart the mail daemon when changing /etc/aliases, 
# so we'll run it here for both systems
# normally, we just need to run "newaliases" as the particular version
# is handled by the alternatives system.
# don't have to do this as /etc/init.d/sendmail startups
#   /usr/bin/newaliases.sendmail
# don't know about postfix
#   /usr/bin/newaliases.postfix

# How do we test it is working.
# First of all we need to test we can Base64 encode things
# perl -e 'use MIME::Base64; \
#           $encoded = encode_base64("USERNAME");\
#            print $encoded; '
# 
# telnet localhost 25
# ehlo localhost
#
# you should get a line which says
#       250-AUTH GSSAPI LOGIN PLAIN
# we care about LOGIN and PLAIN..
# next step is to check that a user can get in. 
# You then should try
# AUTH LOGIN
# and you'll get a reply
# 	334 VXNlcm5hbWU6
# now enter the BASE64 encoded username
# You will then get asked for a password
#       334 UGFzc3dvcmQ6
# now enter the BASE64 encoded password
# Assuming you did this right and it's working you should see
#       235 2.0.0 OK Authenticated
#

# There are two spam levels:
# - messages that receive > 5 points from spamd are accepted with a warning
# - messages that receive > 10 points from spamd are rejected at SMTP time
#
# Spamassassin system wide threshold is configured in
# /etc/mail/spamassassin/local.cf
#
# Reject threshold is set in /etc/exim/exim.conf in acl_check_content
#
# deny  message = This message scored $spam_score points. Congratulations!
#       spam = nobody:true
#       condition = ${if >{$spam_score_int}{100}{1}{0}}
#
# The above stanza rejects messages with a score >10
# To change this, edit the {100} to {$spam_score * 10}
# e.g. for a spam score of 15, use {150}

# Can test spam and virus checking at the command line:
# A good session should look similar to the following
#
# > telnet localhost 25
# 220 hostname ESMTP Exim 4.43 date
# > ehlo localhost
# 250- hostname Hello user @@ machine [1.2.3.4]
# > mail from: <a.valid.email.address@@domain.com>
# 250 OK
# > rcpt to: <another.valid.email.address@@someotherdomain.com>
# 250 Accepted
# > data
# 354 Enter message, ending with "." on a line by itself

# at this point, use the following tests

# Spam tests:
#
# 1. non-spam message
# From: Lesley Mitchell <dkscully@@geah.org>
# Subject: this is a non-spam test message
# Date: Mon Jan  3 15:25:04 GMT 2005
#
# this is a safe test message
# .

#
# 2. message that triggers spam warning message
# e.g. add "$$$  fsjoi324" to subject line and "VIAGRA" to the body
#
#
# 3. message that triggers spam reject
# e.g. use GTUBE - Generic Test for Unsolicited Bulk Email.
#
# XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
# .
# 550 5.7.1 Blocked by SpamAssassin
#

# Virus test:
#
# Use the EICAR test virus
#
# X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
# .
# 554 5.7.1 virus Eicar-Test-Signature detected by ClamAV - http://www.clamav.net
set +x

Marked up in XHTML - ©2005 Thoughtful Solutions Ltd.