MailZu

Quarantine clean emails sent from/to certain local user

-----

https://dokuwiki.tachtler.net/doku.php?id=tachtler:postfix_amavis_mailzu_installieren

Postfix AMaViS MailZu

MailZu is a simple and easy-to-use web application for managing the AMaViS ( A Mail Virus Scanner ) quarantine.

NOTE - The question of whether a quarantine makes sense, should NOT be asked here!

Download Postfix AMaViS Mail

Before you can start installing MailZu , the "current" version of MailZu Download should be downloaded.

The version used and discussed here is the version MailZu_0.8RC3.tar.gz.

Postfix AMaViS Mail Install

After downloading a version of MailZu in eg the directory /tmpon the local machine, the following file should be

MailZu_0.8RC3.tar.gz

in the directory /tmp.

The downloaded archive with the name MailZu_0.8RC3.tar.gzcan be unpacked with the following command :

$ tar xvfz MailZu_0.8RC3.tar.gz

Then there should be a directory with the name MailZu_0.8RC3in the directory /tmp:

# ll /tmp/ ... drwxr-xr-x 10 1000 1000 4096 Jun 14 2007 MailZu_0.8RC3 -rw-r--r-- 1 user user 543781 Jun 14 2007 MailZu_0.8RC3.tar.gz ...

Finally, the downloaded archive can be MailZu_0.8RC3.tar.gzdeleted with the following command:

$ rm /tmp/MailZu_0.8RC3.tar.gz

From here, rootrights are required to execute the subsequent commands. To rootbecome one, please enter the following command:

$ su - Password:

Postfix AMaViS MailZu Configuration Webserver

Here is the configuration of a virtual host for the Apache HTTP Server . The call to MailZu should be via the URL

- http://www.mailzu.tachtler.net

be enabled.

If you do not yet have experience with virtual hosts in connection with the Apache HTTP Server , please read the documentation of the Apache HTTP Server project , as only the basic steps are explained here.

If not already done, /etc/httpd/conf.dcreate a file with the name in the directory vhosts.conf. The contents of this file should be as minimal as possible for a virtual host for myAmavis :

# This configuration file enables the vhosts to this# Server# NameVirtualHost *:80 ## mailzu.tachtler.net# <VirtualHost *:80> ServerAdmin webmaster@tachtler.net ServerName mailzu.tachtler.net ServerAlias www.mailzu.tachtler.net ServerPath / DocumentRoot "/var/www/html/mailzu" <Directory "/var/www/html/mailzu"> AllowOverride AuthConfig Order allow,deny Allow from all </Directory> DirectoryIndex index.php ErrorLog logs/mailzu_error.log CustomLog logs/mailzu_access.log combined </VirtualHost>

Then the directory is /tmp/MailZu_0.8RC3to /var/www/html/mailzube copied with the command and simultaneously renamed:

#mv /tmp/MailZu_0.8RC3 / var / www / html / mailzu

The ownership of the directory /var/www/html/mailzustill needs to be corrected, which is done with the following command:

# chown -R root.apache /var/www/html/mailzu

The access rights still have to /var/www/html/mailzube corrected for the directory , which is done with the following commands:

# chmod -R o-rx /var/www/html/mailzu

A reboot or first start of Apache HTTP Server with the following command for a first start

# service httpd start

or restart the Apache HTTP Server with the following command

# service httpd restart

Enables the above-described configurations for the Apache HTTP Server .

Postfix AMaViS MailZu Konfiguration AMaViS

Subsequent customization, in addition to the ability to write data to a MySQL database, for example , to the configuration file

- /etc/amavisd.conf

of AMaViS ( A Mail Virus Scanner ) are necessary to be able to use MailZu to its full extent ( only relevant excerpt ):

...# Tachtler - MailZu # default: $inet_socket_port = 10024; # listen on this local TCP port(s) # $inet_socket_port = [10024,10026]; # listen on multiple TCP ports $inet_socket_port = [10024,9998]; # listen on this local TCP port(s) # Tachtler - MailZu $interface_policy{'9998'} = 'AM.PDP'; # Tachtler - MailZu $policy_bank{'AM.PDP'} = { protocol => 'AM.PDP', inet_acl => [qw( 127.0.0.1 [::1] 192.168.0.1 )],};...# Tachtler - MailZu @lookup_sql_dsn = ( ['DBI:mysql:database=amavis;host=192.168.0.30;port=3306', 'amavis', 'geheim'] );@storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate database ...# Tachtler - MailZu $virus_quarantine_method = 'sql:virus-%m';$spam_quarantine_method = 'sql:spam-%m';$banned_files_quarantine_method = 'sql:banned-%m';$bad_header_quarantine_method = 'sql:badh-%m';...

Afterwards a restart of AMaViS ( A MAil Virus Scanner ) is necessary, which can be done with the following command:

# service amavisd restart

The output of the log file /var/log/maillog- should look something like this:

Apr 23 09:49:32 nss amavis[3265]: Net::Server: 2010/04/23-09:49:31 Server closing! Apr 23 09:49:36 nss amavis[3382]: logging initialized, log level 2, syslog: amavis.mail Apr 23 09:49:36 nss amavis[3382]: starting. /usr/sbin/amavisd at amavis.tachtler.net amavisd-new-2.6.4 (20090625), Unicode aware, LANG="en_US.UTF-8" Apr 23 09:49:36 nss amavis[3382]: user=112, EUID: 112 (112); group=, EGID: 114 114 (114 114) Apr 23 09:49:36 nss amavis[3382]: Perl version 5.008008 Apr 23 09:49:36 nss amavis[3382]: SpamControl: scanner SpamAssassin, module Amavis::SpamControl::SpamAssassin Apr 23 09:49:37 nss amavis[3382]: INFO: SA version: 3.2.5, 3.002005, no optional modules: Image::Info Image::Info::GIF Image::Info::JPEG Image::Info::PNG Image::Info::TIFF Apr 23 09:49:37 nss amavis[3382]: SpamControl: init_pre_chroot on SpamAssassin done Apr 23 09:49:37 nss amavis[3383]: Net::Server: Process Backgrounded Apr 23 09:49:37 nss amavis[3383]: Net::Server: 2010/04/23-09:49:37 Amavis (type Net::Server::PreForkSimple) starting! pid(3383) Apr 23 09:49:37 nss amavis[3383]: Net::Server: Binding to UNIX socket file /var/amavis/amavisd.sock using SOCK_STREAM Apr 23 09:49:37 nss amavis[3383]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1 Apr 23 09:49:37 nss amavis[3383]: Net::Server: Binding to TCP port 9998 on host 127.0.0.1 Apr 23 09:49:37 nss amavis[3383]: Net::Server: Group Not Defined. Defaulting to EGID '114 114' Apr 23 09:49:37 nss amavis[3383]: Net::Server: User Not Defined. Defaulting to EUID '112' Apr 23 09:49:37 nss amavis[3383]: config files read: /etc/amavisd.conf Apr 23 09:49:37 nss amavis[3383]: Module Amavis::Conf 2.207 Apr 23 09:49:37 nss amavis[3383]: Module Archive::Zip 1.30 Apr 23 09:49:37 nss amavis[3383]: Module BerkeleyDB 0.36 Apr 23 09:49:37 nss amavis[3383]: Module Compress::Zlib 2.02 Apr 23 09:49:37 nss amavis[3383]: Module Convert::TNEF 0.17 Apr 23 09:49:37 nss amavis[3383]: Module Convert::UUlib 1.12 Apr 23 09:49:37 nss amavis[3383]: Module Crypt::OpenSSL::RSA 0.25 Apr 23 09:49:37 nss amavis[3383]: Module DBD::mysql 4.013 23, 094937 amavis in NSS The nss-Apr [3383]: The DBI Module to 1609 -Apr 23, 094937 in NSS The nss amavis [3383]: Module to DBFile 1814 -Apr 23, 094937 in NSS The nss amavis [3383]: Module to :: MD5, a Digest on 2.36 Apr 23 09:49:37 nss amavis [3383]: Module Digest :: SHA 5.47 Apr 23 09:49:37 nss amavis [3383]: Module Digest :: SHA1 2.11 Apr 23 09:49:37 nss amavis [3383 ]: Module IO :: Socket :: INET6 2.51 Apr 23 09:49:37 nss amavis [3383]: Module MIME :: Entity 5.420 Apr 23 09:49:37 nss amavis [3383]: Module MIME :: Parser 5.420 Apr Nss amavis [3383]: Module MIME :: Tools 5.420 Apr 23 09:49:37 nss amavis [3383]: Module Mail :: DKIM :: Signer 0.37 Apr 23 09:49:37 nss amavis [3383]: Module Mail :: DKIM :: Verifier 0.37 Apr 23 09:49:37 nss amavis [3383]: Module Mail :: Header 1.77 Apr 23 09:49:37 nss amavis [3383]: Module Mail :: Internet 1.77 Apr 23 09:49:37 nss amavis [3383]: Module Mail :: SPF v2.006 Apr 23 09:49:37 nss amavis [3383]: Module Mail :: SpamAssassin 3.002005 Nss amavis [3383]: Module Net :: DNS 0.59 Apr 23 09:49:37 nss amavis [3383]: Module Net :: Server 0.97 Apr 23 09:49:37 nss amavis [3383] : Module NetAddr :: IP 4.027 Apr 23 09:49:37 nss amavis [3383]: Module Razor2 :: Client :: Version 2.84 Apr 23 09:49:37 nss amavis [3383]: Module Socket6 0.19 Apr 23 09:49:37 nss amavis[3383]: Module Time::HiRes 1.9717 Apr 23 09:49:37 nss amavis[3383]: Module URI 1.40 Apr 23 09:49:37 nss amavis[3383]: Module Unix::Syslog 1.1 Apr 23 09:49:37 nss amavis[3383]: Amavis::DB code loaded Apr 23 09:49:37 nss amavis[3383]: Amavis::Cache code loaded Apr 23 09:49:37 nss amavis[3383]: SQL base code loaded Apr 23 09:49:37 nss amavis[3383]: SQL::Log code loaded Apr 23 09:49:37 nss amavis[3383]: SQL::Quarantine NOT loaded Apr 23 09:49:37 nss amavis[3383]: Lookup::SQL code loaded Apr 23 09:49:37 nss amavis[3383]: Lookup::LDAP code NOT loaded Apr 23 09:49:37 nss amavis[3383]: AM.PDP-in proto code loaded Apr 23 09:49:37 nss amavis[3383]: SMTP-in proto code loaded Apr 23 09:49:37 nss amavis[3383]: Courier proto code NOT loaded Apr 23 09:49:37 nss amavis[3383]: SMTP-out proto code loaded Apr 23 09:49:37 nss amavis[3383]: Pipe-out proto code NOT loaded Apr 23 09:49:37 nss amavis[3383]: BSMTP-out proto code NOT loaded Apr 23 09:49:37 nss amavis[3383]: Local-out proto code loaded Apr 23 09:49:37 nss amavis[3383]: OS_Fingerprint code NOT loaded Apr 23 09:49:37 nss amavis[3383]: ANTI-VIRUS code loaded Apr 23 09:49:37 nss amavis[3383]: ANTI-SPAM code loaded Apr 23 09:49:37 nss amavis[3383]: ANTI-SPAM-EXT code NOT loaded Apr 23 09:49:37 nss amavis[3383]: ANTI-SPAM-C code NOT loaded Apr 23 09:49:37 nss amavis[3383]: ANTI-SPAM-SA code loaded Apr 23 09:49:37 nss amavis[3383]: Unpackers code loaded Apr 23 09:49:37 nss amavis[3383]: DKIM code loaded Apr 23 09:49:37 nss amavis[3383]: Tools code NOT loaded Apr 23 09:49:37 nss amavis[3383]: Found $file at /usr/bin/file Apr 23 09:49:37 nss amavis[3383]: Found $altermime at /usr/bin/altermime Apr 23 09:49:37 nss amavis[3383]: Internal decoder for .mail Apr 23 09:49:37 nss amavis[3383]: Internal decoder for .asc Apr 23 09:49:37 nss amavis[3383]: Internal decoder for .uue Apr 23 09:49:37 nss amavis[3383]: Internal decoder for .hqx Apr 23 09:49:37 nss amavis[3383]: Internal decoder for .ync Apr 23 09:49:37 nss amavis[3383]: Found decoder for .F at /usr/bin/unfreeze Apr 23 09:49:37 nss amavis[3383]: Found decoder for .Z at /usr/bin/uncompress Apr 23 09:49:37 nss amavis[3383]: Found decoder for .gz at /usr/bin/gzip -d Apr 23 09:49:37 nss amavis[3383]: Internal decoder for .gz (backup, not used) Apr 23 09:49:37 nss amavis[3383]: Found decoder for .bz2 at /usr/bin/bzip2 -d Apr 23 09:49:37 nss amavis[3383]: Found decoder for .lzo at /usr/bin/lzop -d Apr 23 09:49:37 nss amavis[3383]: Found decoder for .rpm at /usr/bin/rpm2cpio Apr 23 09:49:37 nss amavis[3383]: Found decoder for .cpio at /usr/bin/pax Apr 23 09:49:37 nss amavis[3383]: Found decoder for .tar at /usr/bin/pax Apr 23 09:49:37 nss amavis [3383]: found decoder for .deb at / usr / bin / ar Apr 23 09:49:37 nss amavis [3383]: Internal decoder for .zip Apr 23 09:49:37 nss amavis [3383]: found decoder for .7z at / usr / bin / 7za Apr 23 09:49:37 nss amavis [3383]: found decoder for .rar at / usr / bin / unrar Apr 23 09:49:37 nss amavis [3383]: found decoder for .arj at / usr / bin / arj Apr 23 09:49:37 nss amavis [3383]: found decoder for .arc at / usr / bin / nomarch Apr 23 09:49:37 nss amavis [3383]: found decoder for .zoo at / usr / bin / zoo Apr 23 09:49:37 nss amavis [3383]: found decoder for .lha at / usr / bin / lha Apr 23 09:49:37 nss amavis [3383]: found decoder for .cab at / usr / bin / cabextract Apr 23 09:49:37 nss amavis[3383]: No decoder for .tnef tried: tnef Apr 23 09:49:37 nss amavis[3383]: Internal decoder for .tnef Apr 23 09:49:37 nss amavis[3383]: Found decoder for .exe at /usr/bin/unrar; /usr/bin/lha; /usr/bin/arj Apr 23 09:49:37 nss amavis[3383]: Using primary internal av scanner code for ClamAV-clamd Apr 23 09:49:37 nss amavis[3383]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan Apr 23 09:49:37 nss amavis[3383]: Creating db in /var/amavis/db/; BerkeleyDB 0.36, libdb 4.3 Apr 23 09:49:37 nss amavis[3383]: initializing Mail::SpamAssassin Apr 23 09:49:37 nss amavis[3383]: SpamAssassin debug facilities: info Apr 23 09:49:42 nss amavis[3383]: SpamAssassin loaded plugins: AWL, AutoLearnThreshold, Bayes, BodyEval, Check, DNSEval, HTMLEval, HTTPSMismatch, Hashcash, HeaderEval, ImageInfo, MIMEEval, MIMEHeader, Pyzor, Razor2, RelayEval, ReplaceTags, SPF, SpamCop, URIDNSBL, URIDetail, URIEval, VBounce, WLBLEval, WhiteListSubject Apr 23 09:49:42 nss amavis[3383]: SpamControl: init_pre_fork on SpamAssassin done Apr 23 09:49:42 nss amavis[3389]: TIMING [total 29 ms] - bdb-open: 29 (100%)100, rundown: 0 (0%)100 Apr 23 09:49:42 nss amavis[3389]: storage and lookups will use the same connection to SQL Apr 23 09:49:42 nss amavis[3390]: TIMING [total 14 ms] - bdb-open: 14 (100%)100, rundown: 0 (0%)100 Apr 23 09:49:42 nss amavis[3390]: storage and lookups will use the same connection to SQL

NOTE - The following lines are decisive for the start

... Apr 23 09:49:37 nss amavis[3383]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1 Apr 23 09:49:37 nss amavis[3383]: Net::Server: Binding to TCP port 9998 on host 127.0.0.1 ...

Postfix AMaViS MailZu Konfiguration

Before you can start the actual configuration of MailZu , you can use the following command to copy a SAMPLE configuration file as a template for the configuration as a starting point:

# cp -a /var/www/html/mailzu/config/config.php.sample /var/www/html/mailzu/config/config.php

In addition, the log file /var/log/mailzu.log must be created with the following command :

# touch /var/log/mailzu.log

Then the log file must be /var/log/mailzu.logassigned the appropriate ownership, which can be done with the following command:

# chown apache.apache /var/log/mailzu.log

Changes or additions to the configuration file

- /var/www/html/mailzu/config/config.php

are with

// Tachtler

characterized.

NOTE - General Part of /var/www/html/mailzu/config/config.php( continued ):

<?php/** * This file sets all the configuration options * All configuration options, such as colors, * text sizes, email addresses, etc. * are set in this file. * @author Samuel Tran <stran2005@users.sourceforge.net> * @author Brian Wong <bwsource@users.sourceforge.net> * @author Jeremy Fowler <jfowler06@users.sourceforge.net> * @version 04-03-07 * @package MailZu *//*************************************** * MailZu * * Version 0.8 * * http://www.mailzu.net * * * /***************************************//** * Please refer to readme.html and LICENSE for any additional information * * Copyright (C) 2003 - 2007 MailZu * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along with * this program; if not, write to the * Free Software Foundation, Inc. * 59 Temple Place * Suite 330 * Boston, MA * 02111-1307 * USA */ /*************************************************//* Instructions * ************************************************** * + All words (string values) must * * be enclosed in quotation marks * * Numbers must not * * * * + Default values are * * given in square brackets [] * /*************************************************/ /********** * Amavisd-new Settings * * The following settings must correspond to your amavisd-new setup * * ***********/ // Amavisd-new AM.PDP port// Since the port number can not be stored in the database// all instances of amavisd-new must use the same AM.PDP port $conf['amavisd']['spam_release_port'] = '9998'; // Database type to be used by PEAR [mysql]/* Options are: mysql -> MySQL pgsql -> PostgreSQL ibase -> InterBase msql -> Mini SQL mssql -> Microsoft SQL Server oci8 -> Oracle 7/8/8i odbc -> ODBC (Open Database Connectivity) sybase -> SyBase ifx -> Informix fbsql -> FrontBase */$conf['db']['dbType'] = 'mysql'; // Database user who can access the amavisd database// Tachtler// default: $conf['db']['dbUser'] = 'user';$conf['db']['dbUser'] = 'amavis'; // Password for above user to access the amavisd database// Tachtler// default: $conf['db']['dbPass'] = 'pass';$conf['db']['dbPass'] = 'geheim'; // Name of database// Tachtler// default: $conf['db']['dbName'] = 'dbname';$conf['db']['dbName'] = 'amavis'; // Database host specification (hostname[:port]) [localhost]// Tachtler// default: $conf['db']['hostSpec'] = 'hostname.example.com:3306';$conf['db']['hostSpec'] = '127.0.0.1:3306'; // If using the bytea or BLOB mail_text quarantine type set to// True. Since amavisd-2.4.4.// Tachtler// default: $conf['db']['binquar'] = false;$conf['db']['binquar'] = true;...

NOTE - Depending on which authentication method is to be used, the following block must be selected, here the authentication via is to imapbe done ( continued ):

.../********** * Authentication Settings * * Choose your authentication method ($conf['auth']['serverType']), * Then fill in the necessary auth information for corresponding method * ***********/// Available authentication methods/* Options are: ldap -> Standard LDAP server, e.g. OpenLDAP ad -> MS Active Directory sql -> PHP PEAR compatible database exchange -> MS Exchange 5.5 imap -> IMAP protocol */// Tachtler// default: $conf['auth']['serverType'] = 'ldap';$conf['auth']['serverType'] = 'imap';.../*** IMAP Authentication Settings ***/// List of IMAP servers and ports (e.g.: 10.1.1.20:143)// Tachtler// default: $conf['auth']['imap_hosts'] = array( 'imaphost.example.com:143' );$conf['auth']['imap_hosts'] = array( 'mx1.tachtler.net:143' ); // IMAP type/* Options are: imap -> default imaptls -> do not do start-TLS to encrypt the session, even with servers that support it imapssl -> use the Secure Socket Layer to encrypt the session imapcert -> use the Secure Socket Layer to encrypt the session, do not validate certificates from TLS/SSL server, needed if server uses self-signed certificates */// Tachtler// $conf['auth']['imap_type'] = 'imapssl';$conf['auth']['imap_type'] = 'imaptls'; // Domain name part of the email address, (e.g.: example.com)// Tachtler// default: $conf['auth']['imap_domain_name'] = 'example.com';$conf['auth']['imap_domain_name'] = 'tachtler.net';...

NOTE - The following is the authorization part of the configuration file ( continued ):

.../*** Permission listings ****//* The items you put in the admin lists * must be the same as the login ID. * Example: * If you login as 'userid' then.. * conf['auth']['s_admins'] = array ('userid','userid2'); * * OR * * If you login as 'userid@example.com' then... * conf['auth']['s_admins'] = array ('userid@example.com', * 'userid2@example.com' * ); * */ // List of Super Admins// Super Admins can do anything mail admins can plus// change settings// Tachtler// default: $conf['auth']['s_admins'] = array ('user1', 'user2');$conf['auth']['s_admins'] = array ('adminuser'); // List of Mail Admins// Mail Admins can see other users' spam and attachments// and can perform any action on them// Tachtler// default: $conf['auth']['m_admins'] = array ();$conf['auth']['m_admins'] = array ('adminuser'); // User login restriction (Does not affect admins)// If set to true, users will not be able to login. This is if you do// not want users to view their quarantine, yet only have admins to// view quarantines. $conf['auth']['login_restriction'] = false; // User restriction exemption// List of users still allowed to login even if// $conf['auth']['login_restriction'] = true//// Tachtler// default: $conf['auth']['restricted_users'] = array('user1', 'user2');$conf['auth']['restricted_users'] = array('klaus');...

NOTE - To complete the miscellaneous part of the configuration file:

/********** * Miscellaneous Settings * * The following settings must correspond to your amavisd-new setup * ***********/ // Image to appear at the top of each page ['img/mailzu.gif']// Leave this string empty if you are not going to use an image// Specifiy link as 'directory/filename.gif'$conf['ui']['logoImage'] = 'img/mailzu.gif'; // Welcome message show at login page ['Welcome to MailZu!']$conf['ui']['welcome'] = 'Welcome to MailZu!'; // The full url to the root directory of MailZu// Please do not include the trailing slash// Tachtler// $conf['app']['weburi'] = 'https://mailzuhost.example.com/mailzu';$conf['app']['weburi'] = 'http://mailzu.tachtler.net/mailzu'; // How to send email ['mail']/* Options are: 'mail' for PHP default mail 'smtp' for SMTP 'sendmail' for sendmail 'qmail' for qmail MTA */// Tachtler// $conf['app']['emailType'] = 'mail';$conf['app']['emailType'] = 'smtp'; // SMTP email host address []// This is only required if emailType is SMTP// Tachtler// default: $conf['app']['smtpHost'] = '';$conf['app']['smtpHost'] = 'mx1.tachtler.net'; // SMTP port [25]// This is only required if emailType is SMTP$conf['app']['smtpPort'] = 25; // Path to sendmail ['/usr/sbin/sendmail']// This only needs to be set if the emailType is 'sendmail'$conf['app']['sendmailPath'] = '/usr/sbin/sendmail'; // Path to qmail ['/var/qmail/bin/sendmail']// This only needs to be set if the emailType is 'qmail'$conf['app']['qmailPath'] = '/var/qmail/bin/sendmail'; // Support for recipient delimiters// Enter the character used as a delimiter for your site// or leave empty// $conf['recipient_delimiter'] = '+';// Tachtler// default: $conf['recipient_delimiter'] = '';$conf['recipient_delimiter'] = '+'; // The email addresses of the support staff and/or administrator// An email is sent to these addresses when a user reports an error// or clicks the "Email Administrator" link// Tachtler// default: $conf['app']['adminEmail'] = array('support@example.com');$conf['app']['adminEmail'] = array('postmaster@tachtler.net'); // Email admin upon Release Request// When users try to release a banned file a request is sent to an// admin. Admins can always look at 'Pending Requests' in the MailZu// interface regardless. //// $conf['app']['notifyAdmin'] = 1;// Tachtler// default: $conf['app']['notifyAdmin'] = 0;$conf['app']['notifyAdmin'] = 1; // Show the "Email Administrator" link for users// If you have a large userbase, you may not want users to have the// capability to just email the admin// Note: The "Report Error" link is still available regardless// of this option. This link is only visible if a fatal error occurs// with releasing attachments. Default is 1 (show link).//// $conf['app']['showEmailAdmin'] = 0;$conf['app']['showEmailAdmin'] = 1; // Site Quarantine Summary display toggle.// Enable and display the "Site Quarantine Summary" link for admins.// Viewing the site summary may be an expensive database query.// Large sites may want to turn this off.// $conf['app']['siteSummary'] = 1$conf['app']['siteSummary'] = 1; // Show Site Quarantine in search only mode if set to 1.// No message is displayed when clicking on 'Site quarantine'.// Keep the default for for large sites.// $conf['app']['searchOnly'] = 1$conf['app']['searchOnly'] = 1; // The default language code. This must be included in the language list in// langs.php$conf['app']['defaultLanguage'] = 'en_US'; // Display the choice for language selection during the login screen if set to 1 // Otherwise set it to 0// Default is 1$conf['app']['selectLanguage'] = '1'; // If you are running PHP in safe mode, set this value to 1.// This toggles if we use the included Pear DB and Mail_Mime libraries included// with this distribution$conf['app']['safeMode'] = 0; // View time in 12 or 24 hour format [12]// Only acceptable values are 12 and 24 (if an invalid number is set, 12 hour// time will be used)// Tachtler// default: $conf['app']['timeFormat'] = 12;$conf['app']['timeFormat'] = 24; // Title of application ['MailZu']// Will be used for page titles and in 'From' field of email responses$conf['app']['title'] = 'MailZu'; // If we should log system activity or not [0]// Can be 0 (for no) and 1 (for yes)$conf['app']['use_log'] = 1; // If we should log additional debug information$conf['app']['debug'] = 0; // Directory/file for log ['/var/log/mailzu.log']// Specify as /directory/filename.extension$conf['app']['logfile'] = '/var/log/mailzu.log'; // Maximum number of messages displayed per page$conf['app']['displaySizeLimit'] = 50; // Allow users to view quarantined Bad Header messages// Bad headers are treated like spam and released// $conf['app']['allowBadHeaders'] = 0$conf['app']['allowBadHeaders'] = 0; // Allow users to view quarantined Viruses (Dangerous)// Virues are treated like Banned files and are placed // in the Pending Requests and require Admin release// $conf['app']['allowViruses'] = 0$conf['app']['allowViruses'] = 0; // Allow users to search by Mailid// $conf['app']['allowMailid'] = 0$conf['app']['allowMailid'] = 0; include_once('init.php');?>

Finally the complete configuration file :

<?php/** * This file sets all the configuration options * All configuration options, such as colors, * text sizes, email addresses, etc. * are set in this file. * @author Samuel Tran <stran2005@users.sourceforge.net> * @author Brian Wong <bwsource@users.sourceforge.net> * @author Jeremy Fowler <jfowler06@users.sourceforge.net> * @version 04-03-07 * @package MailZu *//*************************************** * MailZu * * Version 0.8 * * http://www.mailzu.net * * * /***************************************//** * Please refer to readme.html and LICENSE for any additional information * * Copyright (C) 2003 - 2007 MailZu * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along with * this program; if not, write to the * Free Software Foundation, Inc. * 59 Temple Place * Suite 330 * Boston, MA * 02111-1307 * USA */ /*************************************************//* Instructions * ************************************************** * + All words (string values) must * * be enclosed in quotation marks * * Numbers must not * * * * + Default values are * * given in square brackets [] * /*************************************************/ /********** * Amavisd-new Settings * * The following settings must correspond to your amavisd-new setup * * ***********/ // Amavisd-new AM.PDP port// Since the port number can not be stored in the database// all instances of amavisd-new must use the same AM.PDP port$conf['amavisd']['spam_release_port'] = '9998'; // Database type to be used by PEAR [mysql]/* Options are: mysql -> MySQL pgsql -> PostgreSQL ibase -> InterBase msql -> Mini SQL mssql -> Microsoft SQL Server oci8 -> Oracle 7/8/8i odbc -> ODBC (Open Database Connectivity) sybase -> SyBase ifx -> Informix fbsql -> FrontBase */$conf['db']['dbType'] = 'mysql'; // Database user who can access the amavisd database// Tachtler// default: $conf['db']['dbUser'] = 'user';$conf['db']['dbUser'] = 'amavis'; // Password for above user to access the amavisd database// Tachtler// default: $conf['db']['dbPass'] = 'pass';$conf['db']['dbPass'] = 'geheim'; // Name of database// Tachtler// default: $conf['db']['dbName'] = 'dbname';$conf['db']['dbName'] = 'amavis'; // Database host specification (hostname[:port]) [localhost]// Tachtler// default: $conf['db']['hostSpec'] = 'hostname.example.com:3306';$conf['db']['hostSpec'] = '192.168.0.30:3306'; // If using the bytea or BLOB mail_text quarantine type set to// True. Since amavisd-2.4.4.// Tachtler// default: $conf['db']['binquar'] = false;$conf['db']['binquar'] = true; /********** * Authentication Settings * * Choose your authentication method ($conf['auth']['serverType']), * Then fill in the necessary auth information for corresponding method * ***********/// Available authentication methods/* Options are: ldap -> Standard LDAP server, e.g. OpenLDAP ad -> MS Active Directory sql -> PHP PEAR compatible database exchange -> MS Exchange 5.5 imap -> IMAP protocol */// Tachtler// default: $conf['auth']['serverType'] = 'ldap';$conf['auth']['serverType'] = 'imap'; /*** LDAP Authentication Settings ***/// List of LDAP servers$conf['auth']['ldap_hosts'] = array( 'ldaphost.example.com ' ;)// if set to true, LDAP connection over SSL (PHP 4.0.4 minimum)// if set to false or not set, unencrypted LDAP connection on port 389$conf['auth']['ldap_ssl'] = false; // LDAP base dn, e.g. 'dc=example,dc=com'$conf['auth']['ldap_basedn'] = 'dc=example,dc=org'; // LDAP attribute used for the RDN to identify a person// For instance if the DN for a given user is uid=joesmith,ou=people,dc=example,dc=com// the attribute would be 'uid'$conf['auth']['ldap_user_identifier'] = 'uid'; // Container where all users are kept, e.g. 'ou=people'// If you have users in multiple containers, leave this option blank.// In this particular case you will need to allow anonymous binding// or specify a search user/password to bind with//$conf['auth']['ldap_user_container'] = 'ou=people';$conf['auth']['ldap_user_container'] = ''; // LDAP attribute used as login, e.g. 'uid', 'mail' or 'uidNumber'$conf['auth']['ldap_login'] = 'uid'; // LDAP attribute used as name for the welcome message, e.g. 'givenName', 'cn' or 'displayName'$conf['auth']['ldap_name'] = 'givenName'; // LDAP mail attribute(s) used as the final recipient address// Could be the actual mail attribute or another attribute// (in the latter case look for the "%m" token in the ldap query filter in amavisd.conf)$conf['auth']['ldap_mailAttr'] = array('mailRoutingAddress'); // If $conf['auth']['ldap_login'] is different from 'uid', we need to determine// corresponding 'uid' by binding anonymously or with the user defined below.// Leave blank for anonymous binding.$conf['auth']['ldap_searchUser'] = '';$conf['auth']['ldap_searchPassword'] = ''; /*** Active Directory Authentication Settings ***/// List of AD Domain controllers$conf['auth']['ad_hosts'] = array( 'dc1.example.com' );// if set to true, LDAP connection over SSL (PHP 4.0.4 minimum)// if set to false or not set, unencrypted LDAP connection on port 389$conf['auth']['ad_ssl'] = false; // AD base dn, e.g. 'dc=example,dc=com'$conf['auth']['ad_basedn'] = 'dc=example,dc=com'; // AD domain, e.g. 'example.com'$conf['auth']['ad_domain'] = 'example.com'; // AD attribute used to identify a person$conf['auth']['ad_user_identifier'] = 'samaccoutname'; // AD attribute used as login, e.g. 'samaccountname' or 'mail'$conf['auth']['ad_login'] = 'samaccountname'; // AD attribute used as name for the welcome message, e.g. 'givenName', 'cn' or 'displayName'$conf['auth']['ad_name'] = 'givenName'; // AD mail attribute(s) used as the final recipient address// Could be the actual mail attribute or another attribute// (in the latter case look for the "%m" token in the ldap query filter in amavisd.conf)// $conf['auth']['ad_mailAttr'] = array('mail'); // old// For accounts with multiple email address aliases use proxyAddresses$conf['auth']['ad_mailAttr'] = array('proxyAddresses'); // If $conf['auth']['ad_login'] is different from 'samaccountname', we need to determine// corresponding 'samaccountname' by binding with the user defined below.// Ad does not support anonymous bind$conf['auth']['ad_searchUser'] = 'manager';$conf['auth']['ad_searchPassword'] = 'secret'; /*** Database Authentication Settings ***/// Database type to be used by PEAR/* Options are: mysql -> MySQL pgsql -> PostgreSQL ibase -> InterBase msql -> Mini SQL mssql -> Microsoft SQL Server oci8 -> Oracle 7/8/8i odbc -> ODBC (Open Database Connectivity) sybase -> SyBase ifx -> Informix fbsql -> FrontBase */$conf['auth']['dbType'] = 'mysql'; // Database host specification (hostname[:port]) [localhost]$conf['auth']['dbHostSpec'] = ''; // Database user who can access the auth database$conf['auth']['dbUser'] = ''; // Password for above user to auth database$conf['auth']['dbPass'] = ''; // Name for auth database$conf['auth']['dbName'] = ''; // Name for auth table that contains usernames and passwords$conf['auth']['dbTable'] = ''; // Name of the Username field of the SQL table$conf['auth']['dbTableUsername'] = ''; // Name of the password field of the SQL table$conf['auth']['dbTablePassword'] = ''; // Name of the 'first name' or 'full name' field of the SQL table// This is used for the welcome message// If such a field does not exist, leave it blank$conf['auth']['dbTableName'] = ''; // Name of the 'mail address' field of the SQL table$conf['auth']['dbTableMail'] = ''; // Hash configuration// true = passwords are md5 encrypted in database// false = passwords are cleartext in database$conf['auth']['dbIsMd5'] = true; /*** Exchange 5.5 Authentication Settings ***/// Exchange 5.5 server host and IMAP port (e.g.: 10.1.1.20:143)$conf['auth']['exch_host'] = ''; // Exchange's LDAP server, it usually has the same IP as the Exchange server (e.g.: ldap://10.1.1.20)$conf['auth']['exch_ldap'] = ''; // Exchange default NT domain$conf['auth']['exch_domain'] = ''; /*** IMAP Authentication Settings ***/// List of IMAP servers and ports (e.g.: 10.1.1.20:143)// Tachtler// default: $conf['auth']['imap_hosts'] = array( 'imaphost.example.com:143' );$conf['auth']['imap_hosts'] = array( '192.168.0.80:143' ); // IMAP type/* Options are: imap -> default imaptls -> do not do start-TLS to encrypt the session, even with servers that support it imapssl -> use the Secure Socket Layer to encrypt the session imapcert -> use the Secure Socket Layer to encrypt the session, do not validate certificates from TLS/SSL server, needed if server uses self-signed certificates */// Tachtler// $conf['auth']['imap_type'] = 'imapssl';$conf['auth']['imap_type'] = 'imaptls'; // Domain name part of the email address, (e.g.: example.com)// Tachtler// default: $conf['auth']['imap_domain_name'] = 'example.com';$conf['auth']['imap_domain_name'] = 'tachtler.net'; /** * End of Authentication Settings */ /*** Permission listings ****//* The items you put in the admin lists * must be the same as the login ID. * Example: * If you login as 'userid' then.. * conf['auth']['s_admins'] = array ('userid','userid2'); * * OR * * If you login as 'userid@example.com' then... * conf['auth']['s_admins'] = array ('userid@example.com', * 'userid2@example.com' * ); * */ // List of Super Admins// Super Admins can do anything mail admins can plus// change settings// Tachtler// default: $conf['auth']['s_admins'] = array ('user1', 'user2');$conf['auth']['s_admins'] = array ('admin'); // List of Mail Admins// Mail Admins can see other users' spam and attachments// and can perform any action on them// Tachtler// default: $conf['auth']['m_admins'] = array ();$conf['auth']['m_admins'] = array ('admin'); // User login restriction (Does not affect admins)// If set to true, users will not be able to login. This is if you do// not want users to view their quarantine, yet only have admins to// view quarantines.$conf['auth']['login_restriction'] = false; // User restriction exemption// List of users still allowed to login even if// $conf['auth']['login_restriction'] = true//// Tachtler// default: $conf['auth']['restricted_users'] = array('user1', 'user2');$conf['auth']['restricted_users'] = array('klaus'); /********** * Miscellaneous Settings * * The following settings must correspond to your amavisd-new setup * ***********/ // Image to appear at the top of each page ['img/mailzu.gif']// Leave this string empty if you are not going to use an image// Specifiy link as 'directory/filename.gif'$conf['ui']['logoImage'] = 'img/mailzu.gif'; // Welcome message show at login page ['Welcome to MailZu!']$conf['ui']['welcome'] = 'Welcome to MailZu!'; // The full url to the root directory of MailZu// Please do not include the trailing slash// Tachtler// $conf['app']['weburi'] = 'https://mailzuhost.example.com/mailzu';$conf['app']['weburi'] = 'https://mailzu.tachtler.net/'; // How to send email ['mail']/* Options are: 'mail' for PHP default mail 'smtp' for SMTP 'sendmail' for sendmail 'qmail' for qmail MTA */// Tachtler// default: $conf['app']['emailType'] = 'mail';$conf['app']['emailType'] = 'smtp'; // SMTP email host address []// This is only required if emailType is SMTP// Tachtler// default: $conf['app']['smtpHost'] = '';$conf['app']['smtpHost'] = 'mx1.tachtler.net'; // SMTP port [25]// This is only required if emailType is SMTP$conf['app']['smtpPort'] = 25; // Path to sendmail ['/usr/sbin/sendmail']// This only needs to be set if the emailType is 'sendmail'$conf['app']['sendmailPath'] = '/usr/sbin/sendmail'; // Path to qmail ['/var/qmail/bin/sendmail']// This only needs to be set if the emailType is 'qmail'$conf['app']['qmailPath'] = '/var/qmail/bin/sendmail'; // Support for recipient delimiters// Enter the character used as a delimiter for your site// or leave empty// $conf['recipient_delimiter'] = '+';// Tachtler// default: $conf['recipient_delimiter'] = '';$conf['recipient_delimiter'] = '+'; // The email addresses of the support staff and/or administrator// An email is sent to these addresses when a user reports an error// or clicks the "Email Administrator" link// Tachtler// default: $conf['app']['adminEmail'] = array('support@example.com');$conf['app']['adminEmail'] = array('postmaster@tachtler.net'); // Email admin upon Release Request// When users try to release a banned file a request is sent to an// admin. Admins can always look at 'Pending Requests' in the MailZu// interface regardless.//// $conf['app']['notifyAdmin'] = 1;// Tachtler// default: $conf['app']['notifyAdmin'] = 0;$conf['app']['notifyAdmin'] = 1; // Show the "Email Administrator" link for users// If you have a large userbase, you may not want users to have the// capability to just email the admin// Note: The "Report Error" link is still available regardless// of this option. This link is only visible if a fatal error occurs// with releasing attachments. Default is 1 (show link).//// $conf['app']['showEmailAdmin'] = 0;$conf['app']['showEmailAdmin'] = 1; // Site Quarantine Summary display toggle.// Enable and display the "Site Quarantine Summary" link for admins.// Viewing the site summary may be an expensive database query.// Large sites may want to turn this off.// $conf['app']['siteSummary'] = 1$conf['app']['siteSummary'] = 1; // Show Site Quarantine in search only mode if set to 1.// No message is displayed when clicking on 'Site quarantine'.// Keep the default for for large sites.// $conf['app']['searchOnly'] = 1// Tachtler// $conf['app']['searchOnly'] = 1;$conf['app']['searchOnly'] = 0; // The default language code. This must be included in the language list in// langs.php// Tachtler// $conf['app']['defaultLanguage'] = 'en_US';$conf['app']['defaultLanguage'] = 'de'; // Display the choice for language selection during the login screen if set to 1// Otherwise set it to 0// Default is 1$conf['app']['selectLanguage'] = '1'; // If you are running PHP in safe mode, set this value to 1.// This toggles if we use the included Pear DB and Mail_Mime libraries included// with this distribution$conf['app']['safeMode'] = 0; // View time in 12 or 24 hour format [12]// Only acceptable values are 12 and 24 (if an invalid number is set, 12 hour// time will be used)// Tachtler// default: $conf['app']['timeFormat'] = 12;$conf['app']['timeFormat'] = 24; // Title of application ['MailZu']// Will be used for page titles and in 'From' field of email responses$conf['app']['title'] = 'MailZu'; // If we should log system activity or not [0]// Can be 0 (for no) and 1 (for yes)$conf['app']['use_log'] = 1; // If we should log additional debug information$conf['app']['debug'] = 0; // Directory/file for log ['/var/log/mailzu.log']// Specify as /directory/filename.extension$conf['app']['logfile'] = '/var/log/mailzu.log'; // Maximum number of messages displayed per page// Tachtler// default: $conf['app']['displaySizeLimit'] = 50;$conf['app']['displaySizeLimit'] = 25; // Allow users to view quarantined Bad Header messages// Bad headers are treated like spam and released// $conf['app']['allowBadHeaders'] = 0$conf['app']['allowBadHeaders'] = 0; // Allow users to view quarantined Viruses (Dangerous)// Virues are treated like Banned files and are placed// in the Pending Requests and require Admin release// $conf['app']['allowViruses'] = 0$conf['app']['allowViruses'] = 0; // Allow users to search by Mailid// $conf['app']['allowMailid'] = 0$conf['app']['allowMailid'] = 0; include_once('init.php');?>

Postfix AMaViS MailTo database cleanup

In order to prevent the accumulation of a large number of entries in the database over time, here a MySQL database, via- shellScript can regularly clean or clean them.

This can be done with the following script, which is brought by MailZu . The script is located in the directory under:

- /var/www/html/mailzu/scripts

and carries the name

- mz_db_clean.pl

In order to make the script usable, subsequent configurations within the script are necessary, which are indicated by the comment

# Tachtler

Marked are:

Here are the necessary configurations of /var/www/html/mailzu/scripts/mz_db_clean.pl( complete configuration script ):

#!/usr/bin/perl -w use strict;use Getopt::Long; ##### PLEASE CONFIGURE THIS SECTION ###### # Globals# Set this array for database authentication# Tachtler# default: my(@storage_sql_dsn) = (# default: 'DBI:Pg:database=dbname;host=host.example.org',# default: 'user','password'# default: );my(@storage_sql_dsn) = ( 'DBI:mysql:database=amavis;host=localhost', 'amavis','geheim' ); # Set this to 1 if you are using the new database schema# introduced with amavisd 2.4.0. Only do this if you also# have the foreign key references between the tables and use# time_iso as a real date type instead of a string.# Tachtler# default: my($new_dd) = 1; # 1 or undefmy($new_dd) = undef; # 1 or undef # Purge old messages - One Weekmy($interval) = time - 7*24*60*60;# Purge incomplete messages - 1 hourmy($partial_interval) = time - 60*60; # These variables only matter if $new_dd is set to 1# The values for these variables must be syntactically# correct for your database. This value is passed to# the 'interval' keyword. Please check your database# documentation # PostgreSQL# Tachtler# default: my($new_interval) = '1 week';# default: my($new_partial_interval) = '1 hour';# MySQL# Tachtler# default: #my($new_interval) = '7 day';# default: #my($new_partial_interval) = '1 hour';my($new_interval) = '7 day';my($new_partial_interval) = '1 hour'; # PostgreSQL specific options# Should we VACUUM ANALYZE the database after the purge?# Default is undef because we should be using autovacuummy($postop_vacuum) = undef; # 1 or undef ##### END OF CONFIGURATION SECTION ###### # Options arraymy(%opt); my(@modules);my(@missing); my(@dsn) = split(/:/,$storage_sql_dsn[0],-1);push(@modules, 'DBD::'.$dsn[1]) if uc($dsn[0]) eq 'DBI'; for my $m (@modules) { local($_) = $m; $_ .= /^auto::/ ? '.al' : '.pm' if !/\.(pm|pl|al)\z/; s[::][/]g; eval { require $_ } or push(@missing, $m);} die "ERROR: MISSING module(s):\n" . join('', map { " $_\n" } @missing) if @missing; sub build_queries($) { my($dbtype) = shift; # Return a hash of queries to be run my(%query) = ( # Old schema queries 'del_d_flag' => 'DELETE FROM msgrcpt ' . 'WHERE rs=\'D\'', 'del_partial_msg' => 'DELETE FROM msgs ' . "WHERE time_num < $partial_interval " . 'AND content IS NULL', 'del_old_mail_ids' => 'DELETE FROM msgs ' . "WHERE time_num < $interval", 'del_msgs_mail_ids' => 'DELETE FROM msgs ' . 'WHERE NOT EXISTS ' . ' (SELECT 1 FROM msgrcpt ' . ' WHERE msgrcpt.mail_id=msgs.mail_id)', 'del_quarantine' => 'DELETE FROM quarantine ' . 'WHERE NOT EXISTS '. ' (SELECT 1 FROM msgs ' . ' WHERE msgs.mail_id=quarantine.mail_id)', 'del_msgrcpt' => 'DELETE FROM msgrcpt ' . 'WHERE NOT EXISTS ' . ' (SELECT 1 FROM msgs ' . ' WHERE msgs.mail_id=msgrcpt.mail_id)', # New schema queries 'del_d_flag_new' => 'DELETE FROM msgs ' . 'WHERE mail_id IN ' . ' (SELECT DISTINCT mail_id ' . ' FROM msgrcpt WHERE rs=\'D\')', # Generic queries 'del_maddr' => 'DELETE FROM maddr ' . 'WHERE NOT EXISTS ' . ' (SELECT sid FROM msgs WHERE sid=id) ' . ' AND NOT EXISTS' . ' (SELECT rid FROM msgrcpt WHERE rid=id)' ); if ($dbtype eq 'pgsql') { $query{'vacuum_analyze'} = 'VACUUM ANALYZE'; # New schema queries $query{'del_old_mail_ids_new'} = 'DELETE FROM msgs ' . 'WHERE time_iso < now() ' . "- interval '$new_interval'"; $query{'del_partial_msg_new'} = 'DELETE FROM msgs ' . 'WHERE time_iso < now() ' . "- interval '$new_partial_interval' " . ' AND content IS NULL'; } if ($dbtype eq 'mysql') { # New schema queries $query{'del_old_mail_ids_new'} = 'DELETE FROM msgs ' . 'WHERE time_iso < UTC_TIMESTAMP() ' . "- interval $new_interval"; $query{'del_partial_msg_new'} = 'DELETE FROM msgs ' . 'WHERE time_iso < UTC_TIMESTAMP() ' . "- interval $new_partial_interval " . ' AND content IS NULL'; # Old schema queries $query{'del_msgs_mail_ids'} = 'DELETE msgs FROM msgs ' . 'LEFT JOIN msgrcpt USING(mail_id) ' . 'WHERE msgrcpt.mail_id IS NULL'; $query{'del_quarantine'} = 'DELETE quarantine FROM quarantine ' . 'LEFT JOIN msgs USING(mail_id) '. 'WHERE msgs.mail_id IS NULL'; $query{'del_msgrcpt'} = 'DELETE msgrcpt FROM msgrcpt ' . 'LEFT JOIN msgs USING(mail_id) ' . 'WHERE msgs.mail_id IS NULL'; } my(%post_query) = ( 'vacuum_analyze' => 'VACUUM ANALYZE' ); # Order of execution IS IMPORTANT! my(@query_order) = qw (del_d_flag del_partial_msg del_msgs_mail_ids del_old_mail_ids del_quarantine del_msgrcpt del_maddr ); @query_order = qw (del_d_flag_new del_partial_msg_new del_old_mail_ids_new del_maddr ) if $new_dd; my(@post_query_order); push(@post_query_order, 'vacuum_analyze') if $dbtype eq 'pgsql' && $postop_vacuum; return (\%query,\@query_order,\%post_query,\@post_query_order);} sub usage { print "Usage:\n"; print "\tmz_db_clean.pl [--verbose|-v] [--database|-db <dbtype>]\n"; print "\tmz_db_clean.pl --help|-h \n\n"; print "\tThe database configuration parameter is REQUIRED!\n\n"; print "\tPossible parameters for the \'--database\' option is \'mysql\'\n" . "\tand 'pgsql'.\n"; exit;} sub main { Getopt::Long::Configure('no_ignore_case'); GetOptions(\%opt, 'help|h', 'database|db=s', 'verbose|v', ) or exit(1); usage if $opt{help}; usage if not $opt{database}; my($dbh) = connect_to_sql(@storage_sql_dsn); my($query,$query_order,$p_query,$p_query_order) = build_queries($opt{database}); my($sth_ref) = prepare_queries($dbh,$query,$p_query); my($result) = exec_queries($dbh,$sth_ref,$query,$p_query, $query_order,$p_query_order ); print "Database cleanup successful\n" if $result; $dbh->disconnect;} sub exec_queries($$$$$) { my($dbh,$sth_ref,$query,$p_query,$query_o,$p_query_o) = @_; my($affected); $dbh->begin_work; eval { foreach (@$query_o) { if ($opt{verbose}) { print "Executing... " . localtime() . "\n"; print $query->{$_} . "\n"; } $affected = $sth_ref->{$_}->execute or die "Query '$_' did not execute"; print "$affected rows affected\n" if $opt{verbose}; } }; if ($@ ne '') { $dbh->rollback; print "There was an error executing a query! $@\n" . "No records modified by database maintenance\n" . "Rollback complete.\n"; return undef } else { $dbh->commit; } eval { foreach (@$p_query_o) { if ($opt{verbose}) { print "Executing... " . localtime() . "\n"; print $p_query->{$_} . "\n"; } $affected = $sth_ref->{$_}->execute or die "Query '$_' did not execute"; print "$affected rows affected\n" if $opt{verbose}; } }; if ($@ ne '') { print "There was an error executing an optional query! $@\n" . return undef } return 1; } sub connect_to_sql(@) { my(@sql_dsn) = @_; my($dsn, $username, $password) = @sql_dsn; print "Connecting to SQL database server\n" if $opt{verbose}; print "Trying dsn '$dsn'\n" if $opt{verbose}; my($dbh) = DBI->connect($dsn, $username, $password,# {PrintError => 1, RaiseError => 0, Taint => 1, AutoCommit => 0} ); {PrintError => 1, RaiseError => 0, Taint => 1} ); if ($dbh) { print "Connection to '$dsn' succeeded\n" if $opt{verbose}; } else { die "Unable to connect to '$dsn'!\n"; } $dbh;} sub prepare_queries($$$) { my($dbh) = shift; my($query) = shift; my($p_query) = shift; my(%sths); foreach my $query_set ($query, $p_query) { foreach (keys %$query) { $sths{$_} = $dbh->prepare($query->{$_}); } } \%sths} main;

HIWEIS - The following is the call of the script with possible parameters

# /var/www/html/mailzu/scripts/mz_db_clean.pl -v -db mysql Connecting to SQL database server Trying dsn 'DBI:mysql:database=amavis;host=localhost' Connection to 'DBI:mysql:database=amavis;host=localhost' succeeded Executing... Fri Sep 2 13:55:14 2011 DELETE FROM msgrcpt WHERE rs='D' 4 rows affected Executing... Fri Sep 2 13:55:14 2011 DELETE FROM msgs WHERE time_num < 1314960914 AND content IS NULL 0E0 rows affected Executing... Fri Sep 2 13:55:14 2011 DELETE msgs FROM msgs LEFT JOIN msgrcpt USING(mail_id) WHERE msgrcpt.mail_id IS NULL 4 rows affected Executing... Fri Sep 2 13:55:14 2011 DELETE FROM msgs WHERE time_num < 1314359714 527 rows affected Executing... Fri Sep 2 13:55:15 2011 DELETE quarantine FROM quarantine LEFT JOIN msgs USING(mail_id) WHERE msgs.mail_id IS NULL 0E0 rows affected Executing... Fri Sep 2 13:55:15 2011 DELETE msgrcpt FROM msgrcpt LEFT JOIN msgs USING(mail_id) WHERE msgs.mail_id IS NULL 0E0 rows affected Executing... Fri Sep 2 13:55:15 2011 DELETE FROM maddr WHERE NOT EXISTS (SELECT sid FROM msgs WHERE sid=id) AND NOT EXISTS (SELECT rid FROM msgrcpt WHERE rid=id) 19 rows affected Database cleanup successful

Postfix AMaViS MailTo German language file

Under following link on my repository -> http://www.repository.tachtler.net/applications/mailzu/ can the appropriate German language files

- de.help.php
- de.lang.php

be downloaded.

Subsequently, this must in the directory as follows MailZu be moved, what can be done with the following command ( assume that after both files download in the directory /tmpare ):

#mv /tmp/de.* / var / www / html / mailzu / lang

Subsequently, the ownership rights must be set accordingly with the following command:

# chown root.apache /var/www/html/mailzu/lang/de.*

Subsequently, in the PHP source code file of MailZu is named

- /var/www/html/mailzu/config/langs.php

to be completed as follows ( only relevant excerpt ):

... $ languages = array ( // Tachtler 'the' => array ( 'the ([-_] [[: alpha:]] {2})? | german' , 'de.lang.php' , ' the ' , ' Deutsch ' ) , ' en_US ' => array ( ' and ([-_] us)? | english ' , ' en_US.lang.php ' , ' and ' , ' English US ' ) , ' en_GB ' => array ( 'and ([-_] gb)? | english' , 'en_GB.lang.php' , 'and' , 'English GB' ) , 'is' => array('es([-_][[:alpha:]]{2})?|spanish', 'es.lang.php', 'es', 'Español'), 'cs' => array('cs([-_][[:alpha:]]{2})?|czech', 'cs.lang.php', 'cs', 'Česky'), 'fr' => array('fr([-_][[:alpha:]]{2})?|french', 'fr.lang.php', 'fr', 'Français'), 'it' => array('it([-_][[:alpha:]]{2})?|italian', 'it.lang.php', 'it', 'Italiano'), 'pt_BR' => array('pt([-_]br)?|portuguese', 'pt_BR.lang.php', 'pt', 'Portuguese Brazilian'));...

Now also the default language setting can be as follows in the configuration file

- /var/www/html/mailzu/config/config.php

be changed ( only relevant section ):

...// The default language code. This must be included in the language list in// langs.php// Tachtler// $conf['app']['defaultLanguage'] = 'en_US';$conf['app']['defaultLanguage'] = 'de';...

Postfix AMaViS MailZu Patch 2.7.0

As of AMaViS Version 2.7.0 , the following program file has to be patched by MailZu , otherwise errors will occur when accessing the database .

The file that needs to be "patched" is

- /var/www/mailzu/lib/DBEngine.class.php

The "patch" with the name Amavisd-new 2.7.0 compatibilitycan be downloaded under the following link:

- Amavisd-new 2.7.0 compatibility

NOTE - In the following file, I have already incorporated the above "patch"!

- DBEngine.class.php_AMaViS_2.7.0_Patch.zip

Postfix AMaViS MailTo troubleshoot

Some mistakes have been made in the PHP source code of MailZu . Subsequent corrections or additions to the PHP source code should be made:

File:/var/www/html/mailzu/lib/DBEngine.class.php - Line: 243 :

# Tachtler # default: if ($conf['db']['dbtype'] == 'mysql') { if ($conf['db']['dbType'] == 'mysql') {

File:/var/www/html/mailzu/messagesAdmin.php - Line: 59 :

// Tachtler $content_type='';

File:/var/www/html/mailzu/messagesPendingAdmin.php - Line: 57 :

// Tachtler $content_type='';

mail_id with '_'

Since Postfix also assigns e-mail IDs with the character _( underscore ), problems such as deleting e-mails from the quarantine display of MailZu can occur.

NOTE The following code lines solve this problem!

The program file of MailZu with the following name must be adapted as follows:

- lib/Quarantine.lib.php

The changes are to be made from line 260 :

Before (only relevant excerpt):

... // Get mail_id and recipient email address $temp = preg_split('/_/', $mail_id_recip, 2); $mail_id = $temp[0]; $recip_email = $temp[1]; ...

After (only relevant excerpt):

... // Get mail_id and recipient email address // Tachtler // default: $temp = preg_split('/_/', $mail_id_recip, 2); // default: $mail_id = $temp[0]; // default: $recip_email = $temp[1]; $help_recip_email = array_reverse(explode('_', $mail_id_recip)); $recip_email = $help_recip_email[0]; $help_mail_id = explode('_' . $recip_email, $mail_id_recip); $mail_id = $help_mail_id[0]; ...

-------------------------------------X-------------------------------------------------

http://rajeevkumarreemavyatta.blogspot.com/2013/03/mailzu-with-amavisd-new.html

MAILZU WITH AMAVISD

DOCUMENTATION FOR IMPLEMENTING MAILZU WITH AMAVISD-NEW :

# cd /var/www/html/

Download Mailzu

# wget http://nchc.dl.sourceforge.net/project/mailzu/mailzu/MailZu%200.8RC3/MailZu_0.8RC3.tar.gz

# tar xzf MailZu_0.8RC3.tar.gz

# mv MailZu_0.8RC3.tar.gz /usr/local/src/

# mv MailZu_0.8RC3 mailzu

# cd mailzu/config

# cp config.php.sample config.php

# cp config.php.sample config.php.original

# wget http://www200.pair.com/mecham/spam/mzcpatch.txt

# patch -p0 < mzcpatch.txt

Make a Database For Amavisd named as amavis and give all accesses to amavis user on all tables of amavis database and give it to password as amavis as :

# mysql -u root -p

Enter Password:

mysql > create database amavis ;

mysql > grant all privileges on amavis.* to amavis@localhost identified by 'amavis' ;

mysql > exit

Now try to login mysql Server as :

# mysql -u amavis -pamavis amavis

Now we have to add Schemas to amavis database . Copy below contents in a file and then redirects it to a text file as :

######################################################################################################################################

# vim amavis.sql

-- local users

CREATE TABLE users (

id int unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY, -- unique id

priority integer NOT NULL DEFAULT '7', -- sort field, 0 is low prior.

policy_id integer unsigned NOT NULL DEFAULT '1', -- JOINs with policy.id

email varbinary(255) NOT NULL UNIQUE,

fullname varchar(255) DEFAULT NULL, -- not used by amavisd-new

local char(1) -- Y/N (optional field, see note further down)

);

-- any e-mail address (non- rfc2822-quoted), external or local,

-- used as senders in wblist

CREATE TABLE mailaddr (

id int unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,

priority integer NOT NULL DEFAULT '7', -- 0 is low priority

email varbinary(255) NOT NULL UNIQUE

);

-- per-recipient whitelist and/or blacklist,

-- puts sender and recipient in relation wb (white or blacklisted sender)

CREATE TABLE wblist (

rid integer unsigned NOT NULL, -- recipient: users.id

sid integer unsigned NOT NULL, -- sender: mailaddr.id

wb varchar(10) NOT NULL, -- W or Y / B or N / space=neutral / score

PRIMARY KEY (rid,sid)

);

CREATE TABLE policy (

id int unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,

-- 'id' this is the _only_ required field

policy_name varchar(32), -- not used by amavisd-new, a comment

virus_lover char(1) default NULL, -- Y/N

spam_lover char(1) default NULL, -- Y/N

banned_files_lover char(1) default NULL, -- Y/N

bad_header_lover char(1) default NULL, -- Y/N

bypass_virus_checks char(1) default NULL, -- Y/N

bypass_spam_checks char(1) default NULL, -- Y/N

bypass_banned_checks char(1) default NULL, -- Y/N

bypass_header_checks char(1) default NULL, -- Y/N

spam_modifies_subj char(1) default NULL, -- Y/N

virus_quarantine_to varchar(64) default NULL,

spam_quarantine_to varchar(64) default NULL,

banned_quarantine_to varchar(64) default NULL,

bad_header_quarantine_to varchar(64) default NULL,

clean_quarantine_to varchar(64) default NULL,

other_quarantine_to varchar(64) default NULL,

spam_tag_level float default NULL, -- higher score inserts spam info headers

spam_tag2_level float default NULL, -- inserts 'declared spam' header fields

spam_kill_level float default NULL, -- higher score triggers evasive actions

-- e.g. reject/drop, quarantine, ...

-- (subject to final_spam_destiny setting)

spam_dsn_cutoff_level float default NULL,

spam_quarantine_cutoff_level float default NULL,

addr_extension_virus varchar(64) default NULL,

addr_extension_spam varchar(64) default NULL,

addr_extension_banned varchar(64) default NULL,

addr_extension_bad_header varchar(64) default NULL,

warnvirusrecip char(1) default NULL, -- Y/N

warnbannedrecip char(1) default NULL, -- Y/N

warnbadhrecip char(1) default NULL, -- Y/N

newvirus_admin varchar(64) default NULL,

virus_admin varchar(64) default NULL,

banned_admin varchar(64) default NULL,

bad_header_admin varchar(64) default NULL,

spam_admin varchar(64) default NULL,

spam_subject_tag varchar(64) default NULL,

spam_subject_tag2 varchar(64) default NULL,

message_size_limit integer default NULL, -- max size in bytes, 0 disable

banned_rulenames varchar(64) default NULL -- comma-separated list of ...

-- names mapped through %banned_rules to actual banned_filename tables

);

-- R/W part of the dataset (optional)

-- May reside in the same or in a separate database as lookups database;

-- REQUIRES SUPPORT FOR TRANSACTIONS; specified in @storage_sql_dsn

--

-- MySQL note ( http://dev.mysql.com/doc/mysql/en/storage-engines.html ):

-- ENGINE is the preferred term, but cannot be used before MySQL 4.0.18.

-- TYPE is available beginning with MySQL 3.23.0, the first version of

-- MySQL for which multiple storage engines were available. If you omit

-- the ENGINE or TYPE option, the default storage engine is used.

-- By default this is MyISAM.

--

-- Please create additional indexes on keys when needed, or drop suggested

-- ones as appropriate to optimize queries needed by a management application.

-- See your database documentation for further optimization hints. With MySQL

-- see Chapter 15 of the reference manual. For example the chapter 15.17 says:

-- InnoDB does not keep an internal count of rows in a table. To process a

-- SELECT COUNT(*) FROM T statement, InnoDB must scan an index of the table,

-- which takes some time if the index is not entirely in the buffer pool.

--

-- Wayne Smith adds: When using MySQL with InnoDB one might want to

-- increase buffer size for both pool and log, and might also want

-- to change flush settings for a little better performance. Example:

-- innodb_buffer_pool_size = 384M

-- innodb_log_buffer_size = 8M

-- innodb_flush_log_at_trx_commit = 0

-- The big performance increase is the first two, the third just helps with

-- lowering disk activity. Consider also adjusting the key_buffer_size.

-- provide unique id for each e-mail address, avoids storing copies

CREATE TABLE maddr (

partition_tag integer DEFAULT 0, -- see $sql_partition_tag

id bigint unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,

email varbinary(255) NOT NULL, -- full mail address

domain varchar(255) NOT NULL, -- only domain part of the email address

-- with subdomain fields in reverse

CONSTRAINT part_email UNIQUE (partition_tag,email)

) ENGINE=InnoDB;

-- information pertaining to each processed message as a whole;

-- NOTE: records with NULL msgs.content should be ignored by utilities,

-- as such records correspond to messages just being processes, or were lost

-- NOTE: instead of a character field time_iso, one might prefer:

-- time_iso TIMESTAMP NOT NULL DEFAULT 0,

-- but the following MUST then be set in amavisd.conf: $timestamp_fmt_mysql=1

CREATE TABLE msgs (

partition_tag integer DEFAULT 0, -- see $sql_partition_tag

mail_id varbinary(12) NOT NULL PRIMARY KEY, -- long-term unique mail id

secret_id varbinary(12) DEFAULT '', -- authorizes release of mail_id

am_id varchar(20) NOT NULL, -- id used in the log

time_num integer unsigned NOT NULL, -- rx_time: seconds since Unix epoch

time_iso char(16) NOT NULL, -- rx_time: ISO8601 UTC ascii time

sid bigint unsigned NOT NULL, -- sender: maddr.id

policy varchar(255) DEFAULT '', -- policy bank path (like macro %p)

client_addr varchar(255) DEFAULT '', -- SMTP client IP address (IPv4 or v6)

size integer unsigned NOT NULL, -- message size in bytes

content binary(1), -- content type: V/B/S/s/M/H/O/C:

-- virus/banned/spam(kill)/spammy(tag2)/bad-mime/bad-header/oversized/clean

-- is NULL on partially processed mail

-- use binary instead of char for case sensitivity ('S' != 's')

quar_type binary(1), -- quarantined as: ' '/F/Z/B/Q/M/L

-- none/file/zipfile/bsmtp/sql/

-- /mailbox(smtp)/mailbox(lmtp)

quar_loc varbinary(255) DEFAULT '', -- quarantine location (e.g. file)

dsn_sent char(1), -- was DSN sent? Y/N/q (q=quenched)

spam_level float, -- SA spam level (no boosts)

message_id varchar(255) DEFAULT '', -- mail Message-ID header field

from_addr varchar(255) DEFAULT '', -- mail From header field, UTF8

subject varchar(255) DEFAULT '', -- mail Subject header field, UTF8

host varchar(255) NOT NULL, -- hostname where amavisd is running

FOREIGN KEY (sid) REFERENCES maddr(id) ON DELETE RESTRICT

) ENGINE=InnoDB;

CREATE INDEX msgs_idx_sid ON msgs (sid);

CREATE INDEX msgs_idx_mess_id ON msgs (message_id); -- useful with pen pals

CREATE INDEX msgs_idx_time_num ON msgs (time_num);

-- alternatively when purging based on time_iso (instead of msgs_idx_time_num):

-- CREATE INDEX msgs_idx_time_iso ON msgs (time_iso);

-- per-recipient information related to each processed message;

-- NOTE: records in msgrcpt without corresponding msgs.mail_id record are

-- orphaned and should be ignored and eventually deleted by external utilities

CREATE TABLE msgrcpt (

partition_tag integer DEFAULT 0, -- see $sql_partition_tag

mail_id varbinary(12) NOT NULL, -- (must allow duplicates)

rid bigint unsigned NOT NULL, -- recipient: maddr.id (dupl. allowed)

ds char(1) NOT NULL, -- delivery status: P/R/B/D/T

-- pass/reject/bounce/discard/tempfail

rs char(1) NOT NULL, -- release status: initialized to ' '

bl char(1) DEFAULT ' ', -- sender blacklisted by this recip

wl char(1) DEFAULT ' ', -- sender whitelisted by this recip

bspam_level float, -- spam level + per-recip boost

smtp_resp varchar(255) DEFAULT '', -- SMTP response given to MTA

FOREIGN KEY (rid) REFERENCES maddr(id) ON DELETE RESTRICT,

FOREIGN KEY (mail_id) REFERENCES msgs(mail_id) ON DELETE CASCADE

) ENGINE=InnoDB;

CREATE INDEX msgrcpt_idx_mail_id ON msgrcpt (mail_id);

CREATE INDEX msgrcpt_idx_rid ON msgrcpt (rid);

-- mail quarantine in SQL, enabled by $*_quarantine_method='sql:'

-- NOTE: records in quarantine without corresponding msgs.mail_id record are

-- orphaned and should be ignored and eventually deleted by external utilities

CREATE TABLE quarantine (

partition_tag integer DEFAULT 0, -- see $sql_partition_tag

mail_id varbinary(12) NOT NULL, -- long-term unique mail id

chunk_ind integer unsigned NOT NULL, -- chunk number, starting with 1

mail_text blob NOT NULL, -- store mail as chunks of octets

PRIMARY KEY (mail_id,chunk_ind),

FOREIGN KEY (mail_id) REFERENCES msgs(mail_id) ON DELETE CASCADE

) ENGINE=InnoDB;

:wq ( Save & Quit )

############################################################################################################################

Now run below command to redirect this to amavis database as :

# mysql -u root -p amavis < amavis.sql

Now Make Following changes in /var/www/html/mailzu/config/config.php as given below :

# sed -i "s/'user'/'amavis'/" config.php ( Amavis Database User )

# sed -i "s/'pass'/'amavis'/" config.php ( Amavis Database User 's Password )

# sed -i "s/'dbname'/'amavis'/" config.php ( Amavisd Database named as amavis )

# sed -i "s/hostname.domain.tld/localhost/" config.php ( Specify here Database's Host Name )

# sed -i "s/binquar'] = false/binquar'] = true/" config.php

# sed -i "s/'auth']\['serverType'] = 'ldap'/'auth']\['serverType'] = 'imap'/" config.php ( Specify Authentication Method )

# sed -i "s|imaphost.domain.tld:143|localhost:110/pop3/novalidate-cert|" config.php ( Enter Imap Server & Port )

# sed -i "s/'imap_type'] = 'imapssl'/'imap_type'] = 'imap'/" config.php ( User Default Settings as imap for imap_type )

# sed -i "s/'imap_domain_name'] = 'domain.tld'/'imap_domain_name'] = ''/" config.php ( Make It Blank )

# sed -i "s/mailzuhost.domain.tld/msa.example.com/" config.php ( Specify Mailzu Url At Here )

# sed -i "s/'emailType'] = 'mail'/'emailType'] = 'sendmail'/" config.php

# sed -i "s/'recipient_delimiter'] = ''/'recipient_delimiter'] = '+'/" config.php ( Make It Blank )

# sed -i "s/support@domain.tld/postmaster@example.com/" config.php ( The Email Address of The Support Administrator )

# cp ../lib/IMAPAuth.class.php ../lib/IMAPAuth.class.php.original

# sed -i "s/, OP_HALFOPEN//" ../lib/IMAPAuth.class.php

# cp ../lib/DBEngine.class.php ../lib/DBEngine.class.php.original

# sed -i 's/dbtype/dbType/' ../lib/DBEngine.class.php

Enter MailLogs Settings For Mailzu :

# touch /var/log/mailzu.log

# chown www-data:www-data /var/log/mailzu.log

# chmod 660 /var/log/mailzu.log

# chown -R root:www-data /var/www/mailzu

# chmod 644 config.php

# cd /etc/logrotate.d

# wget http://www200.pair.com/mecham/spam/mailzu.logrotate.txt

# mv mailzu.logrotate.txt mailzu

Now Make Communicate Mailzu with Amavisd-New as :

# vim /etc/amavisd.conf ===> edit & Insert following line :

$inet_socket_port = [10024,9998,10029];

$interface_policy{'9998'} = 'AM.PDP';

$policy_bank{'AM.PDP'} = {

protocol => 'AM.PDP',

inet_acl => [qw( 127.0.0.1 [::1] 192.168.0.X )],

};

$banned_files_quarantine_method = 'sql:';

$spam_quarantine_method = 'sql:';

:wq ( Save & Quit )

Now Restart Amavisd Service as :

# pidof amavisd

# kill -15 PID_OF_AMAVISD_DAEMON

Now Restart Httpd and amavis Service as :

# service httpd restart

# su -vscan -c /usr/sbin/amavisd

Now Try to login into Mailzu through Web Browser :

http://IP_ADDR_OF_MAILSERVER/mailzu

----