Monthly Archives: June 2004

Creating a Mail Gateway for Microsoft Exchange

Setting Up a Spam-Filtering Mail Gateway


For Microsoft Exchange


Using Fedora Core 1, Postfix 2.0.19,


Amavisd-New and Razor2


If you find this document useful, or have any additions or corrections, please send a message to the Webmaster.

Document Conventions


Configuration filename–link to example file Command prompt Command typed by user Comments Input to text editor

Install Fedora Core 1


Use “server” configuration

(need to detail this…)

Install Fedora Core 1 Updates


[root]# rpm -ivh http://ftp.freshrpms.net/pub/freshrpms/fedora/linux/1/apt/apt-0.5.15cnc3-0.1.fr.i386.rpm [root]# vi /etc/apt/sources.list

add the lines: rpm http://apt.sw.be redhat/fc1/en/i386 dag

rpm-src http://apt.sw.be redhat/fc1/en/i386 dag

rpm http://ftp.WL0.org apt/fedora/fc1/i386 postfix

rpm-src http://postfix.WL0.org ftp/apt/fedora/fc1/i386 postfix

[root]# apt-get remove sendmail sendmail-cf [root]# apt-get update [root]# apt-get upgrade You may have to run this multiple times. After APT updates the first time, you may get an error about not finding sources.list. If so, do: [root]# mv /etc/apt/sources.list.rpmsave /etc/apt/sources.list (you can ignore errors about duplicate sources).

Compile and Install Postfix


[root]# apt-get source postfix [root]# apt-get install rpm-build gcc gawk sed ed patch [root]# apt-get install mysql mysql-devel (if using mysql) [root]# cd /usr/src/redhat/SOURCES [root]# export POSTFIX_MYSQL_REDHAT=1 (if using mysql) [root]# export POSTFIX_PCRE=1 [root]# export POSTFIX_SASL=2 (if using SASL for SMTP AUTH) [root]# export POSTFIX_TLS=1 (for SMTP AUTH) [root]# export POSTFIX_SMTPD_MULTILINE_GREETING=1 [root]# sh make-postfix.spec [root]# cd ../SPECS [root]# rpmbuild -ba postfix.spec you will probably get some errors about needed RPM devel packages. for each one, do: [root]# apt-get install [root]# cd ../RPMS/i386 [root]# rpm -ivh postfix.*.rpm (or: rpm -Uvh postfix.*.rpm if postfix is already installed) [root]# chkconfig postfix off [root]# postfix stop [root]# cd /etc/postfix [root]# vi main.cf (linked file) [root]# vi master.cf (linked file) [root]# ./postfix-chroot.sh enable

Install Amavisd-New and Pflogsumm (Postfix Log Summarizer)


[root]# apt-get install pflogsumm amavisd-new [root]# chkconfig amavisd off [root]# service amavisd stop [root]# vi /etc/amavisd.conf (linked file) [root]# vi /var/spool/amavis/notify-spam-sender.txt
(linked file) [root]# mkdir -p /var/spool/amavis/tmp [root]# mkdir -p /var/spool/amavis/lookups [root]# cd lookups [root]# touch blacklist_sender whitelist_sender
(edit as necessary) [root]# vi spam_lovers add: postmaster@domain.com abuse@domain.com [root]# vi virus_lovers (same thing – add postmaster and abuse) [root]# cd ../.. [root]# chown -R amavis:amavis amavis

Install Razor2


[root]# cd ~ [root]# wget http://aleron.dl.sourceforge.net/sourceforge/razor/razor-agents-2.40.tar.gz [root]# perl -MCPAN -e shell cpan> install Net::Ping cpan> install Net::DNS cpan> install Time::HiRes cpan> install Digest::SHA1 cpan> install GetOpt::Long cpan> install File::Copy cpan> install Digest::Nilsimsa cpan> install URI::Escape cpan> quit [root]# tar xvfz razor-agents-2.40.tar.gz [root]# cd razor-agents-2.40 [root]# perl Makefile.PL [root]# make [root]# make test [root]# make install [root]# su amavis [amavis]$ razor-client [amavis]$ razor-admin -create [amavis]$ razor-admin -register [amavis]$ cd /var/spool/amavis/.razor [amavis]$ vi razor-agent.conf debuglevel=1 [amavis]$ exit

Configure reporting tools


[root]# cd /usr/local/sbin [root]# vi pflogs.sh (attached file)

[root]# vi rejections.sh (attached file)

[root]# chmod a+x pflogs.sh
rejections.sh
[root]# cd /etc/logrotate.d [root]# vi maillog
add before “endscript”:
/usr/local/sbin/rejections.sh”

/usr/local/sbin/pflogs.sh

Configure SpamAssassin Rule updates


[root]# wget http://maxime.ritter.eu.org/Spam/rule-get [root]# vi rule-get change: my $real_path=”/etc/mail/spamassassin” [root]# chmod a+x rule-get [root]# cd /etc/mail/spamassassin [root]# rule-get get-rules [root]# rule-get install BackHair Weeds2 ChickenPox BigEvil TripWire EvilNumbers

$100 a plate?

Ed. Note: this is in regards to a celebration for the 100th Anniversary of St. Mary’s Catholic Center, the Catholic Campus Ministry for Texas A&M University. From a letter to the St. Mary’s Development Office.

Why did the planning committee for the 100 year anniversary of Catholic ministry to Texas A&M decide to place such a high price per person to attend this gala?

The committee is pricing out a large portion of former students from St Mary’s who would love to attend, but can’t because of the price. Many are young families with or without children who will not be able to justify the cost, even for such a good cause as St Mary’s. If the cost had been lower, say $30-40 a plate, I think that the Development Office would find that many more people might attend and even find that they are able to make a donation in addition to the cost of the Gala.

St Mary’s means so much to so many people. It would seem to me that an event like this would be cause to bring together as many former students as possible to share what St Mary’s meant to them while they attended Texas A&M. Setting the price at $100 a plate will likely turn people away who would otherwise attend. It sets the tone that only people who can afford to pay are welcome here, and that’s not what St Mary’s is about.

It is also a concern that only a handful of people may find out about this event. When the Aggie Awakening 20th Anniversary reunion came around last fall, it appeared that only those on St Mary’s mailing list found out about it. I talked to several people who were very active with Aggie Awakening who either did not know about the reunion or found out in too little time to plan to attend. To my knowledge, efforts were not made to place advertisements in diocesean newspapers around Texas or in the Texas Aggie Magazine to reach out to those who have lost contact with St Mary’s. By spending a relatively small amount of money in advertising this event, so many more people would have attended because of the opportunity to see old friends, not to mention how much Aggie Awakening touched their lives. In turn, by advertising and reducing the cost to attend the Gala, I feel that more people would feel welcome and want to attend a celebration of St Mary’s ministry to Texas A&M.

Sincerely,

Terri ’98]]>

Yahoo Protocol changes – business, bluster or bull?

Gaim chat client, so AOL, ICQ and Yahoo are in one easy-to-use, and free, program). Yahoo pulled a nice stunt on Thursday, changing the chat protocol so that “that spammers will be blocked from abusing our system to spam our
users”. Unfortunately, they failed to take into account that spammers will always find a way. They’re kinda like roaches. Click to read my letter to messenger-security@yahoo-inc.com, and the response I received….

Here’s what I sent to the email address I could find. For some reason, “messenger-security” seems like an appropriate recipient, as they’re claiming that the blocking is a “security measure”…. To: messenger-security[at]yahoo-inc.com Subject: Blocking third-party clients — bogus “security” argument is shameful The latest argument being used by Yahoo to block third-party clients from their IM service is one of the biggest crocks of bullhockey that I’ve heard. Security? Anti-spim? That’s already taken care of by the client, when the user chooses to accept messages only from his buddies. This sounds like another case of greed getting the better of the users’ (and thus the CUSTOMERS’) experience.

I have had a Yahoo! account for years (at least four, possibly closer to seven). I didn’t start using Yahoo’s Messenger services until I discovered a client I liked (Gaim, in this case) that allowed me to open ICQ, AIM, and Yahoo! together. If the client hadn’t been able to talk to Yahoo messaging protocol, I would still not be using Yahoo for messaging because having to download and install yet another chat client simply wasn’t worth my time.

If you want to increase the value of your instant messaging system, add features (such as AmiKai’s AmiChat: http://www.amikai.com/products/portal/amichat.jsp) instead of acting like the three-year-old who takes his ball and goes home when the game doesn’t go his way. The way to survive is to adapt and be open to changes that benefit you AND your customers.

Robert Cooper

quoted from:
http://news.com.com/Yahoo+to+Trillian%3A+Talk+to+the+hand/2100-1032_3-5245821.html “This time, however, Yahoo said it will continue changing its protocols to prevent clients such as Trillian from finding new ways to incorporate Yahoo. Again, the measure was cited by Yahoo as a way to prevent IM spam.

“By making frequent protocol changes, it is our expectation that spammers will be blocked from abusing our system to spam our users,” [Yahoo spokeswoman Mary] Osako said.”

-=-=-=-=- And the response I received…. -=-=-=-=-

Followup to my email to Yahoo. Here is their reply….

Hello,

Thank you for writing to Yahoo! Messenger.

Yahoo! does not support third-party applications. Please contact the manufacturer directly in regard to this issue.

Thank you again for contacting Yahoo! Customer Care.

Regards,

Minnie

Yahoo! Customer Care

-=-=-=-=-

Sounds like issue avoidance to me. I thought my message was pretty clear.
]]>

A-Kon 2004 pictures