Gamera or second copy of plesk?

[lewiss]

I need to pre-scan email using a spam appliance and to have smarthost secondary for plesk.

So far, I'm testing assp which seems to work really well for the spam issue.

I then came across gamera for spam and smarthost functions but a few things aren't clear to me.

I've installed it, everything went well, I've rebooted but now what? I see everything seems to be running other than clamav so am guessing it's ready to use.

However, from what I know of spam busting, there's configurations to mess with . The docs don't seem to indicate what I need to do next to get the server ready to start acting as a spam filter and smart host for plesk.

Can someone shed some light on this, perhaps a document lead, etc.

Mike

[scott]

Only 2 steps:

1) yum install project-gamera

2) edit /var/qmail/control/rcpthosts with the domains to accept mail for, and /var/qmail/control/smtproutes to route the mail to the destination server

[lewiss]

Only 2 steps:

1) yum install project-gamera

2) edit /var/qmail/control/rcpthosts with the domains to accept mail for, and /var/qmail/control/smtproutes to route the mail to the destination server

So it's ready to go? Just point my MX records to it and tell smtproutes where my plesk server (it's name and IP) is?

But what about updates, fine tuning, things like that? I've never seen a spam filter be that simple?

Mike

[scott]

yum update would cover the core updates, clamav (might wanna double check that) and spamassassin are configured to maintain themselves more or less. After that you just add/remove entries to rcpthosts/smtproutes, and you don't even need to restart the daemon.

[lewiss]

yum update would cover the core updates, clamav (might wanna double check that) and spamassassin are configured to maintain themselves more or less. After that you just add/remove entries to rcpthosts/smtproutes, and you don't even need to restart the daemon.

Wow, really? I'm impressed. I'm not used to anything being automated to this extent. Clamav is not running, do I only need to get it running?

How do users report spam, not spam, things of that nature? Do I need to teach it in any way?

[scott]

You actually listen to your users?

[lewiss]

You actually listen to your users?

You know, that's gotten me into a lot of trouble over the years .

Actually, it's what I've been reading about spam, that in order for the spam server to learn, users should teach it with spam, not spam messages.

Mike

[lewiss]

Ok, so it's been sitting there for days now, installed, I've done nothing else other than add the smtproutes file in control.

I just want to confirm, it's the name of the mail server and it's IP, right? I don't need to put it's public IP in since this is for internal use, correct?

So,

mail.servername.com:192.168.1.31 (my plesk server)

Change the MX record in my DNS on what ever domain I want to start filtering and that's it?

Oh, and, what do I need to do to have it act as a smarthost to plesk? I know about setting up the rcpthosts file, is that it?

Mike

[warrenc]

Seems that way from what Scott said, but let me know what you find out, I'm looking to move spam filtering over to a different machine as well.

[lewiss]

This is taking a lot longer than I hoped .

The install was insanely simple but what do I do now? Is there any more documentation somewhere?

[scott]

Documentation for what exactly? Its 2 flat files with the list of domains to handle mail for. You don't even restart anything

[lewiss]

Documentation for what exactly? Its 2 flat files with the list of domains to handle mail for. You don't even restart anything

Like I said, I've never seen anything that I don't need to maintain in some way or another. This is not making sense to me and I'd love to better understand it so that I can use it.

For example any spam server I've ever built, such as assp, while it runs on it's own for the most part, you still have to teach it and tweak it and work at it so that it will do the best job. Even Qmail-Toaster as another example, which is another email server I run, needs constant attention, tweaking, fine tuning, it's never that easy.

So I don't understand how your spam solution can be this simple. It's not clear to me how it gets updates, how I teach it, how I fine tune it, how it acts as a smarthost, etc.

That's why I'd love documentation because it would be a dream if it does all of these things so easily.

PS: For example, in the logs,

Sep 1 04:02:06 gam64 freshclam[27244]: Downloading daily-8131.cdiff [100%]
Sep 1 04:02:06 gam64 freshclam[27244]: daily.cld updated (version: 8131, sigs: 93955, f-level: 33, builder: mcichosz)
Sep 1 04:02:06 gam64 freshclam[27244]: Your ClamAV installation is OUTDATED!
Sep 1 04:02:06 gam64 freshclam[27244]: Current functionality level = 31, recommended = 33
Sep 1 04:02:06 gam64 freshclam[27244]: DON'T PANIC! Read http://www.clamav.net/support/faq
Sep 1 04:02:06 gam64 freshclam[27244]: Database updated (406259 signatures) from db.us.clamav.net (IP: 208.67.80.27)
Sep 1 04:02:06 gam64 freshclam[27244]: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket

So for example, right from the start, there is some maintenance which needs to be done. Someone trying this out and not linux aware enough to even look at the logs, would not even know about this based on what you're told me, that it's done once installed.

This is not arguing with you, I like the stuff you're putting out, and I'd love to put it to use, let others know about it, etc. Just need to better understand it .

Mike

[lewiss]

So, it's in testing now, using one domain for testing.

I am able to receive normal email but spam is making it in as well.

I'm also seeing errors which, not being an email pro, I am not quite sure about yet.

I'm seeing this repeated;

@4000000048bd045307f2b0dc delivery 535: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/
@4000000048bd045307f2d01c status: local 0/10 remote 0/20

And some other things but I'l looking at them before I post.

Mike

[lewiss]

Alright, so, spam is getting in already and I'm not sure what my options are.

In the log;

@4000000048bd08d10d0b8bd4 info msg 1627830: bytes 1200 from <eduardoif5@sorascarcare.com> qp 31319 uid 101
@4000000048bd08d10d0b9b74 starting delivery 549: msg 1627830 to remote xxxxx@xxxxx.com
@4000000048bd08d10d0ba72c status: local 0/10 remote 1/20

The actual email;

From:
Zorian <folet1977@ThinkCorporate.com>

Subject:
Re: Miley's naked pics

Date:
Tue, 2 Sep 2008 17:26:42 +0200

To:
<xxxxx@xxxxx.com>

Don't settle for anything less than a humongous 9 inches. http://www.fadepass.com/

[scott]

Well for starters, I'm very very lazy. Probably a lot more lazy than the ASSP or qmail-toaster guys, but then again I've never met them. I didn't have the time to screw around with all those settings, so I just automated it all behind the scenes. Any kind of tweaking is done via an rpm update.

I mean if you want to get into all sorts of very esoteric settings, yes they exist and you can play with them. For example, you could turn the content scanners like spamassassin on/off for a domain/user with /var/spool/qscan/settings_per_domain.txt. You can also tweak the greylisting timeouts in /var/qmail/bin/greylist. What I avoided was any major deviation from the way the vendor or author put the package together, so you can always check their documentation if you wanted to make a change.

That clamav message is because we havent pused 0.93.3 into [atomic]. If you're an ASL subscriber its in the [asl-2.0] channel now.