How To Setup An Integrated Service Mail Server With Antivirus And Anti-Spam Protection
This article illustrates a situation where you need to set up your own mail server (be it your home mail server, or a small office one). It actually shows that, if using an integrated service mail server, anyone can do the job - and this in a matter of minutes.
AXIGEN Mail Server, the solution chosen for this example, can send and receive e-mails securely via "mydomain.com" and is able to retrieve them in a Webmail interface - this means that it includes all mail services necessary for a fully functional mail server (SMTP, IMAP, POP3, Webmail, Webadmin).
To get an idea of the amount of time you can spare by installing such a solution, just think of all the different open source applications you would need to install instead (i.e. an MTA, Squirrelmail for Webmail, QmailAdmin for web configuration, Courier for IMAP and POP3 and many others.)
AXIGEN Mail Server also integrates with filtering applications. It comes with built-in connectors for ClamAV antivirus and SpamAssassin Anti-spam applications. The second part of this article shows you how to install these applications and configure these connectors for use with AXIGEN.
So, at the end of this process, which can take up at most half an hour, you will not only have your mail server up and running, but also virus and spam protection for your incoming and outgoing mail traffic.
AXIGEN runs on several Linux distributions (Gentoo, Redhat/Fedora Core, Slackware, Debian, Ubuntu, Mandrake/Mandriva, SUSE) and on BSD versions (FreeBSD, OpenBSD and NetBSD) but for the purpose of this article, let's suppose you are setting up your mail system on a Fedora Core 4 platform.
Let's first go through the Installation and Initial configuration process for AXIGEN.
In 6 easy steps, you will have your server installed, your primary domain running and access to the Web configuration interface (Webadmin).
1. Download / unpack corresponding package
Download AXIGEN rpm package from the AXIGEN website (packages are available as 30 day evaluation versions).
Save the corresponding package for Redhat axigen.i386.rpm.tar.gz on your local machine and unpack the file, by issuing in the same directory as the download file:
tar xzvf axigen.i386.rpm.tar.gz
2. Install command
Then, in order to install the RPM package, issue (while logged in as root) the following command, from the same directory as the rpm file:
rpm -ivh axigen.i386.rpm
This will create the entire directory structure needed for AXIGEN to run. After the installation, no daemons or related application will be started.
3. Configuration options
AXIGEN provides several configuration options (configuration file, Command Line Interface), but the most intuitive and comprehensive is Webadmin, the Web configuration interface.
The corresponding Webadmin service is enabled by default, as well as the other default services: IMAP, Logging, POP3, Processing and SMTP.
4. Set the admin password
All you need to do in order to access Webadmin is set the admin password (admin user works by default). To do that, run AXIGEN with -A (or --admin-passwd) option:
5. Start AXIGEN
You can then start AXIGEN, using its initscript, by issuing this command:
At first server start, AXIGEN creates automatically a domain database location, an entity the server uses to store domains. Thus, you'll be able to directly add your first domain in the
set your primary domain when first logging on to Webadmin, as it will be stored in this domain database location, created by default.
6. Initial Configuration
While the server is started, start your favorite browser and enter the default Webadmin address http://127.0.0.1:9000/.
Login using the â¬Ëadmin't username and the password you have previously set.
In Webadmin, go to the Domain tab, and enter the name of your first domain in the Domain tab, then click the Add domain button.
Then, go to the Server tab and enter the name of the domain you have just created in the Primary domain field.
Also, make sure that in the Running services area, all the services you would like to use are checked. To be able to access email accounts via AXIGEN Webmail, the Webmail check box needs to
To make your changes effective, click the Commit button in the upper left corner and than go to the Commands tab and click the Save config button, as instructed by the message displayed at the top of the screen. By doing this, the server will run with the current configuration, with no need to restart the server.
Setting up Antivirus and Antispam Connectors
Now that your server is running and your primary domain is configured, you can connect the antivirus and anti-spam applications.
By default, AXIGEN comes with connectors for ClamAV Antivirus and SpamAssasin Anti-spam application, and the setup process below describes how to make these two applications work with AXIGEN. However, note that AXIGEN implements a proprietary filter scripting language that allows you to implement connectors for any third party Antivirus and Antispam applications, by writing a script in AFSL.
First, here is how to connect ClamAV, the open source antivirus application.
A. Download ClamAV (daemon), on the same machine on which AXIGEN Mail Server is installed. Follow these steps in order to configure ClamAv for use with AXIGEN and start the clamd daemon.
1. Install clamav-server, using yum (Yellow Dog Updater, Modified):
yum install clamav-server
2. Copy the sample config file shipped with clamav-server:
cp /usr/share/doc/clamav-server-/clamd.conf /etc/clamd.d/axigen.conf
3. Edit /etc/clamd.d/axigen.conf
# comment out the Example line
# insert/modify the following lines:
4.Create a link to the clamd binary:
ln -s /usr/sbin/clamd /usr/sbin/clamd.axigen
5.Create the run directory, where the PID file and clamd socket will be stored, and change its permissions:
mkdir -p /var/run/clamd.axigen
chown axigen:axigen /var/run/clamd.axigen
6.Create and setup the initscript:
cp /usr/share/doc/clamav-server-/clamd.init /etc/init.d/clamd.axigen
chmod 755 /etc/init.d/clamd.axigen
/sbin/chkconfig clamd.axigen on
7.Edit /etc/init.d/clamd.axigen and modify the following lines, as specified below:
# description: The clamd server running for axigen
8.Finally, start the clamd daemon:
B. Configure AXIGEN anti-virus filter at server level using WebAdmin
1. Add the ClamAV filter. To do this, go through the following steps:
a.) In the Server tab, go to Filters page and then to Socket Filters page. Click on the Add new filter button.
Fill out the fields in the window displayed.
The Name field represents the name of the filter. The Address field depends on how clamd is configured. You can use either a TCP or a local socket, and you must enter the address accordingly:
- for a local socket: local://pathtolocalsocket
- for a TCP socket: inet://ip.ad.dr.ess:port
The Protocol file field must contain the system full path to the ClamAV AFSL (AXIGEN Filters Scripting Language) file, by default /var/opt/axigen/filters/clam-av.afsl.
The Idle timeout field represents the inactivity timeout on connection.
The Action on match field defines the action to be taken in case the filter matches an email (this can have a value of pass, discard or reject).
Note: For antivirus and Anti-spam filters, the reject action should not be used, and is known to be a bad practice, as it will cause a significant traffic growth.
The Max. connections field will set the maximum number of connections to the specified filter.
Example of configuration:
name = clamav
address = local:///var/run/clamav/clamd.sock
protocolFile = /var/opt/axigen/filters/clam-av.afsl
idleTimeout = 60
actionOnMatch = discard
maxConnections = 10
At the end, press the Add button, then the Commit button and, as specified, once again on the Commit button. Go to Commands tab and click Save config to save the new configuration.
2.Enable this filter for all incoming and outgoing mails:
- In the Server tab, go to Filters page and then to Active Filters page. Click on the Add new filter button.
- Fill out the fields in the new window displayed.
In the Priority field, enter a priority between 0 and 500 (a filter with priority 0 will be applied first and the one with 500, last). Please note that the domain-level filters have the priority limited to range 100-400 and the user-level filters are limited to the 200-300 range. A value of "10" should be fine, leaving you space to apply some other future filter before this one.
After setting the filter priority, select the socket value from in the Filter type dropdown list and the clamav value from the FilterName list.
In the Apply on relay dropdown list, select the yes option, to apply the filter on outgoing mails.
In AXIGEN, it is also possible to enable filters at domain and user level, in the corresponding Webadmin tabs. The filters activated at server level, will be automatically applied for all domains and accounts. However, you have the possibility to add additional filters at domain or account level.
The process for Connecting SpamAssassin, is similar, but even less time-consuming as no configurations are necessary after the product installation.
A. Install SpamAssassin using the yum application:
yum install spamassassin
No further configurations are necessary.
B. Configure SpamAssassin at server level, using Webadmin. The connector for SpamAssassin is a socket filter for AXIGEN, so the configuration procedure is the same.
The difference would be that for SpamAssassin, a TCP socket is more likely to be used.
The data for SpamAssassin to use in this procedure is:
Default address: inet://127.0.0.1:783
Default Protocol File Name: /var/opt/axigen/filters/spamassassin.afsl
Thus, a typical configuration would involve the following values:
name = spamassassin
address = inet://127.0.0.1:783
protocolFile = /var/opt/axigen/filters/spamassassin.afsl
idleTimeout = 60
actionOnMatch = discard
maxConnections = 10
Also, when activating the SpamAssassin filter, you need to keep in mind the following:
- Enter a different priority value for the SpamAssasin filter (if you have chosen 10 for ClamAV, choose a higher value for SpamAssassin in order to apply this filter after ClamAV in
the filtering chain)
- Select the corresponding filter name, spamassassin in the Filter name list Access AXIGEN Webmail
At this step of the way, your mail server is ready to go, and you can also you can access the
AXIGEN Webmail to send and receive test messages.
First create a user account using the Webadmin, Accounts tab (the minimal configurations displayed in the General page of the account will do for now). Then, use the full email address and password to log on to AXIGEN Webmail, at the default address:
Now you're really done: you can securely send and receive messages from your home domain and easily make any further configurations, to accommodate your specific network requirements.
As you have seen, installing all mail services from one single executable, and an intuitive Web configuration interface make things a lot easier and a lot less time-consuming.