Konfigurasi Mailscanner sebagai SMTP Incoming pada CentOS 6

From TKJOnline Wiki
Jump to: navigation, search

Artikel ini digunakan untuk membuat SMTP Gateway pada CentOS 6 menggunakan Mailscanner

Persiapan

Requirement

  • Postfix
  • Mailscanner
  • Spamassassin (Anti spam engine)
  • Clamav (Anti virus engine)
  • selinux disabled
  • iptables

Informasi

IP SMTP Gateway: 192.168.14.5
IP Mail Server: 192.168.14.14
Domain: tkjonline.net

Konfigurasi Postfix Relay Maps

Lakukan edit pada file /etc/postfix/main.cf dengan ketentuan sebagai berikut :

inet_interfaces = all  # make sure the other ones are disabled - see below
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
#inet_interfaces = localhost
relay_domains = tkjonline.net
mynetworks_style = host #uncomment
mynetworks = 127.0.0.0/8, 192.168.14.5/32 #tambahkan yang perlu dijadikan Trusted Networks

Tambahkan baris berikut pada akhir file /etc/postfix/main.cf:

transport_maps = hash:/etc/postfix/transport

Buat atau edit file /etc/postfix/transport, kemudian isikan dengan :

tkjonline.net smtp:[192.168.14.14]  # relay map

Restart postfix

postmap /etc/postfix/transport
service postfix reload

Instalasi

Instalasi Dependensi Sistem

yum update -y
yum install -y yum-utils gcc cpp perl bzip2 zip unrar make patch automake rpm-build perl-Archive-Zip perl-Filesys-Df perl-OLE-Storage_Lite perl-Sys-Hostname-Long perl-Sys-SigAction perl-Net-CIDR perl-DBI perl-MIME-tools perl-DBD-SQLite binutils glibc-devel perl-Filesys-Df zlib zlib-devel wget mlocate

Instalasi Mailscanner

Download versi terbaru pada https://www.mailscanner.info/downloads/, pada saat artikel ini dibuat versi stable adalah v5.0.3-7. Jalankan perintah berikut dan lakukan instalasi mailscanner :

cd /srv/
wget -c https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.rhel.tar.gz
tar xzvf MailScanner-5.0.3-7.rhel.tar.gz
cd MailScanner-5.0.3-7/
./install.sh

Disini mailscanner akan menanyakan beberapa hal dan kita lakukan persetujuan saja agar mailscanner yang diinstall lebih powerfull sesuai dengan rekomendasi mailscannernya langsung. Dalam instalasi ini mailscanner sudah dilengkapi spamassasin (Antispam) dan clamav (Antivirus).

Konfigurasi Mailscanner

Sesuaikan konfigurasi Mailscanner dengan menjalankan beberapa perintah berikut :

# mkdir /var/spool/MailScanner/spamassassin
# chown postfix /var/spool/MailScanner/spamassassin
# chown postfix /var/spool/MailScanner/incoming/*

Tambahkan header_checks pada Postfix agar email masuk tertahan dipostfix, Mailscanner melakukan scanning pada email masuk yang tertahan pada postfix.

  • Edit file /etc/postfix/main.cf
## tambahkan baris ini dipaling bawah ##
header_checks = regexp:/etc/postfix/header_checks
  • Buat file /etc/postfix/header_checks
## tambahkan baris ini dipaling bawah ##
/^Received:/ HOLD
  • Edit file /etc/MailScanner/MailScanner.conf
%org-name% = TKJ
%org-long-name% = TKJOnline.net
%web-site% = http://tkjonline.net

Run As User = postfix
Run As Group = postfix
MTA = postfix

Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming

Virus Scanners = clamav

## please check /etc/MailScanner/spam.lists.conf for more details ##
Spam List = SBL+XBL

## direktori dibuat sebelumnya ##
SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

Pengecekan Konfigurasi Mailscanner & Restart Service

#MailScanner -lint   #check configuration - make sure there is no errors
#service MailScanner restart

Jika sudah, coba lakukan pengiriman seperti biasanya. Berikut adalah lognya :

Log Pengiriman Sukses

Nov 13 13:24:07 asav postfix/smtpd[32560]: connect from mail-qk0-f193.google.com[209.85.220.193]
Nov 13 13:24:07 asav postfix/smtpd[32560]: setting up TLS connection from mail-qk0-f193.google.com[209.85.220.193]
Nov 13 13:24:08 asav postfix/smtpd[32560]: Anonymous TLS connection established from mail-qk0-f193.google.com[209.85.220.193]: TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)
Nov 13 13:24:08 asav postfix/smtpd[32560]: D45AF4529A: client=mail-qk0-f193.google.com[209.85.220.193]
Nov 13 13:24:09 asav postfix/cleanup[32564]: D45AF4529A: hold: header Received: from mail-qk0-f193.google.com (mail-qk0-f193.google.com [209.85.220.193])??(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))??(No client certificate requested)??by asav.tkjonli from mail-qk0-f193.google.com[209.85.220.193]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-qk0-f193.google.com>
Nov 13 13:24:09 asav postfix/cleanup[32564]: D45AF4529A: message-id=<[email protected]om>
Nov 13 13:24:09 asav postfix/smtpd[32560]: disconnect from mail-qk0-f193.google.com[209.85.220.193]
Nov 13 13:24:09 asav MailScanner[25275]: New Batch: Scanning 1 messages, 3237 bytes
Nov 13 13:24:09 asav MailScanner[25275]: Virus and Content Scanning: Starting
Nov 13 13:24:26 asav MailScanner[25275]: Requeue: D45AF4529A.A1F4B to 9C5D64543C
Nov 13 13:24:26 asav MailScanner[25275]: Uninfected: Delivered 1 messages
Nov 13 13:24:26 asav MailScanner[25275]: Deleted 1 messages from processing-database
Nov 13 13:24:26 asav postfix/qmgr[30645]: 9C5D64543C: from=<[email protected]>, size=2548, nrcpt=1 (queue active)
Nov 13 13:24:27 asav postfix/smtp[32565]: certificate verification failed for mail.tkjonline.net[192.168.14.14]:25: untrusted issuer /C=IL/O=StartCom Ltd./OU=StartCom Certification Authority/CN=StartCom Class 1 DV Server CA
Nov 13 13:24:27 asav postfix/smtp[32565]: 9C5D64543C: to=<[email protected]>, relay=mail.tkjonline.net[192.168.14.14]:25, delay=19, delays=19/0.04/0.22/0.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 2435763725)
Nov 13 13:24:27 asav postfix/qmgr[30645]: 9C5D64543C: removed