Installing qSheff is a pretty easy process. First of all, remove any filtering software (like RAV, qscanq, simscan or an old veersion of qSheff) you may have installed before. A qmail-queue without a filter should look like this :
# ls -l /var/qmail/bin/qmail-queue -rws--x--x 1 qmailq qmail 12396 Nov 28 13:18 /var/qmail/bin/qmail-queue
PLDaniels ripmime should be installed on your system for qSheff to work. Ripmime tears the e-mail apart and saves its headers, data and attachments to different files. You can get this software from http://www.pldaniels.com/ripmime/.
# wget http://www.pldaniels.com/ripmime/ripmime-1.4.0.2.tar.gz # gunzip ripmime-1.4.0.2.tar.gz # tar xvf ripmime-1.4.0.2.tar # cd ripmime-1.4.0.2 # make # make install # ripmime -V v1.4.0.2 - Oct 23, 2004 (C) PLDaniels http://www.pldaniels.com/ripmime
ClamAv antivirus is optional but highly recommended. Other antivirus and content filtering softwares are optional. qsheff.conf file configured to enable clamd by default.
ClamAv: http://www.clamav.net/
Use clamd to get more performance. qSheff has an internal clamd client connects clamd over UNIX a domain socket. It doesn't execute any binary like clamdscan or clamscan. That increace system performance and decrease resource usage.
You can get qSheff from its official web page (http://www.enderunix.org/qsheff/) or SourceForge project page (http://sf.net/projects/qsheff/).
qSheff has some great configure parameters. Before the installation, check them and decide which of them you plan to use.
# ./configure --help --enable-debug Enable Debugging --enable-backup-all Enable backup --enable-subject-tag Enable Subject Tag --enable-qmailqueue-patch Enable qmailqueue_patch --enable-local-users Filter local users --enable-custom-error Return custom messages to senders --enable-custom-filter Enable user defined filter --with-clamd-socket Path to clamd socket, default=/tmp/clamd --with-maxfiles Maximum files in a directory (OS limit), default=32000 --with-qmaildir Define qmail directory, default=/var/qmail --with-qmailgroup Define qmail group, default=qmail --with-max-bodyline Maximum lines in message body will be filtered, default=40 --with-clamav Enable ClamAv
Some of these parameters conflict. For that you should understand well, what behaviours they have.
--enable-debug: This option enables debug information (-g flag) for gdb debuggers and some usefull qSheff outputs for system administrators.
--enable-backup-all: Use this option to save all incoming and outgoing mail taffic. qSheff uses /var/qsheff/backup directory to save backups. If you enable this option, qSheff will disable quarantine feature for performance reasons, because of double backup.
--enable-custom-filter: Enables a user-defined binary to filter message. If you want to enable this option, you should set program path and return values in the qsheff.conf.
--enable-subject-tag: With this option, qSheff never rejects emails, but alters subject and adds ***SPAM*** tag. The customers could write a simple subject filter to move tagged emails to Trash. MS Outlook, Thunderbird and most of the MUAs support filter feature. If you enable this option, custom error patch will be disabled.
--enable-qmailqueue-patch: This option enables Bruce Guenter's qmailqueue patch which gets QMAILQUEUE environment variable and executes it. So you don't need to make a link to qSheff. This option is also enables Baris Simsek's qsheff patch which includes custom error patch and qmailqueue patch. qSheff patch executes qSheff directly. Never looks for QMAILQUEUE variable. It is more secure and easier.
--enable-local-users: This option enables local users to filter. qSheff 2.0 doesn't filter local users by default. Some big ISPs would like this option.
--enable-custom-error: qmail returns "permanently" error for spammers. Most of the senders doesn't understand what it means. This option enables custom error patch which provides more clear message for senders. Note that, qsheff patch includes this feature too. You should use this option also for qsheff patch. Return messages are hard-coded but qSheff provides you to append your company name to the end of the message. See orgame variable in qsheff.conf.
--with-clamd-socket: Specifies clamd socket path. If you want to use ClamAv daemon, you must specify socket file path. You can learn it with netstat command or simply check the clamd.conf file (LocalSocket option).
# netstat -an | grep clamd dfdf9dc0 stream 0 0 dfe20040 0 0 0 /tmp/clamd
In this case, /tmp/clamd is the socket file.
--with-maxfiles: Maximum files in a backup sub-directory. See also --with-backup-all option. Operating systems has a limit for number of files in a directory. After it reach this limit, qSheff will fail while storing backups. backup and quarantine directories have sub-dirs from A to F.
--with-qmaildir: If you installed qmail a directory other than /var/qmail, define it with this option.
--with-qmailgroup: If you use group id other than 'qmail', define it with this option. Check it by id qmaild command.
--with-max-bodyline: qSheff 2.0 reads message line by line. To prevent against the DoS attacks, use this option. If an attacker sends emails about 100.000, this will reduce your system resources. With this option qSheff will read only the number of defined lines. It is 40 lines by default.
--with-clamav: Enables Clamav and if you haven't installed ClamAv under the system directories like /usr or /usr/local, you must define clamav installation path. qSheff searchs clamav library or clamav.h in this prefix.
qSheff binary is qmail-qsheff. It resides in the qmail/bin directory.
A simple installation procedure is looks like below:
# wget http://www.enderunix.org/qsheff/qsheff-2.0.tar.gz # gunzip qsheff-2.0.tar.gz # tar xvpf qsheff-2.0.tar # cd qsheff-2.0
qSheff has a GNU autotools compatible installation. So you can install it simply by following way:
# ./configure --enable-subject-tag --with-clamav=/opt/clamav --with-clamd-socket=/var/run/clamav/clamd # make # make install # /usr/local/etc/qsheff/install-wrapper.sh
If you want to change return messages to senders edit main.h before the compile. Note that, to use custom messages you have to patch qmail with qmail-custom-error or qsheff_patch.diff.
# ls -l /var/qmail/bin/qmail-queue lrwxr-xr-x 1 root qmail 27 Dec 16 10:48 /var/qmail/bin/qmail-queue -> /var/qmail/bin/qmail-qsheff # ls -l /var/qmail/bin/qmail-qsheff -rws--x--x 1 root qmail 18123 Dec 16 10:48 /var/qmail/bin/qmail-qsheff # ls -l /var/qmail/bin/qmail-queue.orig -rws--x--x 1 qmailq qmail 12396 Nov 28 13:18 /var/qmail/bin/qmail-queue.orig
If the qmail/bin directory looks like the above listing, then the installation is successfully done.
Note that, if you enabled qsheff patch or qmailqueue patch, qamil-queue will not a symbolic link. It will seem like below:
# ls -l /var/qmail/bin/qmail-q* -r-s--x--x 1 root qmail 38123 Feb 26 13:49 /var/qmail/bin/qmail-qsheff -rws--x--x 1 qmailq qmail 15276 Feb 26 13:43 /var/qmail/bin/qmail-queue
To upgrade, use following way:
# qmailctl stop (whatever you use to start/stop qmail.) # /usr/local/etc/qsheff/uninstall-wrapper.sh # mv /usr/local/etc/qsheff /usr/local/etc/qsheff-1.0 # netstat -an | grep clamd (If you are planning to use clamav) e5091000 stream 0 0 e58d0cc0 0 0 0 /tmp/clamd qSheff installation procedure described above. # qmailctl start