How to Setup MailWatch on CentOS 6.3

MailWatch for MailScanner is a open source or free web-based front-end to Mailscanner that use to displays the inbound/outbound mail queue, spam, viruses and blocked content on each page header. MailWatch has been written in PHP, MySQL and JpGraph. By using Mailwatch, it allows you to delete, release or run sa-learn across any messages that was quarantined. This post describes how to setup MailWatch on CentOS 6.3 and assumed that you already installed MailScanner and postfix.

1. Install required php and mysql :

[root@mx1 ~]# yum install php mysql-server mysql php-gd php-mysql -y

2. Modify the php.ini :

[root@mx1 ~]# vim /etc/php.ini

PHP should have the following set in php.ini

 short_open_tag = On
 safe_mode = Off
 register_globals = Off
 magic_quotes_gpc = On
 magic_quotes_runtime = Off
 session.auto_start = 0

3. Download the latest version from mailwatch.sourceforge.net :

[root@mx1 ~]# wget http://sourceforge.net/projects/mailwatch/files/mailwatch/1.1.5.1/mailwatch-1.1.5.1.tar.gz

4. Extract downloaded mailwatch package :

[root@mx1 ~]# tar xzvf mailwatch-1.1.5.1.tar.gz

5. Start mysql service :

[root@mx1 ~]# service mysqld start
Initializing MySQL database:  WARNING: The host 'mx1.ehowstuff.local' could not be looked up with resolveip.
This probably means that your libc libraries are not 100 % compatible
with this binary MySQL version. The MySQL daemon, mysqld, should work
normally with the exception that host name resolving will not work.
This means that you should use IP addresses instead of hostnames
when specifying MySQL privileges !
Installing MySQL system tables...
OK
Filling help tables...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h mx1.ehowstuff.local password 'new-password'

Alternatively you can run:
/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd /usr/mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

                                                           [  OK  ]
Starting mysqld:                                           [  OK  ]

6. Enter extracted mailwatch-x.x directory :

[root@mx1 mailwatch-1.1.5.1]# ls
CHANGELOG   fix_quarantine_permissions  LICENSE  mailscanner               Remote_DB.txt  upgrade.php  USER_FILTERS
create.sql  INSTALL                     luser    MailScanner_perl_scripts  tools          UPGRADING
[root@mx1 mailwatch-1.1.5.1]# mysql -p < create.sql

7. Create the database and import create.sql. The following commands below should be run as the ‘root’ :

[root@mx1 mailwatch-1.1.5.1]# mysql -p < create.sql
Enter password:

8. Login to mysql as a root :

[root@mx1 mailwatch-1.1.5.1]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.1.67 Source distribution

Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

9. Proceed to create a MySQL user and then set password and configure MailScanner for SQL logging :

mysql> GRANT ALL ON mailscanner.* TO mailwatch@localhost IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)

mysql> GRANT FILE ON *.* TO mailwatch@localhost IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mailscanner        |
| mysql              |
| test               |
+--------------------+
4 rows in set (0.00 sec)

10. Edit MailWatch.pm and change the database values accordingly :

See also  How to Check and Display Runlevel on Unix or Linux System

a. Enter to the perl_scripts’s folder :

[root@mx1 mailwatch-1.1.5.1]# cd MailScanner_perl_scripts
[root@mx1 MailScanner_perl_scripts]# pwd
/root/mailwatch-1.1.5.1/MailScanner_perl_scripts

b. Edit MailWatch.pm :

[root@mx1 MailScanner_perl_scripts]# vim MailWatch.pm

c.Modify this as necessary for your configuration

my($db_name) = 'mailscanner';
my($db_host) = 'localhost';
my($db_user) = 'mailwatch';
my($db_pass) = 'password';

11. Move MailWatch.pm to /usr/lib/MailScanner/MailScanner/CustomFunctions :

[root@mx1 MailScanner_perl_scripts]# cp MailWatch.pm /usr/lib/MailScanner/MailScanner/CustomFunctions

12. Create a MailWatch web user. This user will able to monitor the mailscanner through MailWatch web interface.

[root@mx1 ~]# mysql mailscanner -u mailwatch -p
Enter password:
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 5.1.67 Source distribution

Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> INSERT INTO users SET username = 'admin', password = md5('password'), fullname = 'MAilwatch Administrator', type ='A';
Query OK, 1 row affected (0.00 sec)

13. Install & Configure MailWatch :
a. Enter to mailwatch directory :

[root@mx1 ~]# cd mailwatch-1.1.5.1

b. Move mailscanner folder for web root folder. For apache, default root folder is /var/www/html :

[root@mx1 mailwatch-1.1.5.1]# mv mailscanner /var/www/html/

c. Enter to mailscanner folder in web root directory :

[root@mx1 ~]# cd /var/www/html/mailscanner

d. Verify and check the permissions of /var/www/html/mailscanner/images and /var/www/html/images/cache. The permissions and ownerships should be as below :

[root@mx1 mailscanner]# chown root:apache images
[root@mx1 mailscanner]# chmod ug+rwx images
[root@mx1 mailscanner]# chown root:apache images/cache
[root@mx1 mailscanner]# chmod ug+rwx images/cache

14. Create conf.php by copying conf.php.example. Edit the values to any details as you created earlier :

See also  How to Perfom SMTP Test Command in Linux

a. Copy the conf.php :

[root@mx1 mailscanner]# cp conf.php.example conf.php

b. Open conf.php :

[root@mx1 mailscanner]# vim conf.php

c. Edit the details as below :

define('DB_TYPE', 'mysql');
define('DB_USER', 'mailwatch');
define('DB_PASS', 'password');
define('DB_HOST', 'localhost');
define('DB_NAME', 'mailscanner');

15. Before setup the mailscanner, make sure it’s Stopped. Run 3 to 4 times to ensure the mailscanner completely stop. The status will FAILED if mailscanner completely stop.

[root@mx1 ~]# service MailScanner stop
Shutting down MailScanner daemons:
         MailScanner:                                      [  OK  ]
         incoming postfix:                                 [  OK  ]
         outgoing postfix:                                 [  OK  ]
[root@mx1 ~]# service MailScanner stop
Shutting down MailScanner daemons:
         MailScanner:                                      [  OK  ]
         incoming postfix:                                 [  OK  ]
         outgoing postfix:                                 [  OK  ]
[root@mx1 ~]# service MailScanner stop
Shutting down MailScanner daemons:
         MailScanner:                                      [  OK  ]
         incoming postfix:                                 [  OK  ]
         outgoing postfix:                                 [  OK  ]
[root@mx1 ~]# service MailScanner stop
Shutting down MailScanner daemons:
         MailScanner:                                      [  OK  ]
         incoming postfix:                                 [  OK  ]
         outgoing postfix:                                 [  OK  ]
[root@mx1 ~]# service MailScanner stop
Shutting down MailScanner daemons:
         MailScanner:                                      [FAILED]
         incoming postfix:                                 [  OK  ]
         outgoing postfix:                                 [  OK  ]

16. Edit /etc/MailScanner/MailScanner.conf.

[root@mx1 ~]# vim /etc/MailScanner/MailScanner.conf

Make sure that the following options are set:

 Always Looked Up Last = &MailWatchLogging
 Detailed Spam Report = yes
 Quarantine Whole Message = yes
 Quarantine Whole Message As Queue Files = no
 Include Scores In SpamAssassin Report = yes
 Quarantine User = root
 Quarantine Group = apache (this should be the same group as your web server)
 Quarantine Permissions = 0660

17. Start MailScanner :

[root@mx1 ~]# service MailScanner start
Starting MailScanner daemons:
         incoming postfix:                                 [  OK  ]
         outgoing postfix:                                 [  OK  ]
         MailScanner:                                      [  OK  ]

18. Restart httpd service :

[root@mx1 ~]# service httpd restart

19. Make sure all the related service such as httpd, mysql and MailScanner configured to start at boot :

[root@mx1 ~]# chkconfig mysqld on
[root@mx1 ~]# chkconfig httpd on
[root@mx1 ~]# chkconfig MailScanner on
[root@mx1 ~]# chkconfig spamassassin on
[root@mx1 ~]# chkconfig postfix on

20. Check the mail log.

[root@mx1 ~]# tail -f /var/log/maillog

You should see something as below :

Mar  5 22:14:42 mx1 MailScanner[1718]: Using locktype = flock
Mar  5 22:14:43 mx1 MailScanner[1697]: Requeue: C297BA1C3F.AA850 to E7373A1DD6
Mar  5 22:14:43 mx1 postfix/qmgr[1687]: E7373A1DD6: from=<root@mx1.ehowstuff.local>, size=609, nrcpt=1 (queue active)
Mar  5 22:14:43 mx1 MailScanner[1697]: Uninfected: Delivered 1 messages
Mar  5 22:14:43 mx1 MailScanner[1697]: Deleted 1 messages from processing-database
Mar  5 22:14:43 mx1 MailScanner[1697]: Logging message C297BA1C3F.AA850 to SQL
Mar  5 22:14:43 mx1 postfix/local[1768]: E7373A1DD6: to=<root@mx1.ehowstuff.local>, orig_to=, relay=local, delay=166894, delays=166894/0.13/0/0.02, dsn=2.0.0, status=sent (delivered to mailbox)
Mar  5 22:14:43 mx1 postfix/qmgr[1687]: E7373A1DD6: removed
Mar  5 22:56:25 mx1 postfix/postfix-script[1869]: fatal: the Postfix mail system is already running
Mar  5 23:01:08 mx1 update.bad.phishing.sites: Delaying cron job up to 600 seconds

21. Login to mailwatch web interface :
1

See also  How to Disable iptables on Linux CentOS 5.7 Server

2

Comments

1 Comment

  • Avatar Ihsan Khan says:

    hi i recently join one and they had one mail scanner installed it on CentOS 6.3 my problem is that i am having only the user name and password naver work on centos so the previous administrator disable the web access now i dont know how to enable it in command prompt if some one please help me . thanks in advance

Leave a Reply

Your email address will not be published. Required fields are marked *