Configure a Mail Server

SECTION 3 Configure a Mail Server In this section of the workbook, you learn how to do the following: Send Mail to root on 3-3 In this exercise, you send an email to user root using the mail command and read this mail. Send Mail in the Local Network on 3-4 In this exercise, you send mail in the local network. You configure Postfix and test your configuration. Use Postfix on the Internet on 3-6 In this exercise, you configure Postfix to send email to the Internet. Use Lookup Tables on 3-8 In this exercise, you use the Postfix lookup tables. Configure Cyrus IMAPd on 3-11 In this exercise, you install and set up CyrusIMAPd. Configure QPopper on 3-16 In this exercise, you install and activate QPopper. Configure Procmail on 3-20 In this exercise, you configure Procmail. Manage Spam with SpamAssassin on 3-23 In this exercise, you install and configure SpamAssassin to manage spam. Use AVMailGate as a Virus Scanner for Email on 3-27 In this exercise, you install and configure AVMailGate as a virus scanner for mails. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-1

SUSE Linux Enterprise Server 10: Networking Services / Workbook Use AMaViSd as Virus Scanner for Email on 3-30 In this exercise, you install and configure AMaViSd. WB 3-2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

Exercise 3-1 Send Mail to root In this exercise, you send an email to user root using the mail command. You also switch to user root and read this mail using mail. Do the following: 1. Open a terminal window. 2. Enter mail root. 3. Enter the subject My first email with mail. 4. Enter the following 3 lines of text (press Enter after each line): I have just installed SUSE Linux Enterprise Server 10 on my computer and am ready for administration training. 5. When you finish, press Ctrl+D. 6. Su to root by entering su -; then enter a password of novell. 7. Enter mail. In the last line of the list you should find the mail message you just sent to root. 8. To read the message, enter the number in the second column of the table. 9. Delete the message by entering d and the number of the message (such as d 4). 10. Quit mail by entering q. 11. Verify that the message was deleted by entering mail; then exit mail by entering q. 12. Log out as root by entering exit. 13. Close the terminal window. (End of Exercise) Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-3

SUSE Linux Enterprise Server 10: Networking Services / Workbook Exercise 3-2 Send Mail in the Local Network In this exercise, you edit the Postfix configuration file /etc/postfix/main.cf. You configure Postfix to send mails in your local network. The domain name of the sender should be masqueraded for normal users. External mails should be forwarded to da1. Test your configuration by sending a mail to root. Do the following: Part I - Edit /etc/postfix/main.cf Part II - Test the Configuration Part I - Edit /etc/postfix/main.cf 1. Open a terminal window and enter su- to get root permissions. 2. When prompted, enter the root password novell. 3. Stop the postfix daemon by entering rcpostfix stop 4. Open the file /etc/postfix/main.cf in a text editor. 5. Scroll to the settings at the end of the file. 6. To accept mail only from the local network, edit the following options: inet_interfaces = your_ip-address, 127.0.0.1 mynetworks_style = subnet (should already be set) smtpd_recipient_restrictions = permit_mynetworks, reject (on one line) 7. To rewrite the sender addresses and remove the host name, edit the following options: masquerade_exceptions = root (should already be set) masquerade_domains = digitalairlines.com WB 3-4 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

8. To deliver external mail to the relay host da1, edit the following option: relayhost = 10.0.0.254 9. Save the file and close the editor. 10. Start Postfix by entering rcpostfix start Part II - Test the Configuration 1. To generate a test mail, do the following: a. Log out as user root by entering exit. b. Enter mail root@hostname.digitalairlines.com. 2. Enter the subject and some text and finish the mail by doing the following: a. Press Enter. b. Type. (dot). c. Press Enter. 3. Enter su - to get root permissions again. 4. When prompted, enter the root password novell. 5. Enter mail. 6. Enter the number corresponding to the mail you wrote. 7. Enter q to quit. (End of Exercise) Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-5

SUSE Linux Enterprise Server 10: Networking Services / Workbook Exercise 3-3 Use Postfix on the Internet In this exercise, you configure Postfix to send email to the Internet. Only email from the local network should be allowed to accepted; any email that is not addressed to one of the local domains should be rejected. Do the following: 1. Open a terminal window and enter su- to get root permissions. 2. When prompted, enter the root password novell. 3. Stop the postfix daemon by entering rcpostfix stop 4. Open the file /etc/postfix/main.cf with your favorite text editor. 5. To configure Postfix to accept email from the local network and email that is addressed to any recipient in the domain digitalairlines.com, edit or add the following options: myhostname = hostname.digitalairlines.com mydomain = digitalairlines.com mydestination = $myhostname, localhost.$mydomain, $mydomain (on one line) smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination The first three lines define hostnames and domains. The last line tells Postfix to accept mail as long it is sent from a host in mynetworks and to reject any mail that is not addressed to one of the domains defined in mydestination. 6. Save the file and close the editor. 7. Start Postfix by entering rcpostfix start. WB 3-6 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

(To test the configuration, you would have to access Postfix from an IP address outside the local network and try to send an email to a domain other than digitalairlines.com. Postfix should not accept this mail. However, the courseroom setup does not provide such a machine.) (End of Exercise) Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-7

SUSE Linux Enterprise Server 10: Networking Services / Workbook Exercise 3-4 Use Lookup Tables In this exercise, you use the Postfix lookup tables. In part I, you create a new user jgoldman with password novell. In part II, you modify a lookup table that the email messages of a new user jgoldman are sent with the sender address webmaster@digitalairlines.com. You test your configuration in part III. Do the following: Part I - Create a New User jgoldman and Write an Email to root Part II - Change the sender_canonical Table and Write the Email Again Part III - Test the Configuration Part I - Create a New User jgoldman and Write an Email to root 1. Open a terminal window and enter su - to get root permissions. 2. When prompted, enter the root password novell. 3. To create a new user jgoldman, enter useradd -G users -m jgoldman 4. Set the password for jgoldman to novell by entering passwd jgoldman Enter novell twice. 5. Log in as user jgoldman by entering su - jgoldman 6. To write an email to user root, enter mail root@localhost 7. Enter a subject and some text; then finish the email: a. Press Enter. b. Type. (dot). WB 3-8 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

c. Press Enter. 8. To get root permissions, enter exit. 9. Enter mail. 10. Enter the number corresponding to the email you just wrote. 11. Record the sender s address in the space below: 12. Enter q to quit. Part II - Change the sender_canonical Table and Write the Email Again 1. Enter rcpostfix stop. 2. Open the file /etc/postfix/sender_canonical with your favorite text editor. 3. To change the sender address of user jgoldman, enter (on one line) jgoldman@daxx.digitalairlines.com webmaster@digitalai rlines.com 4. Save the file and close the editor. 5. Enter postmap hash:/etc/postfix/sender_canonical. 6. Start Postfix by entering rcpostfix start Part III - Test the Configuration 1. Log in as user jgoldman by entering su - jgoldman 2. To write an email to user root, enter mail root@localhost 3. Enter a subject and some text; then finish the email: Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-9

SUSE Linux Enterprise Server 10: Networking Services / Workbook a. Press Enter. b. Type. (dot). c. Press Enter. 4. To get root permissions, enter exit. 5. Enter mail. 6. Enter the number corresponding to the email you just wrote. 7. Record the sender s address in the space below: 8. Enter q to quit. (End of Exercise) WB 3-10 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

Exercise 3-5 Configure Cyrus IMAPd In this exercise,you install and set up CyrusIMAPd. In part II, you set the password for the Cyrus administrator to novell and create a mailbox for user geeko. In part III, is described how to configure the mail client mutt to access IMAP mailboxes. In part IV, you create a new user sales that is only allowed to change its password. You create a IMAP mailbox for the new user and allow user geeko to read mails in this mailbox. Test your configuration using mutt. Do the following: Part I - Install Cyrus IMAPd Part II - Create a Mailbox for User geeko Part III - Configure the Mail Client mutt Part IV - Write a Mail from root to geeko to Test IMAP Part V - Create a New Mailbox with Read Permission for geeko Part I - Install Cyrus IMAPd 1. From the main menu, start YaST. 2. Enter the root password (novell) and select OK. 3. From the YaST Control Center, select Software > Software Management 4. From the filter drop-down menu, select Search. 5. In the Search field, enter cyrus-imapd; then select Search. 6. On the right, select the cyrus-imapd package. 7. Select Accept; then insert the SUSE Linux Enterprise Server 10 DVD. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-11

SUSE Linux Enterprise Server 10: Networking Services / Workbook 8. When installation is complete, remove the DVD and close the YaST Control Center. Part II - Create a Mailbox for User geeko 1. Open the file /etc/postfix/transport with your favorite text editor, go to the end of the file, and enter the line root@ local: digitalairlines.com cyrus: 2. Save the file and close the editor. 3. Enter postmap hash:/etc/postfix/transport 4. Restart Postfix with rcpostfix restart 5. To start the Cyrus IMAPd, enter rccyrus start 6. To test your Cyrus installation, enter telnet localhost imap 7. If the IMAPd answers, enter the following to terminate the connection.. logout 8. To set a password for user cyrus, enter passwd cyrus 9. Enter novell as the new password twice. Ignore the warning messages. 10. To start the SASL authentication daemon, enter rcsaslauthd start 11. To start the administration of the cyrus daemon, enter cyradm -user cyrus -auth login localhost 12. Enter novell as the password of the user cyrus. 13. To create a new mailboxfor user geeko, enter createmailbox user.geeko WB 3-12 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

14. To exit the cyradm tool, enter exit. Part III - Configure the Mail Client mutt 1. The only available mail client on SUSE Linux Enterprise Server 10 is mutt. It is installed during a standard installation. Enter su - geeko and password novell. 2. A template configuration file for mutt is available in each user s home directroy. Open the file ~/.muttrc by entering vi ~/.muttrc in a terminal window. 3. Add the following lines to the configuration file: set spoolfile={localhost}user.geeko set folder={localhost}user. set imap_user=geeko set imap_pass=novell Alternatively you can copy the file exercises/section_4/.muttrc from the Course CD. 4. Save the file and exit vi by entering :wq. 5. Start mutt by entering mutt. 6. mutt starts. In the status bar at the bottom you can see that the IMAP folder //localhost/user.geeko is open. To get a list of the available IMAP folders, press C and then?. An error message stating No such folder should appear in the bottom line. 7. To quit mutt, press Q twice. 8. Enter exit. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-13

SUSE Linux Enterprise Server 10: Networking Services / Workbook Part IV - Write a Mail from root to geeko to Test IMAP 1. As user root write a mail to user geeko by entering mail geeko@digitalairlines.com. 2. Enter the subject and some text and finish the mail by doing the following: a. Press Enter. b. Type. (dot). c. Press Enter. 3. Switch to user geeko by entering su - geeko 4. Start mutt by entering mutt. 5. mutt starts. You should see the mail of user root. To read this mail press Enter. 6. To quit mutt, press Q twice. 7. When prompted to move the read mail to the file mbox press Enter for no. 8. Enter exit. Part V - Create a New Mailbox with Read Permission for geeko 1. To create a Linux account for the user sales, enter useradd -s /usr/bin/passwd sales 2. To start the administration of the cyrus daemon, enter cyradm -user cyrus -auth login localhost 3. Enter novell as the password of the user cyrus. 4. To create a new mailbox for user sales, enter createmailbox user.sales 5. To see the ACLs for the new mailbox, enter listaclmailbox user.sales sales lrswipcda WB 3-14 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

6. To give the user geeko read permission to the sales mailbox, enter setaclmailbox user.sales geeko read 7. To see the ACLs for the sales mailbox again, enter listaclmailbox user.sales The output should look like this geeko lrs sales lrswipcda 8. To exit the cyradm tool, enter exit. 9. Change to user geeko by entering su - geeko. 10. Start mutt by entering mutt. 11. mutt starts. In the status bar at the bottom you can see that the IMAP folder //localhost/user.geeko is open. To get a list of the available IMAP folders, press C and then?. A list appears showing the new mail box sales. 12. Select the mailbox sales using the cursor keys and press Enter. The content of the sales mailbox is shown. The mailbox is empty. 13. To quit mutt, press Q. 14. Enter exit. (End of Exercise) Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-15

SUSE Linux Enterprise Server 10: Networking Services / Workbook Exercise 3-6 Configure QPopper In this exercise, you install and activate QPopper. Part V describes how to configure the mail client mutt to access POP mailboxes. Do the following: Part I - Configure Postfix Part II - Write an Email to User geeko Part III - Install QPopper Part IV - Configure xinetd Part V - Configure the Mail Client mutt Part I - Configure Postfix 1. As root, stop the Cyrus daemon by entering rccyrus stop. 2. Open the file /etc/postfix/transport with your favorite text editor and remove the following line added during the last exercise: digitalairlines.com cyrus: 3. Save the file and close the editor. 4. Enter postmap hash:/etc/postfix/transport. 5. Restart Postfix with rcpostfix restart. Part II - Write an Email to User geeko 1. To write an email message as user root for user geeko, enter mail geeko@localhost 2. Enter a subject and some text; then finish the email: a. Press Enter. b. Type. (dot). c. Press Enter. WB 3-16 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

Part III - Install QPopper 1. From the main menu, start YaST. 2. Enter the root password (novell) and select OK. 3. From the YaST Control Center, select Software > Software Management 4. From the filter drop-down menu, select Search. 5. In the Search field, enter qpopper; then select Search. 6. On the right, select the qpopper package. 7. Select Accept; then insert the SUSE Linux Enterprise Server 10 DVD. 8. When installation is complete, remove the DVD and close the YaST Control Center. Part IV - Configure xinetd 1. Open the file /etc/xinetd.d/qpopper with a text editor and add a hash-sign ( # ) at the beginning of the disable line. 2. Save the file and close your editor. 3. Start the xinetd by entering rcxinetd start Part V - Configure the Mail Client mutt 1. The only available mail client on SUSE Linux Enterprise Server 10 is mutt. To change the mutt configuration, enter su - geeko. 2. Open the configuration file by entering vi ~/.muttrc. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-17

SUSE Linux Enterprise Server 10: Networking Services / Workbook 3. Remove the following lines from the configuration file: set spoolfile={localhost}user.geeko set folder={localhost}user. set imap_user=geeko set imap_pass=novell If you copied the file exercises/section_4/.muttrc in the Cyrus exercise, you have to add a hash sign ( # ) at the beginning of these lines. 4. Add the following lines: set spoolfile=~/mail/inbox set folder=~/mail set pop_host=localhost set pop_user=geeko set pop_pass=novell set pop_authenticators=user If you copied the file exercises/section_4/.muttrc in the Cyrus exercise, you have to remove the hash sign ( # ) at the beginning of these lines. 5. Save the file and exit vi by entering :wq. 6. Create a mail directory by entering mkdir ~/Mail 7. Create the inbox mail file by entering touch ~/Mail/Inbox 8. Start mutt by entering mutt. 9. mutt starts. In the status bar at the bottom you can see that the content of the inbox folder is shown. 10. Press Shift+G to fetch the new email from the POP3 server. If you are prompted to remove the email from the server, press Enter for no. The mail you wrote in Part II of this exercise should be fetched. 11. To quit mutt, press Q. WB 3-18 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

12. Enter exit. (End of Exercise) Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-19

SUSE Linux Enterprise Server 10: Networking Services / Workbook Exercise 3-7 Configure Procmail In this exercise, you configure Procmail. You create two mailboxes for user jgoldman in his home directory. Mails from user geeko should be stored in the training mailbox. All other mails should be stored in the Inbox mail directory. Do the following: Part I - Configure Postfix Part II - Create Mailboxes in the Home Directory of User jgoldman Part III - Create the procmail Configuration File Part IV - Test the Configuration Part I - Configure Postfix 1. In the file /etc/postfix/main.cf, change the option mailbox_command in the following way: mailbox_command = /usr/bin/procmail 2. Restart Postfix by entering rcpostfix restart Part II - Create Mailboxes in the Home Directory of User jgoldman 1. Make sure that the jgoldman user account is available. Otherwise, create a new account by entering useradd -m jgoldman 2. From the terminal emulation where you are logged in as user root, switch to user jgoldman by entering su - jgoldman 3. Create a Mail directory by entering mkdir Mail WB 3-20 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

4. Create two mailboxes by entering touch Mail/Inbox Mail/Training Part III - Create the procmail Configuration File 1. Start your favorite text editor and create a new file ~/.procmailrc. 2. Enter PATH=/bin:/usr/bin MAILDIR=$HOME/Mail LOGFILE=$MAILDIR/mail.log 3. To configure that all email messages from user geeko arrive in the Training mailbox, enter :0 * ^From.*geeko $MAILDIR/Training 4. To let all other email arrive in the Inbox mailbox, append: :0 * $MAILDIR/Inbox 5. Save the file and close the editor. Part IV - Test the Configuration 1. In a terminal window, enter su - geeko and the password novell to switch to the user geeko. 2. Send an email to jgoldman by entering mail jgoldman. 3. Enter the subject and some text; finish the mail by doing the following: a. Press Enter. b. Type. (dot). c. Press Enter. 4. Switch back to the user jgoldman by entering exit. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-21

SUSE Linux Enterprise Server 10: Networking Services / Workbook 5. Using cat Mail/Training, you should see the email you just wrote as geeko. 6. Switch back to user root by entering exit. 7. As root, send an email to jgoldman by entering mail jgoldman. 8. Enter the subject and some text; finish the mail by doing the following: a. Press Enter. b. Type. (dot). c. Press Enter. 9. Switch to user jgoldman by entering su - jgoldman 10. Using cat Mail/Inbox you should see the mail you just wrote as root. 11. Switch back to user root by entering exit. (End of Exercise) WB 3-22 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

Exercise 3-8 Manage Spam with SpamAssassin In this exercise, you install and configure SpamAssassin to manage spam. You use a sample spam mail from the Course DVD to test your configuration. Complete the following: Part I - Install SpamAssassin Part II - Test SpamAssassin Part III - Configure Postfix Part IV - Configure Procmail Part V - Test SpamAssassin Configuration Part I - Install SpamAssassin 1. Start YaST from the main menu. 2. Enter the root password (novell) and select OK. 3. From the YaST Control Center, select Software > Software Management 4. From the filter drop-down menu, select Search. 5. In the Search field, enter spamassassin; then select Search. 6. On the right, select the spamassassin package. 7. Select Accept; then insert the SUSE Linux Enterprise Server 10 DVD. 8. When installation is complete, remove the DVD and close the YaST Control Center. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-23

SUSE Linux Enterprise Server 10: Networking Services / Workbook Part II - Test SpamAssassin 1. Copy the file sample-spam.txt from the Course DVD into your home directory. 2. Pipe the copied message into SpamAssassin by entering cat sample-spam.txt spamassassin 3. When the output appears, look for the lines beginning with X-Spam. Alternatively you can pipe the output from the previous command into grep: cat sample-spam.txt spamassassin grep X-Spam Part III - Configure Postfix 1. Open the file /etc/postfix/master.cf by entering vi /etc/postfix/master.cf 2. Make sure the smtpd definition looks like the following smtp inet n - n - - smtpd 3. Save the file and exit by entering :wq. 4. Open the file /etc/postfix/master.cf by entering vi /etc/postfix/main.cf 5. Make sure that Procmail is used to deliver email. mailbox_command = /usr/bin/procmail 6. Save the file and exit by entering :wq. 7. Restart Postfix by entering rcpostfix restart Part IV - Configure Procmail 1. Create a new file /etc/procmailrc by entering vi /etc/procmailrc WB 3-24 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

2. Enter the following content: LOGFILE=/tmp/procmail.log VERBOSE=yes :0 hbfw /usr/bin/spamc 3. Save the file and exit by entering :wq. Part V - Test SpamAssassin Configuration 1. Start the spamd by entering rcspamd start 2. Copy the files in /media/cdrom/section_4/ from the Course DVD into your home directory. 3. Send an email to user geeko by entering (in one line) cat sample-nonspam.txt /usr/sbin/sendmail geeko@digitalairlines.com 4. Switch to user geeko by entering su - geeko 5. Enter mail. 6. Enter the number of the email of jgoldman and look for the SpamAssassin header entries. 7. Quit mail by entering q. 8. Switch back to the user root by entering exit. 9. Send an spam email to user geeko by entering (in one line) cat sample-spam.txt /usr/sbin/sendmail geeko@digitalairlines.com 10. Switch to user geeko by entering su - geeko 11. Enter mail. 12. Enter the number of the email of jgoldman and look for the SpamAssassin header entries. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-25

SUSE Linux Enterprise Server 10: Networking Services / Workbook 13. Quit mail by entering q. 14. Switch back to the user root by entering exit. (End of Exercise) WB 3-26 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

Exercise 3-9 Use AVMailGate as a Virus Scanner for Email In this exercise, you install and configure AVMailGate as a virus scanner for mails. Finally, you update the AVMailGate virus signatures. Do the following: Part I - Install AVMailGate Part II - Configure Postfix to Use AVMailGate as Content Filter Part III - Configure the Ports for AVMailGate to Use Part IV - Check Configuration Using a Virus File from CD Part V - Update Your Virus Signatures Part I - Install AVMailGate 1. From the main menu, start YaST. 2. Enter the root password (novell) and select OK. 3. From the YaST Control Center, select Software > Software Management. 4. From the filter drop-down menu, select Search. 5. In the Search field, enter avmailgate; then select Search. 6. On the right, select the avmailgate package. 7. Select Accept; then insert the SUSE Linux Enterprise Server 10 DVD. 8. Select Continue to resolve dependencies. 9. When installation is complete, remove the DVD and close the YaST Control Center. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-27

SUSE Linux Enterprise Server 10: Networking Services / Workbook Part II - Configure Postfix to Use AVMailGate as Content Filter 1. Open the file /etc/postfix/master.cf in a text editor. 2. Uncomment the following line (on one line): localhost:10025 inet n - n - - smtpd -o content_filter= 3. Add the following line in /etc/postfix/main.cf: content_filter = smtp:127.0.0.1:10024 4. Save the file. 5. Enter postfix reload. Part III - Configure the Ports for AVMailGate to Use 1. To ensure that AVMailGate listens on port 10024 and not on port 25, edit /etc/avmailgate.conf: ListenAddress 127.0.0.1 port 10024 2. To ensure that AvMailGate sends mails back to Postfix via SMTP on host localhost via port 10025, edit /etc/avmailgate.conf: ForwardTo SMTP: localhost port 10025 3. Because AvMailGate sends out notification messages as AvMailGate, set an alias in /etc/aliases: avmailgate: root 4. Enter newaliases. 5. Enter rcavgate start. Part IV - Check Configuration Using a Virus File from CD 1. Log in as user geeko. 2. Send an infected mail to user root by entering mail root -s Virus Test -a /media/cdrecorder/section_4/sample-virus-executable.txt WB 3-28 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

3. Enter some text for the email message This is an infected mail.. 4. Log in as user root. 5. Check whether the mail queue is empty by entering mailq 6. Check whether the infected mail arrived by entering mail 7. Check whether the infected mail was detected by entering ls /var/spool/avmailgate/rejected Part V - Update Your Virus Signatures 1. To check for a new version of the virus signatures, enter /usr/lib/antivir/antivir --update --check 2. To download the virus signatures, enter /usr/lib/antivir/antivir --update (End of Exercise) Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-29

SUSE Linux Enterprise Server 10: Networking Services / Workbook Exercise 3-10 Use AMaViSd as Virus Scanner for Email In this exercise, you install and configure AMaViSd. Virus notifications should be sent to user root. You test your configuration by using telnet and by sending a test virus file by mail. Do the following: Part I - Install AMaViSd Part II - Change /etc/sysconfig/amavis Part III - Change /etc/amavisd.conf Part IV - Test the Configuration Part I - Install AMaViSd 1. From the main menu, start YaST. 2. Enter the root password (novell) and select OK. 3. From the YaST Control Center, select Software > Software Management. 4. From the filter drop-down menu, select Search. 5. In the Search field, enter amavis; then select Search. 6. On the right, select the amavisd-new package. 7. Select Accept; then insert the SUSE Linux Enterprise Server 10 DVD. 8. Select Continue to resolve dependencies. 9. When installation is complete, remove the DVD and close the YaST Control Center. WB 3-30 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

Part II - Change /etc/sysconfig/amavis 1. Open the file /etc/sysconfig/amavis by entering vi /etc/sysconfig/amavis 2. Change the line with the variable USE_AMAVIS to USE_AMAVIS= yes 3. Exit vi by entering :wq. 4. Enter SuSEconfig. 5. Look at the messages of the output. If the file /etc/postfix/master.cf is left untouched, overwrite this file by entering mv /etc/postfix/master.cf.suseconfig /etc/postfix/master.cf 6. Open the file /etc/postfix/master.cf by entering vi /etc/postfix/master.cf 7. Add the following lines to the file /etc/postfix/master.cf: smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 8. Exit vi by entering :wq. 9. Open the file /etc/postfix/main.cf by entering vi /etc/postfix/main.cf 10. To remove Procmail from the mailbox_command (entered in a previous exercise), enter: mailbox_command = 11. Add the following line to /etc/postfix/main.cf: content_filter = smtp-amavis:[127.0.0.1]:10024 12. Exit vi by entering :wq. 13. Restart Postfix by entering rcpostfix reload. Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-31

SUSE Linux Enterprise Server 10: Networking Services / Workbook Part III - Change /etc/amavisd.conf 1. Open the file /etc/amavis.conf by entering vi /etc/amavis.conf 2. Modify the $mydomain variable to $mydomain = 'digitalairlines.com'; 3. Change the mail address where virus notifications should be sent to root: $virus_admin = "root\@$mydomain"; 4. Exit vi by entering :wq. 5. Start the AMaViSd by entering rcamavis start. Part IV - Test the Configuration 1. Check whether Postfix listens on port 10025 by entering telnet 127.0.0.1 10025 2. Enter quit. 3. Check whether the AMaViSd listens on port 10024 by entering telnet 127.0.0.1 10024 4. Enter mail from: jgoldman@digitalairlines.com 5. Enter rcpt to: geeko@digitalairlines.com 6. Enter data 7. Open the file /usr/share/doc/packages/amavisd-new/test-messages/ sample-virus-simple.txt and copy the last line into the clipboard. The line looks like this: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD- ANTIVIRUS-TEST-FILE!$H+H* 8. Paste the content of the clipboard into the first terminal and do the following: a. Press Enter. b. Type. (dot). WB 3-32 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1

c. Press Enter. 9. You should get a virus warning like the following one: 250 2.7.1 Ok, discarded, id=14069-01-2 - VIRUS: Eicar-Test-Signature 10. Enter quit. Part V - Send a Virus Email 1. Log in as user jgoldman by entering su - jgoldman. 2. Send a virus mail to user tux by entering mail geeko@digitalairlines.com < /usr/share/doc/packages/amavisd-new/test-messages/sample -virus-simple.txt 3. Log out by entering exit. 4. As root, enter mail to look for new email. There should be an email from virusalert in your mail folder. (End of Exercise) Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 3-33