This documents is published under the GNU
It based on the !HowTo from Andre Pohl and is modified by schnere - Thanks them.
Absolutely no warranty, use it at your own risk.

You need Debian Etch 4.0 and a running ispCP Omega on your System

 
 # /etc/init.d/postfix stop
 

 
 # apt-get update && apt-get upgrade
 # apt-get install libdbd-mysql-perl libdbi-perl libphp-jpgraph libossp-uuid-perl php-pear
 

 
 # pear upgrade-all                         #Errors could be ignored 
 # pear install Log Mail_Mime File Date DB DB_Pager Net_Sieve Net_Pop3
 # pear -d preferred_state=alpha install Image_Color Image_Canvas Image_Graph Numbers_Roman Numbers_Words
 # pear install Pager Net_SMTP Auth_SASL
 

 
 # apt-get install amavisd-new spamassassin clamav clamav-daemon
 

Attention: Please make a backup of every single config that you modify

Open the main.cf and activate AMaViS

 
 # vi /etc/postfix/main.cf
 

Search for this Part and remove the ”#” before the line, that it looks like this:

 
 #
 # AMaViS parameters; activate, if avaible/used
 #
 content_filter = amavis:[127.0.0.1]:10024
 

Add the following line to the config. This prevents spamassassin to score authenticated users basend on their IP:

 
 smtpd_sasl_authenticated_header = yes
 

Out to compatibility-base we must use an extern configuration file

 
 # cd /etc/amavis
 # wget http://www200.pair.com/mecham/amavisd.conf.maia
 # mv amavisd.conf.maia amavisd.conf
 

Open the config

 
 # vi /etc/amavis/amavisd.conf
 

First, change '$mydomain' and '$myhostname' to yours. Then search for these entries:

 
 $ final_virus_destiny = D_DISCARD;
 $ final_spam_destiny = D_DISCARD;
 $ final_banned_destiny = D_DISCARD;
 $ final_bad_header_destiny = D_DISCARD;
 

and add this text block after it:

 
 $ warnvirussender = 1;
 $ warnspamsender = 0;
 $ warnbannedsender = 1;
 $ warnvirusrecip = 1;
 $ warnbannedrecip = 1;
 

search for this line and enter a new AMaVis password

 
 lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', 'amavis', '_YOUR_PASS_'] );
 

and after

 
 $ X_HEADER_TAG = 'X-Virus-Scanned';
 $ X_HEADER_LINE = "Maia Mailguard 1.0.2";
 

copy these lines

use DBI;
my $db = "ispcp";
my $user="root";           # Type here your ispCP MySQL User 
			   # (is the same you typed during the setup)
my $host="localhost";
my $password="_YOUR_PASS"; # Type here your ispCP MySQL Password 
			   #(is the same you typed during the setup)

my $dbh = DBI->connect("DBI:mysql:database=$db;host=$host", $user, $password, {RaiseError => 1});
my $arr = $dbh->selectcol_arrayref('SELECT domain_name, 1 FROM domain', {Columns=>[1,2]});
my $arre = $dbh->selectcol_arrayref('SELECT alias_name, 1 FROM domain_aliasses', {Columns=>[1,2]});

my $lis = ($arre,$arr);
%local_domains = (@$arr,@$arre);

Please create a config with the generator at http://www.yrex.com/spam/spamconfig.php and save it under ”/etc/spamassassin/local.cf”

 
 # usermod -G amavis clamav
 

 
 # update-rc.d -f mysql remove
 # update-rc.d mysql start 18 2 3 4 5 . stop 22 0 1 6 .
 

 
 # /etc/init.d/amavis restart
 # /etc/init.d/clamav-daemon restart
 # /etc/init.d/postfix restart
 

We create a new directory and donwload the needed files.
You must change the second file (maia-lang-de.tar.gz) if German “de” is not your default language. Change it to your need. English is per default running.

 
 # mkdir /usr/src/maia
 # cd /usr/src/maia
 # wget http://www.maiamailguard.com/files/maia-1.0.2a.tar.gz
 # wget http://www.maiamailguard.com/files/maia-lang-de.tar.gz
 # wget http://ratsnet.org/vhcs/maia_vhcs_theme_v2.12.tar.bz2
 

(You must also change the name of the second file here if you use an other instead of German)

 
 # tar -xzf maia-1.0.2a.tar.gz
 # tar -xzf maia-lang-de.tar.gz
 # tar xjvf maia_vhcs_theme_v2.12.tar.bz2
 

 
 # cd /usr/src/maia
 # mysql -u root -p
 mysql> CREATE DATABASE maia;
 mysql> quit
 

Give the user 'amavis' a Password

 
 # passwd amavis
 

 
 # chsh -s /bin/false amavis
 

(change '_YOUR_AMaVIS_PASS_' to your Pass)

 
 # cd /usr/src/maia/maia-1.0.2
 # mysql -u root -p maia < maia-mysql.sql
 # mysql -u root -p maia
 mysql> GRANT CREATE, DROP, ALTER, SELECT, INSERT, UPDATE, DELETE ON
 mysql> maia.* TO amavis@localhost IDENTIFIED BY '_YOUR_AMaVIS_PASS_';
 mysql> quit
 

 
 # mkdir /var/lib/amavis/maia
 # mkdir /var/lib/amavis/maia/scripts
 # mkdir /var/lib/amavis/maia/templates
 

 
 # cd /usr/src/maia/maia-1.0.2
 # mv maia.conf.dist maia.conf
 # vi maia.conf
 

Change $password to your AMaViS Password and $base_url to http://admin.yourserver.tld/tools/antispam

And also correct the following file locations

 
 $ script_dir = "/var/lib/amavis/maia/scripts";
 $ template_dir = "/var/lib/amavis/maia/templates";
 $ pid_file = "/var/run/amavis/.process-quarantine.pid";
 

 
 # cp /usr/src/maia/maia-1.0.2/maia.conf /etc/maia.conf
 # cp -R /usr/src/maia/maia-1.0.2/scripts/* /var/lib/amavis/maia/scripts
 # cp -R /usr/src/maia/maia-1.0.2/templates/* /var/lib/amavis/maia/templates
 

 
 # chown -R amavis /var/lib/amavis/maia
 # chgrp -R amavis /var/lib/amavis/maia
 # chmod 640 /var/lib/amavis/maia/templates/*.tpl
 # chmod 750 /var/lib/amavis/maia/scripts/*.pl
 # chown amavis /etc/maia.conf
 # chgrp amavis /etc/maia.conf
 # chmod 640 /etc/maia.conf
 

 
 # vi /var/lib/amavis/maia/scripts/process-quarantine.pl
 

change '/var/amavisd/maia/scripts' to '/var/lib/amavis/maia/scripts' and also change '/var/amavisd/.process-quarantine.pid' to '/var/run/amavis/.process-quarantine.pid'

 
 # vi /var/lib/amavis/maia/scripts/send-quarantine-digests.pl
 

change '/var/amavisd/maia/templates/' to '/var/lib/amavis/maia/templates/' and change the $base_url with used before

 
 # cd /var/lib/amavis/maia/scripts
 # ./configtest.pl
 

“NOT INSTALLED” is OK for some modules.

 
 # cd /var/lib/amavis/maia/scripts
 # ./load-sa-rules.pl
 

Install the Webinterface

 
 # mkdir /var/www/ispcp/gui/tools/antispam
 # cp -R /usr/src/maia/maia-1.0.2/php/* /var/www/ispcp/gui/tools/antispam
 

Must be changed to your language if you do not use German.

 
 # mkdir /var/www/ispcp/gui/tools/antispam/locale/de
 # cp -R /usr/src/maia/de/* /var/www/ispcp/gui/tools/antispam/locale/de
 

 
 # cd /var/www/ispcp/gui/tools/antispam
 # mv config.php.dist config.php
 # vi config.php
 

(change '_YOUR_AMaVIS_PASS_ to your Pass)

 
 $ default_display_language = "de";
 $ maia_sql_dsn = "mysql://amavis:_YOUR_AMaVis_PASSd@tcp(localhost:3306)/maia";
 $ address_rewriting_type = 4;
 $ auth_method = "pop3";
 

 
 # cd /usr/src/maia/
 # wget http://www.smarty.net/do_download.php?download_file=Smarty-2.6.20.tar.gz
 # tar -xzf Smarty-2.6.20.tar.gz
 # cd Smarty-2.6.20/libs
 # mkdir /var/www/ispcp/gui/tools/antispam/libs/Smarty
 # cp -R ./* /var/www/ispcp/gui/tools/antispam/libs/Smarty
 

Or alternatively on Debian …

 
 apt-get install smarty
 

and edit the following file

 
 # vi /var/www/ispcp/gui/tools/antispam/config.php
 

uncomment the following line

 
 $ smarty_path = "/var/www/ispcp/gui/tools/antispam/libs/Smarty";
 

 
 # mkdir /var/www/ispcp/gui/tools/antispam/themes/modern_blue
 # cp -R /usr/src/maia/modern_blue/* /var/www/ispcp/gui/tools/antispam/themes/modern_blue
 

 
 # chown -R vu2000:www-data /var/www/ispcp/gui/tools/antispam
 # chmod -R 555 /var/www/ispcp/gui/tools/antispam
 # chmod -R 755 /var/www/ispcp/gui/tools/antispam/themes
 

 
 # cd /etc/apache2/sites-available/
 # vi 00_master.conf
 

After this:

 
 Alias /ftp    /var/www/ispcp/gui/tools/filemanger/
 

add this line:

 
 Alias /antispam     /var/www/ispcp/gui/tools/antispam/
 

 
 # /etc/init.d/apache2 restart
 

Open this URL on your Server: http://admin.yourserver.tld/tools/antispam/admin/configtest.php

Here should everything looks 'OK'. If not install the needed modules with

 
 pear install modulname
 

There is an error in PEAR::Image_Graph 0.7.2 that would be fixed in 0.7.3.
Up to then use this Patch →[http://www.maiamailguard.org/maia/ticket/326]

Or you can download a patched Version:

 
 cd /usr/share/php/Image/Graph/Plot/
 mv Pie.php Pie.php.orig
 wget http://www200.pair.com/mecham/Pie.php.txt
 mv Pie.php.txt Pie.php 
 

Does not need a OK:

 
 PostgreSQL Support
 PEAR::Net_IMAP
 IMAP library
 LDAP library
 MCrypt library
 

Maia need its own AMaVis, it´s a part of the package.

 
 # mv /usr/sbin/amavisd-new /usr/sbin/amavisd-bak
 # cp /usr/src/maia/maia-1.0.2/amavisd-maia /usr/sbin/amavisd-new
 # chown root /usr/sbin/amavisd-new
 # chmod 755 /usr/sbin/amavisd-new
 

 
 # vi /etc/spamassassin/local.cf
 

Add these lines on the end of the file and set your PW

 
 # Bayes database configuration
 use_bayes 1
 bayes_store_module Mail::SpamAssassin::BayesStore::SQL
 bayes_sql_dsn DBI:mysql:maia
 bayes_sql_username amavis
 bayes_sql_password _YOUR_AMaViS_PASS_ # <-- change '_YOUR_AMaViS_PASS_ to your Pass
 bayes_sql_override_username amavis
 bayes_auto_learn 1
 bayes_auto_learn_threshold_nonspam 0.1
 bayes_auto_learn_threshold_spam 10.0
 bayes_use_hapaxes 1
 #bayes_use_chi2_combining 1          # in newer versions unknown
 bayes_ignore_header ReSent-Date
 bayes_ignore_header ReSent-From
 bayes_ignore_header ReSent-Message-ID
 bayes_ignore_header ReSent-Subject
 bayes_ignore_header ReSent-To
 bayes_ignore_header Resent-Date
 bayes_ignore_header Resent-From
 bayes_ignore_header Resent-Message-ID
 bayes_ignore_header Resent-Subject
 bayes_ignore_header Resent-To
 bayes_ignore_header X-Received-From-IP
 bayes_ignore_header X-Virus-Scanned
 bayes_ignore_header X-Spam-Status
 bayes_ignore_header X-Spam-Level
 bayes_ignore_header X-Sender
 bayes_ignore_header X-Mailer
 # Auto-Whitelist configuration
 auto_whitelist_factory Mail::SpamAssassin::SQLBasedAddrList
 user_awl_dsn DBI:mysql:maia
 user_awl_sql_username amavis
 user_awl_sql_password _YOUR_AMaViS_ # <-- change '_YOUR_AMaVis_PASS_ to your Pass
 

 
 # ln -s /etc/amavis/amavisd.conf /etc/amavisd.conf
 

 
 # /etc/init.d/amavis restart
 

Go the the URL:
http://admin.yourserver.tld/tools/antispam/login.php?super=register

Maia can learn and become fat.
So we need some maintenance scripts in the cron

 
 crontab –u amavis -e
 

 
 55 * * * * /var/lib/amavis/maia/scripts/process-quarantine.pl --learn --report
 1 * * * * /var/lib/amavis/maia/scripts/stats-snapshot.pl
 5 1 * * * /var/lib/amavis/maia/scripts/expire-quarantine-cache.pl
 @weekly /var/lib/amavis/maia/scripts/send-quarantine-reminders.pl
 #15 1 * * * /var/lib/amavis/maia/scripts/send-quarantine-digests.pl
 

Edit: /usr/local/share/perl/5.8.8/Net/Cmd.pm (5.8.8 can be any other Perl version) and comment the following lines (389-393):

 
 if ($ doUTF8) {
     # encode to individual utf8 bytes if
     # $ line is a string (in internal UTF-8)
     utf8::encode($ line) if utf8::is_utf8($line);
   }
 

This problem occurs on SMTP 2.20 and above and will rewrite all your mails in UTF-8. (Not good if send e.g. in ISO-8859-1).

- Done

You can test your AnitSpam and AntiVirus system with these two lines.

(Generic Test for Unsolicited Bulk Email)
Send this line per E-Mail to a User of your System.
Should recognize as SPAM with 1000 points in Spamassassian.

 
 XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
 

Send this line per E-Mail to a User of your System.
ClamAV should recognize it as a Virus.

 
 X5O!P%@AP[4\PZX54(P^)7CC)7}$ EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 
 

The PHP scripts installed earlier included a number of administration scripts in the admin subdirectory. Once you've got Maia Mailguard up and running properly, you no longer need these scripts, and should delete that subdirectory and its contents as a security precaution, so that web visitors cannot access those scripts.

Useful Links
http://www.maiamailguard.com/maia/wiki/Install
http://schnere.bluevisiontec.com/ispcp/Maia_Mailguard.pdf –> The original Document in German

To do:
- HowTo patch 1.0.2 → 1.0.2a http://www.maiamailguard.org/maia/ticket/479
- Upgrade HowTo http://www.maiamailguard.com/maia/wiki/UpgradeFrom1-0-x
- Add RulesDuJour Script
- Add Digest SQL Script