====== Howto install Maia on ispCP  ======

\\
This documents is published under the GNU\\
It based on the !HowTo from Andre Pohl and is modified by schnere - Thanks them.\\
Absolutely no warranty, use it at your own risk.\\

====== 0.) Conditions ======
\\
You need Debian Etch 4.0 and a running ispCP Omega on your System

====== 1.) Stop postfix ======

<code>
# /etc/init.d/postfix stop
</code>

====== 2.) Update your packages and install some new one ======

<code>
# apt-get update && apt-get upgrade
# apt-get install libdbd-mysql-perl libdbi-perl libphp-jpgraph libossp-uuid-perl php-pear
</code>

====== 3.) Recommended pear-modules ======

<code>
# pear upgrade-all                         #Errors could be ignored 
# pear install Log Mail_Mime Mail_mimeDecode File Date DB DB_Pager Net_Sieve Net_Pop3
# pear -d preferred_state=alpha install Image_Color Image_Canvas Image_Graph Numbers_Roman Numbers_Words
# pear install Pager Net_SMTP Auth_SASL
</code>

====== 4.) Install AMaVis ======

<code>
# apt-get install amavisd-new spamassassin clamav clamav-daemon
</code>

On installation of cclamAV, i got an Error: //This version of the ClamAV engine is outdated.//. There is an Advice at the clamAV-Page, that all Versions earlyer than 0.95 are not supportet anymore.
For Debian Lenny do the following to install the newest Version:
[[http://lists.debian.org/debian-volatile-announce/2009/msg00010.html]]

Attention: Please make a backup of every single config that you modify\\


====== 5.) Modifiy the Postfix Config ======


Open the main.cf and activate AMaViS
<code>
# vi /etc/postfix/main.cf
</code>

Search for this Part and remove the "#" before the line, that it looks like this:
<code>
#
# AMaViS parameters; activate, if avaible/used
#

content_filter = amavis:[127.0.0.1]:10024
</code>

Add the following line to the config. This prevents spamassassin to score authenticated users basend on their IP:
<code>
smtpd_sasl_authenticated_header = yes
receive_override_options = no_address_mappings
</code>

If you use "domain mail" and "mail forward" for the same emailadress you must edit this!
Otherwise the email forwarder will receive the email two times. 
open master.cf
<code>
# vi /etc/postfix/master.cf
</code>

Search for this Part
<code>localhost:10025 inet  n -       n       -      -        smtpd
   -o content_filter=
   -o local_recipient_maps=
   -o relay_recipient_maps=
   -o smtpd_restriction_classes=
   -o smtpd_client_restrictions=
   -o smtpd_helo_restrictions=
   -o smtpd_sender_restrictions=
   -o smtpd_recipient_restrictions=permit_mynetworks,reject
   -o smtpd_override_options=no_address_mappings
   -o mynetworks=127.0.0.0/8
   -o strict_rfc821_envelopes=yes</code>
Add this line after
<code>-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks</code>

====== 6.) Modify the AMaViS config ======
\\

Out to compatibility-base we must use an extern configuration file
<code>
# cd /etc/amavis
# wget http://www200.pair.com/mecham/amavisd.conf.maia
# mv amavisd.conf.maia amavisd.conf
</code>

Open the config
<code>
# vi /etc/amavis/amavisd.conf
</code>

First, change '$mydomain' and '$myhostname' to yours.
Then search for these entries:
<code>
$final_virus_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_bad_header_destiny = D_DISCARD;
</code>
and add this text block after it:
<code>
$warnvirussender = 1;
$warnspamsender = 0;
$warnbannedsender = 1;
$warnvirusrecip = 1;
$warnbannedrecip = 1;
</code>
search for this line and enter a new AMaVis password
<code>
lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', 'amavis', '_YOUR_PASS_'] );

</code>
and after
<code>
$X_HEADER_TAG = 'X-Virus-Scanned';
$X_HEADER_LINE = "Maia Mailguard 1.0.2";
</code>
copy these lines
<code>
use DBI;
my $db = "ispcp";
my $user="root";           # Type here your ispCP MySQL User 
			   # (is the same you typed during the setup)
my $host="localhost";
my $password="_YOUR_PASS"; # Type here your ispCP MySQL Password 
			   #(is the same you typed during the setup)

my $dbh = DBI->connect("DBI:mysql:database=$db;host=$host", $user, $password, {RaiseError => 1});
my $arr = $dbh->selectcol_arrayref('SELECT domain_name, 1 FROM domain', {Columns=>[1,2]});
my $arre = $dbh->selectcol_arrayref('SELECT alias_name, 1 FROM domain_aliasses', {Columns=>[1,2]});

my $lis = ($arre,$arr);
%local_domains = (@$arr,@$arre);
</code>
====== 7.) The Spamassassin config ======
Please create a config with the generator at http://www.yrex.com/spam/spamconfig.php
and save it under "/etc/spamassassin/local.cf"

====== 8.) Add user clamav to the amavis group ======

<code>
# usermod -G amavis clamav
</code>

====== 9.) MySQL must start before AMaVis ======

<code>
# update-rc.d -f mysql remove
# update-rc.d mysql start 18 2 3 4 5 . stop 22 0 1 6 .
</code>

====== 10.) Restart the services ======

<code>
# /etc/init.d/amavis restart
# /etc/init.d/clamav-daemon restart
# /etc/init.d/postfix restart
</code>

====== 11.) Install Maia ======


We create a new directory and donwload the needed files.\\
You must change the second file (maia-lang-de.tar.gz) if German "de" is not your default language. Change it to your need. English is per default running.
<code>
# mkdir /usr/src/maia
# cd /usr/src/maia
# wget http://www.maiamailguard.com/files/maia-1.0.2a.tar.gz
# wget http://www.maiamailguard.com/files/maia-lang-de.tar.gz
# wget http://ratsnet.org/vhcs/maia_vhcs_theme_v2.12.tar.bz2
</code>
===== Decompress the files. =====
 \\
(You must also change the name of the second file here if you use an other instead of German)
<code>
# tar -xzf maia-1.0.2a.tar.gz
# tar -xzf maia-lang-de.tar.gz
# tar xjvf maia_vhcs_theme_v2.12.tar.bz2
</code>
===== Create the Maia-DB =====

<code>
# cd /usr/src/maia
# mysql -u root -p
mysql> CREATE DATABASE maia;
mysql> quit
</code>
Give the user 'amavis' a Password
<code>
# passwd amavis
</code>

===== Give the user 'amavis' no shell =====
 
<code>
# chsh -s /bin/false amavis
</code>

===== Create the DB structure and set the permissions =====

(change '_YOUR_AMaVIS_PASS_' to your Pass)
<code>
# cd /usr/src/maia/maia-1.0.2
# mysql -u root -p maia < maia-mysql.sql
# mysql -u root -p maia
mysql> GRANT CREATE, DROP, ALTER, SELECT, INSERT, UPDATE, DELETE ON
mysql> maia.* TO amavis@localhost IDENTIFIED BY '_YOUR_AMaVIS_PASS_';
mysql> quit
</code>

===== Create directories for Maia =====

<code>
# mkdir /var/lib/amavis/maia
# mkdir /var/lib/amavis/maia/scripts
# mkdir /var/lib/amavis/maia/templates
</code>

===== The Maia config =====

<code>
# cd /usr/src/maia/maia-1.0.2
# mv maia.conf.dist maia.conf
# vi maia.conf
</code>

Change $password to your AMaViS Password
and $base_url to http://admin.yourserver.tld/tools/antispam

And also correct the following file locations 

<code>
$script_dir = "/var/lib/amavis/maia/scripts";
$template_dir = "/var/lib/amavis/maia/templates";
$pid_file = "/var/run/amavis/.process-quarantine.pid";
</code>

===== Copy the files =====

<code>
# cp /usr/src/maia/maia-1.0.2/maia.conf /etc/maia.conf
# cp -R /usr/src/maia/maia-1.0.2/scripts/* /var/lib/amavis/maia/scripts
# cp -R /usr/src/maia/maia-1.0.2/templates/* /var/lib/amavis/maia/templates
</code>

===== Set the right permissions =====

<code>
# chown -R amavis /var/lib/amavis/maia
# chgrp -R amavis /var/lib/amavis/maia
# chmod 640 /var/lib/amavis/maia/templates/*.tpl
# chmod 750 /var/lib/amavis/maia/scripts/*.pl
# chown amavis /etc/maia.conf
# chgrp amavis /etc/maia.conf
# chmod 640 /etc/maia.conf
</code>

===== Correct the directories in the scripts =====

<code>
# vi /var/lib/amavis/maia/scripts/process-quarantine.pl
</code>
change '/var/amavisd/maia/scripts' to '/var/lib/amavis/maia/scripts'
and also change '/var/amavisd/.process-quarantine.pid' to '/var/run/amavis/.process-quarantine.pid'
<code>
# vi /var/lib/amavis/maia/scripts/send-quarantine-digests.pl
</code>
change '/var/amavisd/maia/templates/' to '/var/lib/amavis/maia/templates/'
and change the $base_url with used before

===== Then we can test the config =====

<code>
# cd /var/lib/amavis/maia/scripts
# ./configtest.pl
</code>
"NOT INSTALLED" is OK for some modules.

===== Import the Spamassassin rules =====

<code>
# cd /var/lib/amavis/maia/scripts
# ./load-sa-rules.pl
</code>
===== 
Install the Webinterface =====

<code>
# mkdir /var/www/ispcp/gui/tools/antispam
# cp -R /usr/src/maia/maia-1.0.2/php/* /var/www/ispcp/gui/tools/antispam
</code>

===== Copy the German locales =====
\\
Must be changed to your language if you do not use German.
<code>
# mkdir /var/www/ispcp/gui/tools/antispam/locale/de
# cp -R /usr/src/maia/de/* /var/www/ispcp/gui/tools/antispam/locale/de
</code>

===== Edit the config.php =====

<code>
# cd /var/www/ispcp/gui/tools/antispam
# mv config.php.dist config.php
# vi config.php
</code>

===== Change the default settings =====

(change '_YOUR_AMaVIS_PASS_ to your Pass)
<code>
$default_display_language = "de";
$maia_sql_dsn = "mysql://amavis:_YOUR_AMaVis_PASSd@tcp(localhost:3306)/maia";
$address_rewriting_type = 4;
$auth_method = "pop3";
</code>

====== 12.) Install the SMARTY TEMPLATE ENGINE ======

<code>
# cd /usr/src/maia/
# wget http://www.smarty.net/do_download.php?download_file=Smarty-2.6.20.tar.gz
# tar -xzf Smarty-2.6.20.tar.gz
# cd Smarty-2.6.20/libs
# mkdir /var/www/ispcp/gui/tools/antispam/libs/Smarty
# cp -R ./* /var/www/ispcp/gui/tools/antispam/libs/Smarty
</code>

Or ''alternatively'' on Debian ...

<code>
apt-get install smarty
</code>
and edit the following file
<code>
# vi /var/www/ispcp/gui/tools/antispam/config.php
</code>
uncomment the following line
<code>
$smarty_path = "/var/www/ispcp/gui/tools/antispam/libs/Smarty";
</code>

====== 13.) Install the modern_blue Theme ======

<code>
# mkdir /var/www/ispcp/gui/tools/antispam/themes/modern_blue
# cp -R /usr/src/maia/modern_blue/* /var/www/ispcp/gui/tools/antispam/themes/modern_blue
</code>

Then, if you loged in, into Maia Admin Panel, go to Themes (Key Icon), and add the modern_blue Theme from the below to the above Table. Than go to Settings and choose it as Theme 

===== Set the Permissions =====

<code>
# chown -R vu2000:www-data /var/www/ispcp/gui/tools/antispam
# chmod -R 555 /var/www/ispcp/gui/tools/antispam
# chmod -R 755 /var/www/ispcp/gui/tools/antispam/themes
</code>

====== 14.) Apache meets Maia ======

<code>
# cd /etc/apache2/sites-available/
# vi 00_master.conf
</code>
After this:
<code>
Alias /ftp    /var/www/ispcp/gui/tools/filemanger/
</code>
add this line:
<code>
Alias /antispam     /var/www/ispcp/gui/tools/antispam/
</code>

===== Restart Apache =====

<code>
# /etc/init.d/apache2 restart
</code>

====== 15.) Test the GUI ======
\\
Open this URL on your Server:
http://admin.yourserver.tld/tools/antispam/admin/configtest.php

Here should everything looks 'OK'. If not install the needed modules with
<code>
pear install modulname
</code>
There is an error in PEAR::Image_Graph 0.7.2 that would be fixed in 0.7.3.\\
Up to then use this Patch ->[http://www.maiamailguard.org/maia/ticket/326]\\

Or you can download a patched Version:
<code>
cd /usr/share/php/Image/Graph/Plot/
mv Pie.php Pie.php.orig
wget http://www200.pair.com/mecham/Pie.php.txt
mv Pie.php.txt Pie.php 
</code>

Does not need a OK:
<code>
PostgreSQL Support
PEAR::Net_IMAP
IMAP library
LDAP library
MCrypt library
</code>

====== 16.) Maia-AMaVis ======
\\
Maia need its own AMaVis, it´s a part of the package.
<code>
# mv /usr/sbin/amavisd-new /usr/sbin/amavisd-bak
# cp /usr/src/maia/maia-1.0.2/amavisd-maia /usr/sbin/amavisd-new
# chown root /usr/sbin/amavisd-new
# chmod 755 /usr/sbin/amavisd-new
</code>

====== 17.) Edit the Spamassassin config ======

<code>
# vi /etc/spamassassin/local.cf
</code>

Add these lines on the end of the file and set your PW
<code>
# Bayes database configuration
use_bayes 1
bayes_store_module Mail::SpamAssassin::BayesStore::SQL
bayes_sql_dsn DBI:mysql:maia
bayes_sql_username amavis
bayes_sql_password _YOUR_AMaViS_PASS_ # <-- change '_YOUR_AMaViS_PASS_ to your Pass
bayes_sql_override_username amavis
bayes_auto_learn 1
bayes_auto_learn_threshold_nonspam 0.1
bayes_auto_learn_threshold_spam 10.0
bayes_use_hapaxes 1
#bayes_use_chi2_combining 1          # in newer versions unknown
bayes_ignore_header ReSent-Date
bayes_ignore_header ReSent-From
bayes_ignore_header ReSent-Message-ID
bayes_ignore_header ReSent-Subject
bayes_ignore_header ReSent-To
bayes_ignore_header Resent-Date
bayes_ignore_header Resent-From
bayes_ignore_header Resent-Message-ID
bayes_ignore_header Resent-Subject
bayes_ignore_header Resent-To
bayes_ignore_header X-Received-From-IP
bayes_ignore_header X-Virus-Scanned
bayes_ignore_header X-Spam-Status
bayes_ignore_header X-Spam-Level
bayes_ignore_header X-Sender
bayes_ignore_header X-Mailer
# Auto-Whitelist configuration
auto_whitelist_factory Mail::SpamAssassin::SQLBasedAddrList
user_awl_dsn DBI:mysql:maia
user_awl_sql_username amavis
user_awl_sql_password _YOUR_AMaViS_ # <-- change '_YOUR_AMaVis_PASS_ to your Pass
</code>

===== Create a symlink to the AMaViS config =====

<code>
# ln -s /etc/amavis/amavisd.conf /etc/amavisd.conf
</code>
===== Restart AMaVis =====

<code>
# /etc/init.d/amavis restart
</code>

====== 18.) Register as Maia-Admin ======
\\
Go the the URL:\\
http://admin.yourserver.tld/tools/antispam/login.php?super=register

You have to register an existing Mailbox on your Server like admin@domain.tld or yourname@domain.tld. With this Login you are later the Maia-Admin and can control all.

====== 19.) Maintenance Scripts ======
\\
Maia can learn and become fat.\\
So we need some maintenance scripts in the cron
<code>
crontab –u amavis -e
</code>

===== Insert the scripts =====

<code>
55 * * * * /var/lib/amavis/maia/scripts/process-quarantine.pl --learn --report
1 * * * * /var/lib/amavis/maia/scripts/stats-snapshot.pl
5 1 * * * /var/lib/amavis/maia/scripts/expire-quarantine-cache.pl
@weekly /var/lib/amavis/maia/scripts/send-quarantine-reminders.pl
#15 1 * * * /var/lib/amavis/maia/scripts/send-quarantine-digests.pl
</code>

====== 20.) The UTF-8 Patch (optional) ======
\\
Edit: /usr/local/share/perl/5.8.8/Net/Cmd.pm (5.8.8 can be any other Perl version) and comment the following lines (389-393):
<code>
if ($doUTF8) {
    # encode to individual utf8 bytes if
    # $line is a string (in internal UTF-8)
    utf8::encode($line) if utf8::is_utf8($line);
  }
</code>
This problem occurs on ''SMTP 2.20'' and ''above'' and will rewrite all your mails in UTF-8. (Not good if send e.g. in ISO-8859-1).

- Done

====== 21.) Test your System ======
\\
You can test your AnitSpam and AntiVirus system with these two lines.

===== The GTUBE =====
(Generic Test for Unsolicited Bulk Email)\\
Send this line per E-Mail to a User of your System.\\
Should recognize as SPAM with 1000 points in Spamassassian.
<code>
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
</code>

===== The EICAR TEST-FILE =====
\\
Send this line per E-Mail to a User of your System.\\
ClamAV should recognize it as a Virus.
<code>
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 
</code>

====== 22. Delete the admin subdirectory ======

The PHP scripts installed earlier included a number of administration scripts in the admin subdirectory. Once you've got Maia Mailguard up and running properly, you no longer need these scripts, and should delete that subdirectory and its contents as a security precaution, so that web visitors cannot access those scripts. 


Useful Links\\
http://www.maiamailguard.com/maia/wiki/Install\\
http://www.bluevisiontec.com/Maia_Mailguard.pdf --> The original Document in German

To do:\\
- HowTo patch 1.0.2 -> 1.0.2a http://www.maiamailguard.org/maia/ticket/479\\ 
- Upgrade HowTo http://www.maiamailguard.com/maia/wiki/UpgradeFrom1-0-x\\
- Add RulesDuJour Script\\
- Add Digest SQL Script