S A V A S M - SpamAssassin Virtual Appliance for SmarterMail . VMW version 0.1.8 . 2008/01/08 0. SAVASM includes: CentOS 4.6 (Linux kernel 2.6.9-67.0.1.EL) Webmin 1.390 SpamAssassin 3.2.4 ClamAV 0.92 Razor 2.84 DCC 1.3.80 1. Installation instructions: 0. SAVASM is, first of all, a 'virtual appliance', that is, a virtual machine image for a VMWare Server or Client. To use it, you will therefore need a VMWare virtual machine; given its purpose, though, VMWare Server is recommended. VMWare Server can be obtained freely from the VMWare website. Note that installing VMWare Server requires a product key, which can also be obtained, free of charge, from their website. 1. Assuming you have installed and configured VMWare Server on your computer, you can now install SAVASM. The first step for this is to extract the contents of the savasm.zip archive to you 'Virtual Machines' folder (normally 'C:\Virtual Machines'). 2. Open the VMWare Server Console, the choose File -> Open -> Browse, and select the 'Red Hat Enterprise Linux 4.vmx' file in the SAVASM installation folder. Once the virtual machine image of SAVASM has been imported, start the 'SAVASM' virtual machine. 3. You will then be prompted to configure your virtual machine; at some point you might be told that the virtual machine image of SAVASM has been moved, and asked if you wish to create a new UUID. If there are no other virtual machines installed on your system, it might be easier to choose 'Keep'; otherwise, let the VMWare Server 'Create' a new UUID for SAVASM. 4. CentOS Linux, the host operating system of SAVASM will go through the boot process, perhaps displaying various timers for user configuration, but these can generally be ignored. 5. If you have chosen to generate a new UUID in the previous step, you might at this point be presented with a 'Kudzu' screen, informing you that the hardware configuration of the system has changed, and asking whether to retain the old settings, or delete them. Choose 'Remove Configuration'. You will be then be asked to configure the new hardware device. Select 'Configure' and enter the network settings you wish to assign to your SAVASM virtual machine. Finally, click 'OK' to continue the boot process. 6. Once the boot process is complete, you will be presented with a console prompt: 'savasm login'. If you have not yet configured your SAVASM network settings, you should do so now. 7. Use 'root' as the username, and 'savasm' as the password to log into the system. 8. The first thing you need to do is change the root password. Type 'passwd' and then enter a new password twice. 9. If you wish to change the SAVASM network settings, system time, keyboard or mouse options, type: 'setup'. You will be presented with a quasi-graphical setup utility, that can be used to configure the system. 10. It is important that by this step, you will have configured the SAVASM network options, assigning this virtual machine a static IP. If, however, you wish to continue with a dynamic IP, and want to know what this is, simply type 'ifconfig'. 11. Type 'logout'. 2. Administration 1. Administration of SAVASM can be done in either of three ways: a. directly from the VMWare Server Console b. using a remote SSH login c. using a web interface 2. The first method is the most obvious, being the one you have already used until now (from steps 1.4 to 1.11). 3. The second method is to use a remote terminal over a SSH connection. For Windows, a good terminal program is PuTTY. 4. The easiest way for a Linux novice to administrate SAVASM, however, is by using a web interface. SAVASM comes with Webmin already installed and configured, ready for immediate use. Simply use a web browser to connect to the SAVASM IP, on port 10000. If the virtual machine's IP is, say, 192.168.9.13, then the URL to the web administration interface will be: https://192.168.9.13:10000 To log in to the administration interface, you will need to use the 'root' username, and the password you have set at step 1.8 (the default is 'savasm'). Note that the Webmin interface can be configured to accommodate your preferred language and settings, so if the defaults are not to your liking, you can safely change them. 5. The SpamAssassin daemon (spamd) startup parameters are defined in '/etc/sysconfig/spamassassin'. If you wish to make any changes to the default configuration, you should either edit this file, changing the parameters to your desired values, or else use the 'Spamd Startup Parameters' menu in Webmin, under 'Servers', 'SpamAssassin'. After changing any settings, though, remember to restart the spamd daemon. To do this, using the web interface, click the 'System' tab from the menu at the top, and then click on 'Bootup and Shutdown'. From the list of actions, click on 'spamassassin', and then, in the following screen, click the 'Restart Now' button at the bottom of the page. 6. Note that by default spamd is set to only accept incoming connections from the local network, on the 192.168.*.* IP range. If you need to change this behavior, you should edit the abovementioned spamd startup parameters, and change the value of the 'A' parameter. 7. The Linux firewall included in SAVASM is initially set to reject all incoming connections, except for those on ports 783 (SpamAssassin), 3310 (ClamAV), 6277 (DCC), 10000 (Webmin) and 22 (SSH). If you wish to change these settings, you can either use the web interface to select 'Networking' and then 'Linux Firewall', or else log into the SAVASM virtual machine from the VMWare Server Console or through a SSH terminal, and then, at the command prompt type 'setup', and choose 'Firewall'. 3. Optional components and functionality 1. SAVASM is preconfigured to train the SpamAssassin bayesian database using data collected by SmarterMail. This feature, however, is not enabled by default. If you want to enable this feature, first you will need to create two Windows shares for the SmarterMail 'Spam' and 'Ham' folders, respectively. These are usually located under 'C:\Program Files\SmarterTools\SmarterMail\Service'. Create one share for the 'Spam' folder, and call it 'Spam'. Then, create another share for the 'Ham' folder, and call that 'Ham'. Now, the SAVASM system running SpamAssassin will need to be able to access, read from, and optionally delete files in these shares, and for that it will need appropriate permissions. For security reasons, it would be wise to separate the SAVASM user from other generic users. For this, simply create a new user called 'SpamAssassin', and give it a (restricted) user status. Then, make sure that the SpamAssassin user has share and NTFS read/write access to the shares you just created. Now log in to the SAVASM system using the web interface. On the 'Others' tab choose 'File Manager'. Navigate to '/sbin/bayesiantrain' and click the 'Edit' button on the top menu. Edit the script file 'variables' entries with the username, password and share names you have just created on the Windows SmarterMail machine, and then click 'Save and close'. Click the 'Index' button on the top menu to return to the main Webmin interface. Now on the 'System' tab, choose 'Scheduled Cron Jobs'. At the bottom of the list, you should see an entry for '/sbin/bayesiantrain' that is currently not active. Click on the command link. Then, in the 'Job Details' frame at the top of the page, select the 'Active: Yes' radio box. Change any schedule details you want, and finally click the 'Save' button on the lower left side of the page. Now, again on the 'System' tab, choose 'Bootup and Shutdown'. Click on the 'crond' action. Then, click on the 'Restart Now' botton. At this point, the script should be active and scheduled for execution. 4. Documentation CentOS: http://www.centos.org/docs/4/ SpamAssassin: http://spamassassin.apache.org/full/3.2.x/doc/ ClamAV: http://www.clamav.net/doc/latest/clamdoc.pdf Webmin: http://webmin.com/docs.html 5. Credits SAVASM assembled by someone_else at exhalus.net