I am still cutomizing SpamPD and hope to add virus scan engine features...

I have been running Amavisd-new for 2 years which works pretty well. But I have a very inconvienent way to release a false positive email to users. I decided to experiment open source MailZu and let user do their quarantine management. MailZu requires that Amavisd-new log mail information to SQL database like MySQL, PostgreSQL.... see the install details on http://www.mailzu.net/docs/INSTALL

There are couple of things need to be considered:

MailZu needs php compiled with imap and socket because MailZu needs imap to connect to imap server and socket to talk to Amavisd AMP protocol to release quarantined email. So I decided to upgrade my Apache/PHP/OpenSSL installation to the latest package.

Here is my upgraded system info and compile options:

Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.8 DAV/2 PHP/5.1.6

Apache: './configure --enable-so --enable-dav --enable-ssl --with-ssl=/usr/local/ssl

PHP: './configure' '--with-apxs2=/usr/local/apache2/bin/apxs' '--with-mysql' '--with-pgsql=/usr/local/pgsql' '--with-imap=/usr/local/imap-c-client' '--enable-sockets'

Note:
1,The Spam/Virus is quarantined to my new MySQL database (4.1.20), but PHP is compiled with the old mysql client library (3.23.58) because the password format is still in 3.23.58 format
2, To compile php with imap, it needs the imap c client *.h and *.c files see http://ca.php.net/imap for more detailes. I ran into problem with imap c client compiling and installation for some reason. But I found I have a left over imap c client folder which contains all the *.h and *.c files while I compile Pine4.64 sometime ago. so copied *.h, *.c to /usr/local/imap-c-client/include and /usr/local/imap-c-client/lib and copied c-client.a to /usr/local/imap-c-client/lib/libc-client.a. I put the folder tar files on http://mcli.brc.ub.ca/imap-c-client.tar

The relevant Amavisd-new config:

+$inet_socket_port = [10024, 9998]; # accept SMTP on this local TCP port
# (default is undef, i.e. disabled)

+$virus_quarantine_method = $spam_quarantine_method =
+ $banned_files_quarantine_method = $bad_header_quarantine_method = 'sql:';

+$sa_quarantine_cutoff_level = 20; # dflt: undef, which disables this feature

+ @storage_sql_dsn = ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user', 'password']); # none, same, or separate database
#

+ $policy_bank{'AM.PDP'} = {
+ log_level => 3,
+ inet_acl => [ qw ( 127.0.0.1 [::1] MailZu-host ) ],
+ protocol=>'AM.PDP', # Amavis policy delegation protocol (new milter helper)
+ };
+

+ $interface_policy{'9998'} = 'AM.PDP';

Today, I finally got the order of SAMSUNG 800MHZ ECC for the odd computer I got from my friend. What I mean odd computer is that the mother board only take pair ECC RAMBUS memory, and each time if I unplugged memory, I have to unplug the video card too, then plug memory card and video card back in order. Now it is upraded from 128MB to 512MB, finally I could got a machine to do spam filtering and custom programing test.

I tried Pine for couple of days now. I feel I hooked with pine :). Compiling Pine on Mac OS X takes a little bit effort. This link http://www.madboa.com/geek/pine-macosx/ showed me a shell script to patch Pine on OS X, I spent a little extra effort to patch the filepara patch from http://www.math.washington.edu/~chappa/ ... para.patch by appending :


diff -rc pine4.64/imap/src/osdep/unix/Makefile pine4.64.fillpara/imap/src/osdep/unix/Makefile
*** pine4.64/imap/src/osdep/unix/Makefile Sat Apr 30 13:51:13 2005
--- pine4.64.fillpara/imap/src/osdep/unix/Makefile Thu Aug 3 13:20:31 2006
***************
*** 549,555 ****
$(BUILD) `$(CAT) SPECIALS` OS=$@ \
CRXTYPE=nfs \
SPOOLDIR=/var/spool MAILSPOOL=/var/mail \
! BASECFLAGS="-g -O -Wno-pointer-sign"

ptx: # PTX
$(BUILD) `$(CAT) SPECIALS` OS=$@ \
--- 549,555 ----
$(BUILD) `$(CAT) SPECIALS` OS=$@ \
CRXTYPE=nfs \
SPOOLDIR=/var/spool MAILSPOOL=/var/mail \
! BASECFLAGS="-g -O"

ptx: # PTX
$(BUILD) `$(CAT) SPECIALS` OS=$@ \

Following script will automate the patch, compile, installation on OS X.

#!/bin/bash

# season to taste
VER=pine4.64

# create a build directory
BLDDIR=/var/tmp/${VER}-build
test -d $BLDDIR && /bin/rm -rf $BLDDIR
mkdir $BLDDIR
cd $BLDDIR

# fetch the source
curl \
-O ftp://ftp.cac.washington.edu/pine/${VER}.tar.gz \
-O http://mcli.brc.ubc.ca/pine/${VER}/fillpara.patch.gz


# unzip and patch
tar xzf ${VER}.tar.gz
cd ${VER}
gzip -dc ../fillpara.patch.gz | patch -p1

# do the deed
./build 'EXTRACFLAGS=-DPASSFILE=\".pine.pwd\"' osx

# install pine and pico (optional)
cp bin/pine /usr/bin

Run this script, it will patch, compile and install Pine on your OS X. pretty easy!

Ever think of IP address 137.82.2.215 in internal can be written as 2303853271 in base 10. 137 = 0x89 82 = 0x52 2 = 0x2 215 = 0xD7, put them together is 0x895202D7 in base 16, and perl -e 'print hex '\x895202D7', "\n" ' will be 2303853271 in base 10. Apache1.3.* seems still accept http://2303853271 as legitimate request, Apache2 seems don't accept http://2303853271 as legitimate request.