Spam/Virus quarantine management with Amavisd-new and MailZu 

I have been running Amavisd-new for 2 years which works pretty well. But I have a very inconvienent way to release a false positive email to users. I decided to experiment open source MailZu and let user do their quarantine management. MailZu requires that Amavisd-new log mail information to SQL database like MySQL, PostgreSQL.... see the install details on http://www.mailzu.net/docs/INSTALL

There are couple of things need to be considered:

MailZu needs php compiled with imap and socket because MailZu needs imap to connect to imap server and socket to talk to Amavisd AMP protocol to release quarantined email. So I decided to upgrade my Apache/PHP/OpenSSL installation to the latest package.

Here is my upgraded system info and compile options:

Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.8 DAV/2 PHP/5.1.6

Apache: './configure --enable-so --enable-dav --enable-ssl --with-ssl=/usr/local/ssl

PHP: './configure' '--with-apxs2=/usr/local/apache2/bin/apxs' '--with-mysql' '--with-pgsql=/usr/local/pgsql' '--with-imap=/usr/local/imap-c-client' '--enable-sockets'

Note:
1,The Spam/Virus is quarantined to my new MySQL database (4.1.20), but PHP is compiled with the old mysql client library (3.23.58) because the password format is still in 3.23.58 format
2, To compile php with imap, it needs the imap c client *.h and *.c files see http://ca.php.net/imap for more detailes. I ran into problem with imap c client compiling and installation for some reason. But I found I have a left over imap c client folder which contains all the *.h and *.c files while I compile Pine4.64 sometime ago. so copied *.h, *.c to /usr/local/imap-c-client/include and /usr/local/imap-c-client/lib and copied c-client.a to /usr/local/imap-c-client/lib/libc-client.a. I put the folder tar files on http://mcli.brc.ub.ca/imap-c-client.tar

The relevant Amavisd-new config:

+$inet_socket_port = [10024, 9998]; # accept SMTP on this local TCP port
# (default is undef, i.e. disabled)

+$virus_quarantine_method = $spam_quarantine_method =
+ $banned_files_quarantine_method = $bad_header_quarantine_method = 'sql:';

+$sa_quarantine_cutoff_level = 20; # dflt: undef, which disables this feature

+ @storage_sql_dsn = ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user', 'password']); # none, same, or separate database
#

+ $policy_bank{'AM.PDP'} = {
+ log_level => 3,
+ inet_acl => [ qw ( 127.0.0.1 [::1] MailZu-host ) ],
+ protocol=>'AM.PDP', # Amavis policy delegation protocol (new milter helper)
+ };
+

+ $interface_policy{'9998'} = 'AM.PDP';
[ add comment ] permalink ( 2.8 / 83 )
SAMSUNG 256MB 800MHZ ECC 184PIN RAMBUS MEMORY 

Today, I finally got the order of SAMSUNG 800MHZ ECC for the odd computer I got from my friend. What I mean odd computer is that the mother board only take pair ECC RAMBUS memory, and each time if I unplugged memory, I have to unplug the video card too, then plug memory card and video card back in order. Now it is upraded from 128MB to 512MB, finally I could got a machine to do spam filtering and custom programing test.
[ add comment ] permalink ( 3.1 / 85 )
Pine for Mac OS X 

I tried Pine for couple of days now. I feel I hooked with pine :). Compiling Pine on Mac OS X takes a little bit effort. This link http://www.madboa.com/geek/pine-macosx/ showed me a shell script to patch Pine on OS X, I spent a little extra effort to patch the filepara patch from http://www.math.washington.edu/~chappa/ ... para.patch by appending :


diff -rc pine4.64/imap/src/osdep/unix/Makefile pine4.64.fillpara/imap/src/osdep/unix/Makefile
*** pine4.64/imap/src/osdep/unix/Makefile Sat Apr 30 13:51:13 2005
--- pine4.64.fillpara/imap/src/osdep/unix/Makefile Thu Aug 3 13:20:31 2006
***************
*** 549,555 ****
$(BUILD) `$(CAT) SPECIALS` OS=$@ \
CRXTYPE=nfs \
SPOOLDIR=/var/spool MAILSPOOL=/var/mail \
! BASECFLAGS="-g -O -Wno-pointer-sign"

ptx: # PTX
$(BUILD) `$(CAT) SPECIALS` OS=$@ \
--- 549,555 ----
$(BUILD) `$(CAT) SPECIALS` OS=$@ \
CRXTYPE=nfs \
SPOOLDIR=/var/spool MAILSPOOL=/var/mail \
! BASECFLAGS="-g -O"

ptx: # PTX
$(BUILD) `$(CAT) SPECIALS` OS=$@ \

Following script will automate the patch, compile, installation on OS X.

#!/bin/bash

# season to taste
VER=pine4.64

# create a build directory
BLDDIR=/var/tmp/${VER}-build
test -d $BLDDIR && /bin/rm -rf $BLDDIR
mkdir $BLDDIR
cd $BLDDIR

# fetch the source
curl \
-O ftp://ftp.cac.washington.edu/pine/${VER}.tar.gz \
-O http://mcli.brc.ubc.ca/pine/${VER}/fillpara.patch.gz


# unzip and patch
tar xzf ${VER}.tar.gz
cd ${VER}
gzip -dc ../fillpara.patch.gz | patch -p1

# do the deed
./build 'EXTRACFLAGS=-DPASSFILE=\".pine.pwd\"' osx

# install pine and pico (optional)
cp bin/pine /usr/bin

Run this script, it will patch, compile and install Pine on your OS X. pretty easy!
[ add comment ] permalink ( 3.1 / 91 )
IP address in canonical decimal 

Ever think of IP address 137.82.2.215 in internal can be written as 2303853271 in base 10. 137 = 0x89 82 = 0x52 2 = 0x2 215 = 0xD7, put them together is 0x895202D7 in base 16, and perl -e 'print hex '\x895202D7', "\n" ' will be 2303853271 in base 10. Apache1.3.* seems still accept http://2303853271 as legitimate request, Apache2 seems don't accept http://2303853271 as legitimate request.
[ add comment ] permalink ( 3 / 102 )
Octal and Octet 

The octal numeral system is the base-8 number system, and uses the digits 0 to 7.

Octal numerals can be made from binary numerals by grouping consecutive digits into groups of three (starting from the right). For example, the binary representation for decimal 74 is 1001010, which groups into 1 001 010 — so the octal representation is 112. see more detailes at http://en.wikipedia.org/wiki/Octal

In computer technology and networking, an octet is a group of 8 bits. see http://en.wikipedia.org/wiki/Octet_%28computing%29
[ add comment ] permalink ( 3 / 90 )

Back Next