with      
Perl Mods | MailScanner Setup | Downloads | Known Issues | Anti-virus | Testing | Upgrade MailScanner

Last updated September 2008
If you are starting out fresh, looking for a way to support many users in either just one, or in many virtual domains, I suggest you look at the Postfix, Dovecot and MySQL combination rather than the aging and no longer supported Qmail, if you are after only a single stand alone mail server for just one domain with system users, then Sendmail or Postfix are still a far better choice.

In modernising our mail network, I was finding it increasingly hard to justify to even myself to use Qmail any longer, it has been replaced using the Postfix, MySQL and Dovecot-LDA model, which is so much cleaner than Qmail and Vpopmail despite it having worked reasonable in the past for us.

As such, this is the last update for this site. However, I admit it has not had any real updates in a number of years now anyway, so I fail to see how this information wont still be relevant in 5 or even 10 years from now given qmail itself has not been updated since 2000 and is officially abandone-ware.
if you can spare the time, I seriously recommend replacing it, you wont regret it.

This MailScanner with Qmail guide assumes you already have a working Qmail installation, by following these procedures, you'll be up and running in minutes (see known issues).

Qmail-ms is provided separate from MailScanners Web Site, MailScanner was written for Sendmail, and although author Julian Field offers support for likes of Exim etc, he does not provide any support for Qmail, and as Qmail is still heavily used, it seemed unfair Qmail'rs could not take advantage of MailScanners powerful qualities with their exisiting installs.

Firstly, download MailScanner (if you use RH/CentOS,SuSE etc, I *recommend* the source version over the RPM), then download the qmail-ms package.
If you are using Debian (or a variant) you are strongly encouraged to remove the Debian and/or Ubuntu versions as (in keeping with Debian' usual staleness) they are truly outdated, even Ubuntu 8.04 released recently included a 12 month old version of MailScanner (it was also reported to not even work) so don't use it, get the latest source version from the MailScanner website.
Qmail-ms is in addition to your normal Qmail sources, which must still remain completely separate. Qmail-ms is qmail-1.03 with a hand full of sources patched so MailScanner and Qmail can work together, it generates only two files that we need for this to work, you can't just patch your existing source tree because we need the originals as well.

These instructions, including path examples are based on source install of MailScanner (under /opt) if you use RPM just change paths to suite, or rpm -e MailScanner and install the source version.

Play it safe, backup all sources and your /var/qmail/bin contents so you don't accidentally overwrite your real Qmail sources, and if something goes wrong you can put back your original binaries.
Back Up Now - You have been warned!

This Document makes reference to cpan -i  but if you do not have cpan installed 
substitute the commands with   perl -MCPAN -e 'install module_name'
or perl -MCPAN -e 'install Bundle::CPAN' prior to commencing.


Credits:
	    Qmail 		www.qmail.org
	    Sendmail 		www.sendmail.org
	    MailScanner 	www.mailscanner.info
	    VPopMail		www.inter7.com
	    Dovecot		www.dovecot.org
	    SquirrelMail	www.squirrelmail.org
	    MySQL		dev.mysql.org
	    ClamAV Anti Virus	www.clamav.net
	    F-Prot Anti Virus	www.f-prot.org
	    SpamAssassin	spamassassin.apache.org



Downloads:

	    MailScanner Linux/BSD/Solaris Source and RedHat/Fedora RPM.
	    qmail-ms Provides 2 binaries we need to use MailScanner.


Known Issues:

	   * Plesk uses a different and unusual Virtual Domain setup and heavily modifies many Qmail files,
	     Qms may or may not work, some people do have it working, but most do not, this is because of Plesks
	     modifications. 
	     

Install the following perl modules if they aren't already if you want to use SpamAssassin

Required for SpamAssassin:
cpan -fi Digest::SHA1 HTML::Parser Net::DNS Mail::SPF::Query IP::Country Net::Ident HTTP::Date Archive::Tar IO::Zlib
cpan -i Mail::SpamAssassin

  WARNING: SpamAssassin can delay your queues and dramatically increase 
  load of very large systems, monitor and fine tune.
  If you process mail at a rate of over 1 million emails per day, you have 
  been warned. Try disabling bayes, dcc and pyzor, Razor2 works well still.

  The above is NOT a MailScanner or Qmail issue, it is a SpamAssassin issue.
  It is also advisable to use the SA3.2.x method of compiled rules.
  I also recommend use skip_rbls = 1, RBL rejecting should be done in the MTA.
  

Install MailScanner.

cd mailscanner-source-dir 
./install.sh --fast

*NOTE: If you prefer to manually keep all your system perl mods up to date, and don't want to run the risk
of MailScanner installing older mods you can supply the  --nomodules  option to install.sh
You should now read MailScanner and SpamAssassin conf files and change settings to customise for your site.

Get your favorite scanner and install it, also don't forget to update the definitions.

Two good scanners I recommend are ClamAV (Free) (Use clamd method) and F-Prot (Commercial)

extract qmail-ms.tar.gz 
If this is your _very_first_ever_ install of qmail-ms run:  "./msconf"

Now stop Qmail and run:     "make && make setup"


Read this closely

• If you apply a patch to your true Qmail sources after this, and do the usual "make setup check" to reinstall Qmail, you will need to run from the qmail-ms directory: "make update", this will put our needed two files back in place and reset their permissions.
• If ./msconf exits with an error, follow the manual MailScanner.conf editing instructions

 
Qmails BIG-TODO patches...
You will need to make these changes now and when you upgrade MailScanner.

Note: X Will be highest "big-todo patch" directory number (eg: 99).

Edit qmail-ms/conf.split and replace 23 with X

Edit /opt/MailScanner/lib/MailScanner/ConfigDefs.pl and change:
                      qmailhashdirectorynumber        23
		           -TO-
		      qmailhashdirectorynumber        X
This will overcome queue mismatches.

run:   /opt/MailScanner/bin/MailScanner --lint
if it all looks good, you will probably see output like this:
(output example updated March 19 2008 for current stable release)

  ~# /opt/MailScanner/bin/MailScanner --lint
Trying to setlogsock(unix)
Checking version numbers...
Version number in MailScanner.conf (4.67.6) is correct.

Your envelope_sender_header in spam.assassin.prefs.conf is correct.

Checking for SpamAssassin errors (if you use it)...
SpamAssassin temp dir = /var/spool/MailScanner/incoming/SpamAssassin-Temp
MailScanner.conf says "Virus Scanners = f-prot"
Found these virus scanners installed: f-prot
===========================================================================
===========================================================================
Virus Scanner test reports:
F-Prot said "./1/eicar.com  Infection: EICAR_Test_File"

If any of your virus scanners (f-prot)
are not listed there, you should check that they are installed correctly
and that MailScanner is finding them correctly via its virus.scanners.conf.

....
If you do see something similar to this, you should be ready to fire up and forget :)



Now run:   /opt/MailScanner/bin/check_mailscanner

Watch your mail logs for errors, if all is good, restart Qmail and 
check logs again for any permission errors.

If it fails, run /opt/MailScanner/bin/MailScanner --lint -D
Try resolve the errors displayed, if all else fails, grab the output, subscribe to the 
mailing list and ask for help, include your debug output and as much info as possible, 
If MailScanner bails It should not be a qmail problem, so long as permissions are set correctly.



Once all up and running, include  /opt/MailScanner/bin/check_mailscanner in your Qmail startup script.

When using qmail-ms (or in fact anyone using the source install method) you can easily upgrade MailScanner 
by obtaining the latest source tarball, extract, then run:  
    ./install.sh --nomodules --fast

This will install your new version under /opt where your old one is, now to upgrade
    cd /opt/MailScanner-NEW_VERSION/etc

Paste the following 3 lines and then review carefully the output from the diff:
    mv MailScanner.conf MailScanner.conf.default
    ../bin/upgrade_MailScanner_conf /opt/MailScanner/etc/MailScanner.conf MailScanner.conf.default > MailScanner.conf
    diff /opt/MailScanner/etc/MailScanner.conf MailScanner.conf


If you, like me, modify the default filename/filetype conf files, customise reports etc, you can also move them over.
It's a very good idea to every so often diff your customised files against an untouched release copy so you can include 
any new statements, this is more so important for filename/filetype config files.


Typically I paste (we are still in the /opt/MailScanner%new-version%/etc directory):

    cp /opt/MailScanner/etc/filename.rules.conf .
    cp /opt/MailScanner/etc/filetype.rules.conf .
    cp /opt/MailScanner/etc/mailscanner-mrtg.conf .
    cp /opt/MailScanner/etc/spam.assassin.prefs.conf .
    cd rules/
    cp /opt/MailScanner/etc/rules/*.rules .
    cd ../reports/en
    cp /opt/MailScanner/etc/reports/en/sender.content.report.txt .
    cp /opt/MailScanner/etc/reports/en/rejection.report.txt .
    cp /opt/MailScanner/etc/reports/en/sender.filename.report.txt .

Good idea to now check your virus scanner config file, I find it annoying with 'generic' so I comment it out.

Now, time to stop MailScanner, rm the softlink for MailScanner in /opt and create a new softlink for
MailScanner-NEW_VERSION to MailScanner   ... then restart.

You should now be running the new version and all should be well, monitor logs for a few minutes to ensure no errors.