1. Install HAVP

apt-get install havp


2. Start HAVP if it didn't start after the installation

/etc/init.d/havp start


It's ready, by default HAVP listens on port 8080. You can configure your web browser to use the server as a proxy.

You can customize the error pages by editing the html files in this directory: /etc/havp/templates/en/

It's assumed that you have already installed and configured Postfix according to this tutorial:
Installing Postfix with MySql backend and SASL for SMTP authentication

1. Add backports to your apt sources (pico /etc/apt/sources.list)

deb http://www.backports.org/debian lenny-backports main contrib non-free


2. Add the backports keyring and update apt

apt-get update
apt-get install debian-backports-keyring
apt-get update


3. Install required packages (ClamAV, SpamAssassin, Razor and required libs for MailScanner)

apt-get install clamav clamav-base clamav-freshclam libclamav6 spamassassin razor unzip libarchive-zip-perl libconvert-tnef-perl libhtml-parser-perl libmime-tools-perl libmime-perl libcompress-zlib-perl libconvert-binhex-perl libdbd-sqlite3-perl libfilesys-df-perl libsys-syslog-perl libsys-hostname-long-perl libmailtools-perl libole-storage-lite-perl libnet-cidr-perl


4. Install libnet-dns-perl from backports

apt-get -t lenny-backports install libnet-dns-perl


5. Install MailScanner

apt-get install mailscanner


6. Enable MailScanner (pico /etc/default/mailscanner)

run_mailscanner=1


7. Edit MailScanner configuration (pico /etc/MailScanner/MailScanner.conf)

Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Always Include SpamAssassin Report = yes
Send Notices = no
Spam List = RFC-IGNORANT-DSN SORBS-SMTP spamhaus-ZEN spamcop.net CBL
Spam Lists To Reach High Score = 2
High SpamAssassin Score = 8
Rebuild Bayes Every = 86400
Wait During Bayes Rebuild = yes
High Scoring Spam Actions = delete


8. Create razorhome, discover razor servers and register for identify

razor-admin -create
razor-admin -register


9. Make Postfix put all messages on hold to allow MailScanner to scan the messages (pico /etc/postfix/main.cf)

header_checks = regexp:/etc/postfix/header_checks


10. Create the header checks file referenced by previous line (pico /etc/postfix/header_checks)

/^Received:/ HOLD


11. Restart MailScanner and Postfix

/etc/init.d/mailscanner restart
postfix reload


Install and configure the DSPAM daemon

1. Install DSPAM daemon with MySql storage driver and ClamAV. The installer will create a database and required table structure.

apt-get install DSPAM libdspam7-drv-mysql clamav
> Yes
> Type the password for the root user in MySql
> Select a strong password or allow a random password to be generated


2. Configure DSPAM to deliver mail to the Postfix mail server on port 10025, use ClamAV for virus filtering and more. You should read the config file carefully and adjust as needed. (pico /etc/dspam/dspam.conf)

StorageDriver /usr/lib/dspam/libmysql_drv.so
DeliveryHost 127.0.0.1
DeliveryPort 10025
DeliveryIdent dspam
DeliveryProto SMTP
Preference "signatureLocation=headers"
Preference "spamSubject=SPAM"
Opt out
TrackSources spam
ClamAVPort 3310
ClamAVHost 127.0.0.1
ClamAVResponse accept
ServerMode auto
ServerPass.Relay1 "secret"
ServerParameters "--deliver=innocent -d %u"
ServerDomainSocketPath "/var/run/dspam/dspam.sock"


3. Enable the DSPAM daemon (pico /etc/default/dspam)

START=yes


4. Restart the DSPAM daemon

/etc/init.d/dspam restart


Install and configure Postfix mail system

1. Install Postfix mail system if not already installed. The postfix-pcre package is required for the dspam_filter_access and dspam_check_aliases files created later.

apt-get install postfix postfix-pcre


2. We only want to filter incoming mail (pico /etc/postfix/dspam_filter_access)

/^(spam|ham)@.*$/ OK
/./ FILTER dspam:dspam


Set correct permissions on the newly created file

chown root.postfix /etc/postfix/dspam_filter_access


3. Set up special aliases to train DSPAM (pico /etc/aliases)

ham: ham@ham.ham
spam: spam@spam.spam


postalias /etc/aliases


Add entries into the transports file (pico /etc/postfix/transports)

spam.spam dspam-retrain:spam
ham.ham dspam-retrain:innocent


postmap /etc/postfix/transports


Create a filter to prevent unwanted use of the spam and ham aliases (pico /etc/postfix/dspam_check_aliases)

/^.*(spam|ham)@.*$/ REJECT


postmap /etc/postfix/dspam_check_aliases


4. Configure Postfix (pico /etc/postfix/main.cf)

smtpd_client_restrictions = check_client_access pcre:/etc/postfix/dspam_filter_access
dspam_destination_recipient_limit = 1
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/dspam_check_aliases, check_sender_access pcre:/etc/postfix/dspam_check_aliases
transport_maps = hash:/etc/postfix/transports


If you have changed the config of your mail server from the default ones, you may need to append the new values instead of replacing the whole line.

Append these lines to the master.cf file (pico /etc/postfix/master.cf)

dspam unix - n n - - pipe
flags=Ru user=dspam argv=/usr/bin/dspam --client --deliver=innocent,spam --user ${recipient} --mail-from=${sender}
 
dspam-retrain unix - n n - - pipe
flags=Rhq user=dspam argv=/usr/bin/dspam --client --mode=teft --class=$nexthop --source=error --user dspam
 
localhost:10025 inet n - n - - smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8


Train DSPAM

1. Install bzip2

apt-get install bzip2


2. Download training content

cd /tmp
wget http://spamassassin.apache.org/publiccorpus/20050311_spam_2.tar.bz2
wget http://spamassassin.apache.org/publiccorpus/20030228_easy_ham_2.tar.bz2


3. Extract the training content

tar xvfj 20050311_spam_2.tar.bz2
tar xvfj 20030228_easy_ham_2.tar.bz2


4. Start the training. This may take a few minutes.

dspam_train test spam_2/ easy_ham_2/


You're all set, now you should have a fully function mail system with powerful spam and virus filtering.