1. Install Apache2, MySql server and PHP5 with required modules. You may already have some or all of these packages installed.

apt-get install apache2 php5-cli php5 mysql-server libdbd-mysql-perl php5-gd php5-mysql libapache2-mod-php5


2. Download the latest version of MailWatch

wget http://downloads.sourceforge.net/project/mailwatch/mailwatch/1.0.5/mailwatch-1.0.5.tar.gz


At the time this tutorial was written, version 1.0.5 was the latest version. Check this location for latest version: http://sourceforge.net/projects/mailwatch/files/

3. Extract and enter the mailwatch directory

tar zxvf mailwatch-1.0.5.tar.gz
cd mailwatch-1.0.5


4. Create the database and tables

mysql -p < create.sql


5. Create a MySql user used for MailScanner logging (mysql -u root -p)

GRANT ALL ON mailscanner.* TO '{username}'@'localhost' IDENTIFIED BY '{password}';
FLUSH PRIVILEGES;


Replace {username} and {password} with a username and password of choice.

6. Configure the MailScanner logger (pico MailWatch.pm)

my($db_user) = '{username}';
my($db_pass) = '{password}';


On line 43 and 44, input your MySql user created in step 5

7. Move the MailScanner logger to correct directory

mv MailWatch.pm /usr/share/MailScanner/MailScanner/CustomFunctions/


8. Edit Mail Scanner config to enable MailWatch logger (pico /etc/MailScanner/MailScanner.conf)

Always Looked Up Last = &MailWatchLogging


9. Create a MailWatch web admin user (mysql -u root -p)

USE mailscanner;
INSERT INTO users VALUES ('{username}',md5('{password}'),'Administrator name','A','0','0','0','0','0');


Replace {username} and {password} with a username and password used to enter the web interface.

10. Move the web interface to the web server's root

mv mailscanner /var/www/mailwatch


11. Make the temp and cache directories writeable

chmod 777 /var/www/mailwatch/temp
chmod 777 /var/www/mailwatch/images/cache


12. Copy the example config file

mv /var/www/mailwatch/conf.php.example /var/www/mailwatch/conf.php


13. Configure the web interface (pico /var/www/mailwatch/conf.php)

define('DB_USER', '{username}');
define('DB_PASS', '{password}');
define('MAILWATCH_HOME', '/var/www/mailscanner');


Type the MySql username and password created in step 5

14. Install PEAR PHP framework

apt-get install php-pear


15. Install required PEAR packages

pear install DB
pear install DB_Pager
pear install Mail_mimeDecode-1.5.1


16. On line 37, add /usr/share/php to the mailwatch include path (pico /var/www/mailwatch/functions.php)

ini_set('include_path','.:'.MAILWATCH_HOME.'/pear:'.MAILWATCH_HOME.'/fpdf:'.MAILWATCH_HOME.'/xmlrpc:/usr/share/php');


17. Restart Apache and MailScanner

/etc/init.d/apache2 restart
/etc/init.d/mailscanner restart


18. You're all set. Enter the web interface at this location http://yourserver/mailwatch

It's assumed that you have already installed Postfix and MailScanner. If not, check these tutorials:

Installing Postfix with MySql backend and SASL for SMTP authentication
Installing and configuring MailScanner for virus and spam filtering (Postfix, ClamAV, SpamAssassin, Razor)

1. Install the Postfix policy engine

apt-get install postfix-policyd-spf-perl


2. Add the policy check to smtpd_recipient_restrictions (pico /etc/postfix/main.cf)

smtpd_recipient_restrictions = [...], check_policy_service unix:private/policy


Make sure you don't remove other restrictions, just add it to the end of the line.

3. Add the policy engine to the Postfix master.cf (pico /etc/postfix/master.cf)

policy unix - n n - - spawn
user=nobody argv=/usr/bin/perl /usr/sbin/postfix-policyd-spf-perl


4. Reload Postfix configuration

postfix reload


5. Check if this is working

telnet yourserver 25
HELO gmail.com
MAIL FROM:
RCPT TO:
DATA
test
.


Replace user*@domain.com with a e-mail address hosted on your Postfix mailserver and user*@gmail.com with a valid Gmail e-mail address.

Look at /var/log/mail.log and you should see that the MailScanner score has been increased by SPF related rules:

Message 62ACA1813C.AFC5A from 192.168.1.4 (user@gmail.com) to domain.com is spam, SpamAssassin (score=7.394, required 6, MISSING_SUBJECT 1.28, SPF_HELO_NEUTRAL 2.00, SPF_NEUTRAL 1.21, TVD_SPACE_RATIO 2.90)


FromOrTo: user1@domain.com yes
FromOrTo: user2@domain.net yes
FromOrTo: default no


2. Configure MailScanner to handle all messages in the blacklist as spam (pico /etc/MailScanner/MailScanner.conf)

Replace this line:
Is Definitely Spam = no
 
with this:
Is Definitely Spam = %rules-dir%/spam.blacklist.rules


3. Restart MailScanner

/etc/init.d/mailscanner restart


It's assumed that you have already installed and configured Postfix according to this tutorial:
Installing Postfix with MySql backend and SASL for SMTP authentication

1. Add backports to your apt sources (pico /etc/apt/sources.list)

deb http://www.backports.org/debian lenny-backports main contrib non-free


2. Add the backports keyring and update apt

apt-get update
apt-get install debian-backports-keyring
apt-get update


3. Install required packages (ClamAV, SpamAssassin, Razor and required libs for MailScanner)

apt-get install clamav clamav-base clamav-freshclam libclamav6 spamassassin razor unzip libarchive-zip-perl libconvert-tnef-perl libhtml-parser-perl libmime-tools-perl libmime-perl libcompress-zlib-perl libconvert-binhex-perl libdbd-sqlite3-perl libfilesys-df-perl libsys-syslog-perl libsys-hostname-long-perl libmailtools-perl libole-storage-lite-perl libnet-cidr-perl


4. Install libnet-dns-perl from backports

apt-get -t lenny-backports install libnet-dns-perl


5. Install MailScanner

apt-get install mailscanner


6. Enable MailScanner (pico /etc/default/mailscanner)

run_mailscanner=1


7. Edit MailScanner configuration (pico /etc/MailScanner/MailScanner.conf)

Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix
Always Include SpamAssassin Report = yes
Send Notices = no
Spam List = RFC-IGNORANT-DSN SORBS-SMTP spamhaus-ZEN spamcop.net CBL
Spam Lists To Reach High Score = 2
High SpamAssassin Score = 8
Rebuild Bayes Every = 86400
Wait During Bayes Rebuild = yes
High Scoring Spam Actions = delete


8. Create razorhome, discover razor servers and register for identify

razor-admin -create
razor-admin -register


9. Make Postfix put all messages on hold to allow MailScanner to scan the messages (pico /etc/postfix/main.cf)

header_checks = regexp:/etc/postfix/header_checks


10. Create the header checks file referenced by previous line (pico /etc/postfix/header_checks)

/^Received:/ HOLD


11. Restart MailScanner and Postfix

/etc/init.d/mailscanner restart
postfix reload