Die freie Groupware Kolab wurde ab dem Jahr 2002 im Auftrag des BSI von den drei Firmen erfrakon aus Stuttgart, Intevation aus Osnabrück und Klarälvdalens Datakonsult AB aus Schweden entwickelt. Ziel dabei war es, eine Alternative zu Microsoft Exchange zu entwickeln, die auf Open-Source-Technologien beruht und auch einen Linux-Client mit KDE einbindet. Im Sommer 2003 wurde Kolab 1 vorgestellt und zwei Jahre später der Nachfolger Kolab 2. Die drei Entwicklerfirmen bildeten im vergangenen Jahr das Kolab-Konsortium, um professionelle Unterstützung für den Einsatz von Kolab zu leisten.
Im folgenden sind meine Eindrücke und Tätigkeiten dargestellt, um das System unter Debian Etch zum laufen zu bringen und zu erweitern.
kolab-install.sh bearbeitenkolab:/opt/kolab/src/sources-kolab-2.2# aptitude install build-essential Reading package lists... Done Building dependency tree... Done Reading extended state information Initializing package states... Done Writing extended state information... Done Reading task descriptions... Done Building tag database... Done The following NEW packages will be automatically installed: binutils bzip2 dpkg-dev g++ g++-4.1 gcc gcc-4.1 libc6-dev libmudflap0 libmudflap0-dev libssp0 libstdc++6-4.1-dev make patch The following NEW packages will be installed: binutils build-essential bzip2 dpkg-dev g++ g++-4.1 gcc gcc-4.1 libc6-dev libmudflap0 libmudflap0-dev libssp0 libstdc++6-4.1-dev make patch 0 packages upgraded, 15 newly installed, 0 to remove and 0 not upgraded. Need to get 11.3MB of archives. After unpacking 39.9MB will be used. Do you want to continue? [Y/n/?] y
time ./kolab-install.sh 2>&1 | tee kolab-build.log
Unser openpkg - kolab environment ist jetzt fertig und nutzbar. Die erzeugten Binaries liegen unter /kolab/RPM/PKG/.
kolab:/kolab# /kolab/sbin/kolab_bootstrap -b
KOLAB BOOTSTRAP
Check for running http webserver on port 80
Check for running https webserver on port 443
Check for running imap server on port 143
Check for running imaps server on port 993
Check for running pop3 server on port 110
Check for running pop3s server on port 995
Check for running smtp server on port 25
Check for running smtps server on port 465
Check for running amavis server on port 10024
Check for running postfix reinjection from kolabfilter on port 10025
Check for running postfix reinjection from amavis on port 10026
Check for running kolab daemon on port 9999
Check for running ldap server on port 389
Check for running ldaps server on port 636
Check for running sieve server on port 2000
Check for running lmtp server on port 2003
Excellent all required Ports are available!
LDAP repository is empty - assuming fresh install
Please enter Hostname including Domain Name (e.g. thishost.domain.tld) [kolab]: kolab.tiri.local
Proceeding with Hostname kolab.tiri.local
Do you want to set up (1) a master Kolab server or (2) a slave [1] (1/2): 1
Proceeding with master server setup
Please enter your Maildomain - if you do not know your mail domain use the fqdn from above [tiri.local]:
proceeding with Maildomain tiri.local
Kolab primary email addresses will be of the type user@tiri.local
Generating default configuration:
Top level DN for Kolab [dc=tiri,dc=local]:
base_dn : dc=tiri,dc=local
bind_dn : cn=manager,cn=internal,dc=tiri,dc=local
Please choose a manager password [xxAzAvdONlcYfTkR]: passw0rd
bind_pw : passw0rd
done modifying /kolab/etc/kolab/kolab.conf
IMPORTANT NOTE:
use login=manager and passwd=passw0rd when you log into the webinterface!
Enter fully qualified hostname of slave kolab server e.g. thishost.domain.tld [empty when done]:
prepare LDAP database...
temporarily starting slapd
Waiting for OpenLDAP to start
no dc=tiri,dc=local object found, creating one
mynetworkinterfaces: 127.0.0.0/8
LDAP setup finished
Create initial config files for postfix, apache, cyrus imap, saslauthd
running /kolab/sbin/kolabconf -n
OpenPKG: restart: amavisd.
kill temporary slapd
OpenPKG: stop: openldap.
Kolab can create and manage a certificate authority that can be
used to create SSL certificates for use within the Kolab environment.
You can choose to skip this section if you already have certificates
for the Kolab server.
Do you want to create CA and certificates [y] (y/n): y
Now we need to create a cerificate authority (CA) for Kolab and a server
certificate. You will be prompted for a passphrase for the CA.
################################################################################
/kolab/etc/kolab/kolab_ca.sh -newca kolab.tiri.local
Enter organization name [Kolab]: tiri
Enter organizational unit [Test-CA]: tiri GmbH
Using subject O=tiri,OU=tiri GmbH,CN=kolab.tiri.local
Using dn
CA certificate filename (or enter to create)
Making CA certificate ...
Generating a 1024 bit RSA private key
.............++++++
..................................................................++++++
writing new private key to '/kolab/etc/kolab/ca/private/cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
/kolab
/kolab/etc/kolab/kolab_ca.sh -newkey kolab.tiri.local /kolab/etc/kolab/key.pem
Using dn
Generating RSA private key, 1024 bit long modulus
..............++++++
.....++++++
e is 65537 (0x10001)
writing RSA key
/kolab
/kolab/etc/kolab/kolab_ca.sh -newreq kolab.tiri.local /kolab/etc/kolab/key.pem /kolab/etc/kolab/newreq.pem
Using dn
Request is in /kolab/etc/kolab/newreq.pem and private key is in /kolab/etc/kolab/key.pem
/kolab
/kolab/etc/kolab/kolab_ca.sh -sign /kolab/etc/kolab/newreq.pem /kolab/etc/kolab/cert.pem
Using dn
Using configuration from /kolab/etc/kolab/kolab-ssl.cnf
Enter pass phrase for /kolab/etc/kolab/ca/private/cakey.pem:
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Jan 31 11:07:56 2009 GMT
Not After : Jan 29 11:07:56 2019 GMT
Subject:
commonName = kolab.tiri.local
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
A7:62:95:C9:5E:CF:62:D0:D4:0F:88:E4:41:C2:3D:DF:33:95:78:55
X509v3 Authority Key Identifier:
DirName:/O=tiri/OU=tiri GmbH/CN=kolab.tiri.local
serial:C9:B5:57:13:B3:BB:6A:38
Certificate is to be certified until Jan 29 11:07:56 2019 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Signed certificate is in /kolab/etc/kolab/cert.pem
/kolab
chgrp kolab-r /kolab/etc/kolab/key.pem;
chmod 0640 /kolab/etc/kolab/key.pem;
chgrp kolab-r /kolab/etc/kolab/cert.pem;
chmod 0640 /kolab/etc/kolab/cert.pem;
################################################################################
CA and certificate creation complete.
You can install /kolab/etc/kolab/ca/cacert.pem on your clients to allow them
to verify the validity of your server certificates.
kolab is now ready to run!
please run '/kolab/bin/openpkg rc all start'
Use login=manager and passwd=passw0rd when you log into
the webinterface https://kolab.tiri.local/admin !
kolab:/kolab#
wget -S ftp://user%40domain@ftp.openpkg.org/current/SRC/BASE/mysql-5.1.30-20090102.src.rpm
time /kolab/bin/openpkg rpm --rebuild mysql-5.1.30-20090102.src.rpm 2>&1 | tee mysql-build.log
/kolab/bin/openpkg rpm -Uvh /kolab/RPM/PKG/mysql-5.1.30-20090102.ix86-debian4.0-kolab.rpm Preparing... ########################################### [100%] 1:mysql ########################################### [100%] +----------------------------------Notice-------------------------------------+ | An initial MySQL DB was created. The owner of the database | | is the DB user 'root'. Its initial password is empty. | | After starting MySQL with... | | | | $ /kolab/bin/openpkg rc mysql start | | | | ...you should change the password as soon as possible with: | | | | $ /kolab/bin/mysqladmin \ | | -u root password '<new-password>' | | | | Additionally, because the MySQL package includes automated | | maintenance procedures that require administrator access to | | the database, you must maintain a (plain text) copy of the | | administrator account name and password: | | | | $ vi /kolab/etc/mysql/my.pwd | +-----------------------------------------------------------------------------+
kolab:/opt/kolab/src# time /kolab/bin/openpkg rpm -ivvh /opt/kolab/src/php-5.2.8-20081209_kolab.src.rpm D: ============== /opt/kolab/src/php-5.2.8-20081209_kolab.src.rpm D: Expected size: 10046953 = lead(96)+sigs(180)+pad(4)+data(10046673) D: Actual size: 10046953 D: /opt/kolab/src/php-5.2.8-20081209_kolab.src.rpm: MD5 digest: OK (5182848b5462911b67d9e76e263a09bf) D: added source package [0] D: found 1 source and 0 binary packages D: Expected size: 10046953 = lead(96)+sigs(180)+pad(4)+data(10046673) D: Actual size: 10046953 1:php D: ========== Directories not explictly included in package: D: 0 /kolab/RPM/SRC/php/ D: 1 /kolab/RPM/SRC/php/ D: ========== D: fini 100644 1 (19414,19414) 8218 /kolab/RPM/SRC/php/KOLAB_php-5.2.6_Annotations.patch;498370df D: fini 100644 1 (19414,19414) 2394 /kolab/RPM/SRC/php/KOLAB_php-5.2.6_myrights.patch;498370df D: fini 100644 1 (19414,19414) 35389 /kolab/RPM/SRC/php/memcache-2.2.4.tgz;498370df D: fini 100644 1 (19414,19414) 9827180 /kolab/RPM/SRC/php/php-5.2.8.tar.bz2;498370df D: fini 100644 1 (19414,19414) 912 /kolab/RPM/SRC/php/php.ini;498370df D: fini 100644 1 (19414,19414) 17324 /kolab/RPM/SRC/php/php.spec;498370df ########################################### [100%] D: fini 100644 1 (19414,19414) 115936 /kolab/RPM/SRC/php/suhosin-0.9.27.tgz;498370df D: fini 100644 1 (19414,19414) 23125 /kolab/RPM/SRC/php/suhosin-patch-5.2.7-0.9.6.3.patch.gz;498370df BZDIO: 1225 reads, 10031680 total bytes in 2.937 secs real 0m1.752s user 0m1.300s sys 0m0.150s
php.spec anpassen und recompilierencd /kolab/RPM/SRC/php time /kolab/bin/openpkg rpm -ba --define 'with_mysql yes' --define 'with_pecl_memcached yes' php.spec ... Wrote: /kolab/RPM/PKG/php-5.2.8-20090130_tiri_kolab.src.rpm Wrote: /kolab/RPM/PKG/php-5.2.8-20090130_tiri_kolab.ix86-debian4.0-kolab.rpm ... real 4m58.696s user 3m34.760s sys 1m17.860s
Tja, das nützte jedoch alles nichts, da das korrekte Paket für apache eben apache-php heißt.
Also nochmal durchcompilieren:
time /kolab/bin/openpkg rpm -ba --define 'with_mysql yes' --define 'with_pecl_memcache yes' --define 'with_suhosin yes' --define 'with_bdb yes' --define 'with_ctype yes' --define 'with_dom yes' --define 'with_gd yes' --define 'with_gettext yes' --define 'with_iconv yes' --define 'with_imap yes' --define 'with_imap_annotate yes' --define 'with_imap_myrights yes' --define 'with_mbregex yes' --define 'with_mbstring yes' --define 'with_mcrypt yes' --define 'with_mhash yes' --define 'with_mm yes' --define 'with_openldap yes' --define 'with_pear yes' --define 'with_sqlite yes' --define 'with_ssl yes' --define 'with_xml yes' --define 'with_zlib yes' apache-php.spec ... Processing files: apache-php-5.2.8-20090131_tiri Wrote: /kolab/RPM/PKG/apache-php-5.2.8-20090131_tiri.src.rpm Wrote: /kolab/RPM/PKG/apache-php-5.2.8-20090131_tiri.ix86-debian4.0-kolab.rpm Executing(%clean): env -i /kolab/lib/openpkg/bash --norc --noprofile --posix -e /kolab/RPM/TMP/rpm-tmp.59967 + cd /kolab/RPM/TMP + cd php-5.2.8 + rm -rf /kolab/RPM/TMP/apache-php-5.2.8-root + exit 0 real 4m13.515s user 3m8.990s sys 0m58.870s
kolab:/kolab/RPM/SRC/apache-php# time /kolab/bin/openpkg rpm -Uvh /kolab/RPM/PKG/apache-php-5.2.8-200 apache-php-5.2.8-20081209_kolab.ix86-debian4.0-kolab.rpm apache-php-5.2.8-20090131_tiri.ix86-debian4.0-kolab.rpm apache-php-5.2.8-20090131_tiri.src.rpm kolab:/kolab/RPM/SRC/apache-php# time /kolab/bin/openpkg rpm -Uvh /kolab/RPM/PKG/apache-php-5.2.8-20090131_tiri.ix86-debian4.0-kolab.rpm Preparing... ########################################### [100%] 1:apache-php ########################################### [100%] OpenPKG: restart: apache. real 0m6.107s user 0m1.680s sys 0m0.560s
Und schon haben wir PHP mit suhosin und mysql und memcache!
Zunächst schauen wir uns die default-PHP Installation an.
Jetzt neues PHP installieren
Überprüfen, was sich geändert hat.
kolab:/kolab/RPM/SRC/php# /kolab/bin/openpkg rpm -Uvh /kolab/RPM/PKG/php-5.2.8-20090130_tiri_kolab.ix86-debian4.0-kolab.rpmPreparing... ########################################### [100%] 1:php ########################################### [100%] kolab:/kolab/RPM/SRC/php# /kolab/bin/openpkg rc apache stop OpenPKG: stop: apache. kolab:/kolab/RPM/SRC/php# /kolab/bin/openpkg rc apache start OpenPKG: start: apache. kolab:/kolab/RPM/SRC/php# wget -S --no-check-certificate https://127.0.0.1/info.php -O /tmp/02.html
Folgende Anpassungen habe ich initial vorgenommen
$conf['server']['name'] = $_SERVER['HTTP_HOST'];
Somit wird erreicht, dass der Server, über den das System angesprochen wird, antwortet (s.u. UseCanonicalName). In derselben Datei müssen auch noch die Parameter für die LDAP Anbindung gesetzt werden (analog /kolab/etc/kolab/kolab.conf).
function calcEaster($year)
{
// fehlerberichtigung
if (function_exists('easter_days')) {
return easter_days($year);
}
kolabmailboxfilter unix - n n - 2 pipe user=kolab-n null_sender= argv=/kolab/bin/php
-c /kolab/etc/apache/php.ini
/* Local delivery backend (default LMTP) */ $conf['kolab']['filter']['delivery_backend'] = 'lmtp';
UseCanonicalName On
ExtendedStatus On
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
# aptitude install munin Reading package lists... Done Building dependency tree... Done Reading extended state information Initializing package states... Done Writing extended state information... Done Reading task descriptions... Done Building tag database... Done The following NEW packages will be automatically installed: libdate-manip-perl libhtml-template-perl libio-multiplex-perl libnet-cidr-perl libnet-server-perl libnet-snmp-perl librrd2 librrds-perl munin-node rrdtool The following NEW packages will be installed: libdate-manip-perl libhtml-template-perl libio-multiplex-perl libnet-cidr-perl libnet-server-perl libnet-snmp-perl librrd2 librrds-perl munin munin-node rrdtool 0 packages upgraded, 11 newly installed, 0 to remove and 0 not upgraded. Need to get 2525kB of archives. After unpacking 6021kB will be used.
aptitude install libwww-perl Reading package lists... Done Building dependency tree... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done Building tag database... Done The following NEW packages will be automatically installed: libcompress-zlib-perl libfont-afm-perl libhtml-format-perl libhtml-parser-perl libhtml-tagset-perl libhtml-tree-perl libmailtools-perl libtimedate-perl liburi-perl The following NEW packages will be installed: libcompress-zlib-perl libfont-afm-perl libhtml-format-perl libhtml-parser-perl libhtml-tagset-perl libhtml-tree-perl libmailtools-perl libtimedate-perl liburi-perl libwww-perl 0 packages upgraded, 10 newly installed, 0 to remove and 0 not upgraded. Need to get 1005kB of archives. After unpacking 3195kB will be used.
dbdir /var/lib/munin
htmldir /kolab/var/kolab/www/munin
logdir /var/log/munin
rundir /var/run/munin
tmpldir /etc/munin/templates
[kolab]
address 127.0.0.1
use_node_name yes
[apt] user root [apache*] env.ports 80 443 [cps*] user root [fw_conntrack] user root [hddtemp_smartctl] user root [if_*] user root [if_err_*] user nobody [ip_*] user root [mysql*] user root env.mysqlopts --defaults-extra-file=/kolab/etc/mysql/my.cnf env.mysqladmin /kolab/bin/mysqladmin env.mysqlshow /kolab/bin/mysqlshow [postfix_mailqueue] user (kolab) env.spooldir /kolab/var/postfix [postfix_mailstats] group kolab env.logdir /kolab/var/postfix/log env.logfile postfix.log [postfix_mailvolume] group kolab env.logdir /kolab/var/postfix/log env.logfile postfix.log [smart_*] user root [vlan*] user root
cd /etc/munin/plugins for i in /usr/share/munin/plugins/apache* /usr/share/munin/plugins/postfix* /usr/share/munin/plugins/mysql* do ln -s $i done rm mysql_isam_space_
Zusätzlich ist die Konfiguration für das Verzeichnis /kolab/var/kolab/www/munin anzupassen, da .html per default als “PHP-Skript” definiert ist.
<Directory "/kolab/var/kolab/www/munin/">
AddType text/html .html
Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
spamassassin_enable="yes"
$sa_spam_subject_tag = 'SPAM> ';
kolab:/kolab/RPM/SRC/dcc# time /kolab/bin/openpkg rpm -Uvh /kolab/RPM/PKG/dcc-1.3.102-20090112_tiri.ix86-debian4.0-kolab.rpm Preparing... ########################################### [100%] 1:dcc ########################################### [100%] real 0m2.031s user 0m0.250s sys 0m0.160s
kolab:/kolab/RPM/SRC/dcc# /kolab/bin/cdcc info
# 02/08/09 21:38:47 CET /kolab/var/dcc/db/map
# Re-resolve names after 23:37:53 Check RTTs after 21:52:59
# 1306.78 ms threshold, 1273.61 ms average 12 total, 11 working servers
IPv6 off
dcc1.dcc-servers.net,- RTT+1000 ms anon
# 64.124.52.232,- dcc-servers ID 1049
# 50% of 2 requests ok 338.00+1000 ms RTT 100 ms queue wait
# 142.27.70.211,- CollegeOfNewCaledonia ID 1189
# protocol version 8
# 50% of 2 requests ok 347.69+1000 ms RTT 100 ms queue wait
# 152.20.253.5,- dcc.uncw.edu ID 1201
# 50% of 2 requests ok 338.28+1000 ms RTT 100 ms queue wait
dcc2.dcc-servers.net,- RTT+1000 ms anon
# *136.199.199.102,- URT ID 1060
# 50% of 2 requests ok 173.61+1000 ms RTT 100 ms queue wait
# 216.240.97.12,- dmv.com ID 1181
# protocol version 8
# 50% of 2 requests ok 271.35+1000 ms RTT 100 ms queue wait
dcc3.dcc-servers.net,- RTT+1000 ms anon
# 207.195.195.223,- SIHOPE-DCC-3 ID 1085
# protocol version 8
# 50% of 2 requests ok 298.65+1000 ms RTT 100 ms queue wait
# 209.169.14.30,- Rhyolite ID 104
# 50% of 2 requests ok 303.12+1000 ms RTT 100 ms queue wait
dcc4.dcc-servers.net,- RTT+1000 ms anon
# 192.135.10.194,- debian ID 1169
# protocol version 8
# 50% of 2 requests ok 206.78+1000 ms RTT 100 ms queue wait
# 209.169.14.29,- Rhyolite ID 104
# 100% of 1 requests ok 296.24+1000 ms RTT 100 ms queue wait
dcc5.dcc-servers.net,- RTT+1000 ms anon
# 203.81.36.6,- PacNet-SG ID 1358
# 100% of 2 requests ok 525.55+1000 ms RTT 100 ms queue wait
# 209.34.225.42,- ID 1114
# protocol version 7
# 100% of 1 requests ok 320.31+1000+2000 ms RTT 100 ms queue wait
127.0.0.1,- RTT-1000 ms 32768 2340400639y548
# 127.0.0.1,-
# not answering
################
# 02/08/09 21:38:47 CET greylist /kolab/var/dcc/db/map
# Re-resolve names after 23:38:47 Check RTTs after 21:53:47
# 1 total, 0 working servers
# skipping asking greylist server 16 seconds more
127.0.0.1,- Greylist 32768 2340400639y548
# 127.0.0.1,6276
# not answering
kolab:/kolab/RPM/SRC/dcc# /kolab/bin/cdcc stats
dcc2.dcc-servers.net 136.199.199.102,6277
server-ID 1060 map 21:39:05
version 2.3.102 tracing ANON CLNT
56082424 hash entries 40915244 used 2941444464 DB bytes
102 ms delay 347796 NOPs 119 ADMN 13414 query 32489 clients since 01:00:20
2618776 reports 11866>10 11007>100 11007>1000 11007 many
answers 2104085>10 2047594>100 1943310>1000 1812088 many
28844 bad op 8224 passwd 640 blist 0 reject 15380 retrans
0 answers rate-limited 0 anon 0 reports rejected
flood on 5 streams 5 out active 5 in 11799481 total flooded in
5610882 accepted 139 stale 6292817 dup 0 white 0 delete
8309807 reports added between Feb 08 01:00:20 and Feb 08 21:39:05 CET
3764 no rep 7960>0% 7704>10% 7607>20% 7548>30% 6409>60% bad 24
kolab:/kolab/RPM/SRC/dcc#
loadplugin Mail::SpamAssassin::Plugin::DCC
/kolab/bin/spamassassin -D --lint 2>&1 | grep -i dcc [20343] dbg: config: read file /kolab/share/spamassassin/25_dcc.cf [20343] dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC from @INC [20343] dbg: dcc: local tests only, disabling DCC
/kolab/bin/spamassassin -D --lint 2>&1 | grep -i raz [25726] dbg: diag: module installed: Razor2::Client::Agent, version 2.84 [25726] dbg: config: read file /kolab/share/spamassassin/25_razor2.cf [25726] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC [25726] dbg: razor2: local tests only, skipping Razor
$ mkdir /kolab/.razor $ chown kolab-r.kolab-r /kolab/.razor $ su - kolab-r kolab-r@kolab$ /kolab/bin/razor-admin -register -user=kolab@tiri.local -pass=passw0rd kolab-r@kolab$ ls -al /kolab/.razor/ total 32 drwxr-xr-x 2 kolab-r kolab-r 4096 2009-02-08 22:03 . drwxr-xr-x 17 kolab kolab 4096 2009-02-08 22:02 .. lrwxrwxrwx 1 kolab-r kolab-r 25 2009-02-08 22:03 identity -> identity-kolab@tiri.local -rw------- 1 kolab-r kolab-r 74 2009-02-08 22:03 identity-kolab@tiri.local -rw-r--r-- 1 kolab-r kolab-r 441 2009-02-08 22:03 razor-agent.log -rw-r--r-- 1 kolab-r kolab-r 843 2009-02-08 22:03 server.n002.cloudmark.com.conf -rw-r--r-- 1 kolab-r kolab-r 57 2009-02-08 22:03 servers.catalogue.lst -rw-r--r-- 1 kolab-r kolab-r 30 2009-02-08 22:03 servers.discovery.lst -rw-r--r-- 1 kolab-r kolab-r 76 2009-02-08 22:03 servers.nomination.lst
$ vi /kolab/var/amavisd/.razor/razor-agent.conf razorhome = /kolab/var/amavisd/.razor logfile = /kolab/var/amavisd/razor-agent.log $ chown kolab-r.kolab-r /kolab/var/amavisd/.razor/razor-agent.conf
kolab:/kolab/var/amavisd/.razor# mv razor-agent.log .. kolab:/kolab/var/amavisd/.razor# chown kolab-r:kolab-r /kolab/var/amavisd/razor-agent.log kolab:/kolab/var/amavisd/.razor# chmod 640 /kolab/var/amavisd/razor-agent.log kolab:/kolab/var/amavisd/.razor# su - kolab-r kolab-r@kolab$ /kolab/bin/razor-admin -d -create -home=/kolab/var/amavisd/.razor Razor-Log: read_file: 2 items read from /kolab/var/amavisd/.razor/razor-agent.conf Razor-Log: -create will force complete discovery Feb 08 22:09:32.627623 admin[26534]: [ 2] [bootup] Logging initiated LogDebugLevel=9 to stdout Feb 08 22:09:32.627791 admin[26534]: [ 6] Not creating razorhome /kolab/var/amavisd/.razor, already exists Feb 08 22:09:32.628118 admin[26534]: [ 5] read_file: 2 items read from /kolab/var/amavisd/.razor/razor-agent.conf Feb 08 22:09:32.628394 admin[26534]: [ 5] computed razorhome=/kolab/var/amavisd/.razor, conf=/kolab/var/amavisd/.razor/razor-agent.conf, ident=/kolab/var/amavisd/.razor/identity-kolab@tiri.local Feb 08 22:09:32.628430 admin[26534]: [ 2] Razor-Agents v2.84 starting razor-admin -d -create -home=/kolab/var/amavisd/.razor Feb 08 22:09:32.628520 admin[26534]: [ 5] read_file: 1 items read from /kolab/var/amavisd/.razor/servers.discovery.lst Feb 08 22:09:32.628633 admin[26534]: [ 5] read_file: 4 items read from /kolab/var/amavisd/.razor/servers.nomination.lst Feb 08 22:09:32.628749 admin[26534]: [ 5] read_file: 3 items read from /kolab/var/amavisd/.razor/servers.catalogue.lst Feb 08 22:09:32.628895 admin[26534]: [ 9] Assigning defaults to n004.cloudmark.com Feb 08 22:09:32.628957 admin[26534]: [ 9] Assigning defaults to n002.cloudmark.com Feb 08 22:09:32.629018 admin[26534]: [ 9] Assigning defaults to n001.cloudmark.com Feb 08 22:09:32.629078 admin[26534]: [ 9] Assigning defaults to n003.cloudmark.com Feb 08 22:09:32.629139 admin[26534]: [ 9] Assigning defaults to c301.cloudmark.com Feb 08 22:09:32.629199 admin[26534]: [ 9] Assigning defaults to c302.cloudmark.com Feb 08 22:09:32.629260 admin[26534]: [ 9] Assigning defaults to c303.cloudmark.com Feb 08 22:09:32.629629 admin[26534]: [ 5] read_file: 27 items read from /kolab/var/amavisd/.razor/server.n002.cloudmark.com.conf Feb 08 22:09:32.629893 admin[26534]: [ 5] read_file: 27 items read from /kolab/var/amavisd/.razor/server.n002.cloudmark.com.conf Feb 08 22:09:32.629970 admin[26534]: [ 5] 168579 seconds before closest server discovery Feb 08 22:09:32.630000 admin[26534]: [ 5] forcing discovery Feb 08 22:09:32.630050 admin[26534]: [ 7] 588620 seconds before soonest DNS discovery Feb 08 22:09:32.630077 admin[26534]: [ 5] forcing DNS discovery Feb 08 22:09:32.630114 admin[26534]: [ 8] Checking with Razor Discovery Server discovery.razor.cloudmark.com Feb 08 22:09:32.630157 admin[26534]: [ 6] No port specified, using 2703 Feb 08 22:09:32.630184 admin[26534]: [ 5] Connecting to discovery.razor.cloudmark.com ... Feb 08 22:09:33.237426 admin[26534]: [ 8] Connection established Feb 08 22:09:33.237515 admin[26534]: [ 4] discovery.razor.cloudmark.com >> 35 server greeting: sn=D&srl=571&a=1&a=cg&ep4=7542-10 Feb 08 22:09:33.237607 admin[26534]: [ 4] discovery.razor.cloudmark.com << 12 Feb 08 22:09:33.237638 admin[26534]: [ 6] a=g&pm=csl Feb 08 22:09:33.392177 admin[26534]: [ 4] discovery.razor.cloudmark.com >> 71 Feb 08 22:09:33.392237 admin[26534]: [ 6] response to sent.1 -csl=? c303.cloudmark.com c301.cloudmark.com c302.cloudmark.com . Feb 08 22:09:33.392338 admin[26534]: [ 8] Discovery Server discovery.razor.cloudmark.com replying with csl=c303.cloudmark.com Feb 08 22:09:33.392370 admin[26534]: [ 8] Discovery Server discovery.razor.cloudmark.com replying with csl=c301.cloudmark.com Feb 08 22:09:33.392402 admin[26534]: [ 8] Discovery Server discovery.razor.cloudmark.com replying with csl=c302.cloudmark.com Feb 08 22:09:33.392459 admin[26534]: [ 4] discovery.razor.cloudmark.com << 12 Feb 08 22:09:33.392487 admin[26534]: [ 6] a=g&pm=nsl Feb 08 22:09:33.544777 admin[26534]: [ 4] discovery.razor.cloudmark.com >> 91 Feb 08 22:09:33.544827 admin[26534]: [ 6] response to sent.2 -nsl=? n002.cloudmark.com n003.cloudmark.com n001.cloudmark.com n004.cloudmark.com . Feb 08 22:09:33.544927 admin[26534]: [ 8] Discovery Server discovery.razor.cloudmark.com replying with nsl=n002.cloudmark.com Feb 08 22:09:33.544958 admin[26534]: [ 8] Discovery Server discovery.razor.cloudmark.com replying with nsl=n003.cloudmark.com Feb 08 22:09:33.544987 admin[26534]: [ 8] Discovery Server discovery.razor.cloudmark.com replying with nsl=n001.cloudmark.com Feb 08 22:09:33.545016 admin[26534]: [ 8] Discovery Server discovery.razor.cloudmark.com replying with nsl=n004.cloudmark.com Feb 08 22:09:33.545090 admin[26534]: [ 5] disconnecting from server discovery.razor.cloudmark.com Feb 08 22:09:33.545143 admin[26534]: [ 4] discovery.razor.cloudmark.com << 5 Feb 08 22:09:33.545171 admin[26534]: [ 6] a=q Feb 08 22:09:33.545415 admin[26534]: [ 5] wrote 1 ARRAY items to file: /kolab/var/amavisd/.razor/servers.discovery.lst Feb 08 22:09:33.545536 admin[26534]: [ 5] wrote 3 ARRAY items to file: /kolab/var/amavisd/.razor/servers.catalogue.lst Feb 08 22:09:33.545650 admin[26534]: [ 5] wrote 4 ARRAY items to file: /kolab/var/amavisd/.razor/servers.nomination.lst Feb 08 22:09:33.545724 admin[26534]: [ 6] n001.cloudmark.com is a Unknown-Type: Server srl -1; computed min_cf=0, Server se: C8 Feb 08 22:09:33.545802 admin[26534]: [ 8] Computed supported_engines: 4 8 Feb 08 22:09:33.545846 admin[26534]: [ 8] Using next closest server n001.cloudmark.com:2703, cached info srl -1 Feb 08 22:09:33.545880 admin[26534]: [ 8] razor-admin finished successfully. kolab-r@kolab$ exit
# Enable Razor2 use_razor2 1 razor_config /kolab/var/amavisd/.razor/razor-agent.conf razor_timeout 10 score RAZOR2_CHECK 2.500
$sa_local_tests_only = 0;
kolab:/kolab/var/amavisd/.razor# /kolab/sbin/amavisd -c /kolab/etc/amavisd/amavisd.conf debug-sa 2>&1 | grep -iE "(raz|dcc)" [29737] dbg: config: read file /kolab/share/spamassassin/25_dcc.cf [29737] dbg: config: read file /kolab/share/spamassassin/25_razor2.cf [29737] dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC from @INC [29737] dbg: dcc: network tests on, registering DCC [29737] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC [29737] dbg: razor2: razor2 is available, version 2.84 [29737] dbg: razor2: part=0 engine=4 contested=0 confidence=0 [29737] dbg: razor2: results: spam? 0 [29737] dbg: razor2: results: engine 8, highest cf score: 0 [29737] dbg: razor2: results: engine 4, highest cf score: 0 [29737] dbg: dcc: dccifd is not available: no r/w dccifd socket found [29737] dbg: util: executable for dccproc was found at /kolab/bin/dccproc [29737] dbg: dcc: dccproc is available: /kolab/bin/dccproc [29737] dbg: dcc: opening pipe: /kolab/bin/dccproc -H -x 0 < /kolab/var/amavisd/.spamassassin29737mI1JhKtmp [29737] dbg: dcc: got response: /kolab/var/dcc/db: Permission denied [29737] dbg: dcc: check failed: no X-DCC returned (did you create a map file?): /kolab/var/dcc/db: Permission denied
chown -R kolab-r.kolab-r /kolab/var/dcc/db
kolab:/kolab# /kolab/sbin/amavisd -c /kolab/etc/amavisd/amavisd.conf debug-sa 2>&1 | grep -iE "(raz|dcc)" [30306] dbg: config: read file /kolab/share/spamassassin/25_dcc.cf [30306] dbg: config: read file /kolab/share/spamassassin/25_razor2.cf [30306] dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC from @INC [30306] dbg: dcc: network tests on, registering DCC [30306] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC [30306] dbg: razor2: razor2 is available, version 2.84 [30306] dbg: razor2: part=0 engine=4 contested=0 confidence=0 [30306] dbg: razor2: results: spam? 0 [30306] dbg: razor2: results: engine 8, highest cf score: 0 [30306] dbg: razor2: results: engine 4, highest cf score: 0 [30306] dbg: dcc: dccifd is not available: no r/w dccifd socket found [30306] dbg: util: executable for dccproc was found at /kolab/bin/dccproc [30306] dbg: dcc: dccproc is available: /kolab/bin/dccproc [30306] dbg: dcc: opening pipe: /kolab/bin/dccproc -H -x 0 < /kolab/var/amavisd/.spamassassin30306UGLuHatmp [30306] dbg: dcc: got response: X-DCC-URT-Metrics: kolab 1060; Body=many Fuz1=many Fuz2=many [30306] dbg: dcc: listed: BODY=999999/999999 FUZ1=999999/999999 FUZ2=999999/999999 [30306] dbg: rules: ran eval rule DCC_CHECK ======> got hit (1) [30306] dbg: check: tests=DCC_CHECK,MISSING_DATE,MISSING_HEADERS,MISSING_SUBJECT,NO_RECEIVED,NO_RELAYS
$ wget http://garr.dl.sourceforge.net/sourceforge/ixhash/iXhash-1.5.5.tgz
$ tar xvzf iXhash-1.5.5.tgz iXhash-1.5.5/iXhash/iXhash.{cf,pm} -C /tmp
$ cp /tmp/iXhash-1.5.5/iXhash/iXhash.* /kolab/etc/spamassassin/
$ chown kolab-r.kolab-r /kolab/etc/spamassassin/iXhash.*
$ perl -pi -e "s|/path/to/(iXhash.pm)$|/kolab/etc/spamassassin/\1|g" iXhash.pm
$ perl -pi -e "s|/etc/mail/spamassassin/(iXhash.pm)$|/kolab/etc/spamassassin/\1|g" iXhash.cf
$ /kolab/bin/spamassassin -D --lint 2>&1 | grep -i ixhash
[32712] dbg: config: read file /kolab/etc/spamassassin/iXhash.cf
[32712] dbg: plugin: loading Mail::SpamAssassin::Plugin::iXhash from /kolab/etc/spamassassin/iXhash.pm
[32712] dbg: IXHASH: local tests only, not using iXhash plugin