Skip to main content
This forum is closed to new posts and responses. New discussions are now taking place in the IBM Developer Answers forum.
 
developerWorks
AIX and UNIX
Information Mgmt
Lotus
New to Lotus
Products
How to buy
Downloads
Live demos
Technical library
Training
Support
Forums & community
Events
Rational
Tivoli
WebSphere
Java™ technology
Linux
Open source
SOA and Web services
Web development
XML
My developerWorks
About dW
Submit content
Feedback



developerWorks  >  Lotus  >  Forums & community  >  Notes/Domino 6 and 7 Forum

Notes/Domino 6 and 7 Forum

developerWorks

  

PreviousPrevious NextNext


Simon Delicata 9.Nov.05 04:29 PM a Web browser
Domino Server 6.5.4; 6.5.3 FP1; 6.5.3; 6.5.2 FP1; 6.5.2; 6.5.1; 6.5; 6.0.5; 6.0.4; 6.0.3; 6.0.2 CF2; 6.0.2 CF1; 6.0.2; 6.0.1 CF3; 6.0.1 CF2; 6.0.1 CF1; 6.0.1; 6.0 All Platforms


Hi all,

This is just a quick note on how I integrated SpamAssassin, exim, clamav, and Domino, to preprocess mail before it reaches our domino server. Before you read on, I have to say that the solution does require another PC to run exim on. I did try it as a seperate mail receiver, but Exim kept complaining that it was trying to forward the mail to itself, and refused to continue. I would love to hear from anyone that manages to get around it, so I can get rid of the extra server I now have running !!

I tried KSpam, but it seemed quite flaky and tended to kill our Domino machine, and my boss doesn't like spending money, so we didn't go for a purchased solution.

Overview :

Mail is received from the Internet to the Exim process. After HELO/EHLO and MAIL FROM are processed, the sender sends RCPT TO. The mail address entered here is queried against our Domino directory via LDAP. Mail in databases, groups, and individuals are allowed recipients.
If the recipient is not valid ( an entry is found in LDAP), exim returns an "Unable to route" message and refuses to continue, otherwise it accepts the rest of the message.
The mail is then passed through clamAV to virus check the mail. If a virus is detected, it's dropped, otherwise it gets passed on to SpamAssassin. SpamAssassin then marks the message with a Spam score, and if high enough, the mail subject is tagged with a [SPAM] prefix.
Finally, the mail is forwarded on to Domino via SMTP

The nitty gritty
----------------
I am assuming you have managed to download and install all the necessary software. If you haven't, I can highly recommend using apt which can be used in conjunction with the dag RPM repository. With this, you tell it what software package name to install, and it will retrieve and install it for you, along with any dependencies.


First of all, the exim.conf. Add the following lines to the global section of your file (somewhere near the top will do).

Underneath that, a system filter, that performs the insertion of the [SPAM] tag in the subject (file contents at the bottom)

Next, the line to tell it which AV scanner to use. In this case, ClamAV, with the ClamD daemon.

Next, the next line tells Exim to process the acl regarded to content checking (used post-spamassassin)
-------------------- snip --------------------
#This creates an LDAP lookup url for mail to a domino:
#- group or person whose common name == the bit before the @
#- person whose common name == the bit before the @, with all dots changed to spaces
#- person whose uid (as listed by ldap) == the bit before the @
#- person whose mail address (in their person doc) == the recipient address
#- mail in database whose mail address == the recipient address
DOMINO_LDAP_MAIL_RCPT = \
ldap://<your domino server ip here>/??sub?(|\
(&(|(objectclass=dominoGroup)(objectclass=dominoPerson))(cn=${local_part}))\
(&(objectclass=dominoPerson)(cn=${tr{${local_part}}{.}{ }}))\
(&(objectclass=dominoPerson)(uid=${local_part}))\
(&(objectclass=dominoPerson)(mail=${local_part}@${domain}))\
(&(objectclass=dominoServerMailInDatabase)(mail=${local_part}@${domain})))

#Underneath that, a system filter, that performs the insertion of the [SPAM] tag in the subject (file contents at the bottom)
system_filter = /etc/exim/system-filter

#Which AV scanner to use. In this case, ClamAV, with the ClamD daemon.
av_scanner = clamd: 127.0.0.1 3310

#This line tells Exim to process the acl regarded to content checking (used post-spamassassin)
acl_smtp_data = acl_check_content

#I'm not sure if this matters, but I added it while getting the system to work
spamd_address = 127.0.0.1 783
-------------------- snip --------------------

A little further down the exim file, you should find the ACL section. Change acl_check_rcpt to be :

-------------------- snip --------------------
acl_check_content:

# Reject virus infested messages.
deny message = This message contains malware ($malware_name)
malware = *

# Always add X-Spam-Score and X-Spam-Report headers, using SA system-wide settings
# (user "nobody"), no matter if over threshold or not.
warn message = X-Spam-Score: $spam_score ($spam_bar)
spam = nobody:true
warn message = X-Spam-Report: $spam_report
spam = nobody:true

# Add X-Spam-Flag if spam is over system-wide threshold
warn message = X-Spam-Flag: YES
spam = nobody


# Reject spam messages with score over 10, using an extra condition. I commented it out because I didn't like the idea of bouncing spam, but letting end users check it first.
# deny message = This message scored $spam_score points. Congratulations!
# spam = nobody:true
# condition = ${if >{$spam_score_int}{100}{1}{0}}

# Change the mail subject if it receives a high enough spam likelyhood
warn message = X-New-Subject: [SPAM] $h_subject:
spam = nobody
# finally accept all the rest
accept

-------------------- snip --------------------

Next is the router section. Add the following, after the "localuser" entry.
-------------------- snip --------------------
ldap_check:
driver = redirect
domains = +local_domains
allow_fail
allow_defer
forbid_file
forbid_pipe
redirect_router = spamcheck_router
data = ${lookup ldapm {DOMINO_LDAP_MAIL_RCPT }{${local_part}@${domain}}{:fail: Unable to route}}

spamcheck_router:
no_verify
#check_local_user
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
driver = accept
transport = spamcheck


smarthost:
transport = remote_smtp
driver = manualroute
route_list = "* <FQDN OF YOUR DOMINO SERVER> byname"

-------------------- snip --------------------

And then add the following to your transports section
-------------------- snip --------------------
# SpamAssassin
spamcheck:
debug_print = "T: spamassassin_pipe for $local_part@$domain"
driver = pipe
command = /usr/sbin/exim -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/spamc
home_directory = "/tmp"
current_directory = "/tmp"
# must use a privileged user to set $received_protocol on the way back in!
user = exim
group = exim
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =

-------------------- snip --------------------

The spamassassin and clamav configuration files werw pretty much as per the defaults. It has to be said that this exim configuration was for Redhat Enterprise r3, although there is no reason is shouldn't work on other versions.

I'm not claiming to know everything about exim, only that I managed to get a configuration working the way I liked it. If you have any problems, I first recommend that you read the fine online documentation, groups, etc, before posting a question that I may not be able to resolve.

Hope someone finds this useful in time

Simon Delicata






Integrating Exim With Domino (Simon Delicata 9.Nov.05)
. . RE: Integrating Exim With Domino (Ashley B Drees 4.Mar.06)





  Document options
Print this pagePrint this page

 Search this forum

  Forum views and search
Date (threaded)
Date (flat)
With excerpt
Author
Category
Platform
Release
Advanced search

 RSS feedsRSS
All forum posts RSS
All main topics RSS
More Lotus RSS feeds

Resources

 Resources
Forum use and etiquette
Native Notes Access
Web site Feedback

Lotus Support

 Lotus Support
IBM Support Portal - Lotus software
Lotus Support documents
Lotus support by product
Lotus support downloads
Lotus support RSS feeds

Wikis

 Wikis
IBM Composite Applications
IBM Mashup Center
IBM Connections
IBM Connections Cloud Developers
IBM Docs
IBM Forms
IBM Mobile Connect
IBM Sametime
IBM SmartCloud for Social Business
IBM Web Experience Factory
Lotus Domino
Lotus Domino Designer
Lotus Expeditor
Lotus Foundations
Lotus iNotes
Lotus Instructor Community Courseware
Lotus Notes
Lotus Notes & Domino Application Development
Lotus Notes Traveler
Lotus Protector
Lotus Quickr
Lotus Symphony
IBM Web Content Manager
WebSphere Portal

Lotus Forums


 Lotus Forums
Notes/Domino 9.0
Notes/Domino 8.5 + Traveler
Notes/Domino XPages development forum
Notes/Domino 8
Notes/Domino 6 and 7
IBM Connections
IBM Mobile Connect
IBM Sametime
IBM SmartCloud Notes
Lotus Enterprise Integration
Lotus Protector
Lotus Quickr
Lotus SmartSuite