Release
 
Part 17 - Installing Qtrap

Our final ingredient in this installation is going to be a domain level word filter, which I've named "Qtrap". This script is applied on a per domain basis and serves as a "bad word" scanner to catch any spam that Spamassassin may have missed. This filter serves as the last defense against SPAM before it arrived in your inbox. I like this filter because it helps to get rid of any SPAM that happens to make it by Spamassassin. Without any protection at all, my mailbox gets a shit ton of SPAM every day. Within the first 3 months I enacted the Qtrap filter, Qtrap logged over 9,000 deleted SPAM messages, none of which were legitimate e-mails. My keyboard's delete key was very appreciated the extra rest.

Any emails that are scanned and contain a banned word will be automatically deleted and logged by the qtrap script. A whitelist feature now exists so that individual addresses or domains can be exempt from the qtrap scan.

So let's install it...

cd /usr/home/vpopmail

mkdir -p qtrap/logs

cd qtrap

cp /downloads/qmailrocks/scripts/qtrap/qtrap-freebsd-2.0.0 ./qtrap.sh

Defnining your whitelist:

vi qtrap.sh

You will see a block of code for the whitelist that looks like this:

whitelist_check () {
case $WHITELIST in
address@somewhere.com|address@somewhereelse.com|*entiredomain.com)
echo $SENDER found in whitelist on `date "+%D %H:%M:%S"` >> /usr/home/vpopmail/qtrap/logs/qtrap.log
exit 0;;
*)
;;
esac
}

The email addresses in the bold red text above should be substituted with any email addresses that you wish to whitelist against the qtrap filter process. Whitelisted addresses will be allowed to send you mail that contains "banned" words. Un-whitelisted address will be scanned and their message deleted if it contains a banned word. As you can see above, you can specify an individual address (address@somewhere.com) or you can simply whitelist an entire domain (*entiredomain.com).

Defining your "banned word" list:

within the qtrap.sh script you should see another section, below the whitelist section of code, that looks like this:

checkall () {
case $BANNED_WORDS in
porn|PORN|Sex|SEX)
printout $BANNED_WORDS
echo MESSAGE DROPPED from $SENDER because of $BANNED_WORDS on `date "+%D %H:%M:%S"` >> /usr/home/vpopmail/qtrap/logs/qtrap.log
exit 99;;
*)
;;
esac
}

The portion of the above section that I've highlighted in RED is the array of "banned" words. Edit this array to your satisfaction. Make sure that each word is seperated by a pipe "|" and keep in mind that the array is case sensitive. So the words "SEX" and "Sex" are 2 different words. Also, excercise caution here. You don't want to ban words that are used in everyday e-mails. For example, you wouldn't want to ban the word "hello" or something like that. You should only ban words that you are 100% sure you would never see in a legitimate e-mail.

Now let's set up the logging directory...

touch /usr/home/vpopmail/qtrap/logs/qtrap.log

chown -R vpopmail:vchkpw /usr/home/vpopmail/qtrap

chmod -R 755 /usr/home/vpopmail/qtrap

Now we will add this script into the mail path for a domain on our server.

cd /usr/home/vpopmail/domains/yourdomain.com

vi .qmail-default

add the following line above the line that is already there

| /usr/home/vpopmail/qtrap/qtrap.sh

Here's an example:

.qmail-default before:

| /usr/home/vpopmail/bin/vdelivermail '' delete

,qmail-default after:

| /usr/home/vpopmail/qtrap/qtrap.sh
| /usr/home/vpopmail/bin/vdelivermail '' delete

Save these changes and that should be it. You don't have to restart anything. To test this last rule, try sending an e-mail to your mailbox and make sure that the test e-mail contains one of the words that you entered into the "bad word" list in the Qtrap script. If the filter is working right, the message should NOT arrive in your inbox. You should then be able to view the log file at /usr/home/vpopmail/qtrap/logs/qtrap.log and see a log of the dropeed message corresponding to the time at which you sent the test message. The drop log should look something like this:

MESSAGE DROPPED from someone@somewhere.com because of some_banned_word on on 06/13/03 02:37:51

If the test was successfull, then that's it! Congratulations, you've completed the Qmailrocks.org Qmail installation. Have fun. The next couple steps discuss cleanup as well as some closing notes and suggestions.

 

 

Proceed to Part 18


 

Color Coded Qmail Installation Key
 
Regular Black Text 
 Qmail installation notes and summaries by the author. Me talking.
 
Bold Black Text 
 Commands to be run by you, the installer.
 
Bold Maroon Text 
 Special notes for Redhat 9 users.
 
Bold Red Text 
 Vital and/or critical information.
 
Regular/Bold Purple text 
 Denotes helpful tips and hints or hyperlinks.
 
Regular Orange Text 
 Command line output.
Cp

Regular green text 

 Denotes the contents of a file or script.
home | about | the installation | utilities | faq | contact | journal | mailing list | list archive | forum | links | donatemerchandise
modified
This mirror last modified: Thursday, August 9th, 2012 15:59:22 CEST
 
The Rocks Project