[TUTORIAL] Tutorial on Advancing Proxmox Mail Gateway Step by step

killmasta93

Active Member
Aug 13, 2017
575
31
33
26
Hello Proxmox community,

I wanted to say thank you so much for the effort for this amazing software, I also want to thank @heutger for the previous guide he did for the Advancing Proxmox Mail Gateway
I took the liberty to organize step by step from his guide, this guide still contains the clamav-unofficial with fail2ban, im attaching also the geo ip version 1 as for the version 2 could not get it working, the step by step is a md file which you can open with Joplin or gitlab
any addition let me know so i can keep the MD file updated and keep it organize for anyone else.
Also there may be some typos on the tutorial feel free to edit the file.

Files of the MD and GEO ip

http://www.mediafire.com/folder/svpzfzsqd3e8m/pmg

Things that i need to still add

1) Blocking rcpt to without authentication
2) adding the KAM config
 

killmasta93

Active Member
Aug 13, 2017
575
31
33
26
yeah your right as soon as i posted it i realized that going these week to put it on github hope this helps someone
 
Jan 29, 2017
145
10
23
43
Wyh I´m getting
===============================
ERROR: Missing value for option
===============================
for clamdscan on PMG 6.1 ?
 
Jan 29, 2017
145
10
23
43
Wyh I´m getting
===============================
ERROR: Missing value for option
===============================
for clamdscan on PMG 6.1 ?
got it..had to delete all other os - confs

################################################################################
eXtremeSHOK.com ClamAV Unofficial Signature Updater
Version: v6.3.0 (2019-09-02)
Required Configuration Version: v80
Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
################################################################################
Loading config: /etc/clamav-unofficial-sigs/master.conf
Loading config: /etc/clamav-unofficial-sigs/os/os.debian10.conf
Loading config: /etc/clamav-unofficial-sigs/user.conf
===================
Preparing Databases
===================
==================================================
Sanesecurity Database & GPG Signature File Updates
==================================================
 
Jan 29, 2017
145
10
23
43
Is there a script to update clamav-unofficial automatically?

I got mail every two days and have to manually update the script via git.

***********************************************************************************
ALERT: New version : v7.0.1 @ https://github.com/extremeshok/clamav-unofficial-sigs
***********************************************************************************
***************************************************************************************
ALERT: New config version : v91 @ https://github.com/extremeshok/clamav-unofficial-sigs
***************************************************************************************
 

thiagotgc

Member
Dec 17, 2019
85
5
8
32
Again, the content of GeoIP2 is down.

Does anyone know where I can start downloading?

/etc/cron.daily/GeoIP2:
--2020-01-31 06:25:01-- http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
Resolving geolite.maxmind.com (geolite.maxmind.com)... failed: Name or service not known.
wget: unable to resolve host address ‘geolite.maxmind.com’
tar (child): GeoLite2-Country.tar.gz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
rm: cannot remove 'GeoLite2-Country.tar.gz': No such file or directory
run-parts: /etc/cron.daily/GeoIP2 exited with return code 1
 

thiagotgc

Member
Dec 17, 2019
85
5
8
32
When running the sa-compile command these errors appear.


Feb 1 13:41:54.926 [18982] info: generic: base extraction starting. this can take a while...
Feb 1 13:41:54.926 [18982] info: generic: extracting from rules of type body_0
100% [=====================================================================================================================================================================================================] 6830.01 rules/sec 00m00s DONE
100% [=====================================================================================================================================================================================================] 147.25 bases/sec 01m26s DONET
Feb 1 13:43:22.684 [18982] info: body_0: 10270 base strings extracted in 88 seconds
Feb 1 13:43:24.382 [18982] info: rules: meta test JMQ_CONGRAT has dependency 'KAM_RAPTOR_ALTERED' with a zero score
Feb 1 13:43:24.386 [18982] info: rules: meta test KAM_FAKE_DELIVER has dependency 'KAM_RAPTOR_ALTERED' with a zero score
Feb 1 13:43:24.392 [18982] info: rules: meta test KAM_AUTO has dependency 'CBJ_GiveMeABreak' with a zero score
Feb 1 13:43:24.403 [18982] info: rules: meta test KAM_INSURE has dependency 'CBJ_GiveMeABreak' with a zero score
Feb 1 13:43:24.404 [18982] info: rules: meta test KAM_WARRANTY3 has dependency 'CBJ_GiveMeABreak' with a zero score
Feb 1 13:43:24.408 [18982] info: rules: meta test KAM_WARRANTY has dependency 'CBJ_GiveMeABreak' with a zero score
Feb 1 13:43:24.411 [18982] info: rules: meta test KAM_REALLY_FAKE_DELIVER has dependency 'KAM_RPTR_PASSED' with a zero score
Feb 1 13:43:24.414 [18982] info: rules: meta test KAM_JURY has dependency 'KAM_RAPTOR_ALTERED' with a zero score
Feb 1 13:43:24.416 [18982] info: rules: meta test KAM_INSURE2 has dependency 'CBJ_GiveMeABreak' with a zero score
Feb 1 13:43:24.421 [18982] info: rules: meta test KAM_BADPDF2 has dependency 'KAM_RPTR_SUSPECT' with a zero score
Feb 1 13:43:24.434 [18982] info: rules: meta test KAM_NOTIFY2 has dependency 'KAM_IFRAME' with a zero score
Feb 1 13:43:24.448 [18982] info: rules: meta test KAM_CARD has dependency 'KAM_RPTR_SUSPECT' with a zero score
cd /tmp/.spamassassin189826kTKQTtmp
reading bases_body_0.in
cd Mail-SpamAssassin-CompiledRegexps-body_0
Wide character in print at /usr/local/bin/sa-compile line 433, <$fh> line 6469.
Wide character in print at /usr/local/bin/sa-compile line 433, <$fh> line 8052.
Wide character in print at /usr/local/bin/sa-compile line 433, <$fh> line 13508.
Wide character in print at /usr/local/bin/sa-compile line 433, <$fh> line 15175.
re2c -i -b -o scanner1.c scanner1.re
re2c -i -b -o scanner2.c scanner2.re
re2c -i -b -o scanner3.c scanner3.re
re2c -i -b -o scanner4.c scanner4.re
re2c -i -b -o scanner5.c scanner5.re
re2c -i -b -o scanner6.c scanner6.re
re2c -i -b -o scanner7.c scanner7.re
re2c -i -b -o scanner8.c scanner8.re
re2c -i -b -o scanner9.c scanner9.re
re2c -i -b -o scanner10.c scanner10.re
re2c -i -b -o scanner11.c scanner11.re
re2c -i -b -o scanner12.c scanner12.re
re2c -i -b -o scanner13.c scanner13.re
re2c -i -b -o scanner14.c scanner14.re
re2c -i -b -o scanner15.c scanner15.re
re2c -i -b -o scanner16.c scanner16.re
re2c -i -b -o scanner17.c scanner17.re
re2c -i -b -o scanner18.c scanner18.re
re2c -i -b -o scanner19.c scanner19.re
re2c -i -b -o scanner20.c scanner20.re
re2c -i -b -o scanner21.c scanner21.re
re2c -i -b -o scanner22.c scanner22.re
re2c -i -b -o scanner23.c scanner23.re
re2c -i -b -o scanner24.c scanner24.re
re2c -i -b -o scanner25.c scanner25.re
re2c -i -b -o scanner26.c scanner26.re
re2c -i -b -o scanner27.c scanner27.re
re2c -i -b -o scanner28.c scanner28.re
re2c -i -b -o scanner29.c scanner29.re
re2c -i -b -o scanner30.c scanner30.re
re2c -i -b -o scanner31.c scanner31.re
re2c -i -b -o scanner32.c scanner32.re
re2c -i -b -o scanner33.c scanner33.re
re2c -i -b -o scanner34.c scanner34.re
re2c -i -b -o scanner35.c scanner35.re
re2c -i -b -o scanner36.c scanner36.re
re2c -i -b -o scanner37.c scanner37.re
re2c -i -b -o scanner38.c scanner38.re
re2c -i -b -o scanner39.c scanner39.re
re2c -i -b -o scanner40.c scanner40.re
re2c -i -b -o scanner41.c scanner41.re
re2c -i -b -o scanner42.c scanner42.re
re2c -i -b -o scanner43.c scanner43.re
re2c -i -b -o scanner44.c scanner44.re
re2c -i -b -o scanner45.c scanner45.re
re2c -i -b -o scanner46.c scanner46.re
re2c -i -b -o scanner47.c scanner47.re
re2c -i -b -o scanner48.c scanner48.re
re2c -i -b -o scanner49.c scanner49.re
re2c -i -b -o scanner50.c scanner50.re
re2c -i -b -o scanner51.c scanner51.re
re2c -i -b -o scanner52.c scanner52.re
/usr/bin/perl Makefile.PL PREFIX=/tmp/.spamassassin189826kTKQTtmp/ignored INSTALLSITEARCH=/var/lib/spamassassin/compiled/5.028/3.004003
Generating a Unix-style Makefile
Writing Makefile for Mail::SpamAssassin::CompiledRegexps::body_0
Writing MYMETA.yml and MYMETA.json
make PREFIX=/tmp/.spamassassin189826kTKQTtmp/ignored INSTALLSITEARCH=/var/lib/spamassassin/compiled/5.028/3.004003
cp body_0.pm blib/lib/Mail/SpamAssassin/CompiledRegexps/body_0.pm
Running Mkbootstrap for body_0 ()
chmod 644 "body_0.bs"
"/usr/bin/perl" -MExtUtils::Command::MM -e 'cp_nonempty' -- body_0.bs blib/arch/auto/Mail/SpamAssassin/CompiledRegexps/body_0/body_0.bs 644
"/usr/bin/perl" "/usr/share/perl/5.28/ExtUtils/xsubpp" -typemap '/usr/share/perl/5.28/ExtUtils/typemap' body_0.xs > body_0.xsc
mv body_0.xsc body_0.c
x86_64-linux-gnu-gcc -c -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fwrapv -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g -DVERSION=\"1.0\" -DXS_VERSION=\"1.0\" -fPIC "-I/usr/lib/x86_64-linux-gnu/perl/5.28/CORE" body_0.c
In file included from body_0.xs:2:
/usr/lib/x86_64-linux-gnu/perl/5.28/CORE/perl.h:684:10: fatal error: sys/types.h: No such file or directory
#include <sys/types.h>
^~~~~~~~~~~~~
compilation terminated.
make: *** [Makefile:436: body_0.o] Error 1
command failed: exit 2

Solution:
sudo apt install libc6-dev
 
Last edited:

thiagotgc

Member
Dec 17, 2019
85
5
8
32
I could not get geoip2 working if you write the steps i will change on the guide
I did practically the same as the tutorial posted here, but with few changes.

For everything I do, I add it to my Wiki.

I'll post here a printout of the settings to use GeoIP1 or 2

Capturar.PNG
 
  • Like
Reactions: killmasta93

killmasta93

Active Member
Aug 13, 2017
575
31
33
26
do you mean these steps?


Code:
cd /tmp
wget https://github.com/extremeshok/clamav-unofficial-sigs/archive/master.zip
unzip master.zip
cp clamav-unofficial-sigs-master/clamav-unofficial-sigs.sh /usr/local/sbin/
chmod 755 /usr/local/sbin/clamav-unofficial-sigs.sh
 

killmasta93

Active Member
Aug 13, 2017
575
31
33
26
very odd trying to install on another pmg box getting this error not sure if anyone else has had this issue

Code:
root@mail:/etc/clamav-unofficial-sigs# /usr/local/sbin/clamav-unofficial-sigs.sh --install-cron
-----------------------------------------
WARNING: Too many os.*.conf configs found
-----------------------------------------
################################################################################
 eXtremeSHOK.com ClamAV Unofficial Signature Updater
 Version: v7.0.1 (2020-01-25)
 Required Configuration Version: v91
 Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
################################################################################
Loading config: /etc/clamav-unofficial-sigs/master.conf
Loading config: /etc/clamav-unofficial-sigs/user.conf
===============================
ERROR: Missing value for option
===============================
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!