[TUTORIAL] Tutorial on Advancing Proxmox Mail Gateway Step by step

killmasta93

Renowned Member
Aug 13, 2017
973
58
68
31
Hello Proxmox community,

I wanted to say thank you so much for the effort for this amazing software, I also want to thank @heutger for the previous guide he did for the Advancing Proxmox Mail Gateway
I took the liberty to organize step by step from his guide, this guide still contains the clamav-unofficial with fail2ban, im attaching also the geo ip version 1 as for the version 2 could not get it working, the step by step is a md file which you can open with Joplin or gitlab
any addition let me know so i can keep the MD file updated and keep it organize for anyone else.
Also there may be some typos on the tutorial feel free to edit the file.

Files of the MD and GEO ip

http://www.mediafire.com/folder/svpzfzsqd3e8m/pmg

Things that i need to still add

1) Blocking rcpt to without authentication
2) adding the KAM config
 
yeah your right as soon as i posted it i realized that going these week to put it on github hope this helps someone
 
Wyh I´m getting
===============================
ERROR: Missing value for option
===============================
for clamdscan on PMG 6.1 ?
 
Wyh I´m getting
===============================
ERROR: Missing value for option
===============================
for clamdscan on PMG 6.1 ?
got it..had to delete all other os - confs

################################################################################
eXtremeSHOK.com ClamAV Unofficial Signature Updater
Version: v6.3.0 (2019-09-02)
Required Configuration Version: v80
Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
################################################################################
Loading config: /etc/clamav-unofficial-sigs/master.conf
Loading config: /etc/clamav-unofficial-sigs/os/os.debian10.conf
Loading config: /etc/clamav-unofficial-sigs/user.conf
===================
Preparing Databases
===================
==================================================
Sanesecurity Database & GPG Signature File Updates
==================================================
 
Is there a script to update clamav-unofficial automatically?

I got mail every two days and have to manually update the script via git.

***********************************************************************************
ALERT: New version : v7.0.1 @ https://github.com/extremeshok/clamav-unofficial-sigs
***********************************************************************************
***************************************************************************************
ALERT: New config version : v91 @ https://github.com/extremeshok/clamav-unofficial-sigs
***************************************************************************************
 
Again, the content of GeoIP2 is down.

Does anyone know where I can start downloading?

/etc/cron.daily/GeoIP2:
--2020-01-31 06:25:01-- http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
Resolving geolite.maxmind.com (geolite.maxmind.com)... failed: Name or service not known.
wget: unable to resolve host address ‘geolite.maxmind.com’
tar (child): GeoLite2-Country.tar.gz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
rm: cannot remove 'GeoLite2-Country.tar.gz': No such file or directory
run-parts: /etc/cron.daily/GeoIP2 exited with return code 1
 
When running the sa-compile command these errors appear.

Feb 1 13:41:54.926 [18982] info: generic: base extraction starting. this can take a while... Feb 1 13:41:54.926 [18982] info: generic: extracting from rules of type body_0 100% [=====================================================================================================================================================================================================] 6830.01 rules/sec 00m00s DONE 100% [=====================================================================================================================================================================================================] 147.25 bases/sec 01m26s DONET Feb 1 13:43:22.684 [18982] info: body_0: 10270 base strings extracted in 88 seconds Feb 1 13:43:24.382 [18982] info: rules: meta test JMQ_CONGRAT has dependency 'KAM_RAPTOR_ALTERED' with a zero score Feb 1 13:43:24.386 [18982] info: rules: meta test KAM_FAKE_DELIVER has dependency 'KAM_RAPTOR_ALTERED' with a zero score Feb 1 13:43:24.392 [18982] info: rules: meta test KAM_AUTO has dependency 'CBJ_GiveMeABreak' with a zero score Feb 1 13:43:24.403 [18982] info: rules: meta test KAM_INSURE has dependency 'CBJ_GiveMeABreak' with a zero score Feb 1 13:43:24.404 [18982] info: rules: meta test KAM_WARRANTY3 has dependency 'CBJ_GiveMeABreak' with a zero score Feb 1 13:43:24.408 [18982] info: rules: meta test KAM_WARRANTY has dependency 'CBJ_GiveMeABreak' with a zero score Feb 1 13:43:24.411 [18982] info: rules: meta test KAM_REALLY_FAKE_DELIVER has dependency 'KAM_RPTR_PASSED' with a zero score Feb 1 13:43:24.414 [18982] info: rules: meta test KAM_JURY has dependency 'KAM_RAPTOR_ALTERED' with a zero score Feb 1 13:43:24.416 [18982] info: rules: meta test KAM_INSURE2 has dependency 'CBJ_GiveMeABreak' with a zero score Feb 1 13:43:24.421 [18982] info: rules: meta test KAM_BADPDF2 has dependency 'KAM_RPTR_SUSPECT' with a zero score Feb 1 13:43:24.434 [18982] info: rules: meta test KAM_NOTIFY2 has dependency 'KAM_IFRAME' with a zero score Feb 1 13:43:24.448 [18982] info: rules: meta test KAM_CARD has dependency 'KAM_RPTR_SUSPECT' with a zero score cd /tmp/.spamassassin189826kTKQTtmp reading bases_body_0.in cd Mail-SpamAssassin-CompiledRegexps-body_0 Wide character in print at /usr/local/bin/sa-compile line 433, <$fh> line 6469. Wide character in print at /usr/local/bin/sa-compile line 433, <$fh> line 8052. Wide character in print at /usr/local/bin/sa-compile line 433, <$fh> line 13508. Wide character in print at /usr/local/bin/sa-compile line 433, <$fh> line 15175. re2c -i -b -o scanner1.c scanner1.re re2c -i -b -o scanner2.c scanner2.re re2c -i -b -o scanner3.c scanner3.re re2c -i -b -o scanner4.c scanner4.re re2c -i -b -o scanner5.c scanner5.re re2c -i -b -o scanner6.c scanner6.re re2c -i -b -o scanner7.c scanner7.re re2c -i -b -o scanner8.c scanner8.re re2c -i -b -o scanner9.c scanner9.re re2c -i -b -o scanner10.c scanner10.re re2c -i -b -o scanner11.c scanner11.re re2c -i -b -o scanner12.c scanner12.re re2c -i -b -o scanner13.c scanner13.re re2c -i -b -o scanner14.c scanner14.re re2c -i -b -o scanner15.c scanner15.re re2c -i -b -o scanner16.c scanner16.re re2c -i -b -o scanner17.c scanner17.re re2c -i -b -o scanner18.c scanner18.re re2c -i -b -o scanner19.c scanner19.re re2c -i -b -o scanner20.c scanner20.re re2c -i -b -o scanner21.c scanner21.re re2c -i -b -o scanner22.c scanner22.re re2c -i -b -o scanner23.c scanner23.re re2c -i -b -o scanner24.c scanner24.re re2c -i -b -o scanner25.c scanner25.re re2c -i -b -o scanner26.c scanner26.re re2c -i -b -o scanner27.c scanner27.re re2c -i -b -o scanner28.c scanner28.re re2c -i -b -o scanner29.c scanner29.re re2c -i -b -o scanner30.c scanner30.re re2c -i -b -o scanner31.c scanner31.re re2c -i -b -o scanner32.c scanner32.re re2c -i -b -o scanner33.c scanner33.re re2c -i -b -o scanner34.c scanner34.re re2c -i -b -o scanner35.c scanner35.re re2c -i -b -o scanner36.c scanner36.re re2c -i -b -o scanner37.c scanner37.re re2c -i -b -o scanner38.c scanner38.re re2c -i -b -o scanner39.c scanner39.re re2c -i -b -o scanner40.c scanner40.re re2c -i -b -o scanner41.c scanner41.re re2c -i -b -o scanner42.c scanner42.re re2c -i -b -o scanner43.c scanner43.re re2c -i -b -o scanner44.c scanner44.re re2c -i -b -o scanner45.c scanner45.re re2c -i -b -o scanner46.c scanner46.re re2c -i -b -o scanner47.c scanner47.re re2c -i -b -o scanner48.c scanner48.re re2c -i -b -o scanner49.c scanner49.re re2c -i -b -o scanner50.c scanner50.re re2c -i -b -o scanner51.c scanner51.re re2c -i -b -o scanner52.c scanner52.re /usr/bin/perl Makefile.PL PREFIX=/tmp/.spamassassin189826kTKQTtmp/ignored INSTALLSITEARCH=/var/lib/spamassassin/compiled/5.028/3.004003 Generating a Unix-style Makefile Writing Makefile for Mail::SpamAssassin::CompiledRegexps::body_0 Writing MYMETA.yml and MYMETA.json make PREFIX=/tmp/.spamassassin189826kTKQTtmp/ignored INSTALLSITEARCH=/var/lib/spamassassin/compiled/5.028/3.004003 cp body_0.pm blib/lib/Mail/SpamAssassin/CompiledRegexps/body_0.pm Running Mkbootstrap for body_0 () chmod 644 "body_0.bs" "/usr/bin/perl" -MExtUtils::Command::MM -e 'cp_nonempty' -- body_0.bs blib/arch/auto/Mail/SpamAssassin/CompiledRegexps/body_0/body_0.bs 644 "/usr/bin/perl" "/usr/share/perl/5.28/ExtUtils/xsubpp" -typemap '/usr/share/perl/5.28/ExtUtils/typemap' body_0.xs > body_0.xsc mv body_0.xsc body_0.c x86_64-linux-gnu-gcc -c -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fwrapv -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g -DVERSION=\"1.0\" -DXS_VERSION=\"1.0\" -fPIC "-I/usr/lib/x86_64-linux-gnu/perl/5.28/CORE" body_0.c In file included from body_0.xs:2: /usr/lib/x86_64-linux-gnu/perl/5.28/CORE/perl.h:684:10: fatal error: sys/types.h: No such file or directory #include <sys/types.h> ^~~~~~~~~~~~~ compilation terminated. make: *** [Makefile:436: body_0.o] Error 1 command failed: exit 2

Solution:
sudo apt install libc6-dev
 
Last edited:
I could not get geoip2 working if you write the steps i will change on the guide

I did practically the same as the tutorial posted here, but with few changes.

For everything I do, I add it to my Wiki.

I'll post here a printout of the settings to use GeoIP1 or 2

Capturar.PNG
 
  • Like
Reactions: killmasta93
do you mean these steps?


Code:
cd /tmp
wget https://github.com/extremeshok/clamav-unofficial-sigs/archive/master.zip
unzip master.zip
cp clamav-unofficial-sigs-master/clamav-unofficial-sigs.sh /usr/local/sbin/
chmod 755 /usr/local/sbin/clamav-unofficial-sigs.sh
 
very odd trying to install on another pmg box getting this error not sure if anyone else has had this issue

Code:
root@mail:/etc/clamav-unofficial-sigs# /usr/local/sbin/clamav-unofficial-sigs.sh --install-cron
-----------------------------------------
WARNING: Too many os.*.conf configs found
-----------------------------------------
################################################################################
 eXtremeSHOK.com ClamAV Unofficial Signature Updater
 Version: v7.0.1 (2020-01-25)
 Required Configuration Version: v91
 Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
################################################################################
Loading config: /etc/clamav-unofficial-sigs/master.conf
Loading config: /etc/clamav-unofficial-sigs/user.conf
===============================
ERROR: Missing value for option
===============================
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!