SimscanWithQMR

From Qmail Info Wiki

I have simscan working A-OK with QMR and it is much quicker scanning mails than qmail-scanner due to not having the perl startup overhead.
Saying that simscan is not as mature as QMS and to the best of knowledge can only use clamav.

These instructions are roughly how i got Simscan to work with QMR. Please feel free to amend them
For the full list of options there is a wiki page here http://qmailwiki.org/index.php?title=Simscan.

download simscan 1.1
wget http://www.inter7.com/simscan/simscan-1.1.tar.gz

unpack it
tar xvzf simscan-1.1.tar.gz

move into its directory
cd simscan-1.1

and create a file called setup.sh which will hold the compile settings
vi setup.sh

Add the following content:

./configure \
--enable-user=clamav \
--enable-spam=y \
--enable-spam-passthru=y \
--enable-custom-smtp-reject=n \
--enable-clamdscan=/usr/bin/clamdscan   \
--enable-custom-smtp-reject=n           \
--enable-attach=y                       \
--enable-dropmsg=n                      \
--enable-qmaildir=/var/qmail            \
--enable-qmail-queue=/var/qmail/bin/qmail-queue         \
--enable-trophie-socket=/var/run/sophie                \
--enable-trophie-path=/usr/local/share/trophie/sophie  \
--enable-ripmime=/usr/local/bin/ripmime  \
--enable-clamavdb-path=/usr/share/clamav  \
--enable-sigtool-path=/usr/bin/sigtool  \
--enable-per-domain=y

This config allows for sophie/trophie when they are added and per domain settings.

make it runnable
chmod 755 setup.sh

then run it
./setup.sh

then make simscan with
make

install it
make install-strip

fix permissions on the /var/qmail/simscan/ directory
chmod g+s /var/qmail/simscan/

Set all mails to be scanned, machine wide by editing /var/qmail/supervise/qmail-smtpd/run
vi /var/qmail/supervise/qmail-smtpd/run

and add the line
QMAILQUEUE="/var/qmail/bin/simscan"; export QMAILQUEUE
near the top ie. my 1st 5 lines are:

#!/bin/sh
QMAILQUEUE="/var/qmail/bin/simscan"; export QMAILQUEUE
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`

alternatively you can have much greater control by stating which actions to be performed on emails coming from different IP addresses: for instance mine is set to scan ALL mails and is probably the simplest setup.

Edit the /var/qmail/control/simcontrol file and place your options in there:
vi /var/qmail/control/simcontrol

As i said above mine scans ALL mails form ALL IP addrresses with:
:clam=yes,trophie=no,spam=no

(enabling per domain options when installing simscan disables the spam passthrough variable, so you might want to add to those options something like spam_passthru=yes. If you want to reject spam over a certain number then use spam_hits=12 and DO NOT use the spam_passthru variable (this is a popular method that ensures bad spam is rejected while possible false-positives are still tagged and delivered). You can choose to reject certain attachments as well with attach=.vbs:.lnk:.scr:.wsh:.hta:.pif - see the docs (http://qmailwiki.inter7.com/Simscan/Guide) for more info.)

run /var/qmail/bin/simscanmk to convert the /var/qmail/control/simcontrol  into the /var/qmail/control/simcontrol.cdb file
/var/qmail/bin/simscanmk
/var/qmail/bin/simscanmk -g

restart qmail with
qmailctl restart

I will be sending this how to over to the QMR list after some editing but i hope it helps someone out.

Modifying spam subject fields

Also note that if you use the QMR install, spam subject modification is handled by the default qmail-scanner-queue. To add this back in after upgrading to simscan edit the file /etc/mail/spamassassin/local.cf and add the line:
rewrite_header Subject ***SPAM***
(or whatever you want the modified subject to be), then restart spamassassin:
/etc/rc.d/init.d/spamassassin restart

Also note that you might need to install ripmime as well simscan.


Notes on using ripmime:
You may want to monitor process load after installing simscan with ripmime enabled.
While simscan lowers cpu load quite well vs using qmail-scanner, ripmime does seem to choke on messages sometimes, and cpu load goes sky high, which may push your server into unresponsiveness.
If you find this happens, recompile simscan again with ripmime disabled:

./configure \
--disable-ripmime \
--enable-user=clamav \
--enable-spam=y \
--enable-spam-passthru=y \
--enable-custom-smtp-reject=n \
--enable-clamdscan=/usr/bin/clamdscan   \
--enable-custom-smtp-reject=n           \
--enable-dropmsg=n                      \
--enable-qmaildir=/var/qmail            \
--enable-qmail-queue=/var/qmail/bin/qmail-queue         \
--enable-clamavdb-path=/usr/share/clamav                      
--enable-sigtool-path=/usr/bin/sigtool                  \
--enable-per-domain=y \
--enable-received=y \

make
make install-strip

/var/qmail/bin/simscanmk
/var/qmail/bin/simscanmk -g
qmailctl restart

Retrieved from "http://www.qmailinfo.org/index.php/SimscanWithQMR"