Notes on Installing MIMEDefang from the FreeBSD Ports Collection

By Weldon Whipple <weldon@whipple.org>


Introduction

MIMEDefang is a milter ("mail filter") that can be used with sendmail to filter incoming e-mail during the SMTP conversation. It's installation and configuration are well documented at the MIMEDefang web site (http://www.mimedefang.org/), and includes a very helpful HOWTO. This document consists primarily of notes and observations from installing MIMEDefang on FreeBSD.

Configuration Notes

Install from the ports collection
Issue the commands (as root):

# cd /usr/ports/mail/mimedefang
# make
# make install
Edit /usr/local/etc/mimedefang/mimedefang-filter
Read documentation on the mimedefang-filter file by issuing the command:

% man mimedefang-filter
I edited the following lines and changed their original values:

$AdminAddress = 'mailadmin@whipple.org';
$DaemonAddress = 'mimedefang@whipple.org';
I also added the following additional new lines:

$Administrator = "$AdminName ($AdminAddress)";

#***********************************************************************
# Set general warning message here.  This message is printed before any
# specific warning messages in the warning message text attachment.
#***********************************************************************
$GeneralWarning =
    "NOTICE: The Whipple Website e-mail scanner has modified this e-mail\n" .
    "after detecting a potential security threat in its content. (The\n" .
    "actual modification is noted later in this notice.) If you have\n" .
    "questions or concerns about this action, please contact the\n" .
    "$Administrator.\n\n";
Since I use ClamAV as my virus scanner, I moved the following two lines to the top of the subroutine message_contains_virus:

    return message_contains_virus_clamd()    if ($Features{'Virus:CLAMD'});
    return message_contains_virus_clamav()   if ($Features{'Virus:CLAMAV'});
I also moved the following two lines to the top of the subroutine entity_contains_virus:

    return entity_contains_virus_clamd($e)    if ($Features{'Virus:CLAMD'});
    return entity_contains_virus_clamav($e)   if ($Features{'Virus:CLAMAV'});

Because I want SpamAssassin to tag my incoming mail when called by MIMEDefang (rather than procmail) I also added the following lines at the bottom of the subroutine filter_begin (as instructed in the file /usr/local/share/doc/mimedefang/README.SPAMASSASSIN):


    ## WLW 11/5/3: Added as instructed in /usr/local/share/doc/mimedefang/README.SPAMASSASSIN:
    if (spam_assassin_is_spam()) {
        action_add_header("X-Spam-Warning", "SpamAssassin says this is 	SPAM");
    }
(Note: MIMEDefang doesn't let SpamAssassin modify the incoming mail stream directly. Instead, it determines if SpamAssassin considers the mail spam; if it is spam, then MIMEDefang inserts its own header. You can modify what the header says by changing the values of the arguments to action_add_header.)
Install Clam AntiVirus (ClamAV) from a tarball
After downloading from http://clamav.elektrapro.com/, place it in a temporary directory and untar/unzip it with the command:

% cd <tempdir>
% tar xvzf clamav-0.60.tar.gz
(Note: The version numbers in the name of the tar ball may differ from the above.)

Then change to the newly created directory and configure, build and install ClamAV:


% cd clamav-0.60
% ./configure
% make
% make check
% su
# make install
Read /usr/local/share/doc/mimedefang/README.SPAMASSASSIN
Tells how to configure SpamAssassin to work under MIMEDefang.
Modify /usr/local/etc/procmailrc
Comment out calls to SpamAssassin and ClamAV. If you have rules that match headers formerly inserted by SpamAssassin, make sure that you now check for headers that begin "X-Spam-Warning" (or whatever you specified in the filter_begin subroutine).