1

NSE FINAL REPORT

PART II: ANTI-SPAM INSTALLATION GUIDE

Fall 2014

Group name: Lucky Team

Members Roles

1. Đỗ Thị Trâm Anh - Create background knowledge report

2. Lưu Thị Ngọc Diệp - Create background knowledge report

3. Nguyễn Việt Hưng - Create background knowledge report

4. Nguyễn Đức Minh - Create background knowledge report

5. Tạ Quang Tú - Create background knowledge report

6. Hoàng Mạnh Tiến - Create background knowledge report

7. Nguyễn Văn Mạnh - Create installation guide

2

TABLE OF CONTENTS

I. PROJECT SOLUTION ......................................................................................................................................... 3

A. Zimbra Collaboration Suite (ZCS) ................................................................................................................... 4

1. What is ZCS?.......................................................................................................................................... 4

2. ZCS benefits .......................................................................................................................................... 4

B. SpamAssassin ................................................................................................................................................ 4

C. Network Model ............................................................................................................................................. 3

II. PRODUCT IMPLEMENTATION .......................................................................................................................... 5

A. Scenario ........................................................................................................................................................ 5

B. Prerequisites ................................................................................................................................................. 6

C. Bind Name Server Installation And Configuration ....................................................................................... 10

1. Bind Name Server Installation ............................................................................................................. 10

2. Bind Name Server Configuration ........................................................................................................ 10

3. Bind Name Server Starting .................................................................................................................. 19

4. Bind Name Server Testing ................................................................................................................... 20

D. Zimbra Mail Server Installation And Configuration .................................................................................. 23

1. Zimbra Mail Server Installation ........................................................................................................... 23

2. Zimbra Mail Server Configuration ....................................................................................................... 29

3. Zimbra Mail Server Testing ................................................................................................................. 33

E. SpamAssassin Integration With Zimbra ....................................................................................................... 36

1. SpamAssassin Configuration ............................................................................................................... 36

2. SpamAssassin Testing ......................................................................................................................... 39

III. EVALUATION ........................................................................................................................................... 44

REFERENCES .......................................................................................................................................................... 45

3

I. PROJECT SOLUTION

In this project I use VMware workstation to model a network with 3 computers, one computer is responsible for

DNS and mail server; and the 2 others are clients (For details, please see the below diagram).

To configure our system, I used the following software:

DNS server: Bind DNS.

Email server: Zimbra Collaboration Suite open source edition.

Anti-spam: SpamAssassin.

Mail client: Zimbra

I would like to express my gratitude to Dr. Tran Quang Anh and Mr. Minh-Tuan Vu for their Vietnamese rules that

I used in SpamAssassin, which have been invaluable to finish our project.

A. Network Model

Figure 1 Email Systems

4

A. Zimbra Collaboration Suite (ZCS)

1. What is ZCS?

Zimbra Collaboration Suite is a truly modern, innovative messaging and collaboration application.

It is the leading open source solution for enterprise, service provider, education, and government environments;

offering administrators and their end-users unmatched benefits in message, calendar, document management

and sharing.

The system is also available to integrate internal chat to shorten time in exchange between members. High

performance allows to send, receive and load data so quickly to save time for users. Also, you do not need to

worry about system management because all operations are very simple and convenient.

The most considerable is saving the maximum costs and still ensure the principles of respect for copyright.

2. ZCS benefits

KEY ADMINISTRATIVE BENEFITS KEY END-USER BENEFITS

Better reliability

Cost effective Native

Easy to maintain

All in one

Security

Open solution

Elegant experience

Flexibility

Freedom of choice

Freedom of Client Choice

Comprehensive Calendaring

Modern collaboration styles/formats

B. SpamAssassin

SpamAssassin is one of the best solutions for anti-spam among many anti-spam software. According to Schwartz

(Alan Schwartz, 2004, SpamAssassin) SpamAssassin system is software for analyzing emails messages,

determining and reporting how likely them are to be spam or legitimate email (called ham). It is rule-based system

that compares different parts of email messages with a large set of rules. Each rule adds or removes points from

a message’s spam score. A message with a high enough score is reported to be spam.

5

II. PRODUCT IMPLEMENTATION

A. Scenario

For this project, I use 3 machines, 1 for DNS (BIND) and mail server (ZCS) setup and the 2 others for clients.

Computer 01: DNS and Zimbra Mail server

Computer 02: Client

Computer 03: Client

OS: Centos release 6.6 (Final)

IP address: 192.168.223.128

Hostname: mail.2C12.com

OS: Centos release 6.6 (Final)

IP address: 192.168.233.129

Hostname: client01

OS: Windows 8.1 Professional

IP address: 192.168.223.1

Hostname: LuckyLuke

6

B. Prerequisites

For easy to configure I turn off Firewall, SElinux and postfix service.

- Turn off Postfix service.

- Turn off firewall.

• Enter menu.

Navigate to Firewall Configuration.

service postfix stop

chkconfig postfix off

7

Disable firewall.

8

Exit set up wizard.

- Disable SElinux.

gedit /etc/selinux/conf

9

- Restart the system.

10

C. Bind Name Server Installation And Configuration

1. Bind Name Server Installation.

- Install bind packages.

2. Bind Name Server Configuration

- Add host entry

yum install bind -y

gedit /etc/hosts

11

- Add name server

- Edit named.conf located in /etc/named.conf

gedit /etc/resolv.conf

gedit /etc/named.conf

12

In name.conf file create forward and reverse zone

13

Full named.conf file

options {

listen-on port 53 { 127.0.0.1; 192.168.233.128; };

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { localhost; 192.168.233.0/24; };

recursion yes;

dnssec-enable yes;

dnssec-validation yes;

dnssec-lookaside auto;

/* Path to ISC DLV key */

bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

};

zone "." IN {

type hint;

file "named.ca";

};

14

// Forward zone

zone "2C12.com" IN {

type master;

file "fw.2C12.com";

allow-update {none; };

};

// Reverse zone

zone "233.168.192.in-addr.arpa" IN {

type master;

file "rev.2C12.com";

allow-update {none; };

};

include "/etc/named.rfc1912.zones";

include "/etc/named.root.key";

15

- Create forward and revere zone file

Go directory /var/named/ and Listing file located inside it

cd /var/named

ls –l

16

I use sample configuration files for creating forward and reverse look-up files, for this I’ve to copy the sample

configuration files. Then, verify whether they are created successfully.

cp named.localhost fw.2C12.com

cp named.localhost rev.2C12.com

ls -l

17

Create forward look-up zone file

$ORIGIN 2C12.com.

$TTL 1D

@ IN SOA dns.2C12.com. root.2C12.com. (

20142611 ; serial

1D ; refresh

1H ; retry

1W ; expire

3H) ; minimum

; Name Server

IN A 192.168.233.128

IN NS dns

IN MX 10 mail.2C12.com.

; Host in the domain

dns IN A 192.168.233.128 mail IN A 192.168.233.128

gedit fw.2c12.com

18

Create reverse look-up zone file

- Change group ownership of forward look-up & reverse look-up files

gedit rev.2c12.com

ls -l /var/named/

19

Here we can see both the files are in root users ownership, because files which we makes a copy from sample

files are available under /var/named/. Change the group to named on both files using following commands.

After changing correct ownership on the files, verify them again.

3. Bind Name Server Starting

- Start the named service

chgrp named /var/named/ fw.2C12.com

chgrp named /var/named/ rev.2C12.com

service named start

20

- Make it persistent.

4. Bind Name Server Testing

- Testing

chkconfig named on

chkconfig --list named

dig 2c12.com

21

ping mail.2c12.com

nslookup

22

- From Windows 8.1 computer, to verify DNS server

Add the host entry

Set up Bind name server successfully, now install mail server.

23

D. Zimbra Mail Server Installation And Configuration

1. Zimbra Mail Server Installation

- Install require packages

- Go to Zimbra homepage, download suitable package for you system and copy it to the working

directory, here I used folder /var/opt

Link: http://www.zimbra.com/downloads/zimbra-collaboration-open-source

yum install nc

24

- Install Zimbra

Go to directory Zimbra packages located

Decompress Zimbra package

cd /var/opt

ls

tar –zxvf [file name]

25

Change folder’s name to shorter

Go into that folder to install Zimbra

cd ./zcs

ls

./install.sh --platform-override

26

Confirm software license

System checking for require packages

If set up wizard notify there are any missing required package, install it by the following command

yum install [package names] -y

27

Select package to install. (You can customize on your own way)

Confirm to install

28

Installation progress

Changing domain name and waiting for completion

29

2. Zimbra Mail Server Configuration

- If Zimbra Mail Server is installed successfully, the terminal should be looked like this

- Configure admin password

Press 7 to enter Zimbra-store

30

Press ‘4’ and start to set password

31

Press ‘r’ and go to previous menu

Saving the configuration.

32

Waiting for completion, terminal should be looked like this.

- Verifying Zimbra services running

33

3. Zimbra Mail Server Testing

- Adding users via CLI console, here I add 3 accounts; they are spam-manhnv, ham-manhnv and manhnv;

all accounts have password ‘123456’

su - zimbra

zmprov ca spam-manhnv@2C12.com 123456

zmprov ca ham-manhnv@2C12.com 123456

zmprov ca manhnv@2C12.com 123456

34

- Access web clients through IP address or domain name:

Admin page: https://192.168.233.128:7071 or https://mail.2c12.com:7071/zimbraAdmin/

Note: remember to use https protocol to prevent port confliction.

User login: https://192.168.233.128 or https://mail.2C12.com

35

- Sending mail

Figure 2 Sending email

Figure 3 Receiving email

36

E. SpamAssassin Integration With Zimbra

1. SpamAssassin Configuration

- Change working directory to /opt/zimbra/data/spamassassin/localrules and create rule file for

Vietnamese language.

Note: to see location for doing customizations of SpamAssassin visit this link.

- Copy all contests from this file to the vietnamese_rules.cf

cd /opt/zimbra/data/spamassassin/localrules gedit vietnamese_rules.cf

37

- Change the group ownership.

Here we can see the file are in root user’s ownership, Change the group to Zimbra on it by using following

commands, after that verify the change.

ls –l

chgrp zimbra vietnamese_rules.cf

ls -l

38

- Restart the service

39

2. SpamAssassin Testing

- Vietnamese spam email (all spam keywords in Subject)

Figure 4 Sending spam email

40

Figure 5 Spam email moved into Junk box automatically

Figure 6 Spam score calculate by SpamAssassin

41

- Vietnamese spam email (all spam keywords in body).

Figure 7 Sending spam email

42

Figure 8 Spam email moved into Junk box automatically

Figure 9 Spam Score calculated by SpamAssassin

43

- Adding blacklist and whitelist

Emails are in blacklist cannot send email to other address in the system.

44

III. EVALUATION

After finishing this project, a lot of results has achieved.

• Understand how Bind Name Server works and configure it successfully.

• Install, configure and customize Zimbra mail server successfully. All the basic functions of an email

server working correctly such as: send and receive email, attach files, spelling check, anti-spam

framework archived...

• Understand how SpamAssassin works and configure it successfully.

• Spam filtering for Vietnamese and English is able to operate.

Beside, due to the limited time I cannot implement the following options, they are also solutions to improve

Zimbra Anti-spam System using SpamAssassin:

Install SPF

Install RAZOR2

Install PYZOR

In conclusion, in the future I’m going to improve our anti-spam system by implementing the above solution.

45

REFERENCES

1. Alan Schwartz, July 2004, SpamAssassin, First Edition, O’Reilly Media, Inc.

2. “Managing User Accounts”, Zimbra administration guide, viewed November 19 2014,

http://www.zimbra.com/docs/ne/4.0.5/administration_guide/Managing_Accounts.9.1.html

3. Basic Linux Commands, viewed November 19 2014, http://www.debianhelp.co.uk/commands.htm

4. Vietnamese Spam Filter Rules - Vietnamese_rules.cf, viewed November 19 2014,

http://fit.hanu.edu.vn/vietnamese-rules/

5. “Improve Anti-spamm system”, Zimbra 8.5 documentation, viewed November 19 2014,

wiki.zimbra.com/wiki/Improving_Anti-spam_system

6. “SpamAssassin Customizations”, Zimbra 8.5 documentation, viewed November 19 2014,

http://wiki.zimbra.com/wiki/SpamAssassin_Customizations

7. Setup Master-Slave DNS Server Using “Bind” Tools in RHEL/CentOS 6.5, viewed November 19 2014,

http://www.tecmint.com/setup-master-slave-dns-server-in-centos/

8. “16.2. /etc/named.conf”, Red Hat Enterprise Linux Deployment Guide, viewed November 19 2014,

https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-bind-zone.html

9. “16.3. Zone Files”, Red Hat Enterprise Linux Deployment Guide, viewed November 19 2014,

“”https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-bind-zone.html

10. Cài đặt và cấu hình Zimbra trên CentOS 6, viewed November 19 2014, ,

http://vn.tips4admin.com/post/2011/10/07/Cai-%C4%91at-va-cau-hinh-Zimbra-tren-CentOS-6.aspx