| Line 152: | Line 152: | ||
'''Reference:''' for more info on setting up mod_auth_mysql see: http://modauthmysql.sourceforge.net/CONFIGURE | '''Reference:''' for more info on setting up mod_auth_mysql see: http://modauthmysql.sourceforge.net/CONFIGURE | ||
| − | 4. Restart Apache | + | 4. Restart Apache (in RH/Fedora) |
service httpd restart | service httpd restart | ||
or in Debian/Ubuntu | or in Debian/Ubuntu | ||
Revision as of 16:13, 6 October 2007
Overview
DSpam has several ways for its users to perform training tasks, the WebUI is one of them. The WebUI has several components, Performance, Preferences, Quarantine, History, Etc... This article will explain how to install the DSpam WebUI (which for many is the hardest part if the DSpam installation)
Prerequisites
1. DSpam is installed and working properly.
If you followed the installation steps in DSpam General then you should be in good shape
2. Apache web server is installed and working properly.
3. Suexec has been installed.
4. A dspam user and group have been created.
Note: suexec doesn't like to work with user accounts with UID's below 500 (verify this because it can be different for each disro)
Installation
Installing the WebUI isn't anything more than copying a few files and directories.
1. Obtain dspam source.
wget http://dspam.nuclearelephant.com/sources/dspam-3.X.X.tar.gz
tar -xvzf dspam-3.X.X.tar.gz cd dspam-3.X.X
2. Create a directory for the WebUI (/var/www/ is a good place for RedHat distros) create this directory near the apache 'documentroot' directory which can be found by searching httpd.conf
mkdir -p /var/www/dspam
3. Copy the contents of webui/cgi-bin/ to the new dspam WebUI directory
cp -R webui/cgi-bin/* /var/www/dspam cp -R webui/htdocs/* /var/www/dspam
4. Set permissions and ownership of the new dspam/ directory
chmod 755 /var/www/dspam chown -R dspam.dspam /var/www/dspam
5. Edit the WebUI configuration file
vim /var/www/dspam/configure.pl
Most of the settings in configure.pl are fine as they are. Only a few changes need to be made. (This greatly depends on how complex you make your install, using the default paths make life a little easier)
Change this line:
$CONFIG{'LOCAL_DOMAIN'} = "domain.tld";
To
$CONFIG{'LOCAL_DOMAIN'} = "YourDomainName.com";
6. Define the DSpam Admins
vim /var/www/dspam/admins
Add the email account username of anyone whom you would like to grant Admin access in the WebUI
Example: (Assumes email account usernames = full email address)
root [email protected] [email protected]
Apache Configuration
This is one of many ways to tackle the WebUI with Apache. There may be better ways of doing this, but this is the one I am most familiar with and as such will be the only method I describe. The steps that follow are generally focused around RedHat Distros, Ubuntu uses a very different method of managing Apache configurations, but ultimately the configuration files should be very similar.
This method uses 'Virtual Hosts' to implement the DSpam WebUI.
1. Verify that the 'SUEXEC' plug-in is installed and configured within apache.
grep -i 'suexec' /etc/httpd/conf/httpd.conf
If 'SUEXEC' is installed and configured then you will see a line similar to this:
LoadModule suexec_module modules/mod_suexec.so
If 'SUEXEC' is not installed then you will need to seek out an installation package for SUEXEC or Compile it yourself. (Sorry installing Apache modules is beyond the scope of this article)
2. Verify that your preferred Authentication module is installed.
In this case mod_auth_mysql will be used. Other Auth Modules also exist such as mod_authz_ldap, mod_auth_basic, and mod_auth_imap
ls /etc/httpd/modules/mod_auth_mysql.*
If mod_auth_mysql is available then you will get something like this:
/etc/httpd/modules/mod_auth_mysql.so
If this file doesn't exist then you need to figure out how to install mod_auth_mysql. (Again beyond the scope of this article)
3. Create a vhost file for the DSpam WebUI
vi /etc/httpd/conf.d/dspam.conf
It should contain something like this:
### Virtual Host dspam.YourDomain.com ###
<VirtualHost *:80>
ServerName dspam.YourDomain.com
RewriteEngine on
RewriteCond %{HTTP_HOST} ^dspam\.YourDomain\.com
RewriteRule ^/$ https://dspam.YourDomain.com [R,L]
</VirtualHost>
### SSL Virtual Host dspam.YourDomain.com ###
<VirtualHost *:443>
DocumentRoot /var/www/dspam/
ServerName dspam.YourDomain.com
Options ExecCGI Includes FollowSymlinks
DirectoryIndex dspam.cgi
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/certs/server.key
SuexecUserGroup dspam dspam
<Directory "/var/www/dspam/">
SSLRequireSSL
AllowOverride none
Options +ExecCGI -Indexes
AddHandler cgi-script cgi pl
DirectoryIndex dspam.cgi
Order deny,allow
AuthName "DSpam Web Access"
AuthType Basic
AuthMySQLEnable On
AuthMySQLSocket /var/lib/mysql/mysql.sock
AuthMySQLHost localhost
AuthMySQLDB postfix
AuthMySQLUser postfix
AuthMySQLPassword SomePassword
AuthMySQLUserTable mailbox
AuthMySQLNameField username
AuthMySQLPasswordField password
AuthMySQLPwEncryption crypt
Require valid-user
</Directory>
</VirtualHost>
The above AuthMySQL settings look to a different MySQL Database. They look at the 'postfix' database and use the necessary credentials to connect to it. The reason it looks to the 'postfix' database is because the Authentication needs a username and password, the postfix database already contains a table that stores the username and password for the users email account, so there is no need to keep duplicate data in the dspam database.
Also keep in mind that the above vhost file requires SSL. For info on creating your own Self Signed SSL Certificates see: Category:OpenSSL
Reference: for more info on setting up mod_auth_mysql see: http://modauthmysql.sourceforge.net/CONFIGURE
4. Restart Apache (in RH/Fedora)
service httpd restart
or in Debian/Ubuntu
invoke-rc.d apache2 restart