Baruwa on RHEL/SL/Centos
The Baruwa rpm that is provided only supports Apache out of the box, if you are running a different web server, please install from source or rebuild the source rpm to support your web server.
The EPEL repo provides packages which are in Fedora but no yet included in RHEL/SL/CENTOS. Instructions on installing it can be found on EPEL
You need to install this repo in order to access certain packages that are required by Baruwa.
A Baruwa RHEL/SL/Centos repo is now available at http://repo.baruwa.org/ To install from this repo you need to enable the repo
# rpm -Uvh http://repo.baruwa.org/el5/i386/baruwa-release-5-0.noarch.rpm
# rpm -Uvh http://repo.baruwa.org/el6/i386/baruwa-release-6-0.noarch.rpm
Install the dependencies:
# yum install mysql-server mod_wsgi rabbitmq-server
If you are installing on RHEL/CENTOS 6 you need to run yum install django-picklefield
Install Baruwa, all the required dependencies not in the other repo’s will be resolved by packages shipped by the Baruwa repo:
# yum install baruwa
Create a user and virtual host for baruwa:
# rabbitmqctl add_user baruwa your_password # rabbitmqctl add_vhost baruwa # rabbitmqctl set_permissions -p baruwa baruwa ".*" ".*" ".*"
Delete the guest user:
# rabbitmqctl delete_user guest
See the RabbitMQ Admin Guide for more information.
Please ensure that you control access to your RabbitMQ install as to prevent an unauthorized clients from accessing your broker.
Create the database:
# mysqladmin -u root -p create baruwa
Create a Mysql user for baruwa
Run the command from the mysql prompt:
mysql> GRANT ALL ON baruwa.* TO baruwa@localhost IDENTIFIED BY '<password>'; mysql> flush privileges;
You may want to secure your system by creating several users will limited rights as opposed to the above where the user has full access to the DB.
Configure the Baruwa settings
Edit the Baruwa settings.py file:
# vi /etc/baruwa/settings.py
Set the following options under the default DATABASE option:
NAME = 'baruwa' USER = 'baruwa' PASSWORD = '<password>' HOST = 'localhost'
Populate the database:
# baruwa-admin syncdb --noinput # for name in $(echo "accounts messages lists reports status fixups config"); do baruwa-admin migrate $name; done
Create the admin user account:
# baruwa-admin createsuperuser
Set the rabbitMQ settings:
CELERY_CONCURRENCY = 20 BROKER_HOST = "localhost" BROKER_PORT = 5672 BROKER_USER = "baruwa" BROKER_PASSWORD = "your_password" BROKER_VHOST = "baruwa"
Edit the settings.py file and make configuration changes to suit your site.:
# vi /etc/baruwa/settings.py
Make sure you change the SECRET_KEY, DO NOT USE THE DEFAULT, If you have a cluster the key should be the same on all the machines in the cluster.
Configure celeryd to run as a daemon
You need to run celeryd as a daemon in order to process tasks such as Bayesian learning and message releases from the quarantine etc etc.
An init script /etc/init.d/baruwa and configuration file /etc/sysconfig/baruwa are installed by the Baruwa rpm all you need to do is enable celeryd to be started at system boot by running:
# chkconfig --level 35 baruwa on # service baruwa start
Configure Email Signature management
Baruwa now supports the management of email signatures / disclaimers from within the web interface. Signatures are configured on a domain and user level.
Both HTML and text signatures are supported, HTML signatures support embedding of one graphical image, which can be uploaded via the HTML editor interface.
The backend that handles the signatures needs to be initialized before you can begin to manage the signatures via the interface.
To initialize the backend run:
# baruwa-admin initconfig
This will ask you for the hostname of the system you are setting up, and then initialize the system for you. The command does attempt to guess your hostname, so if its correct just press enter.
You need to initialize each of your machines if you are running a clustered setup.
Setup Web server
Edit your apache configurations to enable virtual hosting if not enabled already. Then set the correct hostname in /etc/httpd/conf.d/baruwa.conf:
# change to your hostname ServerName baruwa-alpha.local
Make sure mod_wsgi is enabled, uncomment the following line in /etc/httpd/conf.d/wsgi.conf:
LoadModule wsgi_module modules/mod_wsgi.so
It is assumed that you have a working MailScanner system already configured, if you are installing from scratch please refer to their documentation on how to configure MailScanner. The Baruwa repo includes mailscanner and it will be installed automatically when you install baruwa.
Starting with Baruwa version 1.1.0 you no longer have to edit and set the DB authentication details in each and every Custom module, you just set them up once in the MailScanner configuration file, A Baruwa MailScanner configuration file is installed as /etc/MailScanner/conf.d/baruwa.conf
Edit the provided Baruwa MailScanner config file /etc/MailScanner/conf.d/baruwa.conf, you need to make sure the following options are correct:
Quarantine User = exim #(Or what ever your `Run As User` is set to) DB DSN = DBI:mysql:database=baruwa;host=spam01;port=3306 #set to valid DSN DB Username = baruwa # your DB username DB Password = password # your DB password
To actually quarantine and later process messages with in Baruwa, set store as one of your keywords for the Spam Actions and High Scoring Spam Actions MailScanner options.
The provided MailScanner configuration provides for SQL logging, Whitelists and Blacklists and Per user settings.
Apply configuration changes
Test your configuration for any errors:
# MailScanner --lint
# /etc/init.d/mailscanner restart
Verify that is working
Check your log files you should see
Baruwa SQL logger:
Aug 9 18:58:27 localhost MailScanner: Logging message 1OiVg7-0003zS-9s to Baruwa SQL Aug 9 18:58:27 localhost MailScanner: 1OiVg7-0003zS-9s: Logged to Baruwa SQL
Aug 9 18:32:42 localhost MailScanner: Starting Baruwa whitelists Aug 9 18:32:42 localhost MailScanner: Read 6 whitelist items Aug 9 18:32:42 localhost MailScanner: Ip blocks whitelisted 192.168.1.0/24 192.168.2.0/24 xxx.xx.xxx.0/26
Baruwa User settings:
Aug 9 15:00:03 localhost MailScanner: Baruwa - Populating spam score settings Aug 9 15:00:03 localhost MailScanner: Read 1 spam score settings Aug 9 14:59:53 localhost MailScanner: Baruwa - Populating high spam score settings Aug 9 14:59:53 localhost MailScanner: Read 1 high spam score settings
Point your browser to http://hostname_used login with admin user and password and start working. You can now use the interface to add users, domains and process messages, etc etc.