Posted on Leave a comment

CentOS 7 Sentora 1.0.3 PHP5.6 Upgrade Script

Since Sentora is still stuck on an old version of PHP, this script will update the system to the newer v5.6, via the Remi repository, as most things are deprecating support for older PHP versions at this point. Suhosin will also be recompiled for the new PHP version.

#!/bin/bash

echo "Upgrading PHP to version 5.6. Please Wait..." 

wget http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
sudo rpm -Uvh remi-release-7*.rpm

yum update

yum --enablerepo=remi,remi-php56 update
yum --enablerepo=remi,remi-php56 upgrade

echo "Recompiling Suhosin for PHP 5.7..."

cd /tmp
wget -nv -O suhosin.zip https://github.com/stefanesser/suhosin/archive/suhosin-0.9.37.zip
unzip -q suhosin.zip
rm -f suhosin.zip
cd suhosin-suhosin-0.9.37
phpize &> /dev/null
./configure &> /dev/null
make &> /dev/null
make install
cd ..
rm -rf suhosin-suhosin-0.9.37

echo "Restarting Web Server Services..."

systemctl restart httpd

The Remi repo will give some package authentication warnings, these can be safely dismissed during the install. I’ve tested this on a fresh install of Sentora under CentOS 7, however this process isn’t without risk! Your PHP install could be damaged!

Posted on 4 Comments

Sentora 1.0.3 SpamAssassin Setup & Training Scripts

I’m making some changes to my hosting services, I’ve been testing Sentora, as it’s much more user friendly, if a little more limited in what it’s capable of doing, vs my go-to admin panel over the past 6+ years, Virtualmin.

I noticed that SpamAssassin isn’t set up on a Sentora server by default, so here’s a script that will get things working under a fresh Sentora install in CentOS 7:

#!/bin/bash

echo "Setting Up SpamAssassin. Please Wait..."

yum install spamassassin -y
groupadd spamd
useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
chown spamd:spamd /var/log/spamassassin

echo "Changing Postfix Master Config For SA..."
echo "master.cf Backed Up to /root"

cp /etc/postfix/master.cf /root/postfix_master.cf.bak
sed -i '11s/.*/smtp      inet  n       -       n       -       -       smtpd -o content_filter=spamassassin/' /etc/postfix/master.cf
echo "spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f \${sender} \${recipient}" >> /etc/postfix/master.cf

echo "Updating SpamAssassin Database & Enabling Services..."
sa-update --nogpg
systemctl enable spamassassin
systemctl restart spamassassin
systemctl restart postfix

After this script has run, some mail server settings will be changed, and the master.cf configuration file for Postfix will be backed up just in case it craps out.

Make sure the SpamAssassin daemon is running on port 783 with this command:

ss -tnlp | grep spamd

Testing is easy, send an email to an address hosted by Sentora with the following in the subject line:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

If SpamAssassin is working correctly, this will be tagged with a spam score of 999.

A useful script is below, this trains SpamAssassin on the mail in the current server mailboxes. I’ve been using a version of this for a long time, this one is slightly modified to operate with Sentora’s vmail system. All mail for all domains & users will be fed into SpamAssassin in this script. I set this to run nightly in cron.

#!/bin/bash

#specify one or more users, space padded [user=(user1 user2 user3)] or empty [user=()] to include all users. All users is considered uid ≥ 1000.
user=(vmail)

#After how many days should Spam be deleted?
cleanafter=30

#backup path, comment out to disable backups
bk=/home/backup/sa-learn_bayes_`date +%F`.backup

log=/var/log/train-mail.log
#log=/dev/stdout

echo -e "\n`date +%c`"  >> $log 2>&1

if [ -z ${user[@]} ]; then
echo user is empty, using all users from system
user=(`awk -F':' '$3 >= 1000 && $3 < 65534' /etc/passwd |awk -F':' '{print $1}'`)
fi

for u in ${user[@]}; do
if [ ! -d /var/sentora/vmail/*/* ]; then
echo "No such Maildir for $u" >> $log 2>&1
else
echo "Proceeding with ham and spam training on user \"$u\""
#add all messages in "junk" directory to spamassassin
echo spam >> $log 2>&1
#change this path to match your spam directory, in this case its "Junk"
#add current and new messages in Junk directory as spam
sa-learn --no-sync --spam /var/sentora/vmail/*/*/.Junk/{cur,new} >> $log 2>&1
echo ham >> $log 2>&1
#only add current mail to ham, not new. This gives user a chance to move it to spam dir.
sa-learn --no-sync --ham /var/sentora/vmail/*/*/{cur} >> $log 2>&1
fi
done

#sync the journal created above with the database
echo sync >> $log 2>&1
sa-learn --sync >> $log 2>&1
if [ $? -eq 0 ]; then
for u in ${user[@]}; do
echo "deleting spam for $u older than 30 days" >> $log 2>&1
find /var/sentora/vmail/*/*/.Junk/cur/ -type f -mtime +$cleanafter -exec rm {} \;
done
else
echo "sa-learn wasn't able to sync. Something is broken. Skipping spam cleanup"
fi

echo "Statistics:" >> $log 2>&1
sa-learn --dump magic >> $log 2>&1
echo ============================== >> $log 2>&1

if [ -n $bk ]; then
echo "backup writing to $bk" >> $log 2>&1
sa-learn --backup > $bk
fi