Table Of Contents

Previous topic

Requirements

Next topic

Baruwa on Centos/RHEL

This Page

On the web

Donate

Your generous donations help fund future development.

This document is for Baruwa's development version, may be significantly different from released versions and is a work in progress. View the current released docs here: 1.0.2.

Source Installation

Note

Packages are available for Debian/Ubuntu, Centos/RHEL and Fedora if you are using one of those OS’s rather install using the packages.

If you do not want to install to your global python directories or are just testing it is advised that you use a virtualenv python install.

Virtualenv allows you to run multiple python installs and is easily managed as you do not need to be a privileged user to install packages.

For more info on virtualenv please refer to its documentation.

Install Baruwa

You can install Baruwa either via the Python Package Index (PyPI) or from source.

Install via the Python Package Index (PyPI)

To install using pip:

# pip install baruwa

To install using easy_install:

# easy_install baruwa

Downloading and installing from source

Download the latest version of Baruwa from PyPI

You can install it by doing the following,:

# tar xvfz baruwa-<version>.tar.gz
# cd baruwa-<version>
# python setup.py install

Using the development version

You can clone the repository by doing the following:

# git clone git://github.com/akissa/baruwa.git
# cd baruwa
# python setup.py install

Install the Python GeoIP module

You need to install this manually as it does not build cleanly when installed automatically during Baruwa’s installation:

# wget http://geolite.maxmind.com/download/geoip/api/python/GeoIP-Python-1.2.4.tar.gz
# tar xzvf GeoIP-Python-1.2.4.tar.gz
# cd GeoIP-Python-1.2.4
# python setup.py install

Configure RabbitMQ

Create a user and virtual host for baruwa:

# rabbitmqctl add_user baruwa your_password
# rabbitmqctl add_vhost baruwa
# rabbitmqctl set_permissions -p baruwa baruwa ".*" ".*" ".*"

Delete the guest user:

# rabbitmqctl delete_user guest

See the RabbitMQ Admin Guide for more information.

Note

Please ensure that you control access to your RabbitMQ install as to prevent an unauthorized clients from accessing your broker.

Configure Baruwa

Create the database:

# mysqladmin -u root -p create baruwa

Create a Mysql user for baruwa

Run the command from the mysql prompt:

mysql> GRANT ALL ON baruwa.* TO baruwa@localhost IDENTIFIED BY '<password>';
mysql> flush privileges;

Note

You may want to secure your system by creating several users will limited rights as opposed to the above where the user has full access to the DB.

Configure the Baruwa settings

Edit the Baruwa settings.py file:

# baruwa_path=$(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")
# vi $baruwa_path/baruwa/settings.py

Set the following options:

DATABASE_NAME = 'baruwa'
DATABASE_USER = 'baruwa'
DATABASE_PASSWORD = '<password>'
DATABASE_HOST = 'localhost'

Populate the database and create admin user:

# baruwa-admin syncdb

The syncdb command populates your SQL database and allows you to create the admin user.

Set the rabbitMQ settings:

CELERY_CONCURRENCY = 20
BROKER_HOST = "localhost"
BROKER_PORT = 5672
BROKER_USER = "baruwa"
BROKER_PASSWORD = "your_password"
BROKER_VHOST = "baruwa"

Edit the settings.py file and make configuration changes to suit your site.:

# vi $baruwa_path/baruwa/settings.py

Warning

Make sure you change the SECRET_KEY, DO NOT USE THE DEFAULT, If you have a cluster the key should be the same on all the machines in the cluster.

Link to the dojo toolkit:

# ln -s /path/to/dojo $baruwa_path/baruwa/static/js
# ln -s /path/to/dojox $baruwa_path/baruwa/static/js
# ln -s /path/to/dijit $baruwa_path/baruwa/static/js

Configure celeryd to run as a daemon

You need to run celeryd as a daemon in order to process tasks such as Bayesian learning and message releases from the quarantine etc etc.

Download the appropriate init script for your OS from the celery repository, then read the celery documentation on how to run celeryd as a daemon on your specific OS. Make sure you configure your system using the Django configuration examples.

If you have any difficulties please refer to the Baruwa mailing list for assistance.

Configure the Web server

Apache/mod_wsgi

Make sure you have mod_wsgi installed and enabled.

Use the sample configuration provided (extras/baruwa-mod_wsgi.conf) as a template. Copy to your apache configuration directory usually /etc/httpd/conf.d on Redhat and clones or /etc/apache2/conf.d/ on debian and clones. For others refer to your system docs for the location.

Make sure that your apache is configured for name based virtual hosting such that you can run other sites on the same box if you wish to.

Edit baruwa-mod_wsgi.conf and set ServerName to the hostname you will use to access baruwa

Note

If you installed using virtualenv, you need to customize and use virtual.wsgi instead of baruwa.wsgi in your mod_wsgi configuration.

Restart apache for the configuration to take effect.:

# /etc/init.d/httpd reload

Lighttpd

Use the generic Lighttpd django instructions.

Nginx

Use the nginx instructions from the nginx wiki

Cherokee

Use the cherokee cookbook instructions.

Configure MailScanner

It is assumed that you have a working MailScanner system already installed and configured, if you are installing from scratch please refer to their documentation on how to install and configure MailScanner.

Install the Baruwa MailScanner Custom modules

Copy them to the MailScanner custom functions directory:

# confdir=$(/usr/sbin/Quick.Peek 'Custom Functions Dir' /etc/MailScanner/MailScanner.conf)
# cp extras/{BaruwaSQL.pm, BaruwaLists.pm, BaruwaUserSettings.pm} $confdir/

Note

Starting with Baruwa version 1.1.0 you no longer have to edit and set the DB authentication details in each and every Custom module, you just set them up once in the MailScanner configuration file, A sample configuration file is provided you simply customize that and drop it into the configuration directory and it will override the settings in your MailScanner.conf file.

Edit the provided MailScanner config file extras/baruwa-mailscanner.conf, you need to make sure the following options are correct:

Quarantine User = exim #(Or what ever your "Run As User" is set to)
DB DSN = DBI:mysql:database=baruwa;host=spam01;port=3306 #set to valid DSN
DB Username = baruwa # your DB username
DB Password = password # your DB password

To actually quarantine and later process messages with in Baruwa, set ‘store’ as one of your keywords for the “Spam Actions” and “High Scoring Spam Actions” MailScanner options.

The provided MailScanner configuration provides for SQL logging, Whitelists and Blacklists and Per user settings. Copy the file into the MailScanner configuration directory:

# cp extras/baruwa-mailscanner.conf /etc/MailScanner/conf.d/baruwa.conf

In some cases your MailScanner configuration directory is under /opt:

# cp extras/baruwa-mailscanner.conf /opt/etc/MailScanner/conf.d/baruwa.conf

Apply configuration changes

Test your configuration for any errors:

# MailScanner --lint

Restart MailScanner:

# /etc/init.d/MailScanner restart

Testing

Verify that is working

Check your log files you should see

Baruwa SQL logger:

Aug  9 18:58:27 localhost MailScanner[8470]: Logging message 1OiVg7-0003zS-9s to Baruwa SQL
Aug  9 18:58:27 localhost MailScanner[11052]: 1OiVg7-0003zS-9s: Logged to Baruwa SQL

Baruwa Lists:

Aug 9 18:32:42 localhost MailScanner[27260]: Starting Baruwa whitelists
Aug 9 18:32:42 localhost MailScanner[27260]: Read 6 whitelist items
Aug 9 18:32:42 localhost MailScanner[27260]: Ip blocks whitelisted 192.168.1.0/24 192.168.2.0/24 xxx.xx.xxx.0/26

Baruwa User settings:

Aug 9 15:00:03 localhost MailScanner[25708]: Baruwa - Populating spam score settings
Aug 9 15:00:03 localhost MailScanner[25708]: Read 1 spam score settings
Aug 9 14:59:53 localhost MailScanner[25668]: Baruwa - Populating high spam score settings
Aug 9 14:59:53 localhost MailScanner[25668]: Read 1 high spam score settings

Point your browser to http://hostname_used login with admin user and password and start working. You can now use the interface to add users, domains and process messages, etc etc.