Table Of Contents

Previous topic

Source Installation

Next topic

Baruwa on Fedora

This Page

On the web

Donate

Your generous donations help fund future development.

This document is for Baruwa's development version, may be significantly different from released versions and is a work in progress. View the current released docs here: 1.0.2.

Baruwa on Centos/RHEL

The Baruwa rpm that is provided only supports Apache out of the box, if you are running a different web server, please install from source or rebuild the source rpm to support your web server.

Install EPEL

The EPEL repo provides packages which are in Fedora but no yet included in RHEL/CENTOS. Instructions on installing it can be found on EPEL

You need to install this repo in order to access certain packages that are required by Baruwa.

Baruwa installation

A Baruwa Centos/RHEL repo is now available at http://repo.baruwa.org/ To install from this repo you need to enable the repo:

# rpm -Uvh http://repo.baruwa.org/el5/i386/baruwa-release-5-0.noarch.rpm

Install the dependencies:

# yum install mysql-server python-IPy python-GeoIP Django mod_wsgi python-uuid python-lxml rabbitmq-server

Install Baruwa, all the required dependencies not in the other repo’s will be resolved by packages shipped by the Baruwa repo:

# yum install baruwa

Configure RabbitMQ

Create a user and virtual host for baruwa:

# rabbitmqctl add_user baruwa your_password
# rabbitmqctl add_vhost baruwa
# rabbitmqctl set_permissions -p baruwa baruwa ".*" ".*" ".*"

Delete the guest user:

# rabbitmqctl delete_user guest

See the RabbitMQ Admin Guide for more information.

Note

Please ensure that you control access to your RabbitMQ install as to prevent an unauthorized clients from accessing your broker.

Configure MailScanner

It is assumed that you have a working MailScanner system already configured, if you are installing from scratch please refer to their documentation on how to configure MailScanner.

Note

Starting with Baruwa version 1.1.0 you no longer have to edit and set the DB authentication details in each and every Custom module, you just set them up once in the MailScanner configuration file, A Baruwa MailScanner configuration file is installed as /etc/MailScanner/conf.d/baruwa.conf

Edit the provided Baruwa MailScanner config file /etc/MailScanner/conf.d/baruwa.conf, you need to make sure the following options are correct:

Quarantine User = exim #(Or what ever your "Run As User" is set to)
DB DSN = DBI:mysql:database=baruwa;host=spam01;port=3306 #set to valid DSN
DB Username = baruwa # your DB username
DB Password = password # your DB password

To actually quarantine and later process messages with in Baruwa, set ‘store’ as one of your keywords for the “Spam Actions” and “High Scoring Spam Actions” MailScanner options.

The provided MailScanner configuration provides for SQL logging, Whitelists and Blacklists and Per user settings.

Apply configuration changes

Test your configuration for any errors:

# MailScanner --lint

Restart MailScanner:

# /etc/init.d/MailScanner restart

Configure Baruwa

Create the database:

# mysqladmin -u root -p create baruwa

Create a Mysql user for baruwa

Run the command from the mysql prompt:

mysql> GRANT ALL ON baruwa.* TO baruwa@localhost IDENTIFIED BY '<password>';
mysql> flush privileges;

Note

You may want to secure your system by creating several users will limited rights as opposed to the above where the user has full access to the DB.

Configure the Baruwa settings

Edit the Baruwa settings.py file:

# baruwa_path=$(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")
# vi $baruwa_path/baruwa/settings.py

Set the following options:

DATABASE_NAME = 'baruwa'
DATABASE_USER = 'baruwa'
DATABASE_PASSWORD = '<password>'
DATABASE_HOST = 'localhost'

Populate the database and create admin user:

# baruwa-admin syncdb

The syncdb command populates your SQL database and allows you to create the admin user.

Set the rabbitMQ settings:

CELERY_CONCURRENCY = 20
BROKER_HOST = "localhost"
BROKER_PORT = 5672
BROKER_USER = "baruwa"
BROKER_PASSWORD = "your_password"
BROKER_VHOST = "baruwa"

Edit the settings.py file and make configuration changes to suit your site.:

# vi $baruwa_path/baruwa/settings.py

Warning

Make sure you change the SECRET_KEY, DO NOT USE THE DEFAULT, If you have a cluster the key should be the same on all the machines in the cluster.

Configure celeryd to run as a daemon

You need to run celeryd as a daemon in order to process tasks such as Bayesian learning and message releases from the quarantine etc etc.

An init script /etc/init.d/baruwa and configuration file /etc/sysconfig/baruwa are installed by the Baruwa rpm all you need to do is enable celeryd to be started at system boot by running:

# chkconfig --level 35 baruwa on
# service baruwa start

Setup Web server

Edit your apache configurations to enable virtual hosting if not enabled already. Then set the correct hostname in /etc/httpd/conf.d/baruwa.conf:

# change to your hostname
ServerName baruwa-alpha.local

Make sure mod_wsgi is enabled, uncomment the following line in /etc/httpd/conf.d/wsgi.conf:

LoadModule wsgi_module modules/mod_wsgi.so

Restart apache.

Testing

Verify that is working

Check your log files you should see

Baruwa SQL logger:

Aug  9 18:58:27 localhost MailScanner[8470]: Logging message 1OiVg7-0003zS-9s to Baruwa SQL
Aug  9 18:58:27 localhost MailScanner[11052]: 1OiVg7-0003zS-9s: Logged to Baruwa SQL

Baruwa Lists:

Aug 9 18:32:42 localhost MailScanner[27260]: Starting Baruwa whitelists
Aug 9 18:32:42 localhost MailScanner[27260]: Read 6 whitelist items
Aug 9 18:32:42 localhost MailScanner[27260]: Ip blocks whitelisted 192.168.1.0/24 192.168.2.0/24 xxx.xx.xxx.0/26

Baruwa User settings:

Aug 9 15:00:03 localhost MailScanner[25708]: Baruwa - Populating spam score settings
Aug 9 15:00:03 localhost MailScanner[25708]: Read 1 spam score settings
Aug 9 14:59:53 localhost MailScanner[25668]: Baruwa - Populating high spam score settings
Aug 9 14:59:53 localhost MailScanner[25668]: Read 1 high spam score settings

Point your browser to http://hostname_used login with admin user and password and start working. You can now use the interface to add users, domains and process messages, etc etc.