Last update June 11, 2007.  Sorry for the sucky formatting!

        1.  INstall CentOS4.
	a.  Choose mostly defaults.
	b. 	
	c. Choose Server Install.  Choose automatically partition.
	c1. Leave the network settings screen as is, we will fix it later.
	c2. Leave the firewall enabled, but near the bottom of the screen, set SELinux
	 to DISABLED.
	c3. Select a root password.
	d. At the last screen, you can modify the selected packages.  
	Check GNOME.
	Check GRAPHICAL INTERNET, then click DETAILS.
		Uncheck everything but Firefox.
	Check MAILSERVER,then click DETAILS.
		Uncheck dovecot.
	Check POSTGRESQL Database, then click DETAILS.
		Check postgresql and postgresql-server.

	e. Click Next,then Continue to complete the install.
		(About 15 mins).

2. Upon startup, insert CD3, and open a terminal.  Type:
	# rpm -ivh /media/cdrom/CentOS/RPMS/compat-libstd and press TAB to complete 
	the filename, then press Enter.

3. Using your favorite editor, edit /etc/redhat-release and delete the text in the file 
	and replace it with:
	Red Hat Enterprise Linux ES release 4 (Nahant)
Save the file.

The domain for my company is mycompany.com (i.e. my email is doug@mycompany.com).  
I want the name of my Scalix box to be mymail.  My static IP address is 192.168.1.207.  
Substitute your information where relevant.

3b.  Click on System Settings then Network.
	Click the Edit button.
	Then click Statically Set IP address in the box that comes up.
	Type in your static IP address information.
	Click on the DNS tab, and delete the highlighted localhost.localdomain
		and replace with your FQDN (in this example mymail.mycompany.com)
	On that bottom of this screen, delete the DNS Search path, leave it empty.
	Click on file save.
	
	The GUI Network config messes up /etc/hosts, so we need to clean it up.
	Using your favorite editor edit /etc/hosts and perform the following:

	Leave any comments intact (comments begin with a #).
	Delete any other text.  Add the following line:	
	127.0.0.1 (TAB) (TAB) localhost
	
	Underneath that, add your static IP info (using my example, I would add):
	192.168.1.207 (TAB)  mymail.mycompany.com (TAB)  mymail
	Save and exit the file.

	Then in a command prompt, stop and restart networking:

	# /sbin/service network restart

3c.  Sometimes, changing the IP address like this breaks GNOME.  To be safe, press 
	CTRL-ALT-BACKSPACE to reset the window environment.  Log back in as root.
	(If all you get is a blinking cursor, then press CTRL-ALT-DEL to reboot the box).

4.  Download the Scalix release.  I chose to save it to disk in /usr/local/src.

5.  #cd /usr/local/src
    #gunzip scalix (press TAB)
    # tar -xvf scalix (press TAB)
    # cd scalix (press TAB)
    # ./scalix-installer

6.  You are now running the scalix installer.
	Choose to install All Scalix Components (Typical).  
	Click Forward when it shows a big long list of what will be installed.
	The system check should pass with a yellow "Yield" sign on Dependency Check.
	Press Forward. The install is pretty fast.
	You are asked for a primary mailnode name, Scalix already fills this in for you.
	Press Forward.
	Choose how you want names displayed, and what format of Internet email address
	you will use (i.e. John.Smith@mycompany.com or JSmith@mycompany.com).  
	Press Forward.
	Choose an admin username and password.  We are going to leave it sxadmin, and
	use Linux333 for a password.  Press Forward.
	The Scalix Message Store is created (takes a few minutes).
	Click Forward on the License Key screen, and OK on the box that pops up.
	Click Forward to Install the Java RE (JRE).
	Click Forward on the next screen about the JRE path you just installed.
	Enter in Scalix Mgt Services passwd, I will use Linux333 here as well.
	On the PostgreSQL screen, leave hostname unchanged, and assign a password
	for the database server.  Again, I am going to use Linux333.
	I uncheck the box to Start Scalix Mgt Services, then press OK.

You have now finished installing the major components of the Scalix server.  At this 
point, you can add users and groups, and have a capable POP3 and IMAP server running!

7.  We are going to add a test user to simplify testing down the road.  Open Firefox,
and type in http://192.168.1.207/sac
(Occasionally, after a fresh install like this, I cannot get Firefox to start.  I simply
log out, and then log back in as root, and Firefox starts just fine).
Firefox may block the popup, click on preferences, and say "Allow popups from 192.168.1.207"
Login with the Scalix Admin credentials we set up (sxadmin and Linux333).  Check mark
the box that says "Not using Secure https connection", then click Login.
You now see a list of Users (only one, sxadmin).  Click sxadmin to see what information
can be stored on each user.  You should see the "Create User" button in the lower left
(sometimes it hides a little, must be shy!  You will see the tops of 2 buttons, the one
you want is the one on the left).

For our test, our user is a Scalix Standard User, so click that radio button.
First name is Test, Last name User.
Underneath "Authentication ID" enter a password, I will use mypass123.  (Be careful, the 
authentication ID is CASE SENSITIVE.  Remember that when you login, or change the 
authentication ID now to the way you want it to be).
I am going to click Finish now, but you can see all the other variables you could fill in.

8.  Log out of the console.  You should still have Firefox open, we need to grab
Clam-Antivirus.  In your browser address bar, type:

http://dags.wieers.com/rpm/packages/clamav

We want the following packages:
clamav-0.90-3.el4.rf.i386.rpm
clamd-0.90-3.el4.rf.i386.rpm
clam-db-0.90-3.el4.rf.i386.rpm

As of this writing, clamav was at 0.90.  You can grab a newer version, just make sure
all three files are the SAME version.  You always want the version to contain el4 
(which stands for Enterprise Linux 4)

Important:  When you click these, Gnome will ask to open them in Archive Manager or 
Save To Disk.  You want to Save to Disk all three files.

By default, all 3 packages are saved on the desktop.
Open a terminal window and type:

# rpm -ivh /root/Desktop/clam*

Once done, a new user "clamav" has been created.
Click on Applications -> System Settings -> Users and Groups.
In the window that opens, click Preferences -> Filter users and Groups
You should see a lot of users.  Find clamav, and double click it.
On the Groups tab, put a check mark in the Scalix box, and set the Primary Group to
scalix.  Click OK.  Close the window.

Okay, so now a short discussion of how Scalix sets up some directory information.
Most of what you need will be in /var/opt/scalix.  When you see:
/var/opt/scalix/xx/s/rules for example, the xx is the first and last letter of your
mailserver's name.  So in this example, my servers name is mymail, so the xx will be ml.
If you named your server malkore, your xx is me, if you named your server dylan, your xx
is dn.  Got it?  Ok, now onward!

9.  We are going to reject all messages that have a virus.
	Using your favorite editor, (we will use nano), type this:
	# nano /var/opt/scalix/xx/s/rules/ALL-ROUTES.VIR

And add this line:

	VIRUS-UNCLEANED=1 ACTION=REJECT NDN-INFO=!ndninfo.txt

Save and exit the file.

	Now, add an ndninfo.txt file.  This can say whatever you want it to say.

	# nano /var/opt/scalix/xx/s/rules/ndninfo.txt

I will add this line:

	Your message was rejected because it contained a virus.

Save and exit the file.

10.  Now we move the scan file to the proper directory:

	# cp /opt/scalix/examples/general/omvscan.map /var/opt/scalix/xx/s/rules/
	# chown root /var/opt/scalix/xx/s/rules/omvscan.map
	# chmod 555 /var/opt/scalix/xx/s/rules/omvscan.map


11.  Now we want to start the antivirus engine, and get any updates before our test.

	# nano /etc/freshclam.conf
	Put a # sign in front of Example at the top of file.
	Look for a line that begins with #DatabaseMirror
	You will want to remove the # sign, and replace XY with your country's 2 
	digit nomencalture.  In this example, US.  So the line now reads:
	DatabaseMirror db.us.clamav.net

	# yum update spamassassin  (answer yes to any prompts)	

	# service clamd start
	# freshclam

11a.  Stop and restart the main mailrouter to incorporate our changes.
	
	# omoff -s sr (wait about 60 seconds before typing the next command)
	# omon -s sr 

	(If you get a 'omoff: command not found', issue this:
	# PATH=$PATH:/opt/scalix/bin
	# export PATH
	Then issue the above commands.  They will work this time.)

12.  Now we are going to try and send a virus.  It should get rejected.
	Login to webmail:
	http://192.168.1.207/webmail
	Login as Test.User@mycompany.com
	Password: mypass123

Click New, and then TO.  Let's select sxadmin, we're gonna email our admin a virus!
For the subject and body, just type "test" or some nonsense.
Click on the PaperClip to Attach a message.  Click Browse on the window that comes up.
Browse to /usr/share/doc/clamav-0.90/test and attach clam.zip.
Make sure you click Attach and then OK.  Your message under the subject line should
list the Attachment: clam.zip.  Click Send.  Wait a few seconds, then click
Send/receive, you should see in your Inbox, a message saying your message was 
rejected because it had a virus.  (occasionally I have to log out as the useout of webmail
then I log back in, and there sitting in my inbox is the rejected message.)

You now have an excellent functioning Email Server, with LDAP, POP3 and IMAP, as well
as Web Access, Calendaring features, etc.  Let's add some spam killing features.

13.  We need the spamass-milter package.

	http://dag.wieers.com/rpm/packages/spamass-milter

	Get the spamass-milter-0.3.1-1.el4.rf.i386.rpm  (or newer version)
	This time, let Firefox install it with the Install Packages choice.

14.  Now we need to copy and edit some files.
	
	# cp /var/opt/scalix/xx/s/sys/smtpd.cfg /var/opt/scalix/xx/s/sys/smtpd.cfg.orig
	
	# nano /var/opt/scalix/xx/s/sys/smtpd.cfg

	Look for the line 
		RELAY accept 127.0.0.1
	ABOVE this line, add

	SMTPFILTER=TRUE

Exit and save the file.

	Now we're going to edit our sendmail file a bit.  Note that most lines begin
	with a capital letter o, not a zero, but an O.  (In between your I and P keys!!!)

	# cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.orig
	# nano /etc/mail/sendmail.cf

	Find the line: #O InputMail Filters, and edit it so it now reads:
	O InputMailFilters=Spamassassin

	Immediately below this line, add:
	#Milter Options
	#O Milter.Loglevel
	O Milter.macros.connect=b, j, _, {daemon_name}, {if_name}, {if_addr}
	O Milter.macros.helo={tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}
	O Milter.macros.envfrom=i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}
	O Milter.macros.envrcpt={rcpt_mailer], {rcpt_host}, {rcpt_addr}
(some of the lines will move to a second line in the editor.  It is my belief that this is 
bad.  So where it moves to a second line, put your cursor on that first word in the second
line and press BACKSPACE so it all comes back to just one line.)

Exit and save the file.

	# cd /etc/mail
	# nano /sendmail.mc
	Go to the bottom of the file and add this line:
	Xspamassassin, S=local:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m

	Save and exit this file.
	
	# make -C /etc/mail


15.  Now we want our spamassassin stuff to run at system startup.

	#chkconfig --add spamass-milter
	#chkconfig --level 345 spamass-milter on
	#service spamass-milter start
	#chkconfig --add spamassassin
	#chkconfig --level 345 spamassassin on
	#service spamassassin start

16. Restart Sendmail.  If you get any errors, something is wrong.
	
	#service sendmail restart


Now, you have a working Scalix Mailserver Install!!!  One with anti-virus and anti-spam.
There are MANY other variables you should go back and tweak (what attachments to scan,
what sort of SMTP authentication [if any] you wish to use), etc.  

SOME OTHER STUFF WE CAN DO:

A.  Add a "catch all" address.  Sometimes someone emails jsmith as johnsmith or jmsith 
(a little dyslexic there).  A catchall is good (in that your boss will get all his emails,
even the ones people have mis-addressed), and it's bad, since ANY address at your domain,
even mg4532Ghdwjs@mycompany.com will be delivered.  So, you decide if the value is for you
or not.  

To add the catch all, edit /var/opt/scalix/xx/s/sys/smtpd.cfg

Look for the area that starts * Catch-all Recipients
and add a line like this
CATCH @mycompany.com catchall@mycompany.com

The capitalized word CATCH is mandatory, the domain is the domain of your mailserver,
followed by the address that will receive all the "catchall" mail.  You will need to 
check this account periodically and forward on any good mail.

B.  Move all SPAM to a separate email box.

Sometimes it's good to mark potential SPAM as ***SPAM*** and let your users sort it out.
Sometimes you just want to hide it (I find out of every 500 marked SPAMs, I get maybe 1
legitimate message).

Edit /etc/init.d/spamass-milter

The last line should say something like
EXTRA_FLAGS="-r 50 -b review@mycompany.com"

I set the r flag high (to 50) because spamass-milter will do a circular delivery thing
with spam mail.  It's hard to explain, but I set it to 50.  The -b flag says "send all 
spam to this account, not to my users".  Make sure you create this account on your system!


GOOD LUCK!  Scalix has been very good for me!  I hope you have found this tutorial useful!