Maia MailGaurd

Here’s the last of it! Follow the below instructions to get Maia-Mailguard working with all the other software and then you can start playing. 🙂

Edit Maia scripts using “sed” for hard-coded path to perl executable (I’ll fix this using the port, I swear!):

# cd /usr/local/share/maia/scripts/
# sed -i.bak 's|/usr/bin/perl.*$|/usr/bin/env perl|' *.pl
# rm -f *.bak

NOTE: Until these scripts are fixed properly, after doing the above change, you may begin getting nightly reports about the checksums of the files mismatching. As long as these are the *ONLY* files listed as mismatched, you can run the following command to get rid of those messages/errors:

# pkg check -s
Does it show only the Maia script files? If so, run:
# pkg check -r

Edit /usr/local/etc/maia/maia.conf file:
Find and edit the RED TEXT

# Your Maia database user's password
$password = "vscan_user_password";
# Address rewriting type [0..5] (see config.php)
$address_rewriting_type = 4;
# Authentication method (see config.php)
$auth_method = 'sql';
# Base URL to Maia's PHP scripts
$base_url = "https://www.domain.tld/maia/";

Run executable:

# /usr/local/share/maia/scripts/

Load SpamAssassin rules:

# sa-update
# su - vscan
$ /usr/local/share/maia/scripts/ --debug
$ exit

Edit /usr/local/www/maia/config.php file:
Find and edit the RED TEXT.

date_default_timezone_set("America/LosAngeles");    <---***CHANGE THIS TO YOUR CORRECT TIMEZONE***
$maia_sql_dsn = "mysqli://vscan:vscan_password@tcp(localhost:3306)/maia";
$purifier_cache = '/usr/local/www/maia/web';
$address_rewriting_type = 4;
$auth_method = "pop3";

Create and edit /usr/local/etc/apache24/Includes/maia.conf file:

Alias /maia/ "/usr/local/www/maia/"
<Directory "/usr/local/www/maia/">
   AllowOverride None
   Options None
   Require all granted

Reload Apache:

# apachectl graceful


Visit “https://domain.tld/maia/admin/configtest.php” and verify everything is working.

Edit /usr/local/etc/maia/maiad.conf file:
Find and edit the RED TEXT.

$lock_file = "/var/run/maia/maiad.lock";
$pid_file = "/var/run/maia/";
$mydomain = 'domain.tld';
$myhostname = 'host.domain.tld';
@lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', 'vscan', 'vscan_user_password'] );
$unrar = ['rar', 'unrar v -c- -p- --'];
# Clam Antivirus Daemon (clamd)
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

Set Maia-Mailguard to start at boot and start it now:

# sysrc maiad_enable=YES
# service maiad start
(You may see some Perl errors regarding a soon-to-be deprecated syntax. It is safe to ignore this (for now...)).


Visit “https://domain.tld/maia/“. You should be greeted with a login screen. If so, great! Let’s log in and acquire admin privileges…

Instead of “https://domain.tld/maia/login.php” (The default), visit “https://domain.tld/maia/login.php?super=register” and log in with any currently existing virtual user (Most likely the user you added with Postfixadmin earlier). Be sure to use a full email address to log into Maia-Mailguard. IE: username@domain.tld. That user will now have admin privs via Maia (So, be careful which user you choose).

Now, that you’re logged into Maia-Mailguard as an administrator, click the “Admin” link at the top of the page (Key-shaped icon). From the “Administration Menu” click “System Configuration“. Each mail server will want different settings for their setup. However, there are some things you should be aware of:

1. Make sure that *ANY* file name (With the exception of the logo image) listed for any option is listed with it’s *FULL PATH*.

2. The “Mail size limit” setting should not be higher than what you set your MySQL’s max_allowed_packet to (25M in my example) in /usr/local/etc/mysql/my.cnf. Remember that this setting is in bytes. So, 25*1024*1024 would give you 26214400 (25M).


For each domain you create using Postfixadmin or any other way you may create it, Maia needs to know about it in order to create users. This might seem like a redundant issue, but it really makes a difference and here’s why… When Maia recieves mail for a user that doesn’t exist, it uses the default domain’s (@.) settings. This is fine. However, if it considers that mail to be spam when it is not, the user cannot retrieve that message later being as the default settings don’t house mail for a non-existant user. So, be sure to add any domain you add via PostfixAdmin to Maia-Mailguard as well.

Edit /usr/local/etc/postfix/ file:
Find and edit the RED TEXT.

# Maia-Mailguard

# The queue_directory specifies the location of the Postfix queue.
# This is also the root directory of Postfix daemons that run chrooted.
# See the files in examples/chroot-setup for setting up Postfix chroot
# environments on different UNIX systems.
queue_directory = /var/spool/postfix

Edit /usr/local/etc/postfix/ file:
Add RED TEXT to bottom of file.

smtp-amavis unix - - n - 2 smtp
  -o smtp_data_done_timeout=2400
  -o smtp_send_xforward_command=yes
  -o disable_dns_lookups=yes
  -o max_use=20 inet n - n - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_delay_reject=no
  -o smtpd_client_restrictions=permit_mynetworks,reject
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks_style=host
  -o mynetworks=
  -o strict_rfc821_envelopes=yes
  -o smtpd_error_sleep_time=0
  -o smtpd_soft_error_limit=1001
  -o smtpd_hard_error_limit=1000
  -o smtpd_client_connection_count_limit=0
  -o smtpd_client_connection_rate_limit=0
  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings

Reload Postfix:

# postfix reload

Edit the “vscan” user’s cron jobs:

# crontab -u vscan -e

Copy and paste into user vscan’s crontab:

#Load new rules and store into Maia database.
30 4 * * * /usr/local/share/maia/scripts/ > /dev/null
#Train Spam Assassin.
0 * * * * /usr/local/share/maia/scripts/ --learn --report > /dev/null
#Take a snapshot of the stats at the start of every hour.
0 * * * * /usr/local/share/maia/scripts/ > /dev/null
#Purge mail that has not been confirmed.
0 23 * * * /usr/local/share/maia/scripts/ > /dev/null
#Send quarantine reminders.
0 15 * * * /usr/local/share/maia/scripts/ > /dev/null
#Send quarantine digests.
0 15 * * * /usr/local/share/maia/scripts/ > /dev/null
#Force bayesian auto-expiry during off-peak hours.
25 2 * * * /usr/local/bin/sa-learn --sync --force-expire > /dev/null

Back to Page 8 or back to the Begining