NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2004-06

Re: clamAV and postifix without spamassassin

From: J. Ryan Earl (hereticclanhk.org)
Date: Wed Jun 02 2004 - 01:36:19 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Get setup SpamAssassin with amavisd-new you need to install both and
then edit the defaults in /etc/amavisd.conf

/# SpamAssassin settings/

To your liking. Also server for the section with

/av_scanners = (/

And make sure you having something like the following uncommented:

/ ['Clam Antivirus-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/amavis/clamd.sock"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],/

So that you use the fast C daemon. Next edit /etc/clamav.conf

In particular make sure you use the same user as for amavis, and use the
same unix socket for amavis too:

/PidFile /var/run/clamav/clamd.pid
User amavis
/
Start both amavisd-new and clamd daemons. Check your syslog (with
$log_level = 2;) for something like:

/May 28 06:24:27 mail amavis[5600]: starting. amavisd at
mail.hardcore-gaming.net amavisd-new-20030616-p9, Unicode aware
May 28 06:24:27 mail amavis[5600]: Perl version 5.008003
May 28 06:24:27 mail amavis[5600]: Module Amavis::Conf 1.15
May 28 06:24:27 mail amavis[5600]: Module Archive::Tar 1.05
May 28 06:24:27 mail amavis[5600]: Module Archive::Zip 1.06
May 28 06:24:27 mail amavis[5600]: Module Compress::Zlib 1.22
May 28 06:24:27 mail amavis[5600]: Module Convert::TNEF 0.17
May 28 06:24:27 mail amavis[5600]: Module Convert::UUlib 0.31
May 28 06:24:27 mail amavis[5600]: Module MIME::Entity 5.404
May 28 06:24:27 mail amavis[5600]: Module MIME::Parser 5.406
May 28 06:24:27 mail amavis[5600]: Module MIME::Tools 5.411
May 28 06:24:27 mail amavis[5600]: Module Mail::Header 1.60
May 28 06:24:27 mail amavis[5600]: Module Mail::Internet 1.60
May 28 06:24:27 mail amavis[5600]: Module Mail::SpamAssassin 2.63
May 28 06:24:27 mail amavis[5600]: Module Net::Cmd 2.24
May 28 06:24:27 mail amavis[5600]: Module Net::DNS 0.40
May 28 06:24:27 mail amavis[5600]: Module Net::SMTP 2.26
May 28 06:24:27 mail amavis[5600]: Module Net::Server 0.85
May 28 06:24:27 mail amavis[5600]: Module Time::HiRes 1.5
May 28 06:24:27 mail amavis[5600]: Module Unix::Syslog 0.100
May 28 06:24:27 mail amavis[5600]: Found myself: /usr/sbin/amavisd -c
/etc/amavisd.conf
May 28 06:24:27 mail amavis[5600]: Lookup::SQL code NOT loaded
May 28 06:24:27 mail amavis[5600]: Lookup::LDAP code NOT loaded
May 28 06:24:27 mail amavis[5600]: AMCL-in protocol code loaded
May 28 06:24:27 mail amavis[5600]: SMTP-in protocol code loaded
May 28 06:24:27 mail amavis[5600]: ANTI-VIRUS code loaded
May 28 06:24:27 mail amavis[5600]: ANTI-SPAM code loaded
May 28 06:24:27 mail amavis[5601]: Net::Server: Process Backgrounded
May 28 06:24:27 mail amavis[5601]: Net::Server: 2004/05/28-06:24:27
Amavis (type Net::Server::PreForkSimple) starting! pid(5601)
May 28 06:24:28 mail amavis[5601]: Net::Server: Binding to UNIX socket
file /var/run/amavis/amavisd.sock using SOCK_STREAM
May 28 06:24:28 mail amavis[5601]: Net::Server: Binding to TCP port
10024 on host 127.0.0.1
May 28 06:24:28 mail amavis[5601]: Net::Server: Setting gid to "441 441"
May 28 06:24:28 mail amavis[5601]: Net::Server: Setting uid to "102"
May 28 06:24:28 mail amavis[5601]: Net::Server: Couldn't POSIX::setuid
to "102" []
May 28 06:24:28 mail amavis[5601]: Found $file at /usr/bin/file
May 28 06:24:28 mail amavis[5601]: Found $arc at /usr/bin/arc
May 28 06:24:28 mail amavis[5601]: Found $gzip at /bin/gzip
May 28 06:24:28 mail amavis[5601]: Found $bzip2 at /bin/bzip2
May 28 06:24:28 mail amavis[5601]: Found $lzop at /usr/bin/lzop
May 28 06:24:28 mail amavis[5601]: Found $lha at /usr/bin/lha
May 28 06:24:28 mail amavis[5601]: Found $unarj at /usr/bin/unarj
May 28 06:24:28 mail amavis[5601]: Found $uncompress at /usr/bin/uncompress
May 28 06:24:28 mail amavis[5601]: Found $unfreeze at /usr/bin/unfreeze
May 28 06:24:28 mail amavis[5601]: Found $unrar at /usr/bin/unrar
May 28 06:24:28 mail amavis[5601]: Found $zoo at /usr/bin/zoo
May 28 06:24:28 mail amavis[5601]: Found $cpio at /usr/bin/cpio
May 28 06:24:28 mail amavis[5601]: Using internal av scanner code for
(primary) Clam Antivirus-clamd
May 28 06:24:28 mail amavis[5601]: SpamControl: initializing
Mail::SpamAssassin

/And:/

//May 28 06:24:32 mail clamd[6042]: Daemon started.
May 28 06:24:32 mail clamd[6042]: Log file size limited to 262144000 bytes.
May 28 06:24:32 mail clamd[6042]: Running as user amavis (UID 102, GID 441)
May 28 06:24:32 mail clamd[6042]: Reading databases from /var/lib/clamav
May 28 06:24:32 mail clamd[6042]: Protecting against 21650 viruses.
May 28 06:24:33 mail clamd[6044]: Unix socket file
/var/run/amavis/clamd.sock
May 28 06:24:33 mail clamd[6044]: Setting connection queue length to 50
May 28 06:24:33 mail clamd[6044]: Archive: Archived file size limit set
to 209715200 bytes.
May 28 06:24:33 mail clamd[6044]: Archive: Recursion level limit set to 10.
May 28 06:24:33 mail clamd[6044]: Archive: Files limit set to 100000.
May 28 06:24:33 mail clamd[6044]: Archive: Compression ratio limit set
to 200.
May 28 06:24:33 mail clamd[6044]: Archive support enabled.
May 28 06:24:33 mail clamd[6044]: RAR support enabled.
May 28 06:24:33 mail clamd[6044]: Mail files support enabled.
May 28 06:24:33 mail clamd[6044]: OLE2 support enabled.
May 28 06:24:33 mail clamd[6044]: Self checking every 2000 seconds.
May 28 06:24:33 mail freshclam[6046]: Freshclam started.
May 28 06:24:33 mail freshclam[6047]: freshclam daemon started (pid=6047)
May 28 06:24:33 mail freshclam[6047]: ClamAV update process started at
Fri May 28 06:24:33 2004
May 28 06:24:34 mail freshclam[6047]: main.cvd is up to date (version:
23, sigs: 21096, f-level: 2, builder: ddm)
/
In your /etc/postfix/main.cf add something like the follow, note the
10024, make sure amavisd-new is configured for this:

/content_filter=smtp-amavis:[127.0.0.1]:10024/

At the end of /etc/postfix/master.cf add:
/
smtp-amavis unix - - n - 2 lmtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - n - - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000/

That should be most of it. You're relaying from Postfix to amavisd-new
via LMTP (scan mass emails once), then from amavisd-new back to Postfix
via SMTP.

Limme know if you have questions.

-ryan

Dustin Krysak wrote:

> 2) can someone point to a somewhat current how-to for this setup?
> clamAV/glue/postfix. Without any extras. I could decider the current
> how-tos and take the relevant info, but i am hoping to avoid any
> mess-ups due to a misinterpretation.
>
> Thanks in advance.
>
> Dustin
>

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]