GotoKnow
  • เข้าระบบ
  • สมัครสมาชิก
  • แผงจัดการ
  • ออกจากระบบ
GotoKnow

Virus checking with Postfix, ClamAV and Amavisd-new

Virus checking with Postfix, ClamAV and Amavisd-new
Author: [email protected]
It's easier then it sounds!

This is a quick'n'dirty way to setup AS/AV protection on your MX. If you're not familiar with software described here, then take a look at www.postfix.org, clamav.elektrapro.com and www.ijs.si/software/amavisd. All these goodies are also available trough FreeBSD's ports collection.
You should, however, spend some time with configuration files, as they're tweaked for my server...

Setup described here is running on FreeBSD 4.6-REL (i386) with Postifx 1.1.11, Clamav 0.60_1 and Amavisd-new 20030616.p5.

Make sure you update your ports before installing the software!

General overview

In this setup, spam and virus checking is preformed on the same box.
Here's the theory:

Postfix accepts mail on port 25 and forwards it to 127.0.0.1:10024 where amavisd-new is listening. Amavisd-new does it magic with Spamassassin and ClamAV and forwards mail back to postfix instance running on 127.0.0.1:10025.
Second postfix instance isn't doing any scanning, just re-injecting mail into queue.
 e-mail --> [postifx (*:25)]             -->  [amavisd-new (127.0.0.1:10024)] -->
[postfix (127.0.0.1:10025)] --> [delivery agent (local/smtp/...)]
Of course, amavisd-new can run on separate machine. Just adjust listening and forwarding IP and port.

Setting up ClamAV

As root:
cd /usr/ports/security/clamav && make install clean
Configuration file: /usr/local/etc/clamav.conf.
Startup script: /usr/local/etc/rc.d/clamav.sh

To update ClamAV's virus database regulary, put something like this in root's crontab:
0 6 * * * /usr/local/bin/freshclam
Start clamd.

Setting up Amavisd-new

As root:
cd /usr/ports/security/amavisd-new && make install clean
Configuration file: /usr/local/etc/amavisd.conf
Startup script: /usr/local/etc/rc.d/amavisd.sh

Start amavisd.

Setting up Postfix

Configure postfix as you would normaly. After you're satisfied, add these lines:

master.cf:
smtp-amavis unix -      -       n     -       3  smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
main.cf:
content_filter = smtp-amavis:[127.0.0.1]:10024

Restart Postfix (with postfix stop; postifx start) and watch mail logs for errors. If everything went ok, you shold see clamd log (/var/amavis/clamd.log) and amavisd log (/var/amavis/amavis.log) filling up.

You should see additional mail headers in mails which go trough your mailer (X-Virus-Scanned: and X-Spam-Status:).


$Id: av.html,v 1.8 2003/11/28 09:58:53 damir Exp $

Ref:: http://72.14.203.104/search?q=cache:b5k19ynYVP8J:mail.x-si.org/articles/av.html+&hl=th&gl=th&ct=clnk&cd=1&client=firefox

บันทึกนี้เขียนที่ GotoKnow โดย 

คำสำคัญ (keywords): networkopensourcecomputeritงานพัฒนา
หมายเลขบันทึก: 23961
เขียน:
แก้ไข:
อ่าน:
สัญญาอนุญาต: สงวนสิทธิ์ทุกประการ

ความเห็น (0)