Virus checking with Postfix, ClamAV and Amavisd-new
It's easier then it sounds!
This is a quick'n'dirty way to setup AS/AV protection on your MX. If you're not familiar with software described here, then take a look at www.postfix.org, clamav.elektrapro.com and www.ijs.si/software/amavisd. All these goodies are also available trough FreeBSD's ports collection.
You should, however, spend some time with configuration files, as they're tweaked for my server...
Setup described here is running on FreeBSD 4.6-REL (i386) with Postifx 1.1.11, Clamav 0.60_1 and Amavisd-new 20030616.p5.
Make sure you update your ports before installing the software!
General overviewIn this setup, spam and virus checking is preformed on the same box.
Here's the theory:
Postfix accepts mail on port 25 and forwards it to 127.0.0.1:10024 where amavisd-new is listening. Amavisd-new does it magic with Spamassassin and ClamAV and forwards mail back to postfix instance running on 127.0.0.1:10025.
Second postfix instance isn't doing any scanning, just re-injecting mail into queue.
e-mail --> [postifx (*:25)] --> [amavisd-new (127.0.0.1:10024)] -->Of course, amavisd-new can run on separate machine. Just adjust listening and forwarding IP and port.
[postfix (127.0.0.1:10025)] --> [delivery agent (local/smtp/...)]
Setting up ClamAVAs root:
cd /usr/ports/security/clamav && make install cleanConfiguration file: /usr/local/etc/clamav.conf.
Startup script: /usr/local/etc/rc.d/clamav.sh
To update ClamAV's virus database regulary, put something like this in root's crontab:
0 6 * * * /usr/local/bin/freshclamStart clamd.
Setting up Amavisd-newAs root:
cd /usr/ports/security/amavisd-new && make install cleanConfiguration file: /usr/local/etc/amavisd.conf
Startup script: /usr/local/etc/rc.d/amavisd.sh
Setting up PostfixConfigure postfix as you would normaly. After you're satisfied, add these lines:
smtp-amavis unix - - n - 3 smtpmain.cf:
127.0.0.1:10025 inet n - n - - smtpd
content_filter = smtp-amavis:[127.0.0.1]:10024
Restart Postfix (with postfix stop; postifx start) and watch
mail logs for errors. If everything went ok, you shold see clamd
log (/var/amavis/clamd.log) and amavisd log
(/var/amavis/amavis.log) filling up.
You should see additional mail headers in mails which go trough your mailer (X-Virus-Scanned: and X-Spam-Status:).
$Id: av.html,v 1.8 2003/11/28 09:58:53 damir Exp $