This article covers:
- Spam filtering setup using spamassassin
- Antivirus scanning using clamav
Installing packages amavis, clamav, spamassassin
apt-get install amavisd-new spamassassin clamav clamav-daemon arj zoo nomarch cpio lzop cabextract apt-listchanges libauthen-sasl-perl libdbi-perl libmail-dkim-perl p7zip rpm unrar-free libsnmp-perl
Please note that amavis itself doesn’t do any kind of spam-checking or virus-checking. It uses spamassassin for spam-testing and clamav for virus-testing. So we need to configure amavis only to spam & virus filtering implemented.
Amavis Configuration
By default, amavis comes with all kind of checks disabled! Might sound strange but we need to enable everything.
Enable virus & spam checking:
vim /etc/amavis/conf.d/15-content_filter_mode
Uncomment following lines:
@bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
If your server has less spare CPU power, you may leave virus-checking disabled. ClamAV consumes considerable CPU resources. Also note that these checks delays mail delivery (generally by few seconds).
Set filtering preference:
Open
vim /etc/amavis/conf.d/50-user
Add following:
$sa_spam_subject_tag = undef;
$spam_quarantine_to = undef;
$sa_tag_level_deflt = undef;
# Prevent spams from automatically rejected by mail-server
$final_spam_destiny = D_PASS;
# We need to provide list of domains for which filtering need to be done
@lookup_sql_dsn = (
['DBI:mysql:database=vimbadmin;host=127.0.0.1;port=3306',
'vimbadmin',
'password']);
$sql_select_policy = 'SELECT domain FROM domain WHERE CONCAT("@",domain) IN (%k)';
If you are getting too many false positives, you may change $sa_tag_level_deflt to a positive value.
For lookup_sql_dsn, please make sure your mysql database details matches one that is used by postfix & dovecot.
To finalize changes:
service amavis restart
Postfix config
Configuring amavis alone won’t work. We need to tell postfix to use amavis content-filters during mail processing.
Open vim /etc/postfix/master.cf
Find line containing:
pickup fifo n - - 60 1 pickup
Add 2-lines below it so it looks like:
pickup fifo n - - 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks
Add following towards end:
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
-o local_header_rewrite_clients=
Restart postfix
service postfix restart
Testing
Its better to test if above setup is actually filtering spam & virus. Use following test: