How to Install Amavishd-new, ClamAV, Spam with postfix
# Enable the RPMForge Repo
[root@server ~]# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
[root@server ~]# rpm -ivh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
[root@server ~]# yum repolist
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirrors.ispros.com.bd
* epel: kartolo.sby.datautama.net.id
* extras: mirrors.ispros.com.bd
* rpmforge: kartolo.sby.datautama.net.id
* updates: mirrors.ispros.com.bd
rpmforge | 1.9 kB 00:00
rpmforge/primary_db | 2.7 MB 00:15
repo id repo name status
base CentOS-6 - Base 6,367
epel Extra Packages for Enterprise Linux 6 - x86_64 11,050
extras CentOS-6 - Extras 14
rpmforge RHEL 6 - RPMforge.net - dag 4,718
updates CentOS-6 - Updates 1,242
repolist: 23,391
[root@server ~]#
Install Amavisd-new
[root@server ~]# yum install amavisd-new
..
[root@server ~]#
check user amavis and clamav in /etc/passwd file.
[root@server ~]# cat /etc/passwd
...
clamav:x:495:492:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
amavis:x:494:491:User for amavisd-new:/var/spool/amavisd:/sbin/nologin
Add domain name and hostname in /etc/amavisd/amavisd.conf
[root@server ~]# vim /etc/amavisd/amavisd.conf
[root@server ~]# cat /etc/amavisd/amavisd.conf
....
# COMMONLY ADJUSTED SETTINGS:
# @bypass_virus_checks_maps = (1); # controls running of anti-virus code
# @bypass_spam_checks_maps = (1); # controls running of anti-spam code
# $bypass_decode_parts = 1; # controls running of decoders&dearchivers
$max_servers = 2; # num of pre-forked children (2..30 is common), -m
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g
# $mydomain = 'example.com'; # a convenient default for other settings
$mydomain = 'zmailtech.com'; # a convenient default for other settings
...
...
# OTHER MORE COMMON SETTINGS (defaults may suffice):
# $myhostname = 'host.example.com'; # must be a fully-qualified domain name!
$myhostname = 'mailserver.zmailtech.com'; # must be a fully-qualified domain name!
[root@server ~]#
Edit the configuration file /etc/postfix/master.cf to tell Postfix to pass mail to Amasvid-new for filtering.
Create backup file /etc/postfix/master.cf and /etc/postfix/main.cf
[root@server ~]# cd /etc/postfix[root@server postfix]# cp master.cf master.cf.bkp[root@server postfix]# cp main.cf main.cf.bkp
Edit in /etc/postfix/master.cf file
[root@server postfix]# vim master.cf
[root@server postfix]# cat master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
#
=======================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ========================================================================
smtp inet n - n - - smtpd
#add amavisd config
amavisfeed unix - - n - 2 lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
-o local_header_rewrite_clients=
-o smtpd_milters=
-o local_recipient_maps=
-o relay_recipient_maps=
#submission inet n - n - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
.....
[root@server postfix]#
Edit the file /etc/postfix/main.cf and enable message filtering in Postfix adding the line:
[root@server postfix]# vim main.cf
[root@server postfix]# cat main.cf
...
#add amavishd configuration..
# use amavisd as filter on port 10024
content_filter=amavisfeed:[127.0.0.1]:10024
[root@server postfix]#
Reload Postfix to get new parameters.
[root@server ~]# service postfix reload
Reloading postfix: [ OK ]
[root@server ~]#
Enable Amavisd and ClamAV services to start during system boot.
[root@server ~]# chkconfig amavisd on
[root@server ~]# chkconfig clamd on
Service clamd start
[root@server ~]# service clamd start
Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: ************************************************** [ OK ]
[root@server ~]#
Service amavisd start
[root@server /]# service amavisd start
Starting amavisd: [ OK ]
[root@server /]#
ClamAV database signature may be outdated, you can manually update by using the command freshclam.
[root@server ~]# freshclam
ClamAV update process started at Fri Aug 1 21:53:39 2014
Downloading main-55.cdiff [100%]
main.cld updated (version: 55, sigs: 2424225, f-level: 60, builder: neo)
WARNING: getfile: daily-15077.cdiff not found on remote server (IP: 120.88.46.210)
WARNING: getpatch: Can't download daily-15077.cdiff from db.in.clamav.net
WARNING: getfile: daily-15077.cdiff not found on remote server (IP: 193.1.193.64)
WARNING: getpatch: Can't download daily-15077.cdiff from db.in.clamav.net
WARNING: getpatch: Can't download daily-15077.cdiff from db.in.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
Downloading daily.cvd [100%]
daily.cvd updated (version: 19256, sigs: 1087763, f-level: 63, builder: neo)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 242, sigs: 46, f-level: 63, builder: dgoddard)
[LibClamAV] ******************************************************
[LibClamAV] *** Virus database timestamp in the future! ***
[LibClamAV] *** Please check the timezone and clock settings ***
[LibClamAV] ******************************************************
Database updated (3512034 signatures) from db.in.clamav.net (IP: 193.1.193.64)
Clamd successfully notified about the update.
[root@server ~]#
# Enable the RPMForge Repo
[root@server ~]# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
[root@server ~]# rpm -ivh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
[root@server ~]# yum repolist
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirrors.ispros.com.bd
* epel: kartolo.sby.datautama.net.id
* extras: mirrors.ispros.com.bd
* rpmforge: kartolo.sby.datautama.net.id
* updates: mirrors.ispros.com.bd
rpmforge | 1.9 kB 00:00
rpmforge/primary_db | 2.7 MB 00:15
repo id repo name status
base CentOS-6 - Base 6,367
epel Extra Packages for Enterprise Linux 6 - x86_64 11,050
extras CentOS-6 - Extras 14
rpmforge RHEL 6 - RPMforge.net - dag 4,718
updates CentOS-6 - Updates 1,242
repolist: 23,391
[root@server ~]#
Install Amavisd-new
[root@server ~]# yum install amavisd-new
..
[root@server ~]#
check user amavis and clamav in /etc/passwd file.
[root@server ~]# cat /etc/passwd
...
clamav:x:495:492:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
amavis:x:494:491:User for amavisd-new:/var/spool/amavisd:/sbin/nologin
Add domain name and hostname in /etc/amavisd/amavisd.conf
[root@server ~]# vim /etc/amavisd/amavisd.conf
[root@server ~]# cat /etc/amavisd/amavisd.conf
....
# COMMONLY ADJUSTED SETTINGS:
# @bypass_virus_checks_maps = (1); # controls running of anti-virus code
# @bypass_spam_checks_maps = (1); # controls running of anti-spam code
# $bypass_decode_parts = 1; # controls running of decoders&dearchivers
$max_servers = 2; # num of pre-forked children (2..30 is common), -m
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g
# $mydomain = 'example.com'; # a convenient default for other settings
$mydomain = 'zmailtech.com'; # a convenient default for other settings
...
...
# OTHER MORE COMMON SETTINGS (defaults may suffice):
# $myhostname = 'host.example.com'; # must be a fully-qualified domain name!
$myhostname = 'mailserver.zmailtech.com'; # must be a fully-qualified domain name!
[root@server ~]#
Edit the configuration file /etc/postfix/master.cf to tell Postfix to pass mail to Amasvid-new for filtering.
Create backup file /etc/postfix/master.cf and /etc/postfix/main.cf
[root@server ~]# cd /etc/postfix[root@server postfix]# cp master.cf master.cf.bkp[root@server postfix]# cp main.cf main.cf.bkp
Edit in /etc/postfix/master.cf file
[root@server postfix]# vim master.cf
[root@server postfix]# cat master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
#
=======================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ========================================================================
smtp inet n - n - - smtpd
#add amavisd config
amavisfeed unix - - n - 2 lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
-o local_header_rewrite_clients=
-o smtpd_milters=
-o local_recipient_maps=
-o relay_recipient_maps=
#submission inet n - n - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
.....
[root@server postfix]#
Edit the file /etc/postfix/main.cf and enable message filtering in Postfix adding the line:
[root@server postfix]# vim main.cf
[root@server postfix]# cat main.cf
...
#add amavishd configuration..
# use amavisd as filter on port 10024
content_filter=amavisfeed:[127.0.0.1]:10024
[root@server postfix]#
Reload Postfix to get new parameters.
[root@server ~]# service postfix reload
Reloading postfix: [ OK ]
[root@server ~]#
Enable Amavisd and ClamAV services to start during system boot.
[root@server ~]# chkconfig amavisd on
[root@server ~]# chkconfig clamd on
Service clamd start
[root@server ~]# service clamd start
Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: ************************************************** [ OK ]
[root@server ~]#
Service amavisd start
[root@server /]# service amavisd start
Starting amavisd: [ OK ]
[root@server /]#
ClamAV database signature may be outdated, you can manually update by using the command freshclam.
[root@server ~]# freshclam
ClamAV update process started at Fri Aug 1 21:53:39 2014
Downloading main-55.cdiff [100%]
main.cld updated (version: 55, sigs: 2424225, f-level: 60, builder: neo)
WARNING: getfile: daily-15077.cdiff not found on remote server (IP: 120.88.46.210)
WARNING: getpatch: Can't download daily-15077.cdiff from db.in.clamav.net
WARNING: getfile: daily-15077.cdiff not found on remote server (IP: 193.1.193.64)
WARNING: getpatch: Can't download daily-15077.cdiff from db.in.clamav.net
WARNING: getpatch: Can't download daily-15077.cdiff from db.in.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
Downloading daily.cvd [100%]
daily.cvd updated (version: 19256, sigs: 1087763, f-level: 63, builder: neo)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 242, sigs: 46, f-level: 63, builder: dgoddard)
[LibClamAV] ******************************************************
[LibClamAV] *** Virus database timestamp in the future! ***
[LibClamAV] *** Please check the timezone and clock settings ***
[LibClamAV] ******************************************************
Database updated (3512034 signatures) from db.in.clamav.net (IP: 193.1.193.64)
Clamd successfully notified about the update.
[root@server ~]#
No comments:
Post a Comment