Configure Amavishd service (6/7)
Installation amavisd-new service by yum command.
[root@mailserver ~]# systemctl
start clamd@amavisd
#Modify /etc/amavised/amavised.conf file same as below.
....
....
Output omitted
....
....
# OTHER MORE COMMON SETTINGS (defaults may suffice):
Configure amavisd service in postfix service master.cf file.
Installation amavisd-new service by yum command.
[root@mailserver ~]# yum
--enablerepo=epel -y install amavisd-new clamav-server
clamav-server-systemd
[root@mailserver ~]# cp
/usr/share/doc/clamav-server-0.98.7/clamd.sysconfig
/etc/sysconfig/clamd.amavisd
[root@mailserver ~]# vim
/etc/sysconfig/clamd.amavisd
[root@mailserver ~]# cat
/etc/sysconfig/clamd.amavisd
CLAMD_CONFIGFILE=/etc/clamd.d/amavisd.conf
CLAMD_SOCKET=/var/run/clamd.amavised/clamd.sock
#CLAMD_OPTIONS=
[root@mailserver ~]#
[root@mailserver ~]# vim
/usr/lib/systemd/system/clamd\@.service
[root@mailserver ~]# cat
/usr/lib/systemd/system/clamd\@.service
[Unit]
Description = clamd scanner
(%i) daemon
After = syslog.target
nss-lookup.target network.target
[Service]
Type = simple
ExecStart = /usr/sbin/clamd -c
/etc/clamd.d/%i.conf --nofork=yes
Restart = on-failure
PrivateTmp = true
[Install]
WantedBy=multi-user.target
[root@mailserver ~]#
[root@mailserver ~]# systemctl
enable clamd@amavisd
ln -s
'/usr/lib/systemd/system/clamd@.service'
'/etc/systemd/system/multi-user.target.wants/clamd@amavisd.service'
[root@mailserver ~]# systemctl
status clamd@amavisd
clamd@amavisd.service - clamd
scanner (amavisd) daemon
Loaded: loaded
(/usr/lib/systemd/system/clamd@.service; enabled)
Active: active (running)
since Mon 2015-11-23 18:08:35 IST; 19s ago
Main PID: 2915 (clamd)
CGroup:
/system.slice/system-clamd.slice/clamd@amavisd.service
└─2915
/usr/sbin/clamd -c /etc/clamd.d/amavisd.conf --nofork=yes
Nov 23 18:08:43
mailserver.example.com clamd[2915]: Algorithmic detection enabled.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: Portable Executable support
enabled.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: ELF support enabled.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: Mail files support enabled.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: OLE2 support enabled.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: PDF support enabled.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: SWF support enabled.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: HTML support enabled.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: Self checking every 600 seconds.
Nov 23 18:08:43
mailserver.example.com clamd[2915]: Self checking every 600 seconds.
[root@mailserver ~]#
[root@mailserver ~]# vim
/etc/amavisd/amavisd.conf
[root@mailserver ~]# cat
/etc/amavisd/amavisd.conf
use strict;
# a minimalistic configuration
file for amavisd-new with all necessary settings
#
# see amavisd.conf-default
for a list of all variables with their defaults;
# for more details see
documentation in INSTALL, README_FILES/*
# and at
http://www.ijs.si/software/amavisd/amavisd-new-docs.html
# COMMONLY ADJUSTED SETTINGS:
# @bypass_virus_checks_maps =
(1); # controls running of anti-virus code
# @bypass_spam_checks_maps =
(1); # controls running of anti-spam code
# $bypass_decode_parts = 1;
# controls running of decoders&dearchivers
$max_servers = 2; #
num of pre-forked children (2..30 is common), -m
$daemon_user = 'amavis'; #
(no default; customary: vscan or amavis), -u
$daemon_group = 'amavis'; #
(no default; customary: vscan or amavis), -g
$mydomain = 'example.com'; #
a convenient default for other settings
$MYHOME =
'/var/spool/amavisd'; # a convenient default for other settings, -H
$TEMPBASE = "$MYHOME/tmp";
# working directory, needs to exist, -T
$ENV{TMPDIR} = $TEMPBASE; #
environment variable TMPDIR, used by SA, etc.
....
....
Output omitted
....
....
# OTHER MORE COMMON SETTINGS (defaults may suffice):
# $myhostname =
'host.example.co.in'; # must be a fully-qualified domain name!
$myhostname =
'mailserver.example.com'; # must be a fully-qualified domain name!
$notify_method =
'smtp:[127.0.0.1]:10025';
$forward_method =
'smtp:[127.0.0.1]:10025'; # set to undef with milter!
$final_virus_destiny =
D_DISCARD;
$final_banned_destiny =
D_BOUNCE;
$final_spam_destiny =
D_DISCARD; #!!! D_DISCARD / D_REJECT
$final_bad_header_destiny =
D_BOUNCE;
#
$bad_header_quarantine_method = undef;
# $os_fingerprint_method =
'p0f:*:2345'; # to query p0f-analyzer.pl
## hierarchy by which a final
setting is chosen:
## policy bank (based on
port or IP address) -> *_by_ccat
## *_by_ccat (based on mail
contents) -> *_maps
## *_maps (based on
recipient address) -> final configuration value
....
....
Output omitted
....
....
# Potentially useful when all other scanners fail and it is desirable
....
Output omitted
....
....
# Potentially useful when all other scanners fail and it is desirable
# to let mail continue to flow
with no virus checking (when uncommented).
# ['always-clean', sub {0}],
);
1; # insure a defined return
value
[root@mailserver ~]#
Configure amavisd service in
postfix service main.cf file.
[root@mailserver ~]# vim
/etc/postfix/main.cf
[root@mailserver ~]# cat
/etc/postfix/main.cf
...
#
# amavisd configure
content_filter=smtp-amavis:[127.0.0.1]:10024
Configure amavisd service in postfix service master.cf file.
[root@mailserver ~]# vim
/etc/postfix/master.cf
[root@mailserver ~]# cat
/etc/postfix/master.cf
...
#
#
#add below configretion for
amavish service
smtp-amavis unix - - n
- 2 smtp
-o
smtp_data_done_timeout=1200
-o
smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n -
n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o
smtpd_restriction_classes=
-o
smtpd_client_restrictions=
-o
smtpd_helo_restrictions=
-o
smtpd_sender_restrictions=
-o
smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o
strict_rfc821_envelopes=yes
-o
smtpd_error_sleep_time=0
-o
smtpd_soft_error_limit=1001
-o
smtpd_hard_error_limit=1000
[root@mailserver ~]#
No comments:
Post a Comment