Antivirus

install and integrate SpamAssassin with Postfix on a CentOS 6

## yum install spamassassin

SET-UP USER

create spamfilter group used for the user that will run the spamassassin service

## groupadd spamfilter

create new user spamfilter with a home directory of /usr/local/spamassassin and add it to the spamfilter group you just created

## useradd -g spamfilter -s /bin/false -d /usr/local/spamassassin spamfilter ## chown spamfilter: /usr/local/spamassassin

CONFIGURE SPAMASSASSIN

next, configure spamassassin by editing /etc/mail/spamassassin/local.cf and adding/setting the following

## vim /etc/mail/spamassassin/local.cf

required_hits 5 report_safe 0 rewrite_header Subject [SPAM] required_score 5.0

before we proceed with starting-up the spamassassin service, we need to make sure it runs with our newly created spamfilter user by editing /etc/sysconfig/spamassassin and setting-up the following:

## vim /etc/sysconfig/spamassassin# Options to spamd SAHOME="/usr/local/spamassassin" SPID_DIR="/var/run/spamassassin" SUSER="spamfilter" SPAMDOPTIONS="-d -c -m5 --username ${SUSER} -H ${SAHOME} -s ${SAHOME}/spamfilter.log"

with all that in place, we are ready to start and enable the spamassassin service on system startup using:

## service spamassassin start ## chkconfig spamassassin on

CONFIGURE POSTFIX

next thing you need to do is to actually integrate spamassassin into postfix so it can scan and mark the emails that were detected as SPAM. 

To achieve this we need to edit postfix configuration file. Edit master.cf:

## vim /etc/postfix/master.cf

smtp      inet  n       -       n       -       -       smtpd -o content_filter=spamassassin spamassassin unix -     n       n       -       -       pipe user=spamfilter argv=/usr/bin/spamc -f -e  /usr/sbin/sendmail -oi -f ${sender} ${recipient}

## service postfix restart

https://www.rosehosting.com/blog/how-to-install-and-integrate-spamassassin-with-postfix-on-a-centos-6-vps/

###########################################################################################################################################################

Setup Spam and Virus Filtering on a CentOS 6 Postfix email server with SpamAssasin and ClamAV

First, test that you are not an Open Relay that spammers would use to send spam with. Enter your external IP: http://www.mailradar.com/openrelay/

Setup Spam filtering with SpamAssassin

Install SpamAssassin:

#yum -y install spamassassin

There is nothing else to do. We will use Amavisd-new to connect to  SpamAssassin so we don't need it to start at boot. SpamAssassin updates  itself daily in cron /etc/cron.d.

Setup Antivirus filtering with ClamAV

Install ClamAV (daemon, virus database, and software):

#yum -y install clamd clamav-db clamav

Setup interface between Postfix and SpamAssassan, ClamAV

Amavisd-new connects the MTA (Postfix) to the filters.

Install Amavisd-new:

#yum -y install amavisd-new

Save a copy of the configuration file:

 #cp /etc/amavisd/amavisd.conf /etc/amavisd/amavisd.conf.original

Edit the Amavisd-new configuration file:

#vi /etc/amavisd/amavisd.conf

Uncomment and update:

$myhostname = 'beach.jumpingcrab.com';

Set Postfix to use amavids on port 10024:

 #vi /etc/postfix/main.cf

add after other parameters we added:

#use amavisd as filter on port 10024

content_filter=amavisfeed:[127.0.0.1]:10024

OR content_filter = smtp-amavis:127.0.0.1:10024

Save a copy of Postfix master configuration file if not already done:

#cp /etc/postfix/master.cf /etc/postfix/master.cf.original

Edit Postfix configuration file:

#vi /etc/postfix/master.cf

Add the following lines at the bottom of the file to connect Postfix to  Amavisd-new (explanation and updates found in  /usr/share/doc/amavisd-new-2.6.4/README_FILES/README.postfix):

amavisfeed unix    -       -       n        -      2     smtp      -o lmtp_data_done_timeout=1200      -o lmtp_send_xforward_command=yes      -o lmtp_tls_note_starttls_offer=no  127.0.0.1:10025 inet n    -       n       -       -     smtpd     -o content_filter=     -o smtpd_delay_reject=no     -o smtpd_client_restrictions=permit_mynetworks,reject     -o smtpd_helo_restrictions=     -o smtpd_sender_restrictions=     -o smtpd_recipient_restrictions=permit_mynetworks,reject     -o smtpd_data_restrictions=reject_unauth_pipelining     -o smtpd_end_of_data_restrictions=     -o smtpd_restriction_classes=     -o mynetworks=127.0.0.0/8     -o smtpd_error_sleep_time=0     -o smtpd_soft_error_limit=1001     -o smtpd_hard_error_limit=1000     -o smtpd_client_connection_count_limit=0     -o smtpd_client_connection_rate_limit=0     -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters     -o local_header_rewrite_clients=     -o smtpd_milters=     -o local_recipient_maps=     -o relay_recipient_maps=

reload postfix to get the change:

#service postfix reload

Set Amavisd-new to start after reboot and start Amavisd-new:

#chkconfig amavisd on #service amavisd start

Set ClamAV to start after reboot and start ClamAV:

#chkconfig clamd.amavisd on #service clamd.amavisd start

Make sure you remove your weak test account created above!

WEB

http://andrewpuschak.com/dokuwiki/doku.php?id=centos_6_email_server

https://wiki.apache.org/spamassassin/IntegratedInPostfixWithAmavis