Conf
yum -y install epel-release
yum -y install spamassassin
# sa-update
yum -y install clamd clamav-db* clamav
# freshclam -v
OR yum -y install amavisd-new clamav clamav-devel* clamd spamassassin
# cat /etc/passwd | grep "amavis\|clamav"
clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh
# groups clamav
clamav : clamav amavis
#gpasswd -a clamav amavis
# chkconfig --list | grep "amavisd\|clamd\|spamassassin"
amavisd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
clamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
spamassassin 0:off 1:off 2:off 3:off 4:off 5:off 6:off
# yum -y install amavisd-new
Backup Original File
# cp /etc/amavisd/amavisd.conf /etc/amavisd/amavisd.conf.original
# cp /etc/clamd.conf /etc/clamd.conf.original
# cp /etc/freshclam.conf /etc/freshclam.conf.original
[root@mail ~]# mkdir -p /var/amavis
[root@mail ~]# cd /var/amavis
[root@mail amavis]# chown -R amavis.amavis /var/amavis
[root@mail ~]# mkdir -p /var/clamav
[root@mail amavis]# chown -R amavis.amavis /var/clamav ["freshclam -v" updating issue]
chown -R amavis.amavis /var/log/clamav/
chown -R amavis.amavis /var/run/clamav/
chown -R amavis.amavis /var/amavis/
# mkdir -p tmp /var/amavis/
#cd /var/amavis/tmp
[root@mail amavis]# chown -R amavis.amavis /var/amavis/tmp
[root@mail ~]# mkdir -p quarantine /var/amavis/
[root@mail ~]# cd /var/amavis/quarantine
[root@mail quarantine]# chown -R amavis.amavis /var/amavis/quarantine
Enable the RPMForge Repo:
CentOS/RHEL 7 x86 64bit:
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
CentOS/RHEL 6 x86 64bit:
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
CentOS/RHEL 6 x86 32bit:
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm
CentOS/RHEL 5 x86 64bit:
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el5.rf.x86_64.rpm
CentOS/RHEL 5 x86 32bit:
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el5.rf.i386.rpm
install
# yum --enablerepo=rpmforge install aria2
Setup required repositories
Download:
CentOS/RHEL 7 x86 64bit:
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
http://www.iredmail.org/forum/topic481-iredmail-support-install-pyzor-razor2-and-dcc-on-your-centosrhel-iredmail-server.html
DAG Wieers RPMforge has the razor-agents and perl-Razor-Agent packages
For i386:
# rpm -Uvh http://rpmforge.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
For x86_64:
# rpm -Uvh http://rpmforge.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
Atomic Rocket Turtle has the latest version of pyzor
# wget -q -O - http://www.atomicorp.com/installers/atomic.sh | sh
Note. If you wish to disable the atomic repository after using it, simply edit /etc/yum.repos.d/atomic.repo and change enabled = 1 to enable = 0 in [atomic] section
2. Install the packages
yum install gcc
# yum install --enablerepo=rpmforge razor-agents
yum --enablerepo=rpmforge downgrade perl-Razor-Agent
# yum -y install pyzor razor-agents
3. Perform the following
chown -Rf amavis:amavis /var/spool/amavis
su -m amavis -c 'razor-admin -home=/var/amavisd -discover'
yum install -y pyzor mkdir /var/spool/amavisd/.pyzor chown -Rf amavis:amavis /var/spool/amavis/.pyzor su amavis pyzor --homedir /var/spool/amavisd/.pyzor discover
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -discover'
# chmod -R a+rX /usr/share/doc/pyzor-0.5.0 /usr/bin/pyzor /usr/bin/pyzord # chmod -R a+rX /usr/lib/python2.4/site-packages/pyzor OR chmod -R a+rX /usr/lib/python2.6/site-packages/pyzor
# mkdir /var/spool/amavisd chown amavis:amavis /var/spool/amavisd
chown -Rf amavis:amavis /var/spool/amavis su -m amavis -c 'pyzor --homedir /var/spool/amavisd discover'
su -m amavis -c 'razor-admin -home=/var/spool/amavisd -create' su -m amavis -c 'razor-admin -home=/var/spool/amavisd -register'
And
# chmod -R a+rX /usr/share/doc/pyzor-0.5.0 /usr/bin/pyzor /usr/bin/pyzord # chmod -R a+rX /usr/lib/python2.4/site-packages/pyzor [change 2.4 OR 2.6 tab-tab] # mkdir /var/amavisd chown amavis:amavis /var/amavis
su -m amavis -c 'pyzor --homedir /var/amavis discover' su -m amavis -c 'razor-admin -home=/var/amavis -create' su -m amavis -c 'razor-admin -home=/var/amavis -register'
4. Install DCC --Attatch under
# cd /tmp # wget http://www.dcc-servers.net/dcc/source/dcc-dccproc.tar.Z # tar xzvf dcc-dccproc.tar.Z # cd dcc-dccproc-1.3.158/ # ./configure --with-uid=amavis # make # make install # chown -R amavis:amavis /var/dcc # ln -s /var/dcc/libexec/dccifd /usr/local/bin/dccifd
wget http://www.dcc-servers.net/dcc/source/dcc-dccproc.tar.Z tar xfvz dcc-dccproc.tar.Z cd dcc-dccproc-* ./configure && make && make install
OR
# ./configure --with-uid=amavis
make && make install
Note. You can ignore the sendmail build error's you see when you run ./configure --with-uid=amavis
5. Modify Spamassassin
Add the following to /etc/mail/spamassassin/local.cf
required_score 5
# dcc use_dcc 1 dcc_home /var/dcc dcc_path /usr/local/bin/dccproc dcc_timeout 10 add_header all DCC _DCCB_: _DCCR_ # pyzor use_pyzor 1 pyzor_path /usr/bin/pyzor # razor use_razor2 1 razor_config /var/spool/amavisd/razor-agent.conf score RAZOR2_CHECK 2.500 score PYZOR_CHECK 2.500 score DCC_CHECK 4.000
#Add this in last line
# Configure the Bayes system
use_bayes 1
bayes_auto_learn 0
bayes_path /var/amavis/.spamassassin/
bayes_file_mode 0666
# Enable or disable network checks
skip_rbl_checks 0
----------------------
Enable the DCC plugin in /etc/mail/spamassassin/v310.pre
# DCC - perform DCC message checks. # # DCC is disabled here because it is not open source. See the DCC # license for more details. # loadplugin Mail::SpamAssassin::Plugin::DCC
Check your Spamassassin configuration
# spamassassin --lint
It shouldn't show any errors.
6. Restart Amavid and test away
# service amavisd restart
testing commands
# yum -y update spamassassin
# spamassassin -t -D razor2 < /usr/share/doc/spamassassin-3.3.2/sample-spam.txt # spamassassin -t -D pyzor < /usr/share/doc/spamassassin-3.3.2/sample-spam.txt# cdcc info
# cd /var/spool/postfix
# mkdir -p Maildir
# chown -R postfix.root Maildir
# chkconfig amavisd on
# service amavisd start
# service amavisd restart
# service spamassassin start
# chkconfig spamassassin on
# /etc/init.d/spamassassin restart
# chkconfig clamd on
Update Clam Data file
# freshclam -v
# service clamd start
# service clamd restart
------------------------------------------
# vi /etc/postfix/aliases
[ADD this]
virusalert: junkmail
spam.police: junkmail
spamalert: junkmail
Make sure /var/amavis/ exists and that the user amavisd runs on has write access to it.
# ls -al /var/amavis total 12 drwxr-x--- 6 vscan vscan 512 Jul 27 10:44 ./ drwxr-xr-x 30 root wheel 512 Jul 27 18:44 ../ drwx------ 2 vscan vscan 512 Jul 26 03:06 .spamassassin/ srwxrwx--- 1 vscan vscan 0 Jul 27 10:44 amavis-milter.sock= -rw-r----- 1 vscan vscan 0 Jul 16 11:53 amavisd.lock -rw-r----- 1 vscan vscan 0 Jul 26 23:23 amavisd.pid srwxr-x--- 1 vscan vscan 0 Jul 26 23:23 amavisd.sock= drwxr-x--- 2 vscan vscan 512 Jul 26 23:23 db/ drwxr-x--- 2 vscan vscan 512 Jul 26 23:23 tmp/ drwxr-x--- 2 vscan vscan 512 Oct 29 2008 var/
-------------------------------------------------------------
crontab
[root@mail ~]# crontab -e
@hourly chown -R amavis.amavis /var/clamav
* * 15 * * echo > /var/amavis/amavis.log
* 4 * * * chown -R amavis.amavis /var/log/clamav/
* 4 * * * chown -R amavis.amavis /var/run/clamav/
* 4 * * * chown -R amavis.amavis /var/amavis/
@weekly sa-update
@weekly freshclam -v
@monthly service clamd restart
XXXXXXXXXXXXXXXXXXX------------XXXXXXXXXXXXXXXXXX------------XXXXXXXXXXXXXXXXXXXXXx
Installation and Configuration of Postfix Server on Centos 6.5 Amavisd-New, ClamAV And Spamassassin Installation
Enable the RPMForge Repo:
Amavisd-new and ClamAV were installed from the RPMForge repository. To enable the RPMForge repository do the following (this example is for 64bit systems. You will need a different RPM for 32bit systems)
For RHEL/CentOS 7 64 Bit
# wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
# rpm -ivh rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
For RHEL/CentOS 6 32-64 Bit
## RHEL/CentOS 6 32 Bit OS ##
# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm
# rpm -ivh rpmforge-release-0.5.2-2.el6.rf.i686.rpm
## RHEL/CentOS 6 64 Bit OS ##
# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
# rpm -ivh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
For RHEL/CentOS 5 32-64 Bit
## RHEL/CentOS 5 32 Bit OS ##
# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
# rpm -ivh rpmforge-release-0.5.2-2.el5.rf.i386.rpm
## RHEL/CentOS 5 64 Bit OS ##
# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
# rpm -ivh rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
Import RPMForge Repository Key for RHEL/CentOS 7/6/5 :
We need to download and install DAG’s GPG key for our system.
# wget http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
# rpm –import RPM-GPG-KEY.dag.txt
Install amavisd-new, clamav and spamassassin:
[root@pc1 ~]# yum install amavisd-new clamav clamav-devel clamd spamassassin
This will likely also install a bunch of dependencies including various perl modules and archive packages. If all went well, two new users, amavis and clam should have been installed onto the system:
Verify amavis and clam user’s:
[root@pc1 ~]# cat /etc/passwd | grep “amavis\|clamav”
clam:x:495:492:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin
amavis:x:494:491:User for amavisd-new:/var/spool/amavisd:/sbin/nologin
In addition, the clam user should automatically have been added to the amavis group:
[root@pc1 ~]# groups clam
clam : clam amavis
If not, you can manually add clam to the amavis group:
[root@pc1 ~]# gpasswd -a clam amavis
Finally, three new services should have been added to the system
[root@pc1 ~]# chkconfig –list | grep “amavisd\|clamd\|spamassassin”
amavisd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
clamd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
clamd.amavisd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
spamassassin 0:off 1:off 2:off 3:off 4:off 5:off 6:off
ClamAV Setup:
ClamAV’s configuration is stored in /etc/clamd.conf. We must edit /etc/clamd.conf to tell ClamAV that Amavisd-new will communicate using a local UNIX socket rather than a tcp socket.
[root@pc1 ~]# vim /etc/clamd.conf
### /etc/clamd.conf
#
# Set the LocalSocket for clam
# Note this *MUST* match that set in /etc/amavisd.conf
#
LocalSocket /var/run/clamav/clamd.sock
#
# Comment out the TCPSocket setting:
# TCPSocket 3310 <—– (Disable this line)
Amavisd-new setup:
Amavisd-new keeps its configuration settings in /etc/amavisd/amavisd.conf.
#vim /etc/amavisd/amavisd.conf
Next, note to following lines although no change is required:
$max_servers = 2; # num of pre-forked children (2..30 is common), -m
$daemon_user = “amavis”; # (no default; customary: vscan or amavis), -u
$daemon_group = “amavis”; # (no default; customary: vscan or amavis), -g
…
$inet_socket_port = 10024; # listen on this local TCP port(s)
…
# $notify_method = ‘smtp:[127.0.0.1]:10025’;
# $forward_method = ‘smtp:[127.0.0.1]:10025’; # set to undef with milter!
$mydomain = ‘worldcm.com’; # a convenient default for other settings (Edit this line)
$MYHOME = ‘/var/spool/amavisd’; # a convenient default for other settings, -H
$TEMPBASE = “$MYHOME/tmp”; # working directory, needs to exist, -T
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc.
$QUARANTINEDIR = undef; # -Q
$db_home = “$MYHOME/db”; # dir for bdb nanny/cache/snmp databases, -D
$helpers_home = “$MYHOME/var”; # working directory for SpamAssassin, -S (uncomment this line)
$lock_file = “/var/run/amavisd/amavisd.lock”; # -L
$pid_file = “/var/run/amavisd/amavisd.pid”; # -P
$myhostname = ‘mail.worldcm.com’; # must be a fully-qualified domain name!(add this line)
Next up are some SpamAssassin settings which override the default SpamAssassin settings:
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.2; # add ‘spam detected’ headers at that level
$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt; # don’t waste time on hi spam
$sa_mail_body_size_limit = 400*1024; # don’t waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
Finally, we need to uncomment the section for ClamAV like so:
### http://www.clamav.net/
[‘ClamAV-clamd’,
\&ask_daemon, [“CONTSCAN {}\n”, “/var/run/clamav/clamd.sock”], <——– (add this location)
qr/\bOK$/m, qr/\bFOUND$/m,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
Change the location of clamd.sock file from /var/spool/amavisd/clamd.sock to /var/run/clamav/clamd.sock.
Edit the configuration file /etc/postfix/master.cf to tell Postfix to pass mail to Amasvid-new for filtering:
[root@pc1 ~]# vim /etc/postfix/master.cf
#at the end of line add the followings.
# define amavis service for postfix
# # maxproc column here must match the $max_servers in /etc/amavisd/amavisd.conf
$ amavisfeed unix – – n – 16 lmtp
-o lmtp_data_done_timeout=1200
-o lmtp_send_xforward_command=yes
# define a service to inject mail back into Postfix
127.0.0.1:10025 inet n – n – – smtpd
-o content_filter=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
-o local_header_rewrite_clients=
-o smtpd_milters=
-o local_recipient_maps=
-o relay_recipient_maps=
Edit Postfix Main.cf:
Edit the file /etc/postfix/main.cf and enable message filtering in Postfix adding the line:
[root@pc1 ~]# vim /etc/postfix/main.cf
###################################################
# message filtering in Postfix for Amavis mail scan
content_filter=amavisfeed:[127.0.0.1]:10024
[root@pc1 ~]# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
Start the clamd and amavisd services:
[root@kvit ~]# service clamd start
Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
[ OK ]
[root@pc1 ~]# service amavisd start
Starting Mail Virus Scanner (amavisd): [ OK ]
Check the clamav version:
[root@kvit ~]# clamd -V
ClamAV 0.98.7/20394/Wed Apr 29 22:07:08 2015
Do not forget to update clam antivirus database using freshclam command.
[root@kvit ~]# freshclam
ClamAV update process started at Sat Nov 7 21:28:34 2015
Database updated (4092195 signatures) from db.in.clamav.net (IP: 193.1.193.64)
Check your maillog for success or error messages:
[root@pc1 ~]# tail -f /var/log/maillog /var/log/messages
-------------------------------------------
http://linuxgateway.in/installation-and-configuration-of-postfix-server-on-centos-6-5-part-34-amavisd-new-clamav-and-spamassassin-installation/
http://www.iredmail.org/forum/topic481-iredmail-support-install-pyzor-razor2-and-dcc-on-your-centosrhel-iredmail-server.html