ClamSMTP
Install Clam AntiVirus to protect servers from virus.
[1] Install Clamav.
# install from EPEL
[root@mail ~]# yum --enablerepo=epel -y install clamav
# update pattern files
[root@mail ~]# freshclam
ClamAV update process started at Tue Aug 12 22:26:22 2014
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
daily.cvd is up to date (version: 19278, sigs: 1090360, f-level: 63, builder: neo)
bytecode.cvd is up to date (version: 242, sigs: 46, f-level: 63, builder: dgoddard)
[2] Try to scan.
[root@mail ~]# clamscan --infected --remove --recursive /home
----------- SCAN SUMMARY -----------
Known viruses: 3509099
Engine version: 0.98.4
Scanned directories: 94
Scanned files: 109
Infected files: 0
Data scanned: 0.95 MB
Data read: 0.89 MB (ratio 1.07:1)
Time: 8.485 sec (0 m 8 s)
# download trial virus
[root@mail ~]# wget http://www.eicar.org/download/eicar.com
[root@mail ~]# clamscan --infected --remove --recursive .
./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed.
# just detected
----------- SCAN SUMMARY -----------
Known viruses: 3509099
Engine version: 0.98.4
Scanned directories: 110
Scanned files: 147
Infected files: 1
Data scanned: 0.78 MB
Data read: 0.64 MB (ratio 1.21:1)
Time: 7.982 sec (0 m 7 s)
Install Clamd and Clamsmtp
# install from EPEL
clamsmtp-1.10-6.el6.x86_64.rpm
[root@mail ~]# yum --enablerepo=epel -y install clamsmtp
[root@mail ~]# vi /etc/clamsmtpd.conf
# line 22: uncomment
Listen: 0.0.0.0:10025
# line 28: uncomment
Header: X-Virus-Scanned: ClamAV using ClamSMTP
# line 34: uncomment
Action: drop
[root@mail ~]# /etc/rc.d/init.d/clamsmtpd start
Starting ClamSmtpd: [ OK ]
[root@mail ~]# /etc/rc.d/init.d/clamsmtp-clamd start
Starting clamd.clamsmtp: [ OK ]
[root@mail ~]# chkconfig clamsmtpd on
[root@mail ~]# chkconfig clamsmtp-clamd on
[3] Configure Postfix.
[root@mail ~]# vi /etc/postfix/main.cf
# add follows to the end
content_filter = scan:127.0.0.1:10025
[root@mail ~]# vi /etc/postfix/master.cf
# add follows to the end
scan unix - - n - 16 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10026 inet n - n - 16 smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
[root@mail ~]# /etc/rc.d/init.d/postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]