Amavis
---------
sa-update
freshclam
systemctl restart amavisd.service
systemctl restart spamassassin.service
systemctl restart clamd@amavisd.service
systemctl enable amavisd.service
systemctl enable spamassassin.service
systemctl enable clamd@amavisd.service
systemctl restart dovecot.service
systemctl restart postfix.service
Install Amavisd-new
# yum --enablerepo=epel -y install amavisd-new* spamassassin clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd unzip bzip2 perl-DBD-mysql
Clam AntiVirus
[root@ ~]# sed -i -e "s/^Example/#Example/" /etc/freshclam.conf
# update pattern files
# clamscan --infected --remove --recursive /home
# download trial virus
[root@dlp ~]# curl -O http://www.eicar.org/download/eicar.com
[root@dlp ~]# clamscan --infected --remove --recursive .
./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed. # just detected
sa-update
freshclam
systemctl enable amavisd.service
systemctl start amavisd.service
systemctl start clamd@amavisd.service
edit the following file
Code:
vi /etc/freshclam.conf
and comment the line “Example” like this
Code:
# Example
update the ClamAV database
Code:
freshclam
auto update is already set up, but to work properly, we need to edit the following file:
Code:
vi /etc/sysconfig/freshclam
and remove this 4 lines:
Code:
### !!!!! REMOVE ME !!!!!!
### REMOVE ME: By default, the freshclam update is disabled to avoid
### REMOVE ME: network access without prior activation
FRESHCLAM_DELAY=disabled-warn # REMOVE ME
# FRESHCLAM_DELAY=disabled-warn ## REMOVE ME
edit the cron file just to make sure that the line is not commented
Code:
vi /etc/cron.d/clamav-update
OK. Packages are installed. Here comes the configuration part
Configuration
We need to edit amavisd.conf file
Code:
vi /etc/amavisd/amavisd.conf
Change the following lines like this…
Code:
$mydomain = ‘domain.com’; # a convenient default for other settings
$myhostname = 'mail.domain.com’; # must be a fully-qualified domain name and same as reverse DNS lookup
[root@mail ~]# vi /etc/amavisd/amavisd.conf
# line 20: change to the own domain name
$mydomain = 'worldcm.net
';
# line 152: change to the own hostname
$myhostname = 'mail.worldcm.net
';
# line 154: uncomment
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
-------------------------------------
systemctl start amavisd spamassassin
systemctl enable amavisd spamassassin
---------------------------------
clamd.amavisd
[root@mail ~]# cp /usr/share/doc/clamav-server*/clamd.sysconfig /etc/sysconfig/clamd.amavisd
[root@mail ~]# vi /etc/sysconfig/clamd.amavisd
# line 1, 2: uncomment and change
CLAMD_CONFIGFILE=/etc/clamd.d/amavisd.conf
CLAMD_SOCKET=/var/run/clamd.amavisd/clamd.sock
[root@mail ~]# vi /etc/tmpfiles.d/clamd.amavisd.conf
# create new
d /var/run/clamd.amavisd 0755 amavis amavis -
[root@mail ~]# vi /usr/lib/systemd/system/clamd@.service
# add to the end
[Install]
WantedBy=multi-user.target
systemctl start clamd@amavisd
systemctl enable clamd@amavisd
# -----
[root@mail ~]# vi /etc/postfix/main.cf
# add to the end
content_filter=smtp-amavis:[127.0.0.1]:10024
Now we need to check if everything is set in postfix master.cf [ end]
Code:
vi /etc/postfix/master.cf
# spam/virus section
#
smtp-amavis unix - - y - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - y - - smtpd
-o content_filter=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o receive_override_options=no_header_body_checks
-o smtpd_helo_required=no
-o smtpd_client_restrictions=
-o smtpd_restriction_classes=
-o disable_vrfy_command=no
-o strict_rfc821_envelopes=yes
------------------------------------------
amavisfeed unix - - n - 2 lmtp -o lmtp_data_done_timeout=1200 -o lmtp_send_xforward_command=yes -o lmtp_tls_note_starttls_offer=no
127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters -o local_header_rewrite_clients= -o smtpd_milters= -o local_recipient_maps= -o relay_recipient_maps=
-----------------------------------------------------------------------------------------------
# add to the end
smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
--------------------------
systemctl start spamassassin
systemctl start amavisd
systemctl enable spamassassin
systemctl enable amavisd
systemctl restart postfix
--------