Weblog entry #2 for joeblack
See all weblog entries made by joeblack.
I got it, clam and postfix to play with out AMAVIS read on. Below are quick details to setting up clamsmtp with postfix. It also setup's debain with an up to date version of Clam.
Before you begin to read, please note I am writing the expecting you have got a working postfix server, if not I suggest get it working correctly and then follow on. 1. Get the correct clam installed
The default clam install are not up to date. Add the following to your /etc/apt/sources.list
deb http://ftp2.de.debian.org/debian-volatile sarge/volatile mainNow Update
apt-get updatenow install :)
apt-get install clamsmtp clamav-freshclam2. Edit the clamsmtp file
Edit the /etc/clamsmtpd.conf file and change OutAddress: 10025 to OutAddress: 10026. also change Listen: 127.0.0.1:10026 to Listen: 127.0.0.1:10025
3. Edit the postfix files
Add the following to /etc/postfix/main.cf
content_filter = scan:127.0.0.1:10025 receive_override_options = no_address_mappings
Add the following to /etc/postfix/master.cf
# AV scan filter (used by content_filter)
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
# For injecting mail back into postfix from the filter
127.0.0.1:10026 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
4. ConclusionRestart postfix and clamsmtp. Follow the mail.log and check for errors.
Send yourself a virus and see if clam will catch it.
Hope this will help somebody, drop me a line if it did. joeblack at pixelporn dot co dot za.
Comments on this Entry
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Nice writeup - it would make a good submission if you wanted it listed on the front page ..?
Steve
--
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
What happens if you receive a virus? With amavis a special user receive an info mail and the virus is put into quarantine (or optimal is deleted).
--
browse ManPages online!
[ Parent | Reply to this comment ]
:)
[ Parent | Reply to this comment ]
Wondering if any of you encountered this after installing clamav, clamav-daemon, clamav_freshclam, and clamsmtp.
Feb 15 12:23:35 mail clamsmtpd: 100057: clamav error: /var/spool/clamsmtp/clamsmtpd.Iw2Ira: Access denied. ERROR
root@mail:/var/spool/clamsmtp[0]# ls -la
total 0
drwxr-x--- 2 clamsmtp clamsmtp 6 2006-02-15 12:26 .
drwxr-xr-x 7 root root 79 2006-02-15 02:03 ..
root@mail:/var/spool/clamsmtp[0]# ps auxww | grep clam
clamav 16071 0.0 0.4 6944 2304 ? Ss Feb14 0:00 /usr/bin/freshclam -p /var/run/clamav/freshclam.pid -d --quiet
clamav 17253 0.0 3.8 24856 19504 ? Ss 01:21 0:04 /usr/sbin/clamd
clamsmtp 24842 0.0 0.3 100920 1568 ? Ss 10:04 0:00 /usr/sbin/clamsmtpd
clamsmtp 25427 0.0 0.3 100920 1568 ? S 10:34 0:00 /usr/sbin/clamsmtpd
clamav 25431 0.0 3.8 24856 19504 ? S 10:34 0:00 /usr/sbin/clamd
root@mail:/var/spool/clamsmtp[1]# id clamav
uid=105(clamav) gid=105(clamav) groups=105(clamav),111(clamsmtp)
It looks as though clamav should be able access the temp file that clamsmtp is putting in /var/spool/clamsmtp, but it's not. Although maybe the file temp file is more restrictive than the directory (haven't beeen to catch one yet)?
Any thoughts appreciated.
Damon
[ Parent | Reply to this comment ]
Noticed during the install preconfigure never ran which bugged me.
used
ucf -p /etc/clamav/clamd.conf;dpkg-reconfigure clamav-base
ucf -p /etc/clamav/clamd.conf;dpkg-reconfigure clamsmtp
to purge old config and have it recreate new ones.
fyi: you don't need to set the new apt deb source written on this weblog anymore. The versions seem up to date now. (1.6.1 for clamsmpt in testing as of 2/16/06).
Damon
[ Parent | Reply to this comment ]