Postfix Virtual

Postfix Virtual

Postfix Antivirus Installation & Configuration



There are two popular GPL software which we will use to protect our system against unwanted e-mail. The first one is amavisd-new; it is an interface between your MTA (Postfix) and content checkers (clamav,spamassassin etc) . The second one is Clamav antivirus .



Amavisd-new is a perl software and it requires some modules to be able to function properly.

a) Install those modules from CPAN with the following commands;

#perl -MCPAN -e shell
install  Archive::Tar
install  Archive::Zip
install  Compress::Zlib
install  Convert::UUlib
install  MIME::Base64
install  Mail::Internet
install  Net::Server
install  Net::SMTP
install  Digest::MD5
install  IO::Stringy
install  Time::HiRes
install  Unix::Syslog
install  BerkeleyDB
install MIME::Tools
install  Convert::TNEF

b) Create user account and home directory of amavis

#mkdir /var/amavis
#groupadd amavis
#useradd amavis -g amavis -d /var/amavis  -s /bin/bash 
#chmod 750 /var/amavis
#mkdir /var/amavis/tmp
#mkdir /var/amavis/db
#chown -R amavis:amavis /var/amavis

c) Install amavisd-new

#cd /usr/local/src
#tar -zxf amavisd-new-2.4.0.tar.gz
#cd amavisd-new-2.4.0
#cp amavisd /usr/local/sbin
#chown root /usr/local/sbin/amavisd
#chmod 755 /usr/local/sbin/amavisd
#cp amavisd.conf /etc
#chown root /etc/amavisd.conf
#chmod 644 /etc/amavisd.conf
#mkdir /var/virusmails
#chmod 750 /var/virusmails/
#chown amavis /var/virusmails/

d) Edit /etc/amavisd.conf file and adjust variables as below (If you haven't used the above scheme for directory
structure, you will also need to change more variables than below)

$mydomain = '';
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$final_virus_destiny = D_REJECT;
$final_banned_destiny = D_PASS;
$final_spam_destiny = D_PASS;
$final_bad_header_destiny = D_PASS;
$warnvirussender = 1;
$virus_admin      = "genco\@$mydomain";
$mailfrom_notify_admin     = "genco\@$mydomain";
$mailfrom_notify_recip     = "genco\@$mydomain";
$mailfrom_notify_spamadmin = "NOSPAMMER\@$mydomain";
$sa_tag2_level_deflt = 5;

e) You can set many virus scanners in amavisd.conf file but we are going to use only clamav.
So remove comment "#" character and change socket path into /tmp/clamd on the lines
below in amavisd.conf. These lines starts with text which are in
av_scanners array.

# ###
\&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],



#cd /usr/local/src
#groupadd clamav
#useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav
#tar -zxf clamav-0.88.2.tar.gz
#cd clamav-0.88.2
#./configure --sysconfdir=/etc
#make install
#mkdir /var/lib/clamav
#chown clamav:clamav /var/lib/clamav

Clamav is installedl Lets make a test to see how clamav is working. We are doing our test under /usr/local/clamav-88.2 directory which
contains sample virus-like files. This test will write the output into scan.txt file.

#/usr/local/bin/clamscan -r -l scan.txt /usr/local/clamav-0.88.2

Edit /etc/clamav.conf and modify variables like below; Don't forget to put "#" in front of "Example" text.

LogFile /tmp/clamd.log
DatabaseDirectory /var/lib/clamav
User amavis


Every second a new virus/worm is created, we must update our virus database. Freshclam program does this for us.
Before running freshclam edit /etc/freshclam.conf file and modify the line "Example" like below. (Put # in front of it)


No create necessary log file and run freshclam;

#touch /var/log/clam-update.log
#chmod 600 /var/log/clam-update.log
#chown amavis /var/log/clam-update.log
#/usr/local/bin/freshclam --datadir=/var/lib/clamav -l /var/log/clam-update.log


Create a crontab entry so that clamav will update its database everyday at 08:00 regularly. Put these lines into
your crontab

06 08 * * * /usr/local/bin/freshclam --quiet -l /var/log/clam-update.log

Special NOTE from Lennard Warnaar: Lennard took my attention to the scheduled update time of
clamav. I had not noticed this. Clamav-support docs is saying that : "Please don't choose any multiple of 10
because there are already too many servers using those time slots."
So please update your clamav at
02,03,04 etc. minutes instead of 10 multiples (00,10,20)




First make sure that amavisd is working properly or not. To test, this run amavisd with debug paramater like;

#/usr/local/sbin/amavisd -u amavis debug

If this doesn't cause any errors, exit and start amavisd in the background as below

#su - amavis -c "/usr/local/sbin/amavisd"

This should start amavis daemon with amavis user privilege


Everything is about to finish. Finally we must tell postfix to send its incoming mails into the amavis for virus and spam filtering. To do this please do the following changes into the respective postfix files.

Write these lines into the end of /etc/postfix/ (We are using lmtp interface not smtp here)

smtp-amavis unix -      -       n       -       2  lmtp
    -o lmtp_data_done_timeout=1200
    -o lmtp_send_xforward_command=yes inet n  -       n       -       -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000

Now it is time to tell postfix to use a content filter. Open /etc/postfix/ file and write the following;


Now it is time to reload postfix, "postfix reload" command will reload postfix and new config. To see whether
mail scanning works or not, send an e-mail which only contains characters below and see the rejected message returned to you.


Finally add the following commands into your starup scripts so that at every reboot amavisd and clamav should work.

su - amavis -c "/usr/local/sbin/amavisd"

I hope everything is ok. Congratulations...


About Me |Contact Me | ©2006 Genco (Please refer my page if you use any document in this site) (update 03.06.2006)