In this howto, Postfix integration with amavis-new will be presented. Amavis-new is a wrapper that can call any number of content filtering programs for spam detection, antivirus, etc. In this howto, integration with Spamassassin and Clamav will be presented. This is a classical installation of Postfix + Amavis-new + Spamassassin + Clamav.
Please note that the packages
spamassassin are part of the UniversePackages. That means they will not receive security support from Canonical. You have been warned.
You should have a functional Postfix server installed. If this is not the case, follow the Postfix guide.
Activate Universe and Multiverse repositories. Just follow this howto: AddingRepositoriesHowto. We explain why Universe is needed in the introduction; multiverse will be necessary for some compress/uncompress utils. To begin, install (see InstallingSoftware) the following packages:
sudo apt-get install amavisd-new spamassassin clamav-daemon
Install the optional packages for better spam detection (who does not want better spam detection?):
sudo apt-get install libnet-dns-perl libmail-spf-query-perl pyzor razor
Install some compress/uncompress utils. Install the following packages:
sudo apt-get install arj bzip2 cabextract cpio file gzip lha nomarch pax rar unrar unzip unzoo zip zoo
The default behaviour of Clamav will fit our needs. A daemon is launched (clamd) and signatures are fetched every day. For more Clamav configuration options, check the configuration files in
clamav user to the
amavis group and vice versa in order for Clamav to have access to scan files:
sudo adduser clamav amavis sudo adduser amavis clamav
Spamasssassin autodetects optional components and will use them if they are present. This means that there is no need to configure
The fine tuning of Spamassassin rules is beyond the scope of this guide. Please refer to the Spamassassin page.
/etc/default/spamassassin to activate the Spamassassin daemon change ENABLED=0 to:
Now start Spamassassin:
sudo /etc/init.d/spamassassin start
First, activate spam and antivirus detection in Amavis by editing
use strict; # You can modify this file to re-enable SPAM checking through spamassassin # and to re-enable antivirus checking. # # Default antivirus checking mode # Uncomment the two lines below to enable it # @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re); # # Default SPAM checking mode # Uncomment the two lines below to enable it # @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); 1; # insure a defined return
Bouncing spam can be a bad idea as the return address is often faked, so it may have your server put on a blacklist. Consider editing
/etc/amavis/conf.d/20-debian_defaults to set $final_spam_destiny to D_DISCARD rather than D_BOUNCE, as follows:
$final_spam_destiny = D_DISCARD;
After configuration Amavis needs to be restarted:
sudo /etc/init.d/amavis restart
For postfix integration, you need to add the
content_filter configuration variable to the Postfix configuration file
/etc/postfix/main.cf. This instructs postfix to pass messages to amavis at a given IP address and port:
content_filter = smtp-amavis:[127.0.0.1]:10024
postconf command, run as root because of the preceding
sudo command, adds the
content_filter specification line above to
sudo postconf -e "content_filter = smtp-amavis:[127.0.0.1]:10024"
Alternatively, you can manually edit
main.cf yourself to add the
/etc/postfix/master.cf and add the following to the end of the file:
smtp-amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
Also add the following two lines immediately below the "pickup" transport service:
-o content_filter= -o receive_override_options=no_header_body_checks
sudo /etc/init.d/postfix reload
Now content filtering with spam and virus detection is enabled.
First, test that the amavis SMTP is listening:
telnet localhost 10024 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 [127.0.0.1] ESMTP amavisd-new service ready ^]
Check on your
/var/log/mail.log that everything goes well. If you raise the log level, you can check every step of the content filtering: spam check, virus check, etc. Don't forget to lower the log level after your checks!
On messages that go through the content filter you should see:
X-Spam-Level: X-Virus-Scanned: Debian amavisd-new at example.com X-Spam-Status: No, hits=-2.3 tagged_above=-1000.0 required=5.0 tests=AWL, BAYES_00 X-Spam-Level:
If the filtering is not happening, adding the following to
/etc/amavis/conf.d/50-user may help:
@local_domains_acl = ( ".$mydomain" );
If you receive mail for other domains, add them to the list. This information was obtained from the Amavis-New FAQ here.
If you see the following error in /var/log/syslog when amavisd is trying to scan a message:
amavis: (30807-01) (!!) ask_av (ClamAV-clamd) FAILED - unexpected result: /var/lib/amavis/tmp/amavis-20070615T125025-30807/parts: lstat() failed. ERROR\n
Try changing the permissions on
chmod -R 775 /var/lib/amavis/tmp
Another way to trouble shoot errors associated with Amavisd-new, Spamassassin, Postfix, or Clamav is to restart all the services with Amavisd-new being the last one to start:
sudo /etc/init.d/postfix restart sudo /etc/init.d/spamassassin restart sudo /etc/init.d/clamav-daemon restart sudo /etc/init.d/amavis restart
/var/log/mail.log and see if the error has gone away.
> Note: This guide has been tested on Ubuntu 7.10 (Gutsy Gibbon).