July 27, 2014
 
 
RSSRSS feed

Feed Your Virus Worries to a Clam - page 2

Configuring Postfix To Use Amavisd-new

  • September 16, 2004
  • By Carla Schroder

No big deal here, get sources or binary packages from Clam AntiVirus, or grab packages from wherever you usually get packages for your Linux distribution.

Edit /etc/amavis/amavisd.conf. In Section 1, set $mydomain and $myhostname to your own values. Then, uncomment:

$forward_method = 'smtp:127.0.0.1:10025'; # where to forward checked mail
$notify_method = $forward_method; # where to submit notifications

That tells Amavisd-new to pass on any messages that survive virus-scanning to Postfix for final delivery.

Next, we're going to disable virus quarantines, and reject virus-infested messages without notification. There is absolutely no point in sending auto-replies to senders of infected messages, because -- are you listening? Do I have your full attention? The return addresses are forged. Don't send replies to forged addresses. All bounced virus notifications do is clog the Internet with useless traffic. Geeks who receive your bounce messages will be annoyed and know you are lame. Regular folks will be puzzled or alarmed, and may pester you for help. Lose-lose-lose all the way.

To configure this, move down to Section IV. Here we shall disable quarantining virus-infested messages:

$QUARANTINEDIR = undef;
$virus_quarantine_to = undef;
$final_virus_destiny = D_DISCARD; # (defaults to D_BOUNCE)

D_DISCARD drops the sucker cold, with no notification to the sender of any kind. Boom, dead.

Find Section VII and uncomment the Clam AV section, and comment out all the virus scanners you are not using. Make sure all ClamAV lines are uncommented:

### http://www.clamav.net/
['Clam Antivirus-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
  qr/\bOK$/, qr/\bFOUND$/,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

Now make sure Amavisd-new is stopped, and check the configuration with the built-in debugger:

# /etc/init.d/amavis stop
# amavis debug

This spits out a configuration summary and checks syntax. If there are any error messages, correct the errors before proceeding.

Next, start it back up and connect with telnet to confirm that Amavisd-new is running:

# /etc/init.d/amavis start
$ telnet 127.0.0.1 10024
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready

Amvisd-new is running, so quit telnet:

^]
telnet> quit
Connection closed.
Sitemap | Contact Us