Scientific Linux 6
Sponsored Link

Run with Clamav - ClamSMTP2011/03/20

  Install Clamav first and Configure to run Postfix with Clamav to scan virus timely. Install ClamSMTP to do it.

[1] Install Clamd and ClamSMTP
[root@mail ~]#
yum --enablerepo=rpmforge -y install clamd
 
# install from RPMforge


[root@mail ~]#
wget http://thewalter.net/stef/software/clamsmtp/clamsmtp-1.10.tar.gz


[root@mail ~]#
tar zxvf clamsmtp-1.10.tar.gz

[root@mail ~]#
cd clamsmtp-1.10

[root@mail clamsmtp-1.10]#
./configure

[root@mail clamsmtp-1.10]#
make

[root@mail clamsmtp-1.10]#
make install

[root@mail clamsmtp-1.10]#
cp ./doc/clamsmtpd.conf /etc

[root@mail clamsmtp-1.10]#
[root@mail ~]#
vi /etc/clamsmtpd.conf


# line 11: change

OutAddress:
127.0.0.1:10026


# line 29: uncomment and change

Listen:
127.0.0.1:10025


# line 32: change

ClamAddress:
/var/run/clamav/clamd.sock


# line 35: uncomment

Header: X-Virus-Scanned: ClamAV using ClamSMTP

# line 38: uncomment

TempDirectory: /tmp

# line 41: uncomment

Action: drop

# line 50: uncomment

User: clamav

[root@mail ~]#
vi /etc/rc.d/init.d/clamsmtp
# create init script


#!/bin/bash

# clamsmtpd
Start/Stop clamsmtpd

#
# chkconfig:
- 65 40

# description:
Clamsmtpd is smtpd for Clamav Antivirus daemon.

#
# processname:
clamsmtpd

# pidfile:
/var/run/clamav/clamsmtpd.pid


. /etc/rc.d/init.d/functions
. /etc/sysconfig/network

CONFIG_FILE=/etc/clamsmtpd.conf
PID_DIR=/var/run/clamav

RETVAL=0

start() {
echo -n $"Starting ClamSmtpd: "

daemon /usr/local/sbin/clamsmtpd -f $CONFIG_FILE -p $PID_DIR/clamsmtpd.pid

RETVAL=$?

echo

[ $RETVAL -eq 0 ] && touch /var/lock/subsys/clamsmtpd

return $RETVAL

}
stop() {
echo -n $"Stopping ClamSmtpd: "

killproc clamsmtpd

RETVAL=$?

echo

[ $RETVAL -eq 0 ] && rm -f /var/run/clamsmtp/clamsmtpd.pid /var/lock/subsys/clamsmtpd

return $RETVAL

}
restart() {
stop

start

}
case "$1" in
   start)
start

;;

   stop)
stop

;;

   status)
status clamsmtpd

;;

   restart)
restart

;;

   condrestart)
[ -f /var/lock/subsys/clamsmtpd ] && restart || :

;;

*)
echo $"Usage: $0 {start|stop|status|restart}"

exit 1

esac
exit $?


[root@mail ~]#
chmod 755 /etc/rc.d/init.d/clamsmtp

[root@mail ~]#
/etc/rc.d/init.d/clamd start

Starting Clam AntiVirus Daemon:
[ OK ]

[root@mail ~]#
/etc/rc.d/init.d/clamsmtp start

Starting ClamSmtpd:
[ OK ]

[root@mail ~]#
chkconfig --add /etc/rc.d/init.d/clamsmtp

[root@mail ~]#
chkconfig clamsmtp on

[root@mail ~]#
chkconfig clamd on

[2] Configure Postfix
[root@mail ~]#
vi /etc/postfix/main.cf


# add at the last line

content_filter = scan:127.0.0.1:10025


[root@mail ~]#
vi /etc/postfix/master.cf


# add at the last line

scan unix -       -       n      -     16 smtp
      -o smtp_data_done_timeout=1200
      -o smtp_send_xforward_command=yes
      -o disable_dns_lookups=yes
127.0.0.1:10026 inet n     -     n     -     16 smtpd
      -o content_filter=
      -o local_recipient_maps=
      -o relay_recipient_maps=
      -o smtpd_restriction_classes=
      -o smtpd_client_restrictions=
      -o smtpd_helo_restrictions=
      -o smtpd_sender_restrictions=
      -o smtpd_recipient_restrictions=permit_mynetworks,reject
      -o mynetworks_style=host
      -o smtpd_authorized_xforward_hosts=127.0.0.0/8


[root@mail ~]#
/etc/rc.d/init.d/postfix restart

Shutting down postfix:
[ OK ]

Starting postfix:
[ OK ]

  These lines below are added in header section of emails after this configuration.
  Try to send test virus with email, then it will not send to a mailbox and logs like below are recorded.
Matched Content