Difference between revisions of "ClamAV Antivirus for Postfix on CentOS 6"

From vpsget wiki
Jump to: navigation, search
Line 98: Line 98:
  
 
  mynetworks =  your.ip.addr.0/24 127.0.0.0/8
 
  mynetworks =  your.ip.addr.0/24 127.0.0.0/8
 +
 +
[[Category:Linux]]

Revision as of 13:43, 11 August 2015

ClamAV and ClamSMTP

Install ClamAV:

yum install clamd

Open clamav configuration file /etc/clamd.conf . It must look like this:

LogFile /var/log/clamav/clamd.log
LogFileMaxSize 0
LogTime yes
LogSyslog yes
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /var/tmp
DatabaseDirectory /var/lib/clamav
LocalSocket /tmp/clamd.sock
FixStaleSocket yes
TCPSocket 3310
TCPAddr 127.0.0.1
MaxConnectionQueueLength 30
MaxThreads 50
ReadTimeout 300
User clam
AllowSupplementaryGroups yes
ScanPE yes
ScanELF yes
DetectBrokenExecutables yes
ScanOLE2 yes
ScanMail yes
ScanArchive yes
ArchiveBlockEncrypted no 

Install ClamSMTP:

yum install clamsmtp

Edit config /etc/clamsmtpd.conf :

OutAddress: 10026
Listen: 127.0.0.1:10025
ClamAddress: /tmp/clamd.sock
Header: X-Virus-Scanned: ClamAV using ClamSMTP
TempDirectory: /tmp
Action: drop
Quarantine: on
User: clam

Instead "Action: drop" you can to enter "Action: bounce" for returning messages or "Action: pass" for skiping.

Postfix configuration

Open /etc/postfix/main.cf and insert:

content_filter = scan:[127.0.0.1]:10025

Open /etc/postfix/master.cf and insert:

scan      unix  -       -       n       -       16      smtp
    -o smtp_send_xforward_command=yes
    -o smtp_tls_security_level=none
127.0.0.1:10026 inet  n -       n       -       16      smtpd
    -o content_filter=
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    -o smtpd_helo_restrictions=
    -o smtpd_client_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks_style=host
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8

Note that the form of rows must to be the same!

Start ClamaAV and ClamSMTP and restart postfix:

service clamd start
service clamsmtpd start
service postfix restart

Check working of this services using command:

netstat -antpu | grep clam

If you see following lines, ClamAV and ClamSMTP work correctly:

TCP        0      0 127.0.0.1:10025             0.0.0.0:*                   LISTEN      51434/clamsmtpd
TCP        0      0 127.0.0.1:3310              0.0.0.0:*                   LISTEN      51421/clamd

Check port 10026 for postfix:

netstat -antpu | grep 10026

Result must look such as this:

TCP        0      0 127.0.0.1:10026             0.0.0.0:*                   LISTEN      51650/master

If this line is absent, check /etc/postfix/master.cf file and line 127.0.0.1:10026 inet n - n - 16 smtpd, make sure there are no spaces in front of this line.

Also if you can't send or receive mail, please check /etc/postfix/main.cf and add 127.0.0.0/8 to mynetwork line. It must look like this:

mynetworks =  your.ip.addr.0/24 127.0.0.0/8