ClamAV Antivirus for Postfix on CentOS 6

From vpsget wiki
Revision as of 13:43, 11 August 2015 by Max (talk | contribs)
Jump to: navigation, search

ClamAV and ClamSMTP

Install ClamAV:

yum install clamd

Open clamav configuration file /etc/clamd.conf . It must look like this:

LogFile /var/log/clamav/clamd.log
LogFileMaxSize 0
LogTime yes
LogSyslog yes
PidFile /var/run/clamav/
TemporaryDirectory /var/tmp
DatabaseDirectory /var/lib/clamav
LocalSocket /tmp/clamd.sock
FixStaleSocket yes
TCPSocket 3310
MaxConnectionQueueLength 30
MaxThreads 50
ReadTimeout 300
User clam
AllowSupplementaryGroups yes
ScanPE yes
ScanELF yes
DetectBrokenExecutables yes
ScanOLE2 yes
ScanMail yes
ScanArchive yes
ArchiveBlockEncrypted no 

Install ClamSMTP:

yum install clamsmtp

Edit config /etc/clamsmtpd.conf :

OutAddress: 10026
ClamAddress: /tmp/clamd.sock
Header: X-Virus-Scanned: ClamAV using ClamSMTP
TempDirectory: /tmp
Action: drop
Quarantine: on
User: clam

Instead "Action: drop" you can to enter "Action: bounce" for returning messages or "Action: pass" for skiping.

Postfix configuration

Open /etc/postfix/ and insert:

content_filter = scan:[]:10025

Open /etc/postfix/ and insert:

scan      unix  -       -       n       -       16      smtp
    -o smtp_send_xforward_command=yes
    -o smtp_tls_security_level=none inet  n -       n       -       16      smtpd
    -o content_filter=
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    -o smtpd_helo_restrictions=
    -o smtpd_client_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks_style=host
    -o smtpd_authorized_xforward_hosts=

Note that the form of rows must to be the same!

Start ClamaAV and ClamSMTP and restart postfix:

service clamd start
service clamsmtpd start
service postfix restart

Check working of this services using command:

netstat -antpu | grep clam

If you see following lines, ClamAV and ClamSMTP work correctly:

TCP        0      0   *                   LISTEN      51434/clamsmtpd
TCP        0      0    *                   LISTEN      51421/clamd

Check port 10026 for postfix:

netstat -antpu | grep 10026

Result must look such as this:

TCP        0      0   *                   LISTEN      51650/master

If this line is absent, check /etc/postfix/ file and line inet n - n - 16 smtpd, make sure there are no spaces in front of this line.

Also if you can't send or receive mail, please check /etc/postfix/ and add to mynetwork line. It must look like this:

mynetworks =  your.ip.addr.0/24