Run with Clamav - ClamSMTP
2011/03/20 |
Install Clamav first and
Configure to run Postfix with Clamav to scan virus timely. Install ClamSMTP to do it. |
|
[1] | Install Clamd and ClamSMTP |
[root@mail ~]# yum --enablerepo=rpmforge -y install clamd # install from RPMforge [root@mail ~]# wget http://thewalter.net/stef/software/clamsmtp/clamsmtp-1.10.tar.gz [root@mail ~]# tar zxvf clamsmtp-1.10.tar.gz [root@mail ~]# cd clamsmtp-1.10 [root@mail clamsmtp-1.10]# ./configure [root@mail clamsmtp-1.10]# make [root@mail clamsmtp-1.10]# make install [root@mail clamsmtp-1.10]# cp ./doc/clamsmtpd.conf /etc [root@mail clamsmtp-1.10]# [root@mail ~]# vi /etc/clamsmtpd.conf # line 11: change OutAddress: 127.0.0.1:10026 # line 29: uncomment and change Listen: 127.0.0.1:10025 # line 32: change ClamAddress: /var/run/clamav/clamd.sock # line 35: uncomment Header: X-Virus-Scanned: ClamAV using ClamSMTP # line 38: uncomment TempDirectory: /tmp # line 41: uncomment Action: drop # line 50: uncomment User: clamav [root@mail ~]# vi /etc/rc.d/init.d/clamsmtp # create init script
#!/bin/bash # clamsmtpd Start/Stop clamsmtpd # # chkconfig: - 65 40 # description: Clamsmtpd is smtpd for Clamav Antivirus daemon. # # processname: clamsmtpd # pidfile: /var/run/clamav/clamsmtpd.pid . /etc/rc.d/init.d/functions . /etc/sysconfig/network CONFIG_FILE=/etc/clamsmtpd.conf PID_DIR=/var/run/clamav RETVAL=0 start() { echo -n $"Starting ClamSmtpd: " daemon /usr/local/sbin/clamsmtpd -f $CONFIG_FILE -p $PID_DIR/clamsmtpd.pid RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/clamsmtpd return $RETVAL } stop() { echo -n $"Stopping ClamSmtpd: " killproc clamsmtpd RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/run/clamsmtp/clamsmtpd.pid /var/lock/subsys/clamsmtpd return $RETVAL } restart() { stop start } case "$1" in start) start ;; stop) stop ;; status) status clamsmtpd ;; restart) restart ;; condrestart) [ -f /var/lock/subsys/clamsmtpd ] && restart || : ;; *) echo $"Usage: $0 {start|stop|status|restart}" exit 1 esac exit $? [root@mail ~]# chmod 755 /etc/rc.d/init.d/clamsmtp [root@mail ~]# /etc/rc.d/init.d/clamd start Starting Clam AntiVirus Daemon: [ OK ] [root@mail ~]# /etc/rc.d/init.d/clamsmtp start Starting ClamSmtpd: [ OK ] [root@mail ~]# chkconfig --add /etc/rc.d/init.d/clamsmtp [root@mail ~]# chkconfig clamsmtp on [root@mail ~]# chkconfig clamd on |
[2] | Configure Postfix |
[root@mail ~]# vi /etc/postfix/main.cf # add at the last line
content_filter = scan:127.0.0.1:10025 [root@mail ~]# vi /etc/postfix/master.cf # add at the last line scan unix - - n - 16 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10026 inet n - n - 16 smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks_style=host -o smtpd_authorized_xforward_hosts=127.0.0.0/8 [root@mail ~]# /etc/rc.d/init.d/postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ] |
These lines below are added in header section of emails after this configuration. |
Try to send test virus with email, then it will not send to a mailbox and logs like below are recorded. |