spamassassin/clamav setup problem

Discussion in 'Server Operation' started by dipeshmehta, Dec 20, 2008.

  1. dipeshmehta

    dipeshmehta Member


    I have setup my ubuntu 8.04 LTS server as guided in "The Perfect Server (by Falko)". I have not installed ISPConfig.

    Since, this howto do not include spamassassin and clamav setup, I have setup them, as guided in "Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 8.04 LTS)".

    I am not using MySQL as well as virtual users, I am using system users, therefore I jumped directly to "9 Install amavisd-new, SpamAssassin, And ClamAV" part of the said howto.

    Now, my mails transmitted into internal network, do not get delivered to destinations. If I comment out the added lines in postfix's and, it works fine without spamassasin / clamav interaction.

    I know, there should be some silly matter which needs to be configured but cannot figure it out myself. Any suggestions welcome.

  2. falko

    falko Super Moderator ISPConfig Developer

    What's in your mail log?

    What's in /etc/postfix/ and /etc/postfix/
  3. dipeshmehta

    dipeshmehta Member


    Sorry for re-opening the thread after a long time. Since, the setup is on my production server, I have not been able to run test cases as much.

    Please check my postfix config files as under:

    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    append_dot_mydomain = no
    readme_directory = no
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    smtp_generic_maps = hash:/etc/postfix/generic
    myorigin = /etc/mailname
    mydestination =,, localhost.localdomain, localhost,
    sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
    mynetworks = [::ffff:]/104 [::1]/128
    mailbox_command =
    mailbox_size_limit = 0
    message_size_limit = 25600000
    recipient_delimiter = +
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    home_mailbox = Maildir/
    sender_bcc_maps = hash:/etc/postfix/sender_bcc
    recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options =
    content_filter = amavis:[]:10024
    receive_override_options = no_address_mappings

    # Postfix master process configuration file. For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master").
    # Do not forget to execute "postfix reload" after editing this file.
    # ==========================================================================
    # service type private unpriv chroot wakeup maxproc command + args
    # (yes) (yes) (yes) (never) (100)
    # ==========================================================================
    smtp inet n - - - - smtpd
    #submission inet n - - - - smtpd
    # -o smtpd_tls_security_level=encrypt
    # -o smtpd_sasl_auth_enable=yes
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    # -o milter_macro_daemon_name=ORIGINATING
    #smtps inet n - - - - smtpd
    # -o smtpd_tls_wrappermode=yes
    # -o smtpd_sasl_auth_enable=yes
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    # -o milter_macro_daemon_name=ORIGINATING
    #628 inet n - - - - qmqpd
    pickup fifo n - - 60 1 pickup
    cleanup unix n - - - 0 cleanup
    qmgr fifo n - n 300 1 qmgr
    #qmgr fifo n - - 300 1 oqmgr
    tlsmgr unix - - - 1000? 1 tlsmgr
    rewrite unix - - - - - trivial-rewrite
    bounce unix - - - - 0 bounce
    defer unix - - - - 0 bounce
    trace unix - - - - 0 bounce
    verify unix - - - - 1 verify
    flush unix n - - 1000? 0 flush
    proxymap unix - - n - - proxymap
    proxywrite unix - - n - 1 proxymap
    smtp unix - - - - - smtp
    # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
    relay unix - - - - - smtp
    -o smtp_fallback_relay=
    # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq unix n - - - - showq
    error unix - - - - - error
    retry unix - - - - - error
    discard unix - - - - - discard
    local unix - n n - - local
    virtual unix - n n - - virtual
    lmtp unix - - - - - lmtp
    anvil unix - - - - 1 anvil
    scache unix - - - - 1 scache
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    # Many of the following services use the Postfix pipe(8) delivery
    # agent. See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in maildrop_destination_recipient_limit=1
    maildrop unix - n n - - pipe
    flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
    # See the Postfix UUCP_README file for configuration details.
    uucp unix - n n - - pipe
    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    # Other external delivery methods.
    ifmail unix - n n - - pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp unix - n n - - pipe
    flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
    scalemail-backend unix - n n - 2 pipe
    flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    mailman unix - n n - - pipe
    flags=FR user=list argv=/usr/lib/mailman/bin/
    ${nexthop} ${user}

    amavis unix - - - - 2 smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes inet n - - - - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restictions=
    -o smtpd_recipient_restictions=permit_mynetworks,reject
    -o mynetworks=
    -o strict_rfc821_envelopes=yes
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    -o smtpd_bind_address=

    I have noticed that while sending mails postfix do not read sender_dependent_relayhost_maps and smtp_generic_maps if amavis-new is there in postfix config files. Mails sent to local users do not deliver at all - and mail que status is "mail transport unavailable". Whereas for mails sent to out of the world, it does not being relayed through my ISP mail server, and therefore almost all recipient server reject it.

    At present I have comented out the lines related to amavis, and content filter, and the set up is running very fine.

    Please help me out.

    Thanks in advance.

  4. falko

    falko Super Moderator ISPConfig Developer

    What's in your mail log when you try to send a mail to one of your accounts?
  5. dipeshmehta

    dipeshmehta Member

    Hello Falko,

    Following are logs:

    1. When I sent mail to local user:
    2a. When I sent mail to my yahoo id:
    2b. Headers received at yahoo:
    3. When I sent mail to yahoo, after commenting out the lines related to content-filter and amavis into and
    and headers received at yahoo
    4. Following is generic maps:
    5. Following is sender_dependant_relay_maps:
    Hope this would suffice the need for investigation, if any more information is required, please tell.

  6. falko

    falko Super Moderator ISPConfig Developer

    Please create a PTR record for the server.
  7. dipeshmehta

    dipeshmehta Member

    Hello Falko,

    The Static IP has been provided by my ISP, and following details has been given by him:
    Moreover, if the said error occurs it means that my mail has not been relayed and fired directly. Similarly, what about internal emails?


  8. falko

    falko Super Moderator ISPConfig Developer

    Does use valid nameservers in /etc/resolv.conf?
  9. dipeshmehta

    dipeshmehta Member

    Hello Falko,

    Thanks for showing interest to solve my problem.

    At this point, I think we are going towards something wrong way. So please let me give a brief idea about my system and environment.

    The host is my ubuntu server which has been situated at my office. About more than 50 machines running Windows XP / vista are connected to the same. I have been using ubuntu server as mail server for my internal mails.

    The domain is being hosted at my ISP for webhosting as well as email hosting. We have some 15 different mail ids at

    I use getmail ( to fetch mails from ISP POP Mailboxes. (* The mails are fetched for [email protected] and there I use .forward for forwarding the mails to associated internal user accounts.

    To send mails internal (i.e. [email protected] to [email protected]), I do not need to configure anything, it works fine. To send mails to outside world, I use sender_dependant_relay_maps, to relay through ISP mail servers (i.e. Further I use generic maps ( to rewrite from: address for outside world.

    All these setup runs without any problem, if I remove
    #content_filter = amavis:[]:10024
    #receive_override_options = no_address_mappings
    from /etc/postfix/ and
    #amavis unix - - - - 2 smtp
    	-o smtp_data_done_timeout=1200
    	-o smtp_send_xforward_command=yes
    # inet n - - - - smtpd
    	-o content_filter=
    	-o local_recipient_maps=
    	-o relay_recipient_maps=
    	-o smtpd_restriction_classes=
    	-o smtpd_client_restrictions=
    	-o smtpd_helo_restrictions=
    	-o smtpd_sender_restictions=
    	-o smtpd_recipient_restictions=permit_mynetworks,reje ct
    	-o mynetworks=
    	-o strict_rfc821_envelopes=yes
    	-o receive_override_options=no_unknown_recipient_chec ks,no_header_body_checks
    	-o smtpd_bind_address=
    from /etc/postfix/

    Now coming again to my problem, if I enable above lines in and In the above mentioned log entry 1, you may notice that...
    i. The mail is originated by [email protected] (generic map: [email protected] [email protected])for [email protected] (generic map: [email protected] [email protected])
    ii. The mail is transported as from [email protected] to [email protected], that means it didn't recognised that the mail is internal, and therefore passed through generic maps.
    iii. The mail transported as from [email protected] but didn't relayed through (sender_dependant_relay_maps: [email protected]
    iv. Due to security measures opted by ISP at, the mail was rejected.
    v. For this mail sender_bcc is not generated, which recipient_bcc is generated.

    The similar things happens for log entry 2a & 2b, the mail is transported directly i.e. without relay, and received at yahoo.

    Thanks again for sparing your time to diagnose.

  10. dipeshmehta

    dipeshmehta Member

    * bump *
  11. falko

    falko Super Moderator ISPConfig Developer

    I'm afraid I don't know what's wrong with your system.
  12. dipeshmehta

    dipeshmehta Member

    Thanks Falko for sparing your time to sort out the issues, no matter whether solved or not.

    Btw, if you wish, I PM you with access rights to my server, to check the things.


Share This Page