Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 9.10) - Page 3

9 Install amavisd-new, SpamAssassin, And ClamAV

To install amavisd-new, spamassassin and clamav, run the following command:

aptitude install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop pax

Because this command installs AppArmor again as a dependency, we must disable it again:

/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
aptitude remove apparmor apparmor-utils

Afterwards we must configure amavisd-new. The configuration is split up in various files which reside in the /etc/amavis/conf.d directory. Take a look at each of them to become familiar with the configuration. Most settings are fine, however we must modify three files:

First we must enable ClamAV and SpamAssassin in /etc/amavis/conf.d/15-content_filter_mode by uncommenting the @bypass_virus_checks_maps and the @bypass_spam_checks_maps lines:

vi /etc/amavis/conf.d/15-content_filter_mode

The file should look like this:

use strict;

# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.

# Default antivirus checking mode
# Please note, that anti-virus checking is DISABLED by
# default.
# If You wish to enable it, please uncomment the following lines:

@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

# Default SPAM checking mode
# Please note, that anti-spam checking is DISABLED by
# default.
# If You wish to enable it, please uncomment the following lines:

@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

1;  # ensure a defined return

And then you should take a look at the spam settings and the actions for spam-/virus-mails in /etc/amavis/conf.d/20-debian_defaults. There's no need to change anything if the default settings are ok for you. The file contains many explanations so there's no need to explain the settings here:

vi /etc/amavis/conf.d/20-debian_defaults

$QUARANTINEDIR = "$MYHOME/virusmails";
$quarantine_subdir_levels = 1; # enable quarantine dir hashing

$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$DO_SYSLOG = 1;              # log via syslogd (preferred)
$syslog_ident = 'amavis';    # syslog ident tag, prepended to all messages
$syslog_facility = 'mail';
$syslog_priority = 'debug';  # switch to info to drop debug output, etc

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1

$inet_socket_port = 10024;   # default listening socket

$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
$final_banned_destiny     = D_BOUNCE;   # D_REJECT when front-end MTA
$final_spam_destiny       = D_BOUNCE;
$final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)

Finally, edit /etc/amavis/conf.d/50-user and add the line $pax='pax'; in the middle:

vi /etc/amavis/conf.d/50-user

use strict;

# Place your configuration directives here.  They will override those in
# earlier files.
# See /usr/share/doc/amavisd-new/ for documentation and examples of
# the directives you can use in this file


#------------ Do not modify anything below this line -------------
1;  # ensure a defined return

Afterwards, run these commands to add the clamav user to the amavis group and to restart amavisd-new and ClamAV:

adduser clamav amavis
/etc/init.d/amavis restart
/etc/init.d/clamav-daemon restart
/etc/init.d/clamav-freshclam restart

Now we have to configure Postfix to pipe incoming email through amavisd-new:

postconf -e 'content_filter = amavis:[]:10024'
postconf -e 'receive_override_options = no_address_mappings'

Afterwards append the following lines to /etc/postfix/

vi /etc/postfix/

amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_bind_address=

Then restart Postfix:

/etc/init.d/postfix restart

Now run

netstat -tap

and you should see Postfix (master) listening on port 25 (smtp) and 10025, and amavisd-new on port 10024:

root@server1:/etc/courier# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:ssh                   *:*                     LISTEN      770/sshd
tcp        0      0 *:smtp                  *:*                     LISTEN      20494/master
tcp        0      0 localhost.localdo:10024 *:*                     LISTEN      19437/amavisd (mast
tcp        0      0 localhost.localdo:10025 *:*                     LISTEN      20494/master
tcp        0      0 *:mysql                 *:*                     LISTEN      16459/mysqld
tcp        0     52      ESTABLISHED 806/0
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      770/sshd
tcp6       0      0 [::]:imaps              [::]:*                  LISTEN      16937/couriertcpd
tcp6       0      0 [::]:pop3s              [::]:*                  LISTEN      17005/couriertcpd
tcp6       0      0 [::]:pop3               [::]:*                  LISTEN      16968/couriertcpd
tcp6       0      0 [::]:imap2              [::]:*                  LISTEN      16900/couriertcpd
tcp6       0      0 [::]:www                [::]:*                  LISTEN      3967/apache2


10 Install Razor, Pyzor And DCC And Configure SpamAssassin

Razor, Pyzor and DCC are spamfilters that use a collaborative filtering network. To install Razor and Pyzor, run

aptitude install razor pyzor

DCC isn't available in the Ubuntu 9.10 repositories, so we install it as follows:

cd /tmp
tar xzvf dcc-dccproc.tar.Z
cd dcc-dccproc-1.3.116
./configure --with-uid=amavis
make install
chown -R amavis:amavis /var/dcc
ln -s /var/dcc/libexec/dccifd /usr/local/bin/dccifd

Now we have to tell SpamAssassin to use these three programs. Edit /etc/spamassassin/ and add the following lines to it:

vi /etc/spamassassin/

use_dcc 1
dcc_path /usr/local/bin/dccproc

use_pyzor 1
pyzor_path /usr/bin/pyzor

use_razor2 1
razor_config /etc/razor/razor-agent.conf

use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1

Then we must enable the DCC plugin in SpamAssassin. Open /etc/spamassassin/v310.pre and uncomment the loadplugin Mail::SpamAssassin::Plugin::DCC line:

vi /etc/spamassassin/v310.pre

# DCC - perform DCC message checks.
# DCC is disabled here because it is not open source.  See the DCC
# license for more details.
loadplugin Mail::SpamAssassin::Plugin::DCC

You can check your SpamAssassin configuration by executing:

spamassassin --lint

It shouldn't show any errors.

Restart amavisd-new afterwards:

/etc/init.d/amavis restart

Now we update our SpamAssassin rulesets as follows:

sa-update --no-gpg

We create a cron job so that the rulesets will be updated regularly. Run

crontab -e

to open the cron job editor. Create the following cron job:

23 4 */2 * * /usr/bin/sa-update --no-gpg &> /dev/null

This will update the rulesets every second day at 4.23h.


11 Quota Exceedance Notifications

If you want to get notifications about all the email accounts that are over quota, then create the file /usr/local/sbin/quota_notify:

cd /usr/local/sbin/
vi quota_notify

#!/usr/bin/perl -w

# Author <>
# This script assumes that virtual_mailbox_base in defined
# in postfix's file. This directory is assumed to contain
# directories which themselves contain your virtual user's maildirs.
# For example:
# -----------/
#            |
#            |
#    home/vmail/domains/
#        |          |
#        |          |
#                   |
#                   |
#           -----------------
#           |       |       |
#           |       |       |
#         user1/   user2/  user3/
#                           |
#                           |
#                        maildirsize

use strict;

my $POSTFIX_CF = "/etc/postfix/";
my $MAILPROG = "/usr/sbin/sendmail -t";
my @POSTMASTERS = ('postmaster@domain.tld');
my $CONAME = 'My Company';
my $COADDR = 'postmaster@domain.tld';
my $SUADDR = 'postmaster@domain.tld';
my $MAIL_REPORT = 1;

#get virtual mailbox base from postfix config
open(PCF, "< $POSTFIX_CF") or die $!;
my $mboxBase;
while (<PCF>) {
   next unless /virtual_mailbox_base\s*=\s*(.*)\s*/;
   $mboxBase = $1;

#assume one level of subdirectories for domain names
my @domains;
opendir(DIR, $mboxBase) or die $!;
while (defined(my $name = readdir(DIR))) {
   next if $name =~ /^\.\.?$/;        #skip '.' and '..'
   next unless (-d "$mboxBase/$name");
   push(@domains, $name);
#iterate through domains for username/maildirsize files
my @users;
foreach my $domain (@domains) {
        opendir(DIR, $domain) or die $!;
        while (defined(my $name = readdir(DIR))) {
           next if $name =~ /^\.\.?$/;        #skip '.' and '..'
           next unless (-d "$domain/$name");
      push(@users, {"$name\@$domain" => "$mboxBase/$domain/$name"});

#get user quotas and percent used
my (%lusers, $report);
foreach my $href (@users) {
   foreach my $user (keys %$href) {
      my $quotafile = "$href->{$user}/maildirsize";
      next unless (-f $quotafile);
      open(QF, "< $quotafile") or die $!;
      my ($firstln, $quota, $used);
      while (<QF>) {
         my $line = $_;
              if (! $firstln) {
                 $firstln = 1;
                 die "Error: corrupt quotafile $quotafile"
                    unless ($line =~ /^(\d+)S/);
                 $quota = $1;
            last if (! $quota);
         die "Error: corrupt quotafile $quotafile"
            unless ($line =~ /\s*(-?\d+)/);
         $used += $1;
      next if (! $used);
      my $percent = int($used / $quota * 100);
      $lusers{$user} = $percent unless not $percent;

#send a report to the postmasters
   open(MAIL, "| $MAILPROG");
   map {print "To: $_\n"} @POSTMASTERS;
   print "From: $COADDR\n";
   print "Subject: Daily Quota Report.\n";
   print "DAILY QUOTA REPORT:\n\n";
   print "----------------------------------------------\n";
   print "| % USAGE |            ACCOUNT NAME          |\n";
   print "----------------------------------------------\n";
   foreach my $luser ( sort { $lusers{$b} <=> $lusers{$a} } keys %lusers ) {
      printf("|   %3d   | %32s |\n", $lusers{$luser}, $luser);
      print "---------------------------------------------\n";
        print "\n--\n";
        print "$CONAME\n";

#email a warning to people over quota
        foreach my $luser (keys (%lusers)) {
           next unless $lusers{$luser} >= $WARNPERCENT;       # skip those under quota
           open(MAIL, "| $MAILPROG");
           print "To: $luser\n";
      map {print "BCC: $_\n"} @POSTMASTERS;
           print "From: $SUADDR\n";
           print "Subject: WARNING: Your mailbox is $lusers{$luser}% full.\n";
           print "Reply-to: $SUADDR\n";
           print "Your mailbox: $luser is $lusers{$luser}% full.\n\n";
           print "Once your e-mail box has exceeded your monthly storage quota\n";
      print "your monthly billing will be automatically adjusted.\n";
      print "Please consider deleting e-mail and emptying your trash folder to clear some space.\n\n";
           print "Contact <$SUADDR> for further assistance.\n\n";
           print "Thank You.\n\n";
           print "--\n";
           print "$CONAME\n";

Make sure that you adjust the variables at the top (especially the postmaster@domain.tld email address).

We must make the file executable:

chmod 755 quota_notify


crontab -e

to create a cron job for that script:

0 0 * * * /usr/local/sbin/quota_notify &> /dev/null
Share this page:

18 Comment(s)

Add comment


From: batterycentury at: 2009-12-11 08:54:30

Good, new Ubuntu, seems Ubuntu has updated quickly.

From: sky7 at: 2010-06-15 02:43:36


how to integrate with postfixadmin to maintain the virtual domains? 

No missing clue using your guidance. Many thanks

From: Robsbots at: 2011-11-11 16:19:02

Top job. Works like a dream........

assuming it dosn't take three days to find a typo made when creating a file. My typo, not yours ;)

Thanks for the great How-To.

I am now contactable on several email addresses hosted as virtual domains on my server.

You Rock.


From: Kamil Frydryszek at: 2010-04-14 12:56:22

where is e-mails storage defined?

i can connect with server but i can not read email

i also can not send mail


From: Jamie Strandboge at: 2009-12-28 15:41:32

I noticed that this tutorial recommends to disable all of AppArmor. Unless you have a very specific need to do so, this is not recommended. The apparmor profiles shipped in Ubuntu are designed to work with the default installation. If a particular profile is causing you trouble, please disable the profile or put it in complain mode, and leave the other profiles that are not causing problems to do their jobs. Better yet, file a bug. :) See my blog entry at for details.

From: Anonymous at: 2010-01-30 17:25:59


I think, that it's necessary to add in line:


 without this mail is not delivered to mailbox


I'm not sure that, but it works with this option :)

From: Mikael at: 2010-01-14 19:05:28

First i create user and domain name in the database and then use mailx and send email, but no results. When i try to login i have message  ERROR: Connection dropped by IMAP server. If i try to use another username i read unknown user. If i send email from hotmail it return  "unknown user" . So no user is created when i send mail to postfix. If i use webmin i don't see mail or usermap and if  i search tail /var/log/mail.log....the user have been created. Ports are open, i telnet to localhost and everything seems to be ok.

So pls guide me ...Mikael

From: Yes at: 2010-01-23 17:55:51

Same problem here.

 /var/log/mail.err says:

Jan 23 18:27:01 ubuntu imapd: chdir No such file or directory
Jan 23 18:27:01 ubuntu imapd: my_account@ No such file or directory

It seems as IMAPD doesn't know that we are using virtual users in MySQL database instead of physical unix users.

From: Bozola at: 2010-01-31 18:47:22

You've got to manually create the mail directories under the /home/vmail directory, 'cause they ain't getting created.


Try this (replace "" with your domain):

Step 1 - create directory for the domain. You must create one for each of your domains. Must have an corresponding entry in the "domains" table.

mkdir /home/vmail/


 Steps 2 & 3 - Add new account name and grant permissions. Repeat these for every account you want. Note that these all must have a corresponding entry in the MySQL database "mail", table "users".

maildirmake /home/vmail/

chown -R vmail.vmail /home/vmail/


If I wasn't so lazy I'd include a script to sync the directory creation process with the SQL insertion/update, but there it is....

From: jaman at: 2011-07-02 04:58:20

Hi all, i have the problem about my mail server

if i sign in to my mail server always blank page and i try to show in mail log

tail -f /var/log/mail.log

Jul  2 11:50:28 mentari imapd: Connection, ip=[::ffff:]
Jul  2 11:50:28 mentari imapd: LOGIN,, ip=[::ffff:], port=[40149], protocol=IMAP
Jul  2 11:50:28 mentari imapd: LOGOUT,, ip=[::ffff:], headers=0, body=0, rcvd=30, sent=238, time=0

can anybody help me please?


From: Ryan at: 2010-02-09 00:03:51

I can confirm that this tutorial does work properly, but without logs its going to be difficult to help you.  Some of the things I noticed is that only in one place he does tell you to change the mail_admin_password to your own password and other places he doesnt.  Therefore, if you created the user acct in mysql with "secret" as a password but all your files are using mail_admin_password you should see login errors in the mail.log log.  If these passwords are different you will get the connection dropped by IMAP error.

 In regards to Bozola fix... YES, It is required but I dont think leaving that out would give you an IMAP error... your mail will just not be delivered and you will see permissions errors in your logs saying that it cannot write to a directory that does not exist.

 Anyway.. I would recommend tailing your log

#tail -f /var/log/mail.log

trying to log in via squirrelmail.. and posting the results.

From: Bung at: 2010-02-01 10:57:01

This comment was made on p4, but incase you missed it, i spent time slamming my head on the desk with this one.

 In /etc/postfix/ you might also want to add:

mailbox_transport = virtual
virtual_transport = virtual


From: Anonymous at: 2010-02-02 01:27:42

Proposed fix didn't work either.

From: radensun at: 2010-02-11 12:21:50

I also had a couple of times to get an error message like that, and found the problem only in the transport field in the table 'transports' which is in mysql. So, you just replace the be ":" (without the quotes). And you will like it. :D

I thank the author of this tutorial, because it is very useful for me.

From: micheldp at: 2010-03-02 00:53:26


Your proposed solution don't work neither ....

I verified everything ...and can't login to squirrelmail

If it works for anybody, pls give me a sign


From: at: 2010-03-11 21:01:25

wrong answer removed

From: at: 2010-05-15 16:04:33

i configured emil system as above. installed fine.

but when i send email to myself from:, to i wont received that email.

mail Log as follws:

May 15 08:41:29 mail amavis[1742]: (01742-02) Blocked SPAM, LOCAL [] [] <> -> <>, quarantine: m/spam-mVSvUVWn4KBW.gz, Message-ID: <002801caf445$0a1a58a0$1e4f09e0$@com>, mail_id: mVSvUVWn4KBW, Hits: 6.396, size: 2990, 15698 ms
May 15 08:41:29 mail postfix/smtp[1988]: 269BC226B9: to=<>, relay=[]:10024, delay=16, delays=0.07/0.01/0.04/16, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=01742-02 - SPAM)
May 15 08:41:29 mail postfix/qmgr[1674]: 269BC226B9: removed
mail postfix/smtp[1988]: 269BC226B9: to=<>, relay=[]:10024, delay=16, delays=0.07/0.01/0.04/16, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=01742-02 - SPAM)
May 15 08:41:29 mail postfix/qmgr[1674]: 269BC226B9: removed



please help me to solve this

From: Sick Person at: 2012-01-05 10:41:00

How to add autoresponder? i install courier-maildrop but it seems not working . Did also need recompile it coz ubuntu package seems not support mysql for maildrop (maildrop -v)