Virtual Users And Domains With Postfix, Courier And MySQL (Ubuntu 6.10 Edgy Eft) - Page 4

9 Install amavisd-new, SpamAssassin, And ClamAV

To install amavisd-new, spamassassin and clamav, run the following command:

apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 unzoo libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop pax

Afterwards we must configure amavisd-new. The configuration is split up in various files which reside in the /etc/amavis/conf.d directory. Take a look at each of them to become familiar with the configuration. Most settings are fine, however we must modify three files:

First we must enable ClamAV and SpamAssassin in /etc/amavis/conf.d/15-content_filter_mode by uncommenting the @bypass_virus_checks_maps and the @bypass_spam_checks_maps lines:

vi /etc/amavis/conf.d/15-content_filter_mode

The file should look like this:

use strict;

# You can modify this file to re-enable SPAM checking through spamassassin

# and to re-enable antivirus checking.


# Default antivirus checking mode

# Uncomment the two lines below to enable it back


@bypass_virus_checks_maps = (

   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);


# Default SPAM checking mode

# Uncomment the two lines below to enable it back


@bypass_spam_checks_maps = (

   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

1;  # insure a defined return

And then you should take a look at the spam settings and the actions for spam-/virus-mails in /etc/amavis/conf.d/20-debian_defaults. There's no need to change anything if the default settings are ok for you. The file contains many explanations so there's no need to explain the settings here:

vi /etc/amavis/conf.d/20-debian_defaults

$QUARANTINEDIR = "$MYHOME/virusmails";

$log_recip_templ = undef;    # disable by-recipient level-0 log entries

$DO_SYSLOG = 1;              # log via syslogd (preferred)

$syslog_ident = 'amavis';    # syslog ident tag, prepended to all messages

$syslog_facility = 'mail';

$syslog_priority = 'debug';  # switch to info to drop debug output, etc

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)

$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1

$inet_socket_port = 10024;   # default listenting socket

$sa_spam_subject_tag = '***SPAM*** ';

$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level

$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level

$sa_kill_level_deflt = 6.31; # triggers spam evasive actions

$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent

$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger

$sa_local_tests_only = 0;    # only tests which do not require internet access?


$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)

$final_banned_destiny     = D_BOUNCE;   # D_REJECT when front-end MTA

$final_spam_destiny       = D_BOUNCE;

$final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)


Finally, edit /etc/amavis/conf.d/50-user and add the line $pax='pax'; in the middle:

vi /etc/amavis/conf.d/50-user




Afterwards, run these commands to add the clamav user to the amavis group and to restart amavisd-new and ClamAV:

adduser clamav amavis
/etc/init.d/amavis restart
/etc/init.d/clamav-daemon restart

Next we must edit the configuration file of the Freshclam daemon (that's the daemon that regularly and automatically fetches the newest virus signatures from a ClamAV mirror) because it contains a small bug. Open /etc/clamav/freshclam.conf and modify the NotifyClamd line as shown below:

vi /etc/clamav/freshclam.conf


NotifyClamd /etc/clamav/clamd.conf


Then restart Freshclam (make sure no other Freshclam process (maybe of another ClamAV installation) is running because then our Freshclam will fail to start):

/etc/init.d/clamav-freshclam restart

Now we have to configure Postfix to pipe incoming email through amavisd-new:

postconf -e 'content_filter = amavis:[]:10024'
postconf -e 'receive_override_options = no_address_mappings'

Afterwards append the following lines to /etc/postfix/

vi /etc/postfix/


amavis unix - - - - 2 smtp

        -o smtp_data_done_timeout=1200

        -o smtp_send_xforward_command=yes inet n - - - - smtpd

        -o content_filter=

        -o local_recipient_maps=

        -o relay_recipient_maps=

        -o smtpd_restriction_classes=

        -o smtpd_client_restrictions=

        -o smtpd_helo_restrictions=

        -o smtpd_sender_restrictions=

        -o smtpd_recipient_restrictions=permit_mynetworks,reject

        -o mynetworks=

        -o strict_rfc821_envelopes=yes

        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks

        -o smtpd_bind_address=

Then restart Postfix:

/etc/init.d/postfix restart

Now run

netstat -tap

and you should see Postfix (master) listening on port 25 (smtp) and 10025, and amavisd-new on port 10024:

root@server1:/usr/local/sbin# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 localhost.localdo:10024 *:*                     LISTEN     16043/amavisd (mast
tcp        0      0 localhost.localdo:10025 *:*                     LISTEN     15794/master
tcp        0      0 localhost.localdo:mysql *:*                     LISTEN     4783/mysqld
tcp        0      0 *:smtp                  *:*                     LISTEN     15794/master
tcp6       0      0 *:imaps                 *:*                     LISTEN     13452/couriertcpd
tcp6       0      0 *:pop3s                 *:*                     LISTEN     13517/couriertcpd
tcp6       0      0 *:pop3                  *:*                     LISTEN     13480/couriertcpd
tcp6       0      0 *:imap2                 *:*                     LISTEN     13412/couriertcpd
tcp6       0      0 *:www                   *:*                     LISTEN     4489/apache2
tcp6       0      0 *:ssh                   *:*                     LISTEN     3193/sshd


10 Install Razor, Pyzor And DCC And Configure SpamAssassin

Razor, Pyzor and DCC are spamfilters that use a collaborative filtering network. To install them, run

apt-get install razor pyzor dcc-client

Now we have to tell SpamAssassin to use these three programs. Edit /etc/spamassassin/ and add the following lines to it:

vi /etc/spamassassin/


# dcc

use_dcc 1

dcc_path /usr/bin/dccproc

dcc_add_header 1

dcc_dccifd_path /usr/sbin/dccifd


use_pyzor 1

pyzor_path /usr/bin/pyzor

pyzor_add_header 1


use_razor2 1

razor_config /etc/razor/razor-agent.conf


use_bayes 1

use_bayes_rules 1

bayes_auto_learn 1

Restart amavisd-new afterwards:

/etc/init.d/amavis restart

Share this page:

0 Comment(s)

Add comment


From: falko at: Mar 20, 2007