Spam / Antivirus filter

From VHCP Support

Jump to: navigation, search

Contents

[edit]

Installation

apt-get install clamav clamav-daemon amavisd-new spamassassin razor pyzor dcc-client

It is very interesting to install support for most popular attachment formats: 

apt-get install lha arj unrar zoo unzoo zip unzip nomarch lzop tnef

Download http://puuhis.net/vhcs/amavisd.conf.txt to /etc/amavis/amavisd.conf

Please don't download amavisd.conf with amavisd-new 2.3.3-2 By using amavisd-new 2.3.2 use this patch: 

11,12c11,12
< @bypass_virus_checks_maps = (
<    \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
---
> #@bypass_virus_checks_maps = (
> #   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
20,21c20,21
< @bypass_spam_checks_maps = (
<    \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
---
> #@bypass_spam_checks_maps = (
> #   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

This means that you should edit /etc/amavis/conf.d/15-content_filter_mode and uncomment lines there.


After setting up the configuration files, do this: 

mkdir /var/mail/virus
chown -R amavis:amavis /var/mail/virus

gpasswd -a clamav amavis

/etc/init.d/clamav-daemon restart
/etc/init.d/amavis restart

Add this line to end of /etc/postfix/main.cf and /etc/vhcp/postfix/main.cf 

content_filter = smtp-amavis:[127.0.0.1]:10024

Add these lines to the end of /etc/postfix/master.cf and /etc/vhcp/postfix/master.cf NOTICE: last line (localhost:10025...) should be on ONE line! 

smtp-amavis     unix    -       -       n       -       2       smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
localhost:10025 inet    n       -       n       -       -       smtpd 
    -o content_filter=
    -o mynetworks=127.0.0.0/8
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o receive_override_options=no_address_mappings

After editing, restart postfix 

/etc/init.d/postfix restart
[edit]

Latest updates

For the latest updates, add following line to /etc/apt/sources.list 

deb http://ftp2.de.debian.org/debian-volatile sarge/volatile main

Enable spamassassin in /etc/default/spamassassin 

ENABLED=1

Modify /etc/spamassassin/local.cf as you like

Register razor (for doc see /usr/share/doc/razor/README.Debian) 

razor-client
razor-admin --create
razor-admin -discover
razor-admin --register

Initialise pyzor (you can add it as cronjob once a day) 

pyzor discover
[edit]

Testing

Send a mail with XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X on body, message should get marked with ***SPAM*** on subject.

Virus test can be made from here.

[edit]

External links

Retrieved from "http://support.vhcp.org/index.php/Spam_/_Antivirus_filter"
Personal tools