Linux Help Desk

Linux Help Desk

Tuesday, May 19, 2015

How to configure Amavisd,SpamAssassin with postfix in centos 6.5

1) configure amavisd to accept mail from MTA and pass it to ClamAV and SpamAssassin for checking
2) return it back to MTA for delivery
3) Amavisd will use lmtp listening on TCP port 10024 to accept mail from MTA and then pass it to ClamAV using a locScanned mail al UNIX socket and SpamAssassin using the Mail::SpamAssassin Perl module.
4) will be returned to MTA using smtp on TCP port 10025 for delivery.

1. Introduction of SpamAssassin and Amavisd-new
a. Amavisd-new (www.ijs.si/software/amavisd/)
§  a reliable high-performance interface between an email server (MTA) and content checkers like virus scanners
§  supports both (E)SMTP and LMTP protocols as well as UNIX sockets for communicating with the MTA and content checkers.
§  use dedicated helper programs such as the Mail::SpamAssassin Perl module.
§  supports a number of MTA's.
b. SpamAssassin (spamassassin.apache.org)
§    Be used for e-mail spam filtering based on content-matching rules.
§    uses a variety of spam-detection techniques, that includes DNS-based and fuzzy-checksum-based spam detection, Bayesian filtering, external programs, blacklists and online databases.
§    can be integrated with the mail server to automatically filter all mail for a site.
§    awarded the Linux New Media Award 2006 as the "Best Linux-based Anti-spam Solution".

2. Packages installation
# rpm –qa | grep rpmforge
# yum install amavisd-new spamassassin –y
# rpm –qa | grep amavisd-new spamassassin
# chkconfig amavisd on; chkconfig spamassassin on
# chkconfig --list | grep "amavisd\|spamassassin“

3. Configuration
a. Spamassassin
# vi /etc/mail/spamassassin/local.cf
required_hits  5
# spamassassin --lint                             //syntax checking
b. Amavisd-new
# vi /etc/amavisd/amavisd.conf
$max_servers = 2;                        # num of pre-forked children (2..30 is common), -m
$daemon_user  = "amavis";            # (no default;  customary: vscan or amavis), -u
$daemon_group = "amavis";           # (no default;  customary: vscan or amavis), -g
$inet_socket_port = 10024;              # listen on this local TCP port(s)
$mydomain = ‘chul.com';                                  # Edit: a convenient default for other settings
$myhostname = ‘server.chul.com';
$virus_admin               = “tland\@$mydomain";               # notifications recip.
$mailfrom_notify_admin     = "virusalert\@$mydomain";         # notifications sender
$mailfrom_notify_recip     = "virusalert\@$mydomain";           # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain";       # notifications sender
['ClamAV-clamd', 380     \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],


c. Postfix

# vi /etc/postfix/main.cf

content_filter=amavisfeed:[127.0.0.1]:10024

# vi /etc/postfix/master.cf
 amavisfeed unix    -       -       n        -      2     lmtp
    -o lmtp_data_done_timeout=1200
    -o lmtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20
127.0.0.1:10025 inet n    -       n       -       -     smtpd
    -o content_filter=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o smtpd_restriction_classes=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
    -o local_header_rewrite_clients=
    -o smtpd_milters=
    -o local_recipient_maps=
    -o relay_recipient_maps=
4. Service startup and connection test
a. Service startup
# service amavisd start
# service postfix restart; service spamassassin start
# ps –ef | grep amavis
# ps –ef | grep spamd
# netstat –nat | grep 10024
# netstat –nat | grep 10025
b. Connect to amavisd and smtpd port
# telnet localhost 10024
# telnet localhost 10025

No comments:

Post a Comment