PostfixによるメールをClamAVでウィルススキャンするように構築する。

index

  1. amavisd-newのインストール
  2. アカウントの作成
  3. ディレクトリの作成
  4. 実行ファイルのコピー
  5. amavisの設定
  6. Postfixの設定
  7. aliaseの追加
  8. amavisdの起動
  9. Postfixの再起動

amavisd-newのインストール

$ tar zxf amavisd-new-2.5.3.tar.gz
$ cd amavisd-new-2.5.3
$ view INSTALL
(INSTALLを参考にインストールする)

アカウントの作成

create (or choose) a Unix groupcreate (or choose) a Unix accountとあるが
clamavユーザ、グループで実行するので作成しない。

ディレクトリの作成

# mkdir /var/amavis
# mkdir /var/amavis/tmp
# mkdir /var/amavis/var
# mkdir /var/amavis/db
# mkdir /var/amavis/home
# chown -R clamav:clamav /var/amavis
# chmod -R 750 /var/amavis

# mkdir /var/virusmails
# chown clamav:clamav /var/virusmails
# chmod 750 /var/virusmails

実行ファイルのコピー

# cp amavisd-new-2.5.3/amavisd /usr/local/sbin
# chown root /usr/local/sbin/amavisd
# chmod 755 /usr/local/sbin/amavisd

amavisの設定

# cp amavisd-new-2.5.3/amavisd.conf /etc/amavisd/amavisd.conf
# chown root:clamav /etc/amavisd/amavisd.conf
# chmod 640 /etc/amavisd/amavisd.conf
# vi /etc/amavisd/amavisd.conf

(下記を編集)

$daemon_user  = 'clamav';     # (no default;  customary: vscan or amavis), -u
$daemon_group = 'clamav';     # (no default;  customary: vscan or amavis), -g
$mydomain = 'DOMAIN.com';   # a convenient default for other settings
$MYHOME = '/var/amavis';   # a convenient default for other settings, -H
$myhostname = 'HOST.DOMAIN.com';

(コメントを外す)

### http://www.clamav.net/
['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "<strong>/var/run/clamav/clamd.socket</strong>"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
 # NOTE: run clamd under the same user as amavisd, or run it under its own
 #   uid such as clamav, add user clamav to the amavis group, and then add
 #   AllowSupplementaryGroups to clamd.conf;
 # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
 #   this entry; when running chrooted one may prefer socket "$MYHOME/clamd".

Postfixの設定

# vi /etc/postfix/main.cf

content_filter = smtp-amavis:[127.0.0.1]:10024

# vi /etc/postfix/master.cf

smtp-amavis unix - - n - 2 smtp
  -o smtp_data_done_timeout=1200
  -o disable_dns_lookups=yes

127.0.0.1:10025 inet n - n - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_client_restrictions=
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8
  -o strict_rfc821_envelopes=yes

aliaseの追加

# vi /etc/postfix/aliases

virusalert: root
spamalert: root

# newaliases

amavisdの起動

# /usr/local/sbin/amavisd -c /etc/amavisd/amavisd.conf

(停止)
# /usr/local/sbin/amavisd -c /etc/amavisd/amavisd.conf stop

(ヘルプ)
# /usr/local/sbin/amavisd --help

Postfixの再起動

# postfix stop
# postfix start