Installation is easy enough with the package system, but further tweaks are required to get it up and running. Once its running, more tweaks are required to have it running at its best.
First task is to have an up to date version of postfix running. TIP – My system utilises a hosted server which is unconnected to the servers we have on site. Admittedly, not part of the original plan, but it was noticed that spamassassin and other protection methods were reducing the number of EMails getting through by about 70%. I decided that it would be best to keep this traffic external and therefore designated that server as the primary and tertiary MX. So the external hosted server was set up as a relay to our internal server.
DNS settings
# DNS settings for example.com # Set A records (I know 270 is invalid, this is an example without using real IPs) @ dave A 120.270.120.120 @ brian A 120.260.120.120 @ terry A 120.270.120.120 @ mail A 120.260.120.120 # Set MX records @ MX 10 dave.example.com. @ MX 20 brian.example.com. @ MX 30 terry.example.com.
This setup makes my external server (120.270.120.120) the primary and tertiary mail server. This will result in 95% of the traffic going to the external server. The tertiary is there as some mail servers, especially spammers, work backwards through the priorities.
/etc/postfix/main.cf
myhostname = dave.example.com relay_domains = example.com transport_maps = hash:/etc/postfix/transport
relay_domains specify which domains this server will accept and forward onto the appropriate server. Where the relayed Emails go depends on transport_maps
#transport file example.com smtp:mail.example.com
Remember to postmap the file after editing. The result is that any emails for the example.com domain will be collected and relayed to mail.example.com
Allow time for DNS propagation, then test. An Email sent to example.com should first appear on the relay server and then the internal server.
Install ClamAV
We start with the easier one, ClamAV the anti virus.
apt-get install clamav clamsmtp
Dont ask me why, but the next step was to change the listen ports from their package default. The configuration file is /etc/clamsmtpd.conf This is my final configuration……
OutAddress: 10026 Listen: 127.0.0.1:10025
Add the following to the end of /etc/postfix/main.cf
content_filter = scan:127.0.0.1:10025 receive_override_options = no_address_mappings
Add the following to the end of /etc/postfix/master.cf
# AV scan filter (used by content_filter) scan unix - - n - 16 smtp -o smtp_send_xforward_command=yes -o smtp_enforce_tls=no # For injecting mail back into postfix from the filter 127.0.0.1:10026 inet n - n - 16 smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks_style=host -o smtpd_authorized_xforward_hosts=127.0.0.0/8
ClamAV uses the filter facility with postfix. Basically, once Postfix has received the Email, it passes the file to the filter. The filter can perform whatever function it needs, in this case scanning for a virus. Once complete, it can either lose the file, or resnd it back to Postfix.
Restart the postfix and spamav service to pick up the new configuration. Personally, I like to reboot as experience has shown you may miss a reloading an obscure named service and spend hours working out why it has not worked. Next step, send a test Email. You should see clamsmtp mentioned in /var/log/mail.log
Spamassassin
apt-get install spamassassin
Get the updates. If you load them manually, you have to change permissions afterwards.
sa-update cd /var/lib/spamassassin chown -R debian.spamd debian.spamd *
Edit the spamassassin configuration, basically uncomment all the options
rewrite_header Subject **S*SPAM** lock_method flock required_score 5.0 use_bayes 1 bayes_path /home/spamd/bayes/bayes bayes_file_mode 0666 bayes_auto_learn 1 bayes_ignore_header X-Bogosity bayes_ignore_header X-Spam-Flag bayes_ignore_header X-Spam-Status
Edit /etc/postfix/master.cf
# Edit smtp entry smtp inet n - - - - smtpd -o content_filter=spamchk:dummy #Add to end of file spamchk unix - n n - 10 pipe flags=Rq user=debian-spamd argv=/usr/local/bin/spamchk -f ${sender} -- ${recipient}
And then we create the spamchk script. This can be made bespoke to your requirements. Basically it sends the Email through spamc, the output is copied to a temp file. The temp file is scanned for the result and appropriate action is taken – Passed Email is resent with sendmail.
#!/bin/sh SENDMAIL="/usr/sbin/sendmail -i" EGREP=/bin/egrep EX_UNAVAILABLE=69 SPAMLIMIT=6 # Cleanup the temporary working folder in case of error or cancellation trap "rm -f /home/debian-spamd/tempfs/out.$$" 0 1 2 3 15 # Pipe the email to spamc cat | /usr/bin/spamc -u debian-spamd | sed 's/^\.$/../' > /home/debian-spamd/tempfs/out.$$ # Are there more than $SPAMLIMIT stars in X-Spam-Level header? : if $EGREP -q "^X-Spam-Level: \*{$SPAMLIMIT,}" < /home/debian-spamd/tempfs/out.$$ then rm -f /home/debian-spamd/tempfs/out.$$ else $SENDMAIL "$@" < /home/debian-spamd/tempfs/out.$$ fi # Remove temporary files rm -f /home/debian-spamd/tempfs/out.$$ # Return an exit status exit $?
Once Spamassassin is running, we can install some additional plugins.
apt-get install razor pyzor pyzor discover
These should just start working