This page is part of the EmailServer article. Installing Amavisd-NewAmavisd is a mail filtering interface that allows an MTA such as Postfix to talk to specialzed external add-ons such as SpamAssassin or ClamAV amongst others. On its own, it doesn't do anything useful, but it will make our anstispam and antivirus tools work well together. It used to require some work to install Amavisd-New but it now has been included in most distributions, so installing it along with its numerous dependencies is as simple as: # yum -t install amavisd-new Configuring Amavisd-NewConfiguring Amavisd-New is simply a matter of editing its $max_servers = 5; $daemon_user = 'amavis'; $daemon_group = 'amavis'; $mydomain = 'example.com'; $MYHOME = '/var/amavis'; Here we tell Amavisd-New that it will be running under the $mydomain = 'example.com'; @local_domains_maps = ( [".$mydomain", "example2.com", "example3.com"] ); Replacing $max_servers = 5; This tells Amavisd-New to always fork 5 children waiting for our mails. This means that, at any time, we'll be able to process 5 emails simultaneously. If you don't have much RAM, you can lower this figure to Ensures that we always get X-Spam-Status and X-Spam-Level in our email headers, whatever the spam score, that anything above a spam score (see SpamAssassin) will be flagged as spam. $sa_spam_subject_tag = '[SPAM] '; This is what will be shown in the subject of an email detected as spam. $final_virus_destiny = D_DISCARD; We will quarantine messages containing viruses so they are not delivered to the user (when our antivirus will be installed). @bypass_virus_checks_maps = (1); We also disable virus checking for now because we haven't installed the antivirus yet and Amavisd-New will not let mail through if this option is disabled and there is no Antivirus. $final_banned_destiny = D_BOUNCE; $banned_filename_re = new_RE( qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i, qr'^application/x-msdownload$'i, qr'^application/x-msdos-program$'i, qr'^application/hta$'i, [ qr'^\.(rpm|cpio|tar)$' => 0 ], [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], qr'.\.(ade|adp|app|bas|bat|cmd|com|cpl|crt|exe|fxp|grp|hlp|hta| inf|ins|isp|js|jse|lnk|mda|mde|mdw|mdt|mdz|msc|msp|mst| ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs| wsc|wsf|wsh)$'ix, qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, qr'^\.(exe-ms)$', ); Here we make sure that emails containing attachments with banned extensions get bounced. While we'll probably end up trying to bounce viruses and spam, it's better to use this option to let legitimate senders who are sending us banned attachements that their messages did not get through. We now have a couple of choices: sending our spam to the user with the modified subject line, or quarantine the message by sending it to a special user account. Basic setup: spam email sent to userThe most basic setup is to let the user deal with the spam. The good thing about that is that they can judge if there is a false positive, and can still separate the spam by using filters in their mail clients to automatically move marked spam to a local folder. In $sa_kill_level_deflt = 10000; This will make Amavisd-New ignore any action for spam scores below this figure, which is normally beyond the highest possible spam score. Advanced setup: quarantine to a special accountIf instead of cloggin the users with spam messages we want to move them to a special user account on the server, we need to modify the following in $sa_kill_level_deflt = 6.31; $final_spam_destiny = D_DISCARD; Edit your virusalert : administrator spam.police : administrator Again, don't forget to rebuild the aliases database with Configuring Postfix to use Amavisd-NewNow we need to let postfix know about Amavisd-New. Postfix communicates with external programs through TCP/IP ports. This method allows a clear separation of processes and their priviledges as each is running under its own account. Edit the smtp-amavis unix - - y - 5 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - y - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o receive_override_options=no_header_body_checks Note: if you reduced the number of And edit content_filter = smtp-amavis:[127.0.0.0]:10024 Amavisd-New White and Black listsIf you want to make sure that some addresses always get through and that some always get banned, you will need to create a white list and a black list. # touch /var/amavis/white.lst # touch /var/amavis/black.lst # chown amavis.amavis -R /var/amavis/ You need to make Amavisd-New know about those files. Edit @whitelist_sender_maps = read_hash("$MYHOME/white.lst"); @blacklist_sender_maps = read_hash("$MYHOME/black.lst"); Now simply add each email address you want to unconditionnaly allow (white list)/block (black list) on a single line inside the relevant file. TestingFollow the simple testing procedures listed on the amavisd website to make sure that postfix and amavisd are properly configured: http://www.ijs.si/software/amavisd/README.postfix.html#basics_testing The only error you may be getting is related to hte lack of antivirus, something we'll move onto now. Resources< Dovecot | EmailServer | ClamAV Antivirus > Comments toddchebuhar@hotmail.comMonday 08 May 2006, at 03:18 GMT+8 [X] I am currently working on the Amavisd-New section and I am working with the perl shell > cpan. I have tried to install many of the modules but most of them do not work. Is this normal? Do I need to do something different? RenaudFriday 26 May 2006, at 03:45 GMT+8 [X] It would help if you could let me know what distro you are using and give me a bit more information about your setting and what you've done so far. Since there is a fair amount of interdependency bewteen the modules, newer versions can sometime break what used to work fine. My advice is to really look at which modules are causing issues and check the changelog of Amavis, postfix etc to see if they do not mention any issues or change in behaviour. |