Setting up clamsmtp: Difference between revisions
(replace /etc/init.d with rc-service) |
(update rc_add to rc-update add) |
||
Line 64: | Line 64: | ||
Finally, schedule clamsmtp to automatically start on boot up: | Finally, schedule clamsmtp to automatically start on boot up: | ||
{{Cmd| | {{Cmd|rc-update add clamsmtpd}} | ||
Save changes: ''lbu ci'' | Save changes: ''lbu ci'' | ||
[[Category:Mail]] | [[Category:Mail]] |
Latest revision as of 19:16, 20 November 2023
Introduction
ClamSMTP is a simple, lightweight content filter, written in C, which accepts SMTP connections and can be used to check for viruses and spam using Clamav. The 'DATA' section of the email is scanned before the email is submitted to the queue for delivery.
Set up ClamSMTP
Install ClamSMTP
apk add clamsmtp
Configure the clamsmtpd.conf file as follows:
OutAddress: 127.0.0.1:10026 Listen: 127.0.0.1:10025 ClamAddress: /var/run/clamav/clamd.sock TempDirectory: /tmp Action: drop Quarantine: on User: clamav ## The following line makes it possible to filter an entire network's SMTP traffic. ## If used, remove the OutAddress line above #TransparentProxy: on ## Uncomment if you wish to use a virus action script to perform further actions on the suspect email #VirusAction: /etc/postfix/scripts/virus_action.sh
The configuration above supports sending mail to an email address of a mailbox monitored by an Administrator. Remember to treat any mails that come into this box as hostile, as they could contain viruses. Additionally, a notification message
A very nice Virus Action script can be found here at virus_action.sh
Configure Postfix
Add the following line to your postfix main.cf file:
content_filter = scan:[127.0.0.1]:10025
Add the following lines to the end of your master.cf file:
# AV scan filter (used by content_filter) scan unix - - n - 16 smtp -o smtp_send_xforward_command=yes -o smtp_enforce_tls=no # For injecting mail back into postfix from the filter 127.0.0.1:10026 inet n - n - 16 smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks_style=host -o smtpd_authorized_xforward_hosts=127.0.0.0/8
Start services and save changes
Restart postfix and start the clamsmtp service:
rc-service postfix restart rc-service clamsmtp start
Finally, schedule clamsmtp to automatically start on boot up:
rc-update add clamsmtpd
Save changes: lbu ci