Setting up clamsmtp

From Alpine Linux
Revision as of 12:52, 21 May 2009 by Djhughes (talk | contribs) (introduction headings and minor edits)

Introduction

ClamSMTP is a simple, lightweight content filter, written in C, which accepts SMTP connections and can be used to check for viruses and spam using Clamav. The 'DATA' section of the email is scanned before the email is submitted to the queue for delivery.

Set up ClamSMTP

Install ClamSMTP

apk_add clamsmtp

Configure the clamsmtpd.conf file as follows:

OutAddress: 127.0.0.1:10026
Listen: 127.0.0.1:10025
ClamAddress: /var/run/clamav/clamd.sock
TempDirectory: /tmp
Action: drop
Quarantine: on
User: clamav
## The following line makes it possible to filter an entire network's SMTP traffic.
## If used, remove the OutAddress line above
#TransparentProxy: on
## Uncomment if you wish to use a virus action script to perform further actions on the suspect email
#VirusAction: /etc/postfix/scripts/virus_action.sh

The configuration above supports sending mail to an email address of a mailbox monitored by an Administrator. Remember to treat any mails that come into this box as hostile, as they could contain viruses. Additionally, a notification message

A very nice Virus Action script can be found here at virus_action.sh

Configure Postfix

Add the following line to your postfix main.cf file:

content_filter = scan:[127.0.0.1]:10025

Add the following lines to the end of your master.cf file:

# AV scan filter (used by content_filter)
  scan      unix  -       -       n       -       16      smtp
         -o smtp_send_xforward_command=yes
         -o smtp_enforce_tls=no
 # For injecting mail back into postfix from the filter
 127.0.0.1:10026 inet  n -       n       -       16      smtpd
         -o content_filter=
         -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
         -o smtpd_helo_restrictions=
         -o smtpd_client_restrictions=
         -o smtpd_sender_restrictions=
         -o smtpd_recipient_restrictions=permit_mynetworks,reject
         -o mynetworks_style=host
         -o smtpd_authorized_xforward_hosts=127.0.0.0/8

Start services and save changes

Restart postfix and start the clamsmtp service:

/etc/init.d/postfix restart /etc/init.d/clamsmtp start

Finally, schedule clamsmtp to automatically start on boot up:

rc_add -k clamsmtpd

Save changes: lbu ci